Users Guide
Table Of Contents
- Integrated Dell Remote Access Controller 6 (iDRAC6) Enterprise for Blade Servers Version 3.0
- User Guide
- Contents
- iDRAC6 Enterprise Overview
- Configuring iDRAC6 Enterprise
- Before You Begin
- Interfaces for Configuring iDRAC6
- Configuration Tasks
- Configure the Management Station
- Configure iDRAC6 Networking
- Configure iDRAC6 Users
- Configure Directory Services
- Configure IP Filtering and IP Blocking
- Configure Platform Events
- Enabling or Disabling Local Configuration Access
- Configure iDRAC6 Services
- Configure Secure Sockets Layer (SSL)
- Configure Virtual Media
- Configure a vFlash Media Card
- Install the Managed Server Software
- Configure the Managed Server for the Last Crash Screen Feature
- Configuring Network Settings Using CMC Web Interface
- Viewing FlexAddress Mezzanine Card Fabric Connections
- Remote Syslog
- First Boot Device
- Remote File Share
- Internal Dual SD Module
- Updating iDRAC6 Firmware
- Updating the USC Repair Package
- Configuring iDRAC6 For Use With IT Assistant
- Using iDRAC6 Configuration Utility to Enable Discovery and Monitoring
- Using iDRAC6 Web Interface to Enable Discovery and Monitoring
- Using IT Assistant to View iDRAC6 Status and Events
- Configuring the Management Station
- Management Station Set Up Steps
- Management Station Network Requirements
- Configuring a Supported Web Browser
- Installing iDRAC6 Software on the Management Station
- Installing a Java Runtime Environment (JRE)
- Installing Telnet or SSH Clients
- Installing a TFTP Server
- Installing Dell OpenManage IT Assistant
- Installing Dell Management Console
- Configuring the Managed Server
- Configuring iDRAC6 Enterprise Using the Web Interface
- Accessing the Web Interface
- Configuring iDRAC6 NIC
- Configuring Platform Events
- Configuring IPMI Over LAN
- Adding and Configuring iDRAC6 Users
- Securing iDRAC6 Communications Using SSL and Digital Certificates
- Configuring and Managing Microsoft Active Directory Certificates
- Enabling or Disabling Local Configuration Access
- Configuring iDRAC6 Services
- Updating iDRAC6 Firmware
- Using iDRAC6 Directory Service
- Using iDRAC6 With Microsoft Active Directory
- Prerequisites for Enabling Active Directory Authentication for iDRAC6
- Supported Active Directory Authentication Mechanisms
- Extended Schema Active Directory Overview
- Configuring Extended Schema Active Directory to Access iDRAC6
- Extending the Active Directory Schema
- Installing the Dell Extension to the Active Directory Users and Computers Snap-In
- Adding iDRAC6 Users and Privileges to Active Directory
- Configuring Microsoft Active Directory With Extended Schema Using iDRAC6 Web Interface
- Configuring Active Directory With Extended Schema Using RACADM
- Standard Schema Active Directory Overview
- Configuring Standard Schema Active Directory to Access iDRAC6
- Testing Your Configurations
- Using iDRAC6 with LDAP Directory Service
- Frequently Asked Questions
- Configuring iDRAC6 for Single Sign- On and Smart Card Login
- About Kerberos Authentication
- Prerequisites for Active Directory SSO and Smart Card Authentication
- Using Active Directory SSO
- Configuring Smart Card Authentication
- Configuring Smart Card Login in iDRAC6
- Logging Into iDRAC6 Using Active Directory Smart Card Authentication
- Frequently Asked Questions About SSO
- Troubleshooting the Smart Card Logon in iDRAC6
- Viewing the Configuration and Health of the Managed Server
- Configuring and Using Serial Over LAN
- Using GUI Virtual Console
- Configuring the vFlash SD Card and Managing vFlash Partitions
- Configuring and Using Virtual Media
- Using the RACADM Command Line Interface
- RACADM Subcommands
- Using local RACADM Commands
- Using the RACADM Utility to Configure iDRAC6
- Displaying Current iDRAC6 Settings
- Managing iDRAC6 Users with RACADM
- Adding an iDRAC6 User
- Enabling an iDRAC6 User With Permissions
- Uploading, Viewing, and Deleting SSH Keys Using RACADM
- Removing an iDRAC6 User
- Testing E-mail Alerting
- Testing iDRAC6 SNMP Trap Alert Feature
- Configuring iDRAC6 Network Properties
- Configuring IPMI Over LAN
- Configuring PEF
- Configuring PET
- Configuring IP Filtering (IP Range)
- Configuring IP Blocking
- Configuring iDRAC6 Telnet and SSH Services Using Local RACADM
- Remote and SSH/Telnet RACADM
- Using an iDRAC6 Configuration File
- Configuring Multiple iDRAC6s
- Power Monitoring and Power Management
- Using iDRAC6 Enterprise SM-CLP Command Line Interface
- Using the WS-MAN Interface
- Deploying Your Operating System Using iVMCLI
- Using iDRAC6 Configuration Utility
- Recovering and Troubleshooting the Managed System
- Safety First - For You and Your System
- Trouble Indicators
- Problem Solving Tools
- Checking the System Health
- Checking the System Event Log (SEL)
- Checking the Post Codes
- Viewing the Last System Crash Screen
- Viewing the Most Recent Boot Sequences
- Checking the Server Status Screen for Error Messages
- Viewing iDRAC6 Log
- Viewing System Information
- Identifying the Managed Server in the Chassis
- Using the Diagnostics Console
- Managing Power on a Remote System
- Troubleshooting and Frequently Asked Questions
- Index
156 Using iDRAC6 Directory Service
CAUTION: Ensure that CN = open LDAP FQDN is set (for example, CN=
openldap.lab) in the subject field of the LDAP server certificate during certificate
generation. The CN field in the server certificate should be set to match the LDAP
server address field in iDRAC6 for certificate validation to work.
6
Under
Upload Directory Service CA Certificate
, type the file path of the
certificate or browse to find the certificate file.
NOTE: You must type the absolute file path, which includes the full path and
the complete file name and file extension.
7 C
lick
Upload
.
The certificate of the root CA that signs all the domain controllers'
Security Socket Layer (SSL) server certificates will be uploaded.
8
Click
Next
to go to the
Step 2 of 3 Generic LDAP Configuration and
Management
page. Use this page to configure location information about
generic LDAP servers and user accounts.
NOTE: In this release, the Smart Card based Two Factor Authentication (TFA)
and the single sign-on (SSO) features are not supported for Generic LDAP
Directory Service.
9
Select
Enable Generic LDAP
.
NOTE: In this release, nested group is not supported. The firmware searches
for the direct member of the group to match the user DN. Also, only single
domain is supported. Cross domain is not supported.
10
Select the
Use Distinguished Name to Search Group Membership
option
to use the Distinguished Name (DN) as group members. iDRAC6
compares the User DN retrieved from the directory to compare with the
members of the group. If unchecked, user name provided by the login user
is used to compare with the members of the group.
11
In the
LDAP Server Address
field, enter the FQDN or the IP address of
the LDAP server. To specify multiple redundant LDAP servers that serve
the same domain, provide the list of all servers separated by commas.
iDRAC6 tries to connect to each server in turn, until it makes a successful
connection.
12
Enter the port used for LDAP over SSL in the
LDAP Server Port
field. The
default is 636.