Users Guide
Using the iDRAC6 Directory Service 161
6
Under
Certificate Settings
, check
Enable Certificate Validation
if you
want to validate the SSL certificate of your Active Directory servers;
otherwise, go to step 9.
7
Under
Upload Active Directory CA Certificate
, type the file path of the
certificate or browse to find the certificate file.
NOTE: You must type the absolute file path, which includes the full path and
the complete file name and file extension.
8 C
lick
Upload
.
The certificate information for the Active Directory CA certificate that
you uploaded is displayed.
9
Under
Upload Kerberos Keytab
, type the path of the keytab file or browse
to locate the file. Click
Upload
. The Kerberos keytab will be uploaded into
the iDRAC6.
10
Click
Next
to go to the
Step 2 of 4
Active Directory Configuration and
Management
page.
11
Click
Enable Active Directory
.
CAUTION: In this release, the Smart Card based Two Factor Authentication
(TFA) and the single sign-on (SSO) features are not supported if the Active
Directory is configured for Extended Schema.
12
Click
Add
to enter the user domain name.
13
Type the user domain name in the prompt and click
OK
. Note that this
step is optional. If you configure a list of user domains, the list will be
available in the Web-based interface login screen. You can choose from the
list, and then you only need to type the user name.
14
Ty pe th e
Timeout
time in seconds to specify the time the iDRAC6 will
wait for Active Directory responses. The default is 120 seconds.
15
Select the
Look Up Domain Controllers with DNS
option to obtain the
Active Directory domain controllers from a DNS lookup. Domain
Controller Server Addresses 1-3 are ignored. Select
User Domain from
Login
to perform the DNS lookup with the domain name of the login user.
Else, select
Specify a Domain
and enter the domain name to use on the
DNS lookup. iDRAC6 attempts to connect to each of the addresses (first 4
addresses returned by the DNS look up) one by one until it makes a