Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 3.0 for Dell PowerEdge VRTX

111

112

113

114

115

116

117

118

119

120

For more information about the RACADM commands, see the Chassis Management Controller for PowerEdge VRTX RACADM

Command Line Reference Guide available at dell.com/support/manuals.

Disabling CMC User

When using RACADM, users must be disabled manually on an individual-basis. Users cannot be deleted using a conguration le.

To delete a CMC user, the command syntax is:

racadm config -g cfgUserAdmin -o cfgUserAdminUserName

-i <index>""

racadm config -g cfgUserAdmin -i 2 -o

cfgUserAdminPrivilege 0x0

A null string of double quotation marks ("") instructs CMC to remove the user conguration at the specied index, and then reset

the user conguration to the factory default values.

Enabling CMC User With Permissions

To enable a user with specic administrative permissions (role-based authority):

1. Locate an available user index using the command syntax:

racadm getconfig -g cfgUserAdmin -i <index>

2. Type the following commands with the new user name and password.

racadm config -g cfgUserAdmin -o

cfgUserAdminPrivilege -i <index> <user privilege bitmask value>

NOTE: For a list of valid bit mask values for specic user privileges, see the

Chassis Management Controller for

PowerEdge VRTX RACADM Command Line Reference Guide

available at dell.com/support/manuals. The default

privilege value is 0, which indicates the user does not has any privileges enabled.

Conguring Active Directory Users

If your company uses the Microsoft Active Directory software, you can congure the software to provide access to CMC, allowing

you to add and control CMC user privileges to your existing users in your directory service. This is a licensed feature.

NOTE: On the following Operating Systems, you can recognize the users of CMC users by using Active Directory.

• Microsoft Windows 2000

• Microsoft Windows Server 2003

• Microsoft Windows Server 2008

You can congure user authentication through Active Directory to log in to the CMC. You can also provide role-based authority,

which enables an administrator to congure specic privileges for each user.

Supported Active Directory Authentication Mechanisms

You can use Active Directory to dene CMC user access using two methods:

• Standard schema solution that uses Microsoft’s default Active Directory group objects only.

• Extended schema solution that has customized Active Directory objects provided by Dell. All the access control objects are

maintained in Active Directory. It provides maximum exibility to congure user access on dierent CMCs with varying privilege

levels.

Standard Schema Active Directory Overview

As shown in the following gure, using standard schema for Active Directory integration requires conguration on both Active

Directory and CMC.

In Active Directory, a standard group object is used as a role group. A user who has CMC access is a member of the role group. To

give this user access to a specic CMC card, the role group name and its domain name need to be congured on the specic CMC

card. The role and the privilege level is dened on each CMC card and not in the Active Directory. You can congure up to ve role

groups in each CMC. The following table shows the default role group privileges.

117