Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 2.10 For Dell PowerEdge FX2
111112113114115116117118119120
Conguring standard schema Active Directory
To congure CMC for an Active Directory login access:
1 On an Active Directory server (domain controller), open Active Directory Users and Computers Snap-in.
2 Using the CMC Web interface or RACADM:
a Create a group or select an existing group.
b Congure the role privileges.
3 Add the Active Directory user as a member of the Active Directory group to access CMC.
Extended schema Active Directory overview
Using the extended schema solution requires the Active Directory schema extension.
Conguring extended schema Active Directory
To congure Active Directory to access CMC:
1 Extend the Active Directory schema.
2 Extend the Active Directory Users and Computers Snap-in.
3 Add CMC users and their privileges to Active Directory.
4 Enable SSL on each of your domain controllers.
5 Congure CMC Active Directory properties using CMC web interface or RACADM.
Conguring generic LDAP users
CMC provides a generic solution to support Lightweight Directory Access Protocol (LDAP)-based authentication. This feature does not
require any schema extension on your directory services.
A CMC administrator can now integrate the LDAP server user logins with CMC. This integration requires conguration on both LDAP
server and CMC. On the LDAP server, a standard group object is used as a role group. A user who has CMC access becomes a member of
the role group. Privileges are still stored on CMC for authorization similar to the working of the Standard Schema setup with Active
Directory support.
To enable the LDAP user to access a specic CMC card, the role group name and its domain name must be congured on the specic
CMC card. You can congure a maximum of ve role groups in each CMC. A user has the option to be added to multiple groups within the
directory service. If a user is a member of multiple groups, then the user obtains the privileges of all their groups.
Conguring the generic LDAP directory to access CMC
The CMC's Generic LDAP implementation uses two phases in granting access to a user—user authentication, and then the user
authorization.
Conguring
user accounts and privileges 115