Manualshelf

White Papers

ManualsBrandsDell ManualsActive System ManageriDRAC7 Version 1.10.10
12345678910
Integrating iDRAC7 with Active Directory
1
Overview
Integrating iDRAC with Active Directory can be complex, and this document simplifies the process with
step-by-step instructions. There are multiple ways to achieve the same results and steps vary with
different operating systems and in different network environments.
This document covers a standard schema setup, then adds extended schema. This lets you get hands-on
experience with each option and determine the best method. Once set up, you can switch between
standard and extended schema method using the same Domain Controller with minimal configuration
changes.
It is strongly recommended that you first perform these steps in a test environment. You can determine
the level of integration that works best for you, along with the steps required to implement Active
Directory in your environment.
This document assumes you have some experience working in Active Directory on a Domain Controller
and you are familiar with IP addressing, DNS, and DHCP.
For additional information on integrating iDRAC7 with Active Directory, see the iDRAC7 User's Guide on
www.dell.com/esmmanuals
.
Benefits of Integrating iDRAC7 With Microsoft Active Directory
Using the Integrated Dell Remote Access Controller 7 (iDRAC7) with Microsoft Active Directory
simplifies user account and privilege management. It eliminates configuring each individual user and
their associated privileges on every iDRAC. Once configured, users provide their Active Directory
credentials to authenticate to all iDRACs. You can use these credentials to log into the iDRAC GUI, SSH
and Telnet consoles, and for running racadm and WSMAN commands from the CLI.
Note: You must have an Enterprise License installed on the iDRAC7 to use Active Directory
authentication. See Confirming iDRAC7 Enterprise License Installation
for more information.
Standard Schema Versus Extended Schema
You can integrate the iDRAC with Active Directory using two options: Standard Schema or Extended
Schema, with different advantages and requirements for each.
With either Standard or Extended Schema, you can assign existing Active Directory users to groups that
have predefined privilege levels for the iDRACs.
In Standard Schema, you do not have to extend the Active Directory schema. However, you must enter
Active Directory group names and privileges on each iDRAC.
Extended Schema requires an extension to the Active Directory schema, which is an irreversible
process. However, this provides the additional benefit of only having to configure the Active Directory
group names and privileges once for all iDRACs on the Domain Controller.