Users Guide
Figure 10. Setting Up Active Directory Objects in Multiple Domains
To congure the objects for the multiple domain scenario:
1 Ensure that the domain forest function is in Native or Windows 2003 mode.
2 Create two Association Objects, A01 (of Universal scope) and A02, in any domain. The gure Setting Up Active Directory Objects in
Multiple Domains shows the objects in Domain2.
3 Create two RAC Device Objects, RAC1 and RAC2, to represent the two CMCs.
4 Create two Privilege Objects, Priv1 and Priv2, in which Priv1 has all privileges (administrator) and Priv2 has login privilege.
5 Group user1 and user2 into Group1. The group scope of Group1 must be Universal.
6 Add Group1 as Members in Association Object 1 (A01), Priv1 as Privilege Objects in A01, and RAC1, RAC2 as RAC Devices in A01.
7 Add User3 as Members in Association Object 2 (A02), Priv2 as Privilege Objects in A02, and RAC2 as RAC Devices in A02.
Conguring Extended Schema Active Directory
To congure Active Directory to access CMC:
1 Extend the Active Directory schema.
2 Extend the Active Directory Users and Computers Snap-in.
3 Add CMC users and their privileges to Active Directory.
4 Enable SSL on each of your domain controllers.
5 Congure CMC Active Directory properties using CMC Web interface or RACADM.
Related links
Extending Active Directory Schema
Installing Dell Extension to the Active Directory Users and Computers Snap-In
Adding CMC Users and Privileges to Active Directory
Conguring Active Directory With Extended Schema Using CMC Web Interface
Conguring Active Directory With Extended Schema Using RACADM
148
Conguring User Accounts and Privileges