Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC6 for Blade Servers Version 3.5
131132133134135136137138139140
Using iDRAC6 Directory Service 133
Identifiers (OIDs) so that when companies add extensions to the schema,
they can be guaranteed to be unique and not to conflict with each other.
To extend the schema in Microsoft's Active Directory, Dell received unique
OIDs, unique name extensions, and uniquely linked attribute IDs for our
attributes and classes that are added into the directory service.
Dell extension is:
dell
Dell base OID is:
1.2.840.113556.1.8000.1280
RAC LinkID range is:
12070 to 12079
Overview of iDRAC6 Schema Extensions
To provide the greatest flexibility in the multitude of customer
environments, Dell provides a group of properties that can be configured by
the user depending on the desired results. Dell has extended the schema to
include an Association, Device, and Privilege property. The Association
property is used to link together the users or groups with a specific set of
privileges to one or more iDRAC6 devices. This model provides an
Administrator maximum flexibility over the different combinations of users,
iDRAC6 privileges, and iDRAC6 devices on the network without adding too
much complexity.
Active Directory Object Overview
For each physical iDRAC6 device on the network that you want to integrate
with Active Directory for Authentication and Authorization, create at least
one Association Object and one iDRAC6 Device Object. You can create
multiple Association Objects, and each Association Object can be linked to as
many users, groups of users, or iDRAC6 Device Objects as required. The
users and iDRAC6 user groups can be members of any domain in the
enterprise.
However, each Association Object can be linked (or, may link users, groups
of users, or iDRAC6 Device Objects) to only one Privilege Object.
This example allows an Administrator to control each user’s privileges on
specific iDRAC6 devices.
iDRAC6 Device object is the link to iDRAC6 firmware for querying Active
Directory for authentication and authorization. When iDRAC6 is added to the
network, the Administrator must configure iDRAC6 and its device object with