Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 1.10 for Dell PowerEdge FX2
101102103104105106107108109110
NOTE: For more information about user privileges, see Types of Users.
Configuring Standard Schema Active Directory
To configure CMC for an Active Directory login access:
1. On an Active Directory server (domain controller), open Active Directory Users and Computers
Snap-in.
2. Using the CMC Web interface or RACADM:
a. Create a group or select an existing group.
b. Configure the role privileges.
3. Add the Active Directory user as a member of the Active Directory group to access CMC.
Extended Schema Active Directory Overview
Using the extended schema solution requires the Active Directory schema extension.
Configuring Extended Schema Active Directory
To configure Active Directory to access CMC:
1. Extend the Active Directory schema.
2. Extend the Active Directory Users and Computers Snap-in.
3. Add CMC users and their privileges to Active Directory.
4. Enable SSL on each of your domain controllers.
5. Configure CMC Active Directory properties using CMC web interface or RACADM.
Configuring Generic LDAP Users
CMC provides a generic solution to support Lightweight Directory Access Protocol (LDAP)-based
authentication. This feature does not require any schema extension on your directory services.
A CMC administrator can now integrate the LDAP server user logins with CMC. This integration requires
configuration on both LDAP server and CMC. On the LDAP server, a standard group object is used as a
role group. A user who has CMC access becomes a member of the role group. Privileges are still stored
on CMC for authorization similar to the working of the Standard Schema setup with Active Directory
support.
To enable the LDAP user to access a specific CMC card, the role group name and its domain name must
be configured on the specific CMC card. You can configure a maximum of five role groups in each CMC.
A user has the option to be added to multiple groups within the directory service. If a user is a member of
multiple groups, then the user obtains the privileges of all their groups.
Configuring the Generic LDAP Directory to Access CMC
The CMC's Generic LDAP implementation uses two phases in granting access to a user—user
authentication, and then the user authorization.
Configuring Generic LDAP Directory Service Using CMC Web Interface
To configure the generic LDAP directory service:
105