IBM Remote Management Authentication via Active Directory

March 21, 2011 | Categories: Linux, Technical | Tags: active directory, authentication, IBM, ldap, Remote Management, RMM No Comments ↓

викMost high end IBM hardware comes with a RMM (Remote Management Module) if you ever hope to manage the equipment from a location other than right in front of the machine. Managing the local accounts on the system is painful at best, and a more secure method is to integrate in to an already existing LDAP or Active Directory environment to provide single-sign-on access.

To do this within the RMM:

Log in to the management module’s interface using an administrative account.
Expand “MM Control”
Select “Network Protocols”
- Click on “Lightweight Directory Access Protocol (LDAP)”
- Click “Use LDAP Servers for Authentication Only (with local authorization)”. Select “OK” at the pop-up warning.
- Click “Use Pre-Configured Servers” and enter in the IP addresses of your domain controllers (port 389)
  - Under “Miscellaneous Parameters”:
  - Enter your Root DN. For example, dc=mylocaldomain,dc=com
  - Select “w/ Login Credentials”
- Click “Save”
Under “MM Controls”, click on “Login Profiles”
- Click “Group Profiles”
- Click “Add a Group”
  - Enter in an Active Directory group name in to the “Group ID” field. For example, “Domain Admins”
  - Under “Role”, select “Custom”
  - Move all “Unassigned Roles” to “Assigned Roles” by clicking on each role.
  - Make sure the same is done for the “Assigned Scope”
  - Click “Save”

You must be logged in to post a comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Leave a Reply