White Papers
Integrating iDRAC7 with Active Directory
27
The privilege object lists all the privilege names. In this example, all the options are selected since this
object controls the Administrator's privileges.
If it is DellIDRACGuestPriv object, only the Login option is selected. Similarly, DellIDRACPowerPriv has
by default all but two options selected.
To customize user privileges, it is recommended to use the DellIDRACPowerPriv object by selecting the
required options. This object represents the mid-level Power User (also known as the Operator) iDRAC
role.
iDRAC Objects
An iDRAC object is created for each physical iDRAC that is integrated with Active Directory.
Association Objects
An association object is used to link iDRAC objects to Active Directory users (or groups) to Privilege
objects. The association object effectively bundles the three items together.
Configuring Active Directory
In the following steps, an iDRAC object representing the physical iDRAC in the managed PowerEdge
server is created. Using the Admin User Association object, the iDRAC object is associated with the
iDRACAdministrators group and the DellIDRACAdminPriv object. These steps are repeated for other
groups requiring fewer privileges for the same iDRAC object.
1. In the Console window, in the left pane, right-click on Users and select New > Dell Remote
Management Object Advanced.
Note: This option is not available if you are using the Server Manager console. Make sure you are
using MMC.