Configure the LDAP Server

  1. Ensure that all users authenticating to ILOM have passwords stored in "crypt" format or the GNU extension to crypt, commonly referred to as "MD5 crypt."

    For example:

    userPassword: {CRYPT}ajCa2He4PJhNo

    or

    userPassword: {CRYPT}$1$pzKng1$du1Bf0NWBjh9t3FbUgf46.

    ILOM only supports LDAP authentication for passwords stored in these two variations of the crypt format.

  2. Add object classes posixAccount and shadowAccount, and populate the required property values for this schema (RFC 2307).

    Required Property

    Description

    uid

    User name for logging in to ILOM

    uidNumber

    Any unique number

    gidNumber

    Any unique number

    userPassword

    Password

    homeDirectory

    Any value (this property is ignored by ILOM)

    loginShell

    Any value (this property is ignored by ILOM)

  3. Provide ILOM access to user accounts on your LDAP server.

    Either enable your LDAP server to accept anonymous binds, or create a proxy user on your LDAP server that has read-only access to all user accounts that will authenticate through ILOM.

    See your LDAP server documentation for more details.

Related Topics