Users Guide
138 Using the DRAC 5 With Microsoft Active Directory
Enabling SSL on a Domain Controller
When the DRAC 5 authenticates users against an Active Directory domain
controller, it starts an SSL session with the domain controller. At this time,
the domain controller should publish a certificate signed by the Certificate
Authority (CA)—the root certificate of which is also uploaded into the
DRAC 5. In other words, for DRAC 5 to be able to authenticate to any
domain controller—whether it is the root or the child domain controller—
that domain controller should have an SSL-enabled certificate signed by the
domain’s CA.
If you are using Microsoft Enterprise Root CA to automatically assign all your
domain controllers to an SSL certificate, perform the following steps to
enable SSL on each domain controller:
1
Enable SSL on each of your domain controllers by installing the SSL
certificate for each controller.
a
Click
Start
Administrative Tools
Domain Security Policy
.
b
Expand the
Public Key Policies
folder, right-click
Automatic
Certificate Request Settings
and click
Automatic Certificate
Request
.
c
In the
Automatic Certificate Request Setup Wizard
, click
Next
and
select
Domain Controller
.
d
Click
Next
and click
Finish
.
Exporting the Domain Controller Root CA Certificate to the DRAC 5
NOTE: If your system is running Windows 2000, the following steps may vary.
1
Locate the domain controller that is running the Microsoft Enterprise
CA service.
2
Click
Start
Run
.
3
In the
Run
field, type
mmc
and click
OK
.
Valid Fr om Certificate issue date.
Valid To Certificate expiration date.
Table 6-14. Active Directory CA Certificate Information
(continued)
Field Description