Users Guide
Table Of Contents
- Integrated Dell Remote Access Controller 6 (iDRAC6) Enterprise for Blade Servers Version 3.0
- User Guide
- Contents
- iDRAC6 Enterprise Overview
- Configuring iDRAC6 Enterprise
- Before You Begin
- Interfaces for Configuring iDRAC6
- Configuration Tasks
- Configure the Management Station
- Configure iDRAC6 Networking
- Configure iDRAC6 Users
- Configure Directory Services
- Configure IP Filtering and IP Blocking
- Configure Platform Events
- Enabling or Disabling Local Configuration Access
- Configure iDRAC6 Services
- Configure Secure Sockets Layer (SSL)
- Configure Virtual Media
- Configure a vFlash Media Card
- Install the Managed Server Software
- Configure the Managed Server for the Last Crash Screen Feature
- Configuring Network Settings Using CMC Web Interface
- Viewing FlexAddress Mezzanine Card Fabric Connections
- Remote Syslog
- First Boot Device
- Remote File Share
- Internal Dual SD Module
- Updating iDRAC6 Firmware
- Updating the USC Repair Package
- Configuring iDRAC6 For Use With IT Assistant
- Using iDRAC6 Configuration Utility to Enable Discovery and Monitoring
- Using iDRAC6 Web Interface to Enable Discovery and Monitoring
- Using IT Assistant to View iDRAC6 Status and Events
- Configuring the Management Station
- Management Station Set Up Steps
- Management Station Network Requirements
- Configuring a Supported Web Browser
- Installing iDRAC6 Software on the Management Station
- Installing a Java Runtime Environment (JRE)
- Installing Telnet or SSH Clients
- Installing a TFTP Server
- Installing Dell OpenManage IT Assistant
- Installing Dell Management Console
- Configuring the Managed Server
- Configuring iDRAC6 Enterprise Using the Web Interface
- Accessing the Web Interface
- Configuring iDRAC6 NIC
- Configuring Platform Events
- Configuring IPMI Over LAN
- Adding and Configuring iDRAC6 Users
- Securing iDRAC6 Communications Using SSL and Digital Certificates
- Configuring and Managing Microsoft Active Directory Certificates
- Enabling or Disabling Local Configuration Access
- Configuring iDRAC6 Services
- Updating iDRAC6 Firmware
- Using iDRAC6 Directory Service
- Using iDRAC6 With Microsoft Active Directory
- Prerequisites for Enabling Active Directory Authentication for iDRAC6
- Supported Active Directory Authentication Mechanisms
- Extended Schema Active Directory Overview
- Configuring Extended Schema Active Directory to Access iDRAC6
- Extending the Active Directory Schema
- Installing the Dell Extension to the Active Directory Users and Computers Snap-In
- Adding iDRAC6 Users and Privileges to Active Directory
- Configuring Microsoft Active Directory With Extended Schema Using iDRAC6 Web Interface
- Configuring Active Directory With Extended Schema Using RACADM
- Standard Schema Active Directory Overview
- Configuring Standard Schema Active Directory to Access iDRAC6
- Testing Your Configurations
- Using iDRAC6 with LDAP Directory Service
- Frequently Asked Questions
- Configuring iDRAC6 for Single Sign- On and Smart Card Login
- About Kerberos Authentication
- Prerequisites for Active Directory SSO and Smart Card Authentication
- Using Active Directory SSO
- Configuring Smart Card Authentication
- Configuring Smart Card Login in iDRAC6
- Logging Into iDRAC6 Using Active Directory Smart Card Authentication
- Frequently Asked Questions About SSO
- Troubleshooting the Smart Card Logon in iDRAC6
- Viewing the Configuration and Health of the Managed Server
- Configuring and Using Serial Over LAN
- Using GUI Virtual Console
- Configuring the vFlash SD Card and Managing vFlash Partitions
- Configuring and Using Virtual Media
- Using the RACADM Command Line Interface
- RACADM Subcommands
- Using local RACADM Commands
- Using the RACADM Utility to Configure iDRAC6
- Displaying Current iDRAC6 Settings
- Managing iDRAC6 Users with RACADM
- Adding an iDRAC6 User
- Enabling an iDRAC6 User With Permissions
- Uploading, Viewing, and Deleting SSH Keys Using RACADM
- Removing an iDRAC6 User
- Testing E-mail Alerting
- Testing iDRAC6 SNMP Trap Alert Feature
- Configuring iDRAC6 Network Properties
- Configuring IPMI Over LAN
- Configuring PEF
- Configuring PET
- Configuring IP Filtering (IP Range)
- Configuring IP Blocking
- Configuring iDRAC6 Telnet and SSH Services Using Local RACADM
- Remote and SSH/Telnet RACADM
- Using an iDRAC6 Configuration File
- Configuring Multiple iDRAC6s
- Power Monitoring and Power Management
- Using iDRAC6 Enterprise SM-CLP Command Line Interface
- Using the WS-MAN Interface
- Deploying Your Operating System Using iVMCLI
- Using iDRAC6 Configuration Utility
- Recovering and Troubleshooting the Managed System
- Safety First - For You and Your System
- Trouble Indicators
- Problem Solving Tools
- Checking the System Health
- Checking the System Event Log (SEL)
- Checking the Post Codes
- Viewing the Last System Crash Screen
- Viewing the Most Recent Boot Sequences
- Checking the Server Status Screen for Error Messages
- Viewing iDRAC6 Log
- Viewing System Information
- Identifying the Managed Server in the Chassis
- Using the Diagnostics Console
- Managing Power on a Remote System
- Troubleshooting and Frequently Asked Questions
- Index
170 Configuring iDRAC6 for Single Sign-On and Smart Card Login
9
Select the
Enable
Active Directory
check box.
10
Select
Enable Single Sign-on
if you want to log into iDRAC6 directly after
logging into your workstation without entering your domain user
authentication credentials, such as user name and password.
To log into iDRAC6 using this feature, you should have already logged into
your system using a valid Active Directory user account. Also you should
have already configured the user account to log into iDRAC6 using the
Active Directory credentials. iDRAC6 uses the cached Active Directory
credentials to log you in.
Before configuring iDRAC6 to use Single Sign-On (SSO), ensure that you
have performed the following:
a
Created the device object, privilege object, and association object in
the Active Directory server.
b
Set access privileges to the created privilege object. It is recommended
not to provide administrator privileges as this could bypass some
security checks.
c
Associate the device object and privilege object using the association
object.
d
Add the preceding SSO user (login user) to the device object.
e
Provide access privilege to
Authenticated Users
for accessing the
created association object.
For information about how to perform these steps, see "Adding
iDRAC6 Users and Privileges to Active Directory" on page 138.
To enable SSO using the CLI, run the RACADM command:
racadm -g cfgActiveDirectory -o cfgADSSOEnable 1
11
Add
User Domain Name
, and enter the IP address of the Domain
Controller Server Address. Select either the
Look Up Domain Controllers
with DNS
or
Specify Domain Controller Addresses
. Select
Next
. The
Active Directory Configuration and Management
Step 3 of 4
screen is
displayed.
12
Select the
Standard Schema
or
Extended Schema
option and click
Next
.
If you have selected
Standard Schema,
go to step 13. If you have selected
Extended Schema
, go to step 14.