•
Multiple targets
You do not need to use multiple targets in the directory. HP schema directory integration only
requires one hpqTarget object, which can represent many LOM devices.
Setup for Schema-free directory integration
Before setting up the Schema-free option, your system must meet all the prerequisites outlined in the
"Active Directory Preparation (on page 138)" section.
You can set up iLO 2 for directories in three ways:
•
Manually using a browser
•
Using a script
•
Using HPLOMIG
Active Directory preparation
The schema-free option is supported on the following operating systems:
•
Microsoft® Active Directory
•
Microsoft® Windows® Server 2003 Active Directory
SSL must be enabled at the directory. To enable SSL, install a certificate for the domain in Active
Directory. iLO 2 only communicates with the directory over a secure SSL connection. For more
information, refer to the Microsoft® Knowledge Base, article number 247078: Enabling SSL
Communication over LDAP for Windows® 2000 Domain Controllers on the Microsoft® website
(http://support.microsoft.com/).
To validate the setup, you should have the directory distinguished name for at least one user and the
distinguished name of a security group the user is a member of.
Introduction to certificate services
Certificate Services are used to issue signed digital certificates to network hosts. The certificates are used
to establish SSL connections with the host and verify the authenticity of the host.
Installing Certificate Services allows Active Directory to receive a certificate that allows Lights-Out
processors to connect to the directory service. Without a certificate, iLO 2 cannot connect to the directory
server.
Each directory server that you want iLO 2 to connect to must be issued a certificate. If you install an
Enterprise Certificate Service, Active Directory can automatically request and install certificates for all of
the Active Directory controllers on the network.
Installing certificate services
Select Start>Settings>Control Panel.
1.
Double-click Add/Remove Programs.
2.
Click Add/Remove Windows Components to start the Windows Components wizard.
3.
Select the Certificate Services check box. Click Next.
4.
("Schema-free browser-based
("Schema-free scripted
setup" on page 140).
("Schema-free HPLOMIG-based
setup" on page 139).
setup" on page 140).
Directory services 138