No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


FusionServer Pro X6800 Server iBMC (Earlier Than V250) User Guide 32

This document describes the underlying management software Intelligent Baseboard Management Controller (iBMC) of the servers.

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring the LDAP Function

Configuring the LDAP Function


Configure the Lightweight Directory Access Protocol (LDAP) function on Configure > LDAP Settings of the iBMC WebUI.

The LDAP function enables domain users to access the iBMC.

  • A common function of LDAP is to provide a central repository for user names and passwords, which allows different applications and services to connect to the LDAP server to validate users.
  • The iBMC only provides an access interface for LDAP users; therefore this section does not include the procedure of configuring domain controllers, user domains, and LDAP users. For details, see the user guide of the domain controller you use.



  • LDAP server information, including the LDAP server address, domain name, host name, user application folder, and LDAP user group name
  • Password for logging in to the iBMC WebUI


  1. Configure an LDAP server.

    The iBMC only supports interconnection with Windows active directory (AD) and Linux OpenLDAP servers. Windows Server 2008 is used as an example to describe how the LDAP server is configured. If an LDAP server is already available, skip this step.

    • If the iBMC version is 2.46 or earlier, the group names, user names, and CN configured on the LDAP server for the iBMC cannot contain the following special characters: \";<>#+=,

    • On the LDAP server, DisplayName and CN must be the same.

    1. Install Windows Server 2008 on the server to be configured.
    2. Choose Start > Computer > Manage.

      The Server Manager dialog box is displayed.

    3. Add a user, for example test, to the Users organization, and set the password to Huawei12#$.
    4. Right-click Active Directory Users and Computers and add a domain name, for example,
    5. Right-click the domain name and choose New > Organizational Unit to add an organizational unit, for example Huawei.
    6. Right-click Huawei, choose New > Organizational Unit, and add a lower-level organizational unit, for example, test1.

      Use the same method to create multi-level organizational units, for example, Huawei > test1 > IThelpdesk.

    7. Right-click IThelpdesk, choose New > Group, and create an LDAP group, for example, BMC User.

      Create multiple LDAP groups, such as BMC admin and BMC Operator, as shown in Figure 2-30.

      Figure 2-30 Newly created organizational units and LDAP groups

    8. Right-click BMC User and choose Properties from the shortcut menu.
    9. Select the Member Of tab and click Add.

      The dialog box shown in Figure 2-31 is displayed.

      Figure 2-31 Adding a user

    10. Enter the user created in 1.c, for example test, and click OK.
  2. Set the DNS server address to the LDAP server address. For details, see Configuring the DNS on the iBMC WebUI.
  3. Configure the LDAP server on the iBMC.
    1. On the iBMC WebUI, choose Configure > LDAP Settings.
    2. Set LDAP to to enable the LDAP function.
    3. Set the LDAP server parameters.

      • LDAP Server Address: Enter the LDAP server IP address, for example,
      • LDAPS Port: Enter the port number of the LDAP server.
      • Domain: Enter the LDAP server domain name, for example, This domain name must be the same as the domain name set on the LDAP server.
      • User Folder: Enter the user application folder of the LDAP server, for example, CN=Users.
      • User Password: Enter the password for logging in to the iBMC.

    4. Click Save.
  4. (Optional) Import an LDAP root certificate.

    For security purposes, enable certificate verification.

    1. Set the DNS server address to the LDAP server address.
    2. On the LDAP Settings page, set Certificate Verification to Enable.
    3. Under Upload Root Certificate, click Browse and select the root certificate to be uploaded.

      The root certificate must be in .cer, .pem, .cert, or .crt format.

    4. Click Upload.

      If the root certificate is successfully uploaded, "The certificate has been uploaded" is displayed.

  5. Configure LDAP groups.
    1. In the Set LDAP Groups area, click .
    2. In User Password, enter the iBMC user password.
    3. Configure LDAP group parameters.

      • LDAP Group: Enter the LDAP user group name, for example BMC User (the LDAP group name set in 1.g).
      • LDAP Group Folder: Enter the name of the folder in which the LDAP group applications are stored.

        The LDAP group folder must be the same as the organizational unit set on the LDAP server, for example, Huawei/test1/IThelpdesk (the organizational unit set in 1.g). The maximum length is 255 characters.

      • Login Rule: Set the login rules.
      • Login Interface: Set the login interfaces.
      • Role: Assign operation permissions to the user group.

    4. Click Save.
  6. Use a domain account to log in to the iBMC.
    1. On the iBMC login page, enter the user name test and password test/Huawei12#$ (set in 1.c on the LDAP server).
    2. In Domain, select the LDAP server domain name, for example,
    3. Click Log In.
Updated: 2019-11-19

Document ID: EDOC1000066341

Views: 209658

Downloads: 1100

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Previous Next