Users Guide
134 Using the DRAC 4 With Microsoft Active Directory
Are there any restrictions on
Domain Controller SSL
configuration?
Yes. All Active Directory servers’ SSL certificates in
the forest must be signed by the same root
CA since DRAC 4 only allows uploading one
trusted CA SSL certificate.
I created and uploaded a new
RAC certificate and now the
Web-based interface does not
launch.
If you use Microsoft Certificate Services to
generate the RAC certificate, one possible cause of
this issue is that you inadvertently chose User
Certificate instead of Web Certificate when
creating the certificate. To recover, generate a CSR
and create a new Web certificate from Microsoft
Certificate Services and load it using the racadm
CLI from the managed system by typing:
racadm sslcsrgen [-g] [-u] [-f
{filename}]
racadm sslcertupload -t 0x1 -f
<web_sslcert>
What can I do if I cannot log
into the DRAC 4 using Active
Directory authentication? How
do I troubleshoot the issue?
Troubleshoot as follows:
• Ensure that you have checked the
Enable Active
Directory
box on the DRAC 4
Active Directory
configuration page.
• Ensure that the DNS setting is correct on the
DRAC 4 Networking configuration page.
• Ensure that you have uploaded the Active
Directory certificate from your Active Directory
root CA to the DRAC 4.
• Check the Domain Controller SSL certificates to
ensure that they have not expired.
• Ensure that your "DRAC 4 Name", "Root Domain
Name", and "DRAC 4 Domain Name" match your
Active Directory environment configuration.
• Ensure that you use the correct user domain
name during a login and not the NetBIOS name.
Table 5-9. Using the DRAC 4 With Active Directory: Frequently
Asked Questions (continued)
Question Answer