HP c7000 Enclosure

Since quite a long time I have a pleasure to work with HP Enclosures c7000 and c3000. HP Blades with enclosures is the really great enterprise solution. Over the years I found difficult to manage multiple enclosures with local users and this is where integration with Active Directory makes your life simpler. In few steps, I will guide you how to integrate Onboard Administrator with Active Directory LDAP.

  1. Prerequisites
    • Active Directory group with users is created
    • Domain Controller network traffic (LDAP over SSL) is allowed
    • Domain Controller Computer certificate is valid,
  2. In order to configure Active Directory LDAP authentication login to Onboard Administrator with local username and password and navigate to Users/Authentication and click Directory Settings.
  3. Please fill fields with following settings:
    Directory Server SSL Port: 636
    Search Context 1:CN=OA Administrators,OU=Administrator Groups,OU=Administrators,DC=yourdomain,DC=whatever,DC=itis
    (You need to provide OU where Active Directory group is created. For example ? group OA Administrators is located in yourdomain.whatever.itis/Administrators/Administrator Groups/ OU and search context for this group will be). If you don’t know how to find it just run simple dsquery from command line: dsquery group -samid “Group Name”
  4. Search Context 2-6: You can provide up to six groups Search Context if needed.
  5. Select Enable LDAP Authentication
  6. Select Use NT Account Name Mapping (DOMAINusername)  – if you will not select this field you will have to login to Onboard Administrator using [email protected] format instead of DOMAINusername
    Onboard-Administrator-Directory-Settings
  7. Next step is Domain Controller certificate upload. First you need to obtain it from Domain Controller. You can obtain it using following ways:
    • In browser type https://Domain Controller:636, then view the certificate and select Copy to File and export it to .CER Base-64 encoded X.509 format.
      Domain Controller Certificate
    • The second way to obtain the certificate is to login to Domain Controller and start mmc and select Certificates Personal for Local Computer and open it. Next, go to Details tab and select Copy to File and export it to .CER Base-64 encoded X.509 format.
  8. After the certificate is exported, open it with notepad and copy file content to clipboard. Navigate to Certificate Upload tab and paste it to field and press Upload button.
  9. In order to check if Active Directory authentication will work go to Test Settings tab and provide domain credentials and press Test Settings.
  10. If tests:
    • Directory Server IP Address
    • Connect to Directory Server
    • Connect using SSL
    • Certificate of Directory Server

    are passed then Active Directory authentication is configured correctly.

  11. Next step is to create Directory Groups. The group should reflect Active Directory group created before. In order to create it go to Users/Authentication Directory Groups and create the group.
    Onboard Administrator Directory Groups
    Assign the group to desired bays in the enclosure.
  12. Test if LDAP authentication works.

Rate this post
Social Media

Wojciech Marusiak

Solution Architect at Alibaba Cloud
I am an innovative and experienced IT professional with over 13 years in the IT industry.

My experience and skills have been proven by leading vendor certifications like AWS, Alibaba Cloud, VMware, and Microsoft. I contribute to the IT community and I received VMware vExpert 2014 - 2019, vExpert Pro and VMware vExpert NSX 2017 Award.

My blog wojcieh.net - was voted #76 in Top vBlog 2018 contest!

Do what you love, and you’ll never work another day in your life.
Wojciech Marusiak
Social Media