Users Guide
164 Using the iDRAC6 Directory Service
CAUTION: In this release, the Smart Card based Two Factor Authentication
(TFA) and the single sign-on (SSO) features are not supported if the Active
Directory is configured for Extended Schema.
If you want to disable the certificate validation during SSL handshake,
type the following
RACADM
command:
racadm config -g cfgActiveDirectory -o
cfgADCertValidationEnable 0
In this case, you do not have to upload a CA certificate.
If you want to enforce the certificate validation during SSL handshake,
type the following
RACADM
command:
racadm config -g cfgActiveDirectory -o
cfgADCertValidationEnable 1
In this case, you must upload a CA certificate using the following
RACADM
command:
racadm config -g cfgActiveDirectory -o
cfgADCertValidationEnable 1
racadm sslcertupload -t 0x2 -f <
ADS root CA
certificate
>
Using the following
RACADM
command may be optional. See "Importing
the iDRAC6 Firmware SSL Certificate" for additional information.
racadm sslcertdownload -t 0x1 -f <
RAC SSL
certificate
>
2
If DHCP is enabled on the iDRAC and you want to use the DNS provided
by the DHCP server, type the following
RACADM
command:
racadm config -g cfgLanNetworking -o
cfgDNSServersFromDHCP 1
3
If DHCP is disabled on the iDRAC or you want to manually input your
DNS IP address, type following
RACADM
commands:
racadm config -g cfgLanNetworking -o
cfgDNSServersFromDHCP 0
racadm config -g cfgLanNetworking -o cfgDNSServer1
<primary DNS IP address>