No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FusionServer G5500 Server iBMC (V300 or Later) User Guide 04

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring the LDAP Server

Configuring the LDAP Server

The iBMC supports Windows AD and Linux OpenLDAP. This section uses Windows Server 2012 R2 Enterprise as an example to describe how to configure the LDAP server. If an LDAP server is already available, skip this section.

Prerequisites

  • The device (for example, a Huawei server) for deploying the LDAP server is available.
  • The Windows Server 2012 R2 Enterprise installation CD-ROM or ISO image file is available.

Procedure

  1. Install the OS.
    1. On the iBMC web user interface (WebUI) of the server, set the CD-ROM drive as the next boot device of the server.
    2. Insert the OS installation CD-ROM into the CD-ROM drive or mount the OS image file through the iBMC virtual CD-ROM drive.
    3. Restart the server to access the OS installation wizard.
    4. On the OS selection page, select Windows Server 2012 R2 Datacenter.
    5. Click Next.

      Complete the OS installation by following the instructions.

  2. Install the DNS service.
    1. Select Server Manager in the Start menu.
    2. Select Local Server in the navigation tree.

      The PROPERTIES For FusionServer window is displayed, as shown in Figure 6-2.

      Figure 6-2  Local server properties

    3. Select Manage at the top right corner and choose Add Roles and Features.

      The Add Roles and Features Wizard window is displayed, as shown in Figure 6-3.

      Figure 6-3  Add roles and features wizard

    4. Click Next.

      The Select installation type window is displayed.

    5. Select Role-based or feature-based installation and click Next.

      The Select destination server window is displayed, as shown in Figure 6-4.

      Figure 6-4  Select destination server

    6. Choose Select a server from the server pool, select the server in the Server Pool box and click Next.

      The Select server roles page is displayed, as shown in Figure 6-5.

      Figure 6-5  Select server roles

    7. Select DNS Server in the Roles box.

      The confirmation window is displayed.

    8. Click Add Features.

      The Select server roles window is displayed.

    9. Click Next.

      The Select features window is displayed, as shown in Figure 6-6.

      Figure 6-6  Select features

    10. Select .NET Framework 4.5 Features and click Next.

      The DNS Server window is displayed.

    11. Click Next.

      The confirmation window is displayed.

    12. Click Install.

      The DNS server installation process is displayed.

    13. When the installation is complete, click Close.

      The Local Server window is displayed.

  3. Install the AD service.

    Add new services by referring to the Install the DNS service.

    1. Select Active Directory Domain Services in the Roles box shown in Figure 6-6.

      The confirmation window is displayed.

    2. Click Add Features.

      The Select server roles window is displayed.

    3. Click Next.

      The Select features window is displayed.

    4. Select .NET Framework 4.5 Features and click Next.

      The Active Directory Domain Services window is displayed.

    5. Click Next.

      The confirmation window is displayed.

    6. Click Install.

      The installation progress of the Active Directory Domain Services is displayed.

    7. When the installation is complete, click Close.

      The Local Server window is displayed.

  4. Configure the AD service.
    1. Select AD DS in the navigation tree in the Server Manager window.

      The AD DS properties are displayed in the right pane, as shown in Figure 6-7.

      Figure 6-7  AD DS properties

    2. Click More... in the alarm information.

      The All Servers Task Details window is displayed, as shown in Figure 6-8.

      Figure 6-8  All servers task details

    3. Click Promote this server to a domain controller.

      The Active Directory Domain Services Configuration Wizard window is displayed, as shown in Figure 6-9.

      Figure 6-9  Active Directory Domain Services Configuration Wizard

    4. Select Add a new forest, enter the AD domain name, for example ibmc.com, in Root domain name, and click Next.

      The Domain Controller Options window is displayed, as shown in Figure 6-10.

      NOTE:
      The domain name is case-sensitive. Set the domain name based on the planned domain name.
      Figure 6-10  Domain controller options

    5. Set the AD domain controller password and click Next.
    6. Click Next until the window in Figure 6-11 is displayed.

      Figure 6-11  Domain services paths

    7. Set the AD domain services paths and click Next.

      You can also retain the default configuration.

    8. Click Next in the following windows displayed.
    9. When the Prerequisites Check window is displayed, click Install.

      The OS automatically restarts after the configuration is complete.

  5. Install the CS services.

    Add new services by referring to Install the DNS service.

    1. Select Active Directory Certificate Services in the Roles box shown in Figure 6-6.

      The confirmation window is displayed.

    2. Click Add Features.

      The Select server roles window is displayed.

    3. Click Next.

      The Select features window is displayed.

    4. Select .NET Framework 4.5 Features and click Next.

      The Active Directory Certificate Services window is displayed.

    5. Click Next.

      The Select role services window is displayed.

    6. Select Certification Authority and Certification Authority Web Enrollment, and click Next.

      The confirmation window is displayed.

    7. Click Add Features.

      The Select server roles window is displayed.

    8. Click Next.
    9. Click Install in the Confirm installation selections window.

      The installation progress is displayed.

    10. Click Close when the installation is complete.
  6. Configure the CS services.
    1. Open the Server Manager window.
    2. Select AD CS in the navigation tree.

      The AD CS properties are displayed in the right pane, as shown in Figure 6-12.

      Figure 6-12  AD CS properties

    3. Click More... in the alarm information.

      The All Servers Task Details window is displayed, as shown in Figure 6-13.

      Figure 6-13  All servers task details

    4. Click Configure Active Directory Certificate Services on the Destination Server.

      The AD CS Configuration window is displayed.

    5. Click Next.

      The Role Services window is displayed, as shown in Figure 6-14.

      Figure 6-14  Role services

    6. Select Certification Authority and Certification Authority Web Enrollment, and click Next.

      The Setup Type window is displayed.

    7. Select Enterprise CA and click Next.

      The CA Type window is displayed.

    8. Select Root CA and click Next.

      The Private Key window is displayed.

    9. Select Create a new private key and click Next.

      The Cryptography for CA window is displayed, as shown in Figure 6-15.

      Figure 6-15  Cryptography for CA

    10. Select RSA#Microsoft Software Key Storage Provider as the cryptographic provider, 2048 in Key length, and SHA1 as the hash algorithm, and click Next.

      The CA Name window is displayed, as shown in Figure 6-16.

      Figure 6-16  CA name

    11. Set the common name for this CA and click Next.

      The Validity Period window is displayed.

    12. Set the validity period and click Next.

      The CA Database window is displayed.

    13. Specify the CA database path and click Next.

      The Confirmation window is displayed.

    14. Click Configure.

      The configuration process of AD certificate services is displayed.

    15. Click Close when the configuration is complete.
  7. Restart the server to make the configuration take effect.
  8. Create an organizational unit.

    You can create an organizational unit in any node of the LDAP server. The following describes how to create a first-level node and its sub-nodes.

    1. Log in to the server OS.
    2. Open Server Manager, and select Local Server in the navigation tree.
    3. Select Active Directory Users and Computers from the TASKS drop-down list at the top right corner of the window.

      The window shown in Figure 6-17 is displayed.

      Figure 6-17  Figure 1-16 Server manager

    4. Right-click the first-level node (for example, ibmc.com) of the LDAP server, and choose New > Organizational Unit.

      The window shown in Figure 6-18 is displayed.

      Figure 6-18  Adding an organizational unit

    5. Enter the organization name, for example company, and click OK.

      The organizational unit company is displayed in the LDAP server organization.

    6. Right-click the newly created organizational unit (for example, company), and choose New > Organizational Unit to create a sub-organizational unit (for example, department).

      The sub-node department is displayed under company.

    7. Repeat 8.d to 8.f to create organizational units based on actual needs.
  9. Create an LDAP group.

    Create an LDAP group in any node based on actual needs.

    1. Right-click the node (for example, department), and choose New > Group.

      The New Object-Group window is displayed, as shown in Figure 6-19.

      Figure 6-19  Creating a group

    2. In the Group name box, enter the LADP group name, for example info_group1, select the group scope and the group type, and click OK.

      NOTE:
      You are advised to set the same value for Group name and Group name (pre-Windows 2000).
      The newly created group (for example, info_group1) is displayed in the specified organization.

    3. Repeat 9.a to 9.b to create groups based on actual needs.
  10. Create a user.

    You can add users in any directory, but you are advised to add users in the Users directory.

    1. Right-click the node (for example, Users) and choose New > User.
    2. In the New Object-User window as shown in Figure 6-20, enter the user information and click Next.

      NOTE:
      User login name is the domain name used to log in to the iBMC WebUI. Record the user login name.
      Figure 6-20  Creating a user

    3. Click Next.

      The window shown in Figure 6-21 is displayed.

      Figure 6-21  Setting the password

    4. Enter the password (for example, Huawei12#$) in the Password and Confirm password boxes, select the password policy, and click Next.

      Do not select User must change password at next logon as the password policy.
      The user information confirmation window is displayed.

    5. Click Finish.

      The user HWinfo is displayed in the Users list.

    6. Create other users in the same way.
  11. Add the user to a group.

    You can add a user to a group by managing the user or group. The following uses the operations on the user as an example.

    1. Right-click the user created in #s-10 (for example, HWinfo) and choose Add to a group.

      The Select Groups window is displayed, as shown in Figure 6-22.

      Figure 6-22  Select groups

    2. In Enter the object names to select, enter the group name (for example, info_group1) to which the user is to be added, and click OK.

      A message is displayed indicating the operation is successful.

    3. Repeat the steps to add users to the related groups based on actual needs.
Translation
Download
Updated: 2018-10-31

Document ID: EDOC1100031438

Views: 92414

Downloads: 49

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next