Re: iLO 5 Directory Authentication with Smartcards/Certificates

blainemiller · ‎04-09-2024

Hello all,

I can find documentation about how to use LDAP Directory authentication for iLO 5. I can find documentation about how to use a smart card/certificate to login to a local account in iLO 5. There is almost no documentation about how to use smart cards/certificates to authenticate to a Directory account.

Does anyone have experience setting up LDAP Directory authentication in a passwordless directory? Any information would be helpful. I have been to verify that LDAP communication is working, but when I try to log in with a certificate, it just get a non-descript error.

I see that in the LDAP settings there is a spot for a name and password. Is this required for smart card auth?

support_s · ‎04-09-2024

System recommended content:

1. HPE iLO 5 3.03 User Guide | Directory authentication and authorization settings in iLO

2. HPE iLO 6 1.58 User Guide | Directory authentication and authorization settings in iLO

Please click on "Thumbs Up/Kudo" icon to give a "Kudo".

Thank you for being a HPE valuable community member.

shuff · ‎04-09-2024

To set up LDAP Directory authentication with smart cards/certificates, you need to configure schema-free directory settings in iLO: https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00105236en_us&page=GUID-D7147C7F-2016-0901-06D0-000000000D16.html

blainemiller · ‎04-09-2024

This page is helpful but it does not explain how to set up the iLO Object Distinguished Name CAC LDAP Service Account. Do you know what is involved in setting it up? Can it be any service account or does it need cert-specific delegation enabled?

shuff · ‎04-09-2024

I've only ever used a CAC LDAP service account and password for iLO Object Distinguished Name CAC LDAP Service Account and iLO Object Password boxes

blainemiller · ‎04-09-2024

How did you create the service account that you listed in the iLO Object Distinguished Name CAC LDAP Service Account box?

shuff · ‎04-09-2024

no idea since I don't have permissions to create it in our env, just use it

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: iLO 5 Directory Authentication with Smartcards/Certificates

iLO 5 Directory Authentication with Smartcards/Certificates

Query: iLO 5 Directory Authentication with Smartcards/Certificates