Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 6.10 For Dell PowerEdge M1000e

151

152

153

154

155

156

157

158

159

160

The SSL certicates for the domain controllers must be signed by the root certicate authority-signed certicate. The root certicate

authority-signed certicate must be available on the management station accessing CMC.

CAUTION: SSL certicate validation is required by default. Disabling this certicate is

risky.

7 If you have enabled Single Sign-On (SSO), in the Kerberos Keytab section, click Browse, specify the keytab le and click Upload.

When the upload is complete, a message is displayed indicating a successful or failed upload.

8 Click Apply.

The CMC Web server restarts automatically.

9 Log in to the CMC Web interface.

10 Select Chassis in the system tree, click the Network tab, then click the Network subtab.

The Network Conguration page is displayed.

11 If Use DHCP for CMC Network Interface IP Address, is enabled, select one of the following:

• Select Use DHCP to Obtain DNS Server Addresses option to enable the DNS server addresses to be obtained automatically by

the DHCP server.

• Manually congure a DNS server IP address by not selecting the Use DHCP to Obtain DNS Server Addresses option. Type your

primary and alternate DNS server IP addresses in the elds provided.

12 Click Apply Changes.

The Active Directory settings for extended schema is congured.

Conguring Active Directory With Extended Schema Using RACADM

To congure the CMC Active Directory with Extended Schema using the RACADM:

1 Open a serial/Telnet/SSH text console to CMC, log in, and type:

racadm config -g cfgActiveDirectory -o cfgADEnable 1

racadm config -g cfgActiveDirectory -o cfgADType 1

racadm config -g cfgActiveDirectory -o

cfgADRacDomain <fully qualified CMC domain name>

racadm config -g cfgActiveDirectory -o

cfgADRootDomain <fully qualified root domain name>

racadm config -g cfgActiveDirectory -o

cfgADRacName <CMC common name>

racadm sslcertupload -t 0x2 -f <ADS root CA

certificate> -r

racadm sslcertdownload -t 0x1 -f <CMC SSL certificate>

NOTE

: You can use this command through remote RACADM only. For more information on remote RACADM, see

Chassis

Management Controller for Dell PowerEdge M1000e RACADM Command Line Reference Guide

Optional: If you want to specify an LDAP or Global Catalog server instead of using the servers returned by the DNS server to search

for a user name, type the following command to enable the Specify Server option:

racadm config -g cfgActiveDirectory -o

cfgADSpecifyServerEnable 1

NOTE

: When you use the Specify Server option, the host name in the certicate authority-signed certicate is not matched

against the name of the specied server. This is particularly useful if you are a CMC administrator, because it enables you to

enter a host name as well as an IP address.

After you enable the Specify Server option, you can specify an LDAP server and global catalog with IP addresses or fully qualied

domain names (FQDNs) of the servers. The FQDNs consist of the host names and the domain names of the servers.

To specify an LDAP server, type:

racadm config -g cfgActiveDirectory -o

cfgADDomainController <AD domain controller IP address>

156

Conguring User Accounts and Privileges