Manualshelf

White Papers

ManualsBrandsDell ManualsActive System ManageriDRAC7 Version 1.10.10
11121314151617181920
Integrating iDRAC7 with Active Directory
13
Configuring the iDRAC7 Directory Services Settings
Note: You must have an iDRAC7 Enterprise license to configure the directory services settings.
1. Go to iDRAC Settings > User Authentication > Directory Services.
2. Select Microsoft Active Directory and click Apply.
3. In the Active Directory Configuration and Management page, scroll down to the bottom of the
page and click Configure Active Directory.
4. Select Enable Certificate Validation.
5. Upload the Directory Service CA Certificate - Upload the certificate file generated earlier (named
ad2.cer in this example) to iDRAC. First, copy this file from the Domain Controller to your
management station. Second, in the iDRAC Web GUI next to Upload Directory Service CA
Certificate, click Browse, select the file, and click Upload.
A message similar to the following is displayed.
Upload Complete Figure 9.
If you see a message indicating the Certificate is not valid, there may be a date/time discrepancy
between your CA and the iDRAC. Make sure the date and time on the iDRAC matches the date and
time on the CA (the Domain Controller in this document) and try again.
Note: Applies to iDRAC firmware releases prior to 1.30.30 only. If the certificate was issued from a
newly created CA, it may continue to be reported as not valid even though the iDRAC and CA server
dates and times match. This is because the iDRAC treats its time as UTC (Coordinated Universal
Time). For example, if your CA server was created today at 2:00 pm Central Standard Time, the
iDRAC views this as 2:00 pm UTC, a difference of 6 hours. As a result, the "valid from" timestamp
on the certificate is not considered valid by the iDRAC until 8:00 pm on the day the CA was
created. You can work around this by temporarily moving the time on the Managed System
containing the iDRAC ahead by the appropriate amount for your time zone and resetting the iDRAC
or by waiting until the time has passed. This issue has been fixed in iDRAC firmware 1.30.30 and
later versions.
6. Click OK and then click Next.
7. Select Enable Active Directory.
8. Clear Enable Single Sign-on.
9. For User Domain Name, click Add and enter the FQDN of your domain. For example, test.lab and
click OK.