Users Guide
Using the iDRAC6 With Microsoft Active Directory 147
racadm config -g cfgActiveDirectory -o
cfgDomainController3 <
fully qualified domain name
or IP Address of the domain controller
>
NOTE: At least one of the three addresses is required to be configured.
iDRAC attempts to connect to each of the configured addresses one-by-one
until a successful connection is made. When the extended schema option is
selected, these are the FQDN or IP addresses of the domain controllers where
this iDRAC device is located. Global catalog servers are not used in extended
schema mode at all.
NOTE: The FQDN or IP address that you specify in this field should match the
Subject or Subject Alternative Name field of your domain controller certificate
if you have certificate validation enabled.
If you want to disable the certificate validation during SSL handshake,
type the following
RACADM
command:
racadm config -g cfgActiveDirectory -o
cfgADCertValidationEnable 0
In this case, you do not have to upload a CA certificate.
If you want to enforce the certificate validation during SSL handshake,
type the following
RACADM
command:
racadm config -g cfgActiveDirectory -o
cfgADCertValidationEnable 1
In this case, you must upload a CA certificate using the following
RACADM
command:
racadm config -g cfgActiveDirectory -o
cfgADCertValidationEnable 1
racadm sslcertupload -t 0x2 -f <
ADS root CA
certificate
>
Using the following
RACADM
command may be optional. See "Importing
the iDRAC6 Firmware SSL Certificate" for additional information.
racadm sslcertdownload -t 0x1 -f <
RAC SSL
certificate
>