Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerOpenManage Server Administrator Version 6.5 A02
121122123124125126127128129130
130 Using Microsoft Active Directory
To set up the objects for this multiple domain scenario, perform the
following tasks:
1
Ensure that the domain forest function is in Native or Windows 2003
mode.
2
Create two Association Objects, AO1 (of Universal scope) and AO2, in any
domain. The figure shows the objects in Domain2.
3
Create two RAC Device Objects, RAC1 and RAC2, to represent the two
remote systems.
4
Create two Privilege Objects, Priv1 and Priv2, in which Priv1 has all
privileges (Administrator) and Priv2 has Login privileges.
5
Group User1 and User2 into Group1. The group scope of Group1 must
be Universal.
6
Add Group1 as Members in Association Object 1 (AO1), Priv1 as Privilege
Objects in AO1, and both RAC1 and RAC2 as Products in AO1.
7
Add User3 as Members in Association Object 2 (AO2), Priv2 as Privilege
Objects in AO2, and RAC2 as a Product in AO2.
For Server Administrator or IT Assistant, the users in a single Association can
be in separate domains without needing to be added to a universal group. The
following is a very similar example to show how Server Administrator or IT
Assistant systems in separate domains affect the setup of directory objects.
Instead of RAC devices, you’ll have two systems running Server
Administrator (Server Administrator Products sys1 and sys2). Sys1 and sys2
are in different domains. You can use any existing Users or Groups that you
have in Active Directory. Figure 9-4 shows how to set up the Server
Administrator Active Directory objects for this example.