Users Guide
Using iDRAC6 With Microsoft Active Directory 133
On the Active Directory side, a standard group object is used as a role group.
A user who has iDRAC6 access will be a member of the role group. To give
this user access to a specific iDRAC6 card, the role group name and its
domain name need to be configured on the specific iDRAC6 card. Unlike the
extended schema solution, the role and the privilege level is defined on each
iDRAC6 card, not in the Active Directory. Up to five role groups can be
configured and defined in each iDRAC6. Table 6-9 shows the default role
group privileges.
NOTE: The Bit Mask values are used only when setting Standard Schema with
the RACADM.
Table 6-9. Default Role Group Privileges
Role
Groups
Default Privilege
Level
Permissions Granted Bit Mask
Role
Group 1
Administrator Login to iDRAC, Configure iDRAC,
Configure Users, Clear Logs,
Execute Server Control Commands,
Access Console Redirection,
Access Virtual Media, Test Alerts,
Execute Diagnostic Commands
0x000001ff
Role
Group 2
Operator Login to iDRAC, Configure iDRAC,
Execute Server Control Commands,
Access Console Redirection,
Access Virtual Media, Test Alerts,
Execute Diagnostic Commands
0x000000f9
Role
Group 3
Read Only Login to iDRAC 0x00000001
Role
Group 4
None No assigned permissions 0x00000000
Role
Group 5
None No assigned permissions 0x00000000