Users Guide

Testing Active Directory settings using iDRAC web interface

To test the Active Directory settings:

1 In iDRAC Web Interface, go to Overview > iDRAC Settings > User Authentication > Directory Services > Microsoft Active

Directory.

The Active Directory summary page is displayed.

2 Click Test Settings.

3 Enter a test user's name (for example, username@domain.com) and password and click Start Test. A detailed test results and the

test log displays.

If there is a failure in any step, examine the details in the test log to identify the problem and a possible solution.

NOTE: When testing Active Directory settings with Enable Certicate Validation checked, iDRAC requires that the

Active Directory server be identied by the FQDN and not an IP address. If the Active Directory server is identied by

an IP address, certicate validation fails because iDRAC is not able to communicate with the Active Directory server.

Testing Active Directory settings using RACADM

To test the Active Directory settings, use the testfeature command.

For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.

Conguring generic LDAP users

iDRAC provides a generic solution to support Lightweight Directory Access Protocol (LDAP)-based authentication. This feature does not

require any schema extension on your directory services.

To make iDRAC LDAP implementation generic, the commonality between dierent directory services is utilized to group users and then

map the user-group relationship. The directory service specic action is the schema. For example, they may have dierent attribute names

for the group, user, and the link between the user and the group. These actions can be congured in iDRAC.

NOTE

: The Smart Card based Two Factor Authentication (TFA) and the Single Sign-On (SSO) logins are not supported for

generic LDAP Directory Service.