No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

X6800 Server Node iBMC (Earlier Than V250) User Guide 29

This document describes the underlying management software Intelligent Baseboard Management Controller (iBMC) of the servers.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring the LDAP Function on the iBMC WebUI

Configuring the LDAP Function on the iBMC WebUI

Operation Scenario

On the User Settings page of the iBMC WebUI, you can configure the Lightweight Directory Access Protocol (LDAP) function in the LDAP Group area. After configuring an LDAP user, you can use the LDAP user to access the iBMC.

NOTE:
  • The unified authentication solution LDAP enables systems to quickly respond to user queries.
  • For details about how to create a domain controller, a user domain, and LDAP users, see domain controller documents. The iBMC provides only the access function for LDAP users.

Prerequisites

Data

Obtain the following information:

  • LDAP server information:
    • The address of an available LDAP server
    • The domain name of an available LDAP server
    • The host name of an available LDAP server
    • The user folder of an available LDAP server
  • The password of the current user.
  • Name of the LDAP group.

Procedure

  1. Log in to the iBMC WebUI. For details, see Logging In to the iBMC WebUI.
  2. Choose Config > User Settings.
  3. In the LDAP Group area, click to enable the LDAP function.

    If changes to , the LDAP function is enabled.

  4. Configure the LDAP server.

    NOTE:
    • You are advised to enable certificate verification for security purposes.
    • After certificate verification is enabled on the iBMC WebUI, you need to:
      • Import the LDAP root certificate to the iBMC.
      • Install the AD, DNS, and CA certificate issuer on the LDAP server, and import the CA certificate into the LDAP server and iBMC.
    • Configure the LDAP server when certificate verification is disabled.
      1. Set Enable Certificate to Disable.
      2. Set LDAPS Port, for example, 636.
      3. Set LDAP Server Address, for example, 192.168.66.66.
      4. Set Domain to the LDAP server domain name, for example, manager.com. This domain name must be the same as the domain name on the LDAP server.
      5. Set User Folder to the user application folder of the LDAP server. Example values are CN=employee, OU=company and OU=department, OU=company. The user folder name must be the same as the name of the application member data folder on the LDAP server.
      6. Set Current User Password to the password of the current login user of the iBMC. Before you modify LDAP information, you must type the current login user password of the iBMC.
      7. Click Save.
    • Configure the LDAP server when certificate verification is enabled.
      1. Set the iBMC WebUI DNS address to the LDAP server address. For operation details, see Configuring the DNS on the iBMC WebUI (Manually).
      2. Click Browse and select a certificate. The certificate can be in the .cer, .pem, .cert, or .crt format.
      3. Click Upload. If Certificate Status is The certificate has been uploaded, the upload is successful.
      4. Set Enable Certificate to Enable.
      5. Set LDAPS Port, for example, 636.
      6. Set the LDAP server domain name address, for example, LDAP.manager.com.
        NOTE:
        A domain name address is the combination of a host name and a domain name. For example, if the host name is huawei, and the domain name is manager.com, the domain name address is huawei.manager.com.
      7. Set Current User Password to the password of the current login user of the iBMC. Before you modify LDAP information, you must type the current login user password of the iBMC.
      8. Click Save.

  5. Configure the LDAP group.
    1. Click or . The LDAP group edit dialog box is displayed.
    2. Set Current User Password to the password of the current login user of the iBMC. Before you modify LDAP information, you must type the current login user password of the iBMC.
    3. Set LDAP Group to the name (for example, admin) of the LDAP group to which an LDAP user belongs.
    4. Set Domain to the LDAP server domain name, for example, manager.com. This domain name must be the same as the domain name on the LDAP server.
    5. Set LDAP Group Folder to the application folder name (for example, Role) of the LDAP group.

      The value must be the same as the name of the organization unit to which the user group on the LDAP server belongs. The value can contain a maximum of 255 characters. An example for a multi-level LDAP group directory is Role/SubRole1/SubRole2.

    6. Click Save.
  6. Use the configured domain account to log in to the iBMC.

    1. Type the user password that has taken effect in the LDAP server.
    2. In the domain name drop-down list box, select the domain name of the LDAP server.
    3. Click Log In.

Translation
Download
Updated: 2019-02-28

Document ID: EDOC1000066341

Views: 132537

Downloads: 1081

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next