Users Guide
174 Configuring iDRAC6 for Single Sign-On and Smart Card Login
NOTE: It is recommended that you use the latest ktpass utility to create the
keytab file. Also, while generating the keytab file, use lowercase letters for
the idracname and the Service Principal Name.
This procedure will produce a keytab file that you should upload to
iDRAC6.
NOTE: The keytab contains an encryption key and should be kept secure.
For more information on the
ktpass
utility, see the Microsoft website at:
http://technet.microsoft.com/en-us/library/cc779157(WS.10).aspx
• iDRAC6 time should be synchronized with the Active Directory domain
controller.
Browser Settings to Enable Active Directory SSO
To configure the browser settings for Internet Explorer:
1
Open Internet Explorer Web browser.
2
Select
Tools
Internet Options
Security
Local Intranet
.
3
Click
Sites
.
4
Select the following options only:
• Include all local (intranet) sites not listed on other zones.
• Include all sites that bypass the proxy server.
5
Click
Advanced
.
6
Add all relative domain names that will be used for iDRAC instances that
is part of the SSO configuration (for example, myhost.example.com.)
7
Click
Close
and click
OK
.
8
Click
OK
.
To configure the browser settings for Firefox:
1
Open Firefox Web browser.
2
In the address bar, enter
about:config
.
3
In
Filter
, enter
network.negotiate
.
4
Add the iDRAC name to network.negotiate-auth.trusted-uris (using
comma separated list.)
5
Add the iDRAC name to network.negotiate-auth.delegation-uris (using
comma separated list.)