Users Guide
132 Using the DRAC 4 With Microsoft Active Directory
the DRAC card for validation. The DRAC card validates the CA certificate and
extracts the private key from the certificate, which is used to decrypt
transmissions between the DRAC card and the Active Directory server.
NOTE: Depending on your network configuration, authentication may require up to
90 seconds to complete.
Frequently Asked Questions
Table 5-9 lists frequently asked questions and answers.
Table 5-9. Using the DRAC 4 With Active Directory: Frequently
Asked Questions
Question Answer
Can I log into the DRAC 4 using
Active Directory across multiple
trees?
Yes. The DRAC 4’s Active Directory querying
algorithm supports multiple trees in a single
forest.
Does the log in to the DRAC 4
using Active Directory work in
mixed mode (that is, the domain
controllers in the forest run
different operating systems, such as
Microsoft Windows NT
®
4.0,
Windows 2000, or Windows
Server 2003)?
Yes. In mixed mode, all objects used by the
DRAC 4 querying process (among user, RAC
Device Object, and Association Object) have
to be in the same domain.
The Dell-extended Active Directory Users
and Computers snap-in checks the mode and
limits users in order to create objects across
domains if in mixed mode.
Does using the DRAC 4 with
Active Directory support multiple
domain environments?
Yes. The domain forest function level must
be in Native mode or Windows 2003 mode.
In addition, the groups among Association
Object, RAC user objects, and RAC Device
Objects (including Association Object) must
be universal groups.
Can these Dell-extended objects
(Dell Association Object, Dell RAC
Device, and Dell Privilege Object)
be in different domains?
The Association Object and the Privilege
Object must be in the same domain. The
Dell-extended Active Directory Users and
Computers snap-in forces you to create these
two objects in the same domain. Other
objects can be in different domains.