Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC7/8 with Lifecycle Controller Version 2.50.50.50
151152153154155156157158159160
NOTE: If you nd any issues with iDRAC user for which the keytab le is created, create a new user and a new keytab
le. If the same keytab le which was initially created is again executed, it does not congure correctly.
Creating Active Directory objects and providing privileges
Perform the following steps for Active Directory Extended schema based SSO login:
1 Create the device object, privilege object, and association object in the Active Directory server.
2 Set access privileges to the created privilege object. It is recommended not to provide administrator privileges as this could bypass
some security checks.
3 Associate the device object and privilege object using the association object.
4 Add the preceding SSO user (login user) to the device object.
5 Provide access privilege to Authenticated Users for accessing the created association object.
Related link
Adding iDRAC users and privileges to Active Directory
Conguring iDRAC SSO login for Active Directory
users
Before conguring iDRAC for Active Directory SSO login, make sure that you have completed all the prerequisites.
You can congure iDRAC for Active Directory SSO when you setup an user account based on Active Directory.
Related link
Prerequisites for Active Directory Single Sign-On or smart card login
Conguring Active Directory with Standard schema using iDRAC web interface
Conguring Active Directory with Standard schema using RACADM
Conguring Active Directory with Extended schema using iDRAC web interface
Conguring Active Directory with Extended schema using RACADM
Conguring iDRAC SSO login for Active Directory users using
web interface
To congure iDRAC for Active Directory SSO login:
NOTE
: For information about the options, see the
iDRAC Online Help
.
1 Verify whether the iDRAC DNS name matches the iDRAC Fully Qualied Domain Name. To do this, in iDRAC Web interface, go to
Overview > iDRAC Settings > Network > Network and see the DNS Domain Name property.
2 While conguring Active Directory to setup a user account based on standard schema or extended schema, perform the following two
additional steps to congure SSO:
Upload the keytab le on the Active Directory Conguration and Management Step 1 of 4 page.
Select Enable Single Sign-On option on the Active Directory Conguration and Management Step 2 of 4 page.
Conguring
iDRAC for Single Sign-On or smart card login 159