Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC6 for Monolithic Servers Version 1.0
131132133134135136137138139140
Using the iDRAC6 With Microsoft Active Directory 135
For example, Priv1 has these privileges: Login, Virtual Media, and Clear Logs
and Priv2 has these privileges: Login to iDRAC, Configure iDRAC, and Test
Alerts. As a result, User1 now has the privilege set: Login to iDRAC, Virtual
Media, Clear Logs, Configure iDRAC, and Test Alerts, which is the combined
privilege set of Priv1 and Priv2.
Extended Schema Authentication accumulates privileges to allow the user
the maximum set of privileges possible considering the assigned privileges of
the different privilege objects associated to the same user.
In this configuration, User1 has both Priv1 and Priv2 privileges on iDRAC2.
User1 has Priv1 privileges on iDRAC1 only. User2 has Priv1 privileges on both
iDRAC1 and iDRAC2. In addition, this figure shows that User1 can be in a
different domain and can be associated by a nested group.
Configuring Extended Schema Active Directory to Access Your iDRAC
Before using Active Directory to access your iDRAC6, configure the Active
Directory software and the iDRAC6 by performing the following steps in order:
1
Extend the Active Directory schema (see "Extending the Active Directory
Schema").
2
Extend the Active Directory Users and Computers Snap-in (see "Installing
the Dell Extension to the Active Directory Users and Computers Snap-In").
3
Add iDRAC6 users and their privileges to Active Directory (see "Adding
iDRAC Users and Privileges to Active Directory").
4
Enable SSL on each of your domain controllers (see "Enabling SSL on a
Domain Controller").
5
Configure the iDRAC6 Active Directory properties using either the
iDRAC6 Web-based interface or the RACADM (see "Configuring Active
Directory With Extended Schema Using the iDRAC6 Web-Based
Interface" or "Configuring Active Directory With Extended Schema Using
RACADM").
Extending your Active Directory schema adds a Dell organizational unit,
schema classes and attributes, and example privileges and association objects
to the Active Directory schema. Before you extend the schema, ensure that
you have Schema Admin privileges on the Schema Master Flexible Single
Master Operation (FSMO) Role Owner of the domain forest.