Users Guide
166 Using the DRAC 5 With Microsoft Active Directory
Can these Dell-extended objects
(Dell Association Object, Dell RAC
Device, and Dell Privilege Object)
be in different domains?
The Association Object and the Privilege Object
must be in the same domain. The Dell-
extended Active Directory Users and
Computers snap-in forces you to create these
two objects in the same domain. Other objects
can be in different domains.
Are there any restrictions on
Domain Controller SSL
configuration?
Yes. All Active Directory servers’ SSL certificates
in the forest must be signed by the same root
CA since DRAC 5 only allows uploading one
trusted CA SSL certificate.
I created and uploaded a new RAC
certificate and now the Web-based
interface does not launch.
If you use Microsoft Certificate Services to
generate the RAC certificate, one possible cause
of this is you inadvertently chose User
Certificate instead of Web Certificate when
creating the certificate.
To recover, generate a CSR and then create a
new web certificate from Microsoft Certificate
Services and load it using the RACADM CLI
from the managed system by using the following
racadm commands:
racadm sslcsrgen [-g] [-u] [-f
{filename}]
racadm sslcertupload -t 1 -f
{web_sslcert}
Table 6-9. Using DRAC 5 With Active Directory:
Frequently Asked Questions
(continued)
Question Answer