Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 2.10 For Dell PowerEdge FX2
111112113114115116117118119120
Conguring CMC for Single Sign-On or Smart
Card login
This section provides information to congure CMC for Smart Card login and Single Sign-On (SSO) login for Active Directory users.
SSO uses Kerberos as an authentication method allowing users, who have signed in as an automatic- or single sign-on to subsequent
applications such as Exchange. For single sign-on login, CMC uses the client systems credentials, which are cached by the operating
system after you log in using a valid Active Directory account.
Two-factor-authentication, provides a higher-level of security by requiring users to have a password or PIN, and a physical card containing a
private key or digital certicate. Kerberos uses this two-factor authentication mechanism allowing systems to prove their authenticity.
NOTE: Selecting a login method does not set policy attributes with respect to other login interfaces, for example, SSH. You must
set other policy attributes for other login interfaces also. If you want to disable all other login interfaces, navigate to the Services
page and disable all (or some) the login interfaces.
Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows 7, and Windows Server 2008 can use Kerberos as
the authentication mechanism for SSO and smart card login.
For information about Kerberos, see the Microsoft Website.
Topics:
System requirements
Prerequisites for Single Sign-On or Smart Card login
Generating Kerberos keytab le
Conguring CMC for Active Directory schema
Conguring browser for SSO login
Conguring browser for Smart Card login
Conguring CMC SSO login or Smart Card login for Active Directory users using RACADM
Conguring CMC SSO Or Smart Card Login For Active Directory Users Using Web Interface
Uploading Keytab le
Conguring CMC SSO login or Smart Card login for Active Directory users using RACADM
System requirements
To use the Kerberos authentication, the network must include:
DNS server
Microsoft Active Directory Server
11
118 Conguring CMC for Single Sign-On or Smart Card login