HP Device Manager 4.6



Similar documents
HP Device Manager 4.7

HP Device Manager 4.6

HP Device Manager 4.7

FTP Server Configuration

HP Device Manager 4.6

HP Software as a Service. Federated SSO Guide

HP Quality Center. Software Version: Microsoft Word Add-in Guide

How to use Data Protector 6.0 or 6.10 with Exchange Recovery Storage Groups to restore a single mailbox

Synchronizing ProCurve IDM and Windows Active Directory

HP Device Manager 4.6

HP Application Lifecycle Management

HP Device Manager 4.7

HP LeftHand SAN Solutions

PRODUCT WHITE PAPER LABEL ARCHIVE. Adding and Configuring Active Directory Users in LABEL ARCHIVE

HP Service Manager. Collaboration Guide. For the Supported Windows and UNIX operating systems. Software Version: 9.31

How to configure MAC authentication on a ProCurve switch

Send to Network Folder. Embedded Digital Sending

How to configure 802.1X authentication with a Windows XP or Vista supplicant

HP ThinShell. Administrator Guide

Sharing Pictures, Music, and Videos on Windows Media Center Extender

IIS, FTP Server and Windows

HP Service Manager. Software Version: 9.40 For the supported Windows and Linux operating systems. Collaboration Guide

HP Operations Orchestration Software

How to Configure Web Authentication on a ProCurve Switch

HP BladeSystem Management Pack version 1.0 for Microsoft System Center Essentials Troubleshooting Assistant

Using HP ProLiant Network Teaming Software with Microsoft Windows Server 2008 Hyper-V or with Microsoft Windows Server 2008 R2 Hyper-V

HP ilo mobile app for Android

HP Software as a Service

Configuring HP Integrated Lights-Out 3 with Microsoft Active Directory

HP Intelligent Management Center v7.1 Virtualization Monitor Administrator Guide

CA Spectrum and CA Embedded Entitlements Manager

HP LeftHand SAN Solutions

Cisco TelePresence Authenticating Cisco VCS Accounts Using LDAP

HP Cloud Service Automation

Integrating LANGuardian with Active Directory

HP ProLiant DL380 G5 High Availability Storage Server

HP LeftHand SAN Solutions

HP A-IMC Firewall Manager

Customer Tips. Configuring Color Access on the WorkCentre 7328/7335/7345 using Windows Active Directory. for the user. Overview

Basic Exchange Setup Guide

HP ALM. Software Version: Tutorial

USING MANAGED PRINTER LISTS

HP Quality Center. Software Version: Microsoft Excel Add-in Guide

SSL VPN Technology White Paper

HP Operations Orchestration Software

Basic Exchange Setup Guide

HP Point of Sale (POS) Peripherals Configuration Guide ap5000 VFD Windows (non-opos)

HP D2D NAS Integration with HP Data Protector 6.11

HP IMC Firewall Manager

HP ARCHIVING SOFTWARE FOR EXCHANGE

Sage HRMS 2014 Sage Employee Self Service Tech Installation Guide for Windows 2003, 2008, and October 2013

Using HP Systems Insight Manager to achieve high availability for Microsoft Team Foundation Server

HP PolyServe Software upgrade guide

HP ThinPro. Table of contents. Connection Configuration for RDP Farm Deployments. Technical white paper

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

HP Enterprise Integration module for SAP applications

LifeSize Control Installation Guide

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

HP Operations Smart Plug-in for Virtualization Infrastructure

Folder Proxy + OWA + ECP/EAC Guide. Version 2.0 April 2016

NovaBACKUP xsp Version 15.0 Upgrade Guide

HP Access Control Express Installation Guide

SchoolBooking LDAP Integration Guide

How to Implement the X.509 Certificate Based Single Sign-On Solution with SAP Netweaver Single Sign-On

Configuring User Identification via Active Directory

HP Quality Center. Software Version: Microsoft Excel Add-in Guide

LDAP User Guide PowerSchool Premier 5.1 Student Information System

HP Priority Services. Priority Access

HP LeftHand SAN Solutions

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

HP Quality Center. Software Version: Version Control Add-in Guide

Setting Up Scan to SMB on TaskALFA series MFP s.

How To Install Ctera Agent On A Pc Or Macbook With Acedo (Windows) On A Macbook Or Macintosh (Windows Xp) On An Ubuntu (Windows 7) On Pc Or Ipad

Configuring Sponsor Authentication

HP Operations Orchestration Software

Parallels Plesk Panel

Use the below instructions to configure your wireless settings to connect to the secure wireless network using Microsoft Windows Vista/7.

Data Collection Agent for Active Directory

Plug-In for Informatica Guide

Active Directory integration with CloudByte ElastiStor

Backing up and restoring HP Systems Insight Manager 6.0 or greater data files in a Windows environment

HP Asset Manager. Implementing Single Sign On for Asset Manager Web 5.x. Legal Notices Introduction Using AM

CA Unified Infrastructure Management Server

MIGRATING TO AVALANCHE 5.0 WITH MS SQL SERVER

Version 9. Active Directory Integration in Progeny 9

Upgrading User-ID. Tech Note PAN-OS , Palo Alto Networks, Inc.

Field Description Example. IP address of your DNS server. It is used to resolve fully qualified domain names

User Management Guide

Using LifeSize systems with Microsoft Office Communications Server Server Setup

Guidelines for using Microsoft System Center Virtual Machine Manager with HP StorageWorks Storage Mirroring

HP Mobile Remote Control (Select Models Only) User Guide

TNote125 Student Locator Framework Notification Diagnostics

How To Set Up Chime For A Coworker On Windows (Windows) With A Windows 7 (Windows 7) On A Windows 8.1 (Windows 8) With An Ipad (Windows).Net (Windows Xp

HP StorageWorks EVA Hardware Providers quick start guide

HELP DOCUMENTATION SSRPM WEB INTERFACE GUIDE

Upgrade Guide BES12. Version 12.1

Setup Guide Revision B. McAfee SaaS Archiving for Microsoft Exchange Server 2010

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates

Lepide Active Directory Self Service. Installation Guide. Lepide Active Directory Self Service Tool. Lepide Software Private Limited Page 1

HP Application Lifecycle Management

Transcription:

Technical white paper HP Device Manager 4.6 LDAP Troubleshooting Guide Table of contents Introduction... 2 HPDM LDAP-related context and background... 2 LDAP in HPDM... 2 Configuring User Authentication... 4 Importing a user or group from LDAP... 6 Logging in as an LDAP user... 7 Troubleshooting steps... 7 General configuration... 7 Multiple child domain users login... 9 Testing environment:... 9 LDPA child domain account testing... 10 Testing environment:... 10 Conclusion:... 13 For more information... 14

Introduction The purpose of this document is to demonstrate the principle of Lightweight Directory Access Protocol (LDAP) used in HP Device Manager (HPDM) and how to troubleshoot issues that might occur while attempting to use user authentication with Active Directory and other LDAP servers. HPDM LDAP-related context and background Users and groups in an Active Directory, or a different LDAP server, can be used to log in to HPDM. This allows the reuse of existing login accounts and simplifies the management of administrative privileges with HPDM. For more background information, see the HP Device Manager Administrator Guide. LDAP in HPDM Figure 1. HPDM network with an LDAP server HPDM Server Stores the LDAP Server Configuration and imported User/Group information HPDM Console Router HPDM Server HPDM Console Router LDAP Server LDAP Server is responsible for Authentication of LDAP user from HPDM Server The LDAP server configuration information, including User Authentication, needs to be set in HPDM (see Configuring User Authentication). HPDM will use the configuration information to connect to the specified LDAP server. The LDAP users and groups need to be imported into HPDM (see Importing a user or group from LDAP). All LDAP Server configuration and imported user and group information will be stored in the database. HPDM will not store the LDAP user s password. (It is only transported to the LDAP server when the user logs in to HPDM.) After the import is completed, you can log in to HPDM as an LDAP user or group. If you import a user, you can log in to HPDM with that username. If you import a group, all users belonging to that group can log in to HPDM with their LDAP username. 2

For HPDM inner users, HPDM authenticates by itself. When you use LDAP to log in to HPDM, the LDAP server authenticates you and returns the result to HPDM (see Logging in as an LDAP user). The following chart is the basic flow of logging in to HPDM as an LDAP user. Figure 2. Logging in to HPDM as an LDAP user flow chart Log in HPDM with LDAP user HPDM Console HPDM Server LDAP Server Start Console Input LDAP username and password Click OK button Check if the username is contained in HPDM inner username list No Check if the username is LDAP user in HPDM No Check if username belongs to a LDAP group Yes Yes Verify username password from HPDM Server Yes Verify username password from LDAP Server Yes Legal username and password Legal username and password Show Main Frame Yes End No Show error dialog No No End 3

Configuring User Authentication User Authentication must be configured for the LDAP users and groups before using LDAP to log in to HPDM. In the following example, the LDAP server is used to log in to HPDM with specifications as follows: LDAP server type: Active Directory LDAP server address: 192.168.58.134 LDAP server port: 389 LDAP server domain: magic.com LDAP server administrator: cn=administrator,cn=users,dc=magic,dc=com LDAP server password: 123456 1. From the HPDM Console s menu bar, click Tools > Configuration > User Authentication Panel. 2. Select the Server Type, and then enter the host, bort, encryption, server type, server domain, username, and password. The following examples show two ways to enter the information when using Active Directory as the Server Type. The first example uses the short names of the domain and username. 4

The second example uses the fully qualified domain names (FQDN). The following example shows how to enter the information when using General LDAP as the Server Type. 3. Click the Test button to verify the configuration.. 5

Importing a user or group from LDAP 1. Click Tools > User Management > Import from LDAP. 2. The Import Users and Groups dialog will open and display the LDAP server information as a tree. Select groups and users from the LDAP tree to import them to HPDM. HPDM will store the user names and group names in the HPDM database. View the users that belong to an imported group by double-clicking the group name. 6

Logging in as an LDAP user 1. Log in to HPDM using the creditials of an imported LDAP user. Troubleshooting steps General configuration Make sure that the network between the HPDM Server and the LDAP server is working and that the HPDM Server can access the LDAP server. Verify using the ping command. The following example uses 192.168.58.134 as the LDAP server address. 7

Make sure that the LDAP server firewall does not block the port. Verify using the telnet command. The following example uses the default port, 389. Make sure that the LDAP User Authentication is configured correctly from the HPDM Console before importing users and groups. See Configuring User Authentication. To configure the User Authentication using the FQDN, you must enter the full name in both the Domain and the Username fields, such as dc=magic,dc=com for the domain and cn=administrator,cn=users,dc=magic,dc=com for the user named Administrator in the Users folder. Verify that the LDAP server works by clicking the Test button during the User Authentication configuration. To log in to HDPM as an LDAP user, enter the short username, not the FQDN. For example, if the FQDN is cn=administrator,cn=users,dc=magic,dc=com, enter Administrator as the username. In the Server Address field, enter the HPDM Server address, not the LDAP server address. 8

If an HPDM inner user and an imported LDAP user share credentials, HPDM will default to the inner user. If a user or group is modified on the LDAP server, their information will not be updated in the HPDM Console until their next login. For example, if the imported LDAP user Administrator changes their password on the LDAP Server side, they must log in to the HPDM Console again for the new password to take effect. Multiple child domain users login If you have a main domain and multiple child domains, you can configure the domains trust each other. This enables all child domain users login into HPDM. Testing environment: Parent domain: Domain: hpdm.dto Host: hpdmdcsvr001.hpdm.dto Test User Account: cn=administrator, cn=users, dc=hpdm, dc=dto Child domain: Domain: subhpdm.dto User to Login HPDM: dmtest To log in to HPDM as user dmtest in child domain subhpdm.dto: 1. Configure the LDAP User Authentication with the parent domain specifications. In the testing environment, the specifications would be as follows: Host: hpdmdcsvr001.hpdm.dto Domain: hpdm.dto Username: administrator 9

2. Import the child domain user into HPDM. The tree path is restricted. In the testing environment, it is dc=hpdm, dc=dto. When you import the user from the LDAP server, the Base DN is already filled in. You can see users within the DN only. A. Change the Base DN to see users from other trusted domains, including the child domain. In the testing environment, the Base DN needs to be dc=subhpdm, dc=hpdm, dc=dto. B. Then, search for the user you want and import the user into HPDM. In the testing environment, that is user dmtest. 3. Log in to HPDM as the child domain user. LDPA child domain account testing Testing environment: Parent domain: Domain: 3ls.com IP: 10.10.10.2 Test user account: jasons Child domain: Domain: sh.3ls.com IP: 10.10.10.241 Test user account: jasonss Note The parent and child domains must trust each other. 10

11

Test case 1 Parent host: 10.10.10.2 Child domain: sh.3ls.com Child domain account: jasonss Test result: Success Test case 2 Child host: 10.10.10.241 Child domain: sh.3ls.com Child domain account: jasonss Testing result: Success 12

Test case 3 Child host 10.10.10.241 Parent domain 3ls.com Parent domain account jasons Testing result: Fail Test case 4 Parent host 10.10.10.2 Parent domain 3ls.com Parent domain account jasons Testing result: Success Conclusion: To use a child domain account to connect to the LDAP server, the account must belong to the child domain. Either the parent host or the child host can be used. To use a parent domain account to connect to the LDAP server, the account must belong to parent domain. Only the parent host can be used. 13

For more information To read more about LDAP, go to http://en.wikipedia.org/wiki/ldap. Sign up for updates hp.com/go/getupdated Copyright 2014 Hewlett-Packard Development Company, L.P. Microsoft and Windows are U.S. registered trademarks of the Microsoft group of companies. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. First Edition: March 2014

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information