Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 6.21 For Dell PowerEdge M1000e
121122123124125126127128129130
When adding Universal Groups from separate domains, create an Association Object with Universal Scope. The Default Association
objects created by the Dell Schema Extender Utility are Domain Local Groups and does not work with Universal Groups from other
domains.
Figure 9. Setting Up Active Directory Objects in a Single Domain
To configure the objects for the single domain scenario:
1. Create two Association Objects.
2. Create two RAC Device Objects, RAC1 and RAC2, to represent the two CMCs.
3. Create two Privilege Objects, Priv1 and Priv2, in which Priv1 has all privileges (administrator) and Priv2 has login privilege.
4. Group user1 and user2 into Group1.
5. Add Group1 as Members in Association Object 1 (A01), Priv1 as Privilege Objects in A01, and RAC1, RAC2 as RAC Devices in A01.
6. Add User3 as Members in Association Object 2 (A02), Priv2 as Privilege Objects in A02, and RAC2 as RAC Devices in A02.
The following figure provides an example of Active Directory objects in multiple domains. In this scenario, you have two CMCs (RAC1 and
RAC2) and three existing Active Directory users (user1, user2, and user3). User1 is in Domain1, and user2 and user 3 are in Domain2. In this
scenario, configure user1 and user 2 with administrator privileges to both CMCs and configure user3 with login privileges to the RAC2
card.
Figure 10. Setting Up Active Directory Objects in Multiple Domains
To configure the objects for the multiple domain scenario:
1. Ensure that the domain forest function is in Native or Windows 2003 mode.
2. Create two Association Objects, A01 (of Universal scope) and A02, in any domain. The figure Setting Up Active Directory Objects in
Multiple Domains shows the objects in Domain2.
130
Configuring User Accounts and Privileges