User's Manual
Setting Up Active Directory Objects in Multiple Domains
To set up the objects for the multiple domain scenario, perform the following tasks:
1. Ensure that the domain forest function is in Native or Windows 2003 mode.
2. Create two Association Objects, AO1 (of Universal scope) and AO2, in any domain. The figure shows the objects in Domain2.
3. Create two RAC Device Objects, RAC1 and RAC2, to represent the two DRAC 4 cards.
4. Create two Privilege Objects, Priv1 and Priv2, in which Priv1 has all privileges (administrator) and Priv2 has login privileges.
5. Group user1 and user2 into Group1. The group scope of Group1 must be Universal.
6. Add Group1 as Members in Association Object 1 (AO1), Priv1 as Privilege Objects in AO1, and RAC1, RAC2 as RAC Devices in AO1.
7. Add User3 as Members in Association Object 2 (AO2), Priv2 as Privilege Objects in AO2, and RAC2 as RAC Devices in AO2.
Configuring Active Directory to Access Your DRAC 4
Before you can use Active Directory to access your DRAC 4, you must configure the Active Directory software and the DRAC 4 by performing the following steps
in their numbered order:
1. Extend the Active Directory schema (see "Extending the Active Directory Schema").
2. Extend the Active Directory Users and Computers Snap-in (see "Installing the Dell Extension to the Active Directory Users and Computers Snap-In").
3. Add DRAC 4 users and their privileges to Active Directory (see "Adding DRAC 4 Users and Privileges to Active Directory").
4. Enable SSL on each of your domain controllers (see "Enabling SSL on a Domain Controller").
5. Configure the DRAC 4 Active Directory properties using either the DRAC 4 Web-based interface or the racadm CLI (see "Configuring the DRAC 4").
Extending the Active Directory Schema
Extending your Active Directory schema will add a Dell organizational unit, schema classes and attributes, and example privileges and association objects to
the Active Directory schema.
You can extend your schema using two different methods. You can use the Dell Schema Extender utility, or you can use the LDIF script file.
The LDIF files and Dell Schema Extender are located on your Dell OpenManage Systems Management CD in the following respective directories:
l CD drive:\support\OMActiveDirectory Tools\RAC4\LDIF Files
l CD drive:\support\OMActiveDirectory Tools\RAC4\Schema Extender
NOTE: Before you extend the schema, you must have Schema Admin privileges on the Schema Master FSMO Role Owner of the domain forest.
NOTE: The Dell organizational unit will not be added if you use the LDIF script file.