Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC6 for Monolithic Servers Version 1.2

141

142

143

144

145

146

147

148

149

150

Using the iDRAC6 With Microsoft Active Directory 149

Under

Certificate Settings

, check

Enable Certificate Validation

if you

want to validate the SSL certificate of your Active Directory servers;

otherwise, go to step 9.

Under

Upload Active Directory CA Certificate

, type the file path of the

certificate or browse to find the certificate file.

NOTE: You must type the absolute file path, which includes the full path and

the complete file name and file extension.

8 C

lick

Upload

The certificate information for the Active Directory CA certificate that

you uploaded is displayed.

Under

Upload Kerberos Keytab

, type the path of the keytab file or browse

to locate the file. Click

Upload

. The Kerberos keytab will be uploaded into

the iDRAC6.

Click

to go to the

Step 2 of 4

Active Directory Configuration and

Management

Click

Enable Active Directory

CAUTION: In this release, the Smart Card based Two Factor Authentication

(TFA) and the single sign-on (SSO) features are not supported if the Active

Directory is configured for Extended Schema.

Click

Add

to enter the user domain name.

Type the user domain name in the prompt and click

. Note that this

step is optional. If you configure a list of user domains, the list will be

available in the Web-based interface login screen. You can choose from the

list, and then you only need to type the user name.

Ty pe t h e

Timeout

time in seconds to specify the time the iDRAC6 will

wait for Active Directory responses. The default is 120 seconds.

Type the Domain Controller Server Address. You can enter up to three

Active Directory servers for login processing, but you are required to

configure at least one server by entering the IP address or the fully

qualified domain name (FQDN). iDRAC6 tries to connect to each

configured server until a connection is established.

NOTE: The FQDN or IP address that you specify in this field should match the

Subject or Subject Alternative Name field of your domain controller certificate

if you have certificate validation enabled.