Directory
Services from the menu bar.
button
to save the settings. User Access: All users.
You can define the method of storing and accessing login and password information for access to the Service Processor by configuring the following directory services options:
| Option | Description |
|---|---|
| NIS | Network Information Service: A UNIX originated solution to directory services. A remote NIS server is used for authenticating users in addition to the local files. |
| ADS | Active Directory Service: Microsoft's directory services. A remote ADS server is used for authenticating users in addition to the local files. |
Users authenticated using directory services (i.e. remote users) are only given access to the Service Processor by means of a group mapping that maps the remote group to which the user belongs, to a Service Processor administrative group.
Creating the Keytab File
To use ADS as a directory service on the Service Processor, you must create an active directory account. The name service library on the Service Processor uses this account to authenticate itself to the LDAP interface of the active directory server. A Windows administrator can create the keytab for this account using the following command:
ktpass -princ <logon>@<domain> -pass <password> -mapuser <logon> -out <output filename>
SM Console Usage:
Follow these steps to configure directory services:
Directory
Services from the menu bar. button
to save the settings. SM Command Usage:
You can also use the access directory services subcommands to perform this function at the command line.
Note
Creating the Initial Manager Account
Mapping Directory Service Groups
Creating Trusted Host Relationships