Users Guide
Using the DRAC 4 With Microsoft Active Directory 133
the DRAC card for validation. The DRAC card validates the CA certificate and
extracts the private key from the certificate, which is used to decrypt
transmissions between the DRAC card and the Active Directory server.
NOTE: Depending on your network configuration, authentication may require up to
90 seconds to complete.
Frequently Asked Questions
Table 5-9 lists frequently asked questions and answers.
Table 5-9. Using the DRAC 4 With Active Directory: Frequently
Asked Questions
Question Answer
Can I log into the DRAC 4
using Active Directory across
multiple trees?
Yes. The DRAC 4’s Active Directory querying
algorithm supports multiple trees in a single forest.
Does the log in to the DRAC 4
using Active Directory work in
mixed mode (that is, the
domain controllers in the forest
run different operating systems,
such as Microsoft Windows
NT
®
4.0, Windows 2000, or
Windows Server 2003)?
Yes. In mixed mode, all objects used by the DRAC
4 querying process (among user, RAC Device
Object, and Association Object) have to be in the
same domain.
The Dell-extended Active Directory Users and
Computers snap-in checks the mode and limits
users in order to create objects across domains if in
mixed mode.
Does using the DRAC 4 with
Active Directory support
multiple domain environments?
Yes. The domain forest function level must be in
Native mode or Windows 2003 mode. In addition,
the groups among Association Object, RAC user
objects, and RAC Device Objects (including
Association Object) must be universal groups.
Can these Dell-extended
objects (Dell Association
Object, Dell RAC Device, and
Dell Privilege Object) be in
different domains?
The Association Object and the Privilege Object
must be in the same domain. The Dell-extended
Active Directory Users and Computers snap-in
forces you to create these two objects in the same
domain. Other objects can be in different domains.