Configuring the HMC so that it uses LDAP remote authentication

You can configure your HMC so that it uses LDAP (Lightweight Directory Access Protocol) remote authentication.

When a user logs in to the HMC, authentication is first performed against a local password file. If a local password file is not found, the HMC can contact a remote LDAP server for authentication. You must configure your HMC so that it uses LDAP remote authentication.

Note: Before you configure the HMC so that it uses LDAP authentication, you must ensure that a working network connection exists between the HMC and the LDAP servers. For more information about configuring HMC network connections, see Configuring the HMC network types.
To configure your HMC so that it uses LDAP authentication, complete the following steps:
  1. In the navigation area, click HMC Management.
  2. In the content area, click Configure LDAP. The LDAP Server Definition window opens.
  3. Select Enable LDAP.
  4. Define an LDAP server to use for authentication (for example, Microsoft Active Directory, Tivoli®, and Open LDAP).
  5. Define the LDAP attribute that is used to identify the authenticated user. The default is uid, but you can use your own attributes. For Microsoft Active Directory, use sAMAccountName as the attribute.
  6. Define the distinguished name tree, also known as the search base, for the LDAP server.
  7. Click OK.
  8. If a user wants to use LDAP authentication, the user must configure their profile so that it uses LDAP remote authentication instead of local authentication.
Parent topic: Configuring the HMC by using the HMC menus


Last updated: Mon, April 13, 2020