Users Guide
162 Using iDRAC6 Directory Service
When generic LDAP is enabled, iDRAC6 first tries to login the user as a
directory user. If it fails, local user lookup is enabled.
NOTE: There is no behavior change on the Active Directory login syntax. When
generic LDAP is enabled, the GUI login page displays only This iDRAC in the
drop-down menu.
NOTE: In this release, only openLDAP, openDS, Novell eDir and Fedora based
directory services are supported. "<" and ">" characters are not allowed in the user
name.
Configuring Generic LDAP Directory Service Using iDRAC6 Web-Based
Interface
1
Open a supported Web browser window.
2
Log in to iDRAC6 Web-based interface.
3
Click
System
iDRAC Settings
Network/Security
tab
Directory
Service
Generic LDAP Directory Service
.
4
The
Generic LDAP Configuration and Management
page displays the
current iDRAC6 generic LDAP settings. Scroll to the bottom of the
Generic LDAP Configuration and Management
page, and click
Configure Generic LDAP
.
The
Step 1 of 3 Generic LDAP Configuration and Management
page is
displayed. Use this page to configure the digital certificate used during
initiation of SSL connections when communicating with a generic LDAP
server. These communications use LDAP over SSL (LDAPS). If you
enable certificate validation, upload the certificate of the Certificate
Authority (CA) that issued the certificate used by the LDAP server during
initiation of SSL connections. The CA's certificate is used to validate the
authenticity of the certificate provided by the LDAP server during SSL
initiation.
NOTE: In this release, non-SSL port based LDAP bind is not supported. Only
LDAP over SSL is supported.
5
Under
Certificate Settings
, check
Enable Certificate Validation
to
enable certificate validation. If enabled, iDRAC6 uses the CA certificate
to validate the LDAP server certificate during Secure Socket Layer (SSL)
handshake; if disabled, iDRAC6 skips the certificate validation step of the