White Papers
PAGE 9 OF 17
Look at the list using the Member attribute for all of the groups that are in the list. If the name of
the RAC device that is being authenticated is in the list, the user has been authenticated.
Read the dellPrivilegeObject attributes and enter them to the RAC as the authorization data
(Privileges).
Login Using Active Directory without Dell Schema Extension
Note: Requires DRAC 4 version 1.50 firmware and later.
Dell has been using Active Directory to manage DRAC 4 users and their access privileges on
different DRAC 4 cards. The schema-extending solution provides maximum flexibility to the
user but may be intimidating to some customers because the schema extension is not
reversible.
To meet the requirements from those customers who do not want to extend their existing
Active Directory schema, Dell now provides a standard schema solution in addition to the
schema extension. This solution provides the same flexibility of the current schema-extending
solution. It allows granting different users different privileges on different DRAC 4 cards. The
difference is that all the objects used in the standard schema solution are standard Active
Directory objects while the schema-extending solution adds Dell objects to the users’ Active
Directory.
The basic authentication and SSL connection are the same as the Active Directory with the
Dell schema extension solution.
Instead of using the Dell Association object, Dell privilege object, and RAC device object to link
a user; a standard group object has been used as a role group object. Any users in that role
group have assigned privileges on certain DRAC 4 cards. The privilege of that role group has
been defined in each individual DRAC 4 configuration database. Different DRAC 4 cards can
give the same role group object different privileges.