Users Guide
Configuring iDRAC6 for Single Sign-On and Smart Card Login 175
Using Active Directory SSO
You can enable iDRAC6 to use Kerberos—a network authentication
protocol—to enable single sign-on. For more information on setting up
iDRAC6 to use the Active Directory single sign-on feature, see "Prerequisites
for Active Directory SSO and Smart Card Authentication" on page 172.
Configuring iDRAC6 to Use SSO
1
Ensure you have done the following:
a
Created the device object, privilege object, and association object in
the Active Directory server.
b
Set access privileges to the created privilege object. It is recommended
not to provide administrator privileges as this could bypass some
security checks.
c
Associate the device object and privilege object using the association
object.
d
Add the preceding SSO user (login user) to the device object.
e
Provide access privilege to
Authenticated Users
for accessing the
created association object.
For information about how to perform these steps, see "Adding
iDRAC6 Users and Privileges to Active Directory" on page 144.
2
Open a supported Web browser window.
3
Log in to iDRAC6 Web interface.
4
In the system tree, select
System
iDRAC Settings
Network/Security
tab
Network
. In the
Network
page, verify whether the
DNS iDRAC6
Name
is correct and matches with the name used for iDRAC6 fully
qualified domain name.
5
In the system tree, select
System
iDRAC Settings
Network/Security
tab
Directory Service
Microsoft Active Directory
.
The
Active Directory
summary screen is displayed.
6
Scroll to the bottom of the screen and click
Configure Active Directory
.
The
Active Directory Configuration and Management Step 1 of 4
screen
is displayed.