Users Guide
Using the iDRAC6 With Microsoft Active Directory 161
click Test Settings. Enter a test user name and password, and click Start Test.
iDRAC6 runs the tests step-by-step and displays the result for each step.
A detailed test result is also logged to help you resolve any problems. Click the
Active Directory tab to return to the Active Directory Configuration and
Management page. Scroll to the bottom of the page and click Configure
Active Directory to change your configuration and run the test again until the
test user passes the authorization step.
I enabled certificate validation but I failed my Active Directory login.
I ran the diagnostics from the GUI and the test result shows the following
error message:
ERROR: Can't contact LDAP server, error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed:
Please check the correct Certificate Authority (CA) certificate has been
uploaded to iDRAC. Please also check if the iDRAC date is within the valid
period of the certificates and if the Domain Controller Address configured
in iDRAC matches the subject of the Directory Server Certificate.
What could be the problem and how can I fix it?
If certificate validation is enabled, iDRAC6 uses the uploaded CA certificate
to verify the directory server certificate when iDRAC6 establishes the SSL
connection with the directory server. The most common reasons for failing
certification validation are:
1
The iDRAC6 date is not within the valid period of the server certificate or
CA certificate. Please check your iDRAC6 time and the valid period of
your certificate.
2
The Domain Controller Addresses configured in iDRAC6 do not match
the Subject or Subject Alternative Name of the directory server certificate.
If you are using an IP address, please read the following question and
answer. If you are using FQDN, please make sure you are using the FQDN
of the domain controller, not the domain, for example,
servername.example.com
instead of
example.com.