Users Guide
134 Using iDRAC6 Directory Service
its Active Directory name so users can perform authentication and
authorization with Active Directory. Additionally, the Administrator must add
iDRAC6 to at least one Association Object in order for users to authenticate.
Figure 6-1 illustrates that the Association Object provides the connection
that is needed for all of the Authentication and Authorization.
Figure 6-1. Typical Setup for Active Directory Objects
You can create as many or as few association objects as required. However,
you must create at least one Association Object, and you must have one
iDRAC6 Device Object for each iDRAC6 device on the network that you
want to integrate with Active Directory for Authentication and Authorization
with iDRAC6.
The Association Object allows for as many or as few users and/or groups as
well as iDRAC6 Device Objects. However, the Association Object only
includes one Privilege Object per Association Object. The Association Object
connects the Users who have Privileges on iDRAC6 devices.
The Dell extension to the ADUC MMC Snap-in only allows associating the
Privilege Object and iDRAC6 Objects from the same domain with the
Association Object. The Dell extension does not allow a group or an iDRAC6
object from other domains to be added as a product member of the
Association Object.
iDRAC
Association Object
User(s)
Group(s)
Privilege Object
iDRAC
Device Object(s)