Operational Defect Database
BugZero found this defect 98 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
Hewlett Packard Enterprise | a00131968en_us
Advisory: (Revision) HP Integrated Lights-Out (iLO 3 / iLO 4 / iLO 5/ iLO 6) - Lightweight Directory Access Protocol (LDAP) Login May Fail Intermittently for a User with a Large Directory Membership
Last update date:
2/26/2024
Affected products:
HPE Integrated Lights-Out 3 (iLO 3)
HPE Integrated Lights-Out 4 (iLO 4)
HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers
HPE Integrated Lights-Out 6 (iLO 6)
Affected releases:
HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE Integrated Lights-Out 6 (iLO 6), HPE Integrated Lights-Out 3 (iLO 3), HPE Integrated Lights-Out 4 (iLO 4)
Fixed releases:
No fixed releases provided.
Description:
Info
Document Version Release Date Details 3 February 12, 2024 Added iLO 6 as affected. 2 May 12, 2023 Added iLO 5 as affected. 1 September 3, 2014 Original Document Release. Supersedes c04433986 (Revision 0). If the Lightweight Directory Access Protocol (LDAP) login is used for Integrated Lights-Out (iLO) and the user is a member of more than 300 groups (including nested groups) the LDAP login may fail. This may occur even when iLO is set up correctly and the proper username and password are being entered for the LDAP login. In some instances, the login will succeed a few times and then fail at a later login attempt. This issue will occur on all ProLiant servers with Integrated Lights-Out 3 (iLO 3), iLO 4, iLO 5, or iLO 6 when the user's directory membership exceeds the iLO's threshold amount of 300 groups. The Integrated Lights-Out has a limit set to 300 directory groups that it will support. When the group total for a user's directory exceeds this threshold, then the following error message is displayed: The test pages will also show a similar message, as shown in Figure 2 - Test Directory Settings Page: Note : With iLO 3 Firmware Version 1.80 (or later) and iLO 4 Firmware Version 2.00 (or later), the following message will be displayed on the logon page when this issue occurs: Failed login attempt, Internal Error. Login Delay required. With iLO 5 Firmware Version 2.72 (or later), the following will be displayed:
Scope
Any HP ProLiant server configured with iLO 3, iLO 4, iLO 5, or iLO 6.
Resolution
To resolve this issue, reduce the maximum directory group size to less than 300 for iLO 3, iLO 4, iLO 5, or iLO 6 including nested groups. In the future, iLO 3, iLO 4, iLO 5 and iLO 6 whitepapers and user guides will include information on the limit of 300 total count for the group size. RECEIVE PROACTIVE UPDATES : Receive support alerts (such as Customer Advisories), as well as updates on drivers, software, firmware, and customer replaceable components, proactively in your e-mail through HPE Support Alerts. Sign up for Support Alerts at the following URL: HPE Email Preference Center NAVIGATION TIP: For hints on navigating HPE.com to locate the latest drivers, patches and other support software downloads, refer to the Navigation Tips document. SEARCH TIP: For hints on locating similar documents on HPE.com, refer to the Search Tips document.
