Users Guide
200 Enabling Kerberos Authentication
Configuring the iDRAC6 for single sign-on and
Active Directory Authentication Using Smart Card
Upload the keytab obtained from the Active Directory root domain,
to the iDRAC6:
1
Click
Remote Access
→
Network/Security
tab
→
Directory Service
subtab
→
Click
Microsoft Active Directory
.
2
Select
Upload Kerberos Keytab
and click
Next
.
3
On the
Kerberos Keytab Upload
page, select the keytab file to upload
and click
Apply
.
You can also upload the file to iDRAC6 by using CLI racadm commands.
The following command uploads the keytab file to iDRAC6:
racadm krbkeytabupload -f <filename>
where <filename> is the name of the keytab file. The racadm command is
supported by both local and remote racadm.
Configuring Active Directory Users for single
sign-on Logon
Before using the Active Directory single sign-on logon feature, ensure that
you have already configured the iDRAC6 for Active Directory login and the
domain user account that you will use to login into the system has been
enabled for iDRAC6 Active Directory login.
Also ensure that you have enabled the Active Directory logon setting.
See "Using the iDRAC6 Directory Service" for more information on how to
set up Active Directory users. You must also enable the iDRAC6 to be a
kerberized service by uploading a valid keytab file obtained from the Active
Directory root domain, to the iDRAC6.
See
"Configuring the iDRAC6 to Use Single Sign-On" for information on how to
enable single sign–on using the GUI and the CLI.