Users Guide
162 Using iDRAC6 Directory Service
When generic LDAP is enabled, iDRAC6 first tries to login the user as a
directory user. If it fails, local user lookup is enabled.
NOTE: There is no behavior change on the Active Directory login syntax. When
generic LDAP is enabled, the GUI login page displays only This iDRAC in the
drop-down menu.
NOTE: In this release, only openLDAP, openDS, Novell eDir and Fedora based
directory services are supported. "<" and ">" characters are not allowed in the user
name.
Configuring Generic LDAP Directory Service Using iDRAC6 Web-Based
Interface
1
Open a supported Web browser window.
2
Log in to iDRAC6 Web-based interface.
3
Click
System
iDRAC Settings
Network/Security
tab
Directory
Service
Generic LDAP Directory Service
.
4
The
Generic LDAP Configuration and Management
page displays the
current iDRAC6 generic LDAP settings. Scroll to the bottom of the
Generic LDAP Configuration and Management
page, and click
Configure Generic LDAP
.
The
Step 1 of 3 Generic LDAP Configuration and Management
page is
displayed. Use this page to configure the digital certificate used during
initiation of SSL connections when communicating with a generic LDAP
server. These communications use LDAP over SSL (LDAPS). If you enable
certificate validation, upload the certificate of the Certificate Authority
(CA) that issued the certificate used by the LDAP server during initiation
of SSL connections. The CA's certificate is used to validate the
authenticity of the certificate provided by the LDAP server during SSL
initiation.
NOTE: In this release, non-SSL port based LDAP bind is not supported. Only
LDAP over SSL is supported.
5
Under
Certificate Settings
, check
Enable Certificate Validation
to enable
certificate validation. If enabled, iDRAC6 uses the CA certificate to
validate the LDAP server certificate during Secure Socket Layer (SSL)
handshake; if disabled, iDRAC6 skips the certificate validation step of the