Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC6 for Monolithic Servers Version 1.2

161

162

163

164

165

166

167

168

169

170

Using the iDRAC6 With Microsoft Active Directory 161

Testing Your Configurations

If you want to verify whether your configuration works, or if you need to

diagnose the problem with your failed Active Directory login, you can test

your settings from the iDRAC6 Web-based interface.

After you finish configuring settings in the iDRAC6 Web-based interface,

click Test Settings at the bottom of the page. You will be required to enter a

test user's name (for example, username@domain.com) and password to run

the test. Depending on your configuration, it may take some time for all of

the test steps to complete and display the results of each step. A detailed test

log will display at the bottom of the results page.

If there is a failure in any step, examine the details in the test log to identify

the problem and a possible solution. For most common errors, see

"Frequently Asked Questions about Active Directory."

If you need to make changes to your settings, click the Active Directory tab

and change the configuration step-by-step.

Enabling SSL on a Domain Controller

When the iDRAC authenticates users against an Active Directory domain

controller, it starts an SSL session with the domain controller. At this time,

the domain controller should publish a certificate signed by the Certificate

Authority (CA)—the root certificate of which is also uploaded into the

iDRAC. In other words, for iDRAC to be able to authenticate to any domain

controller—whether it is the root or the child domain controller—that

domain controller should have an SSL-enabled certificate signed by the

domain’s CA.

If you are using Microsoft Enterprise Root CA to automatically assign all your

domain controllers to an SSL certificate, perform the following steps to

enable SSL on each domain controller:

Enable SSL on each of your domain controllers by installing the SSL

certificate for each controller.

Click

Start

→

Administrative Tools

→

Domain Security Policy

Expand the

Public Key Policies

folder, right-click

Automatic

Certificate Request Settings

and click

Automatic Certificate

Request