Manualshelf

Deployment Guide

ManualsBrandsDell ManualsActive System ManagerOpenManage Server Administrator Version 8.2
31323334353637383940
5
Using Microsoft Active Directory
If you use Active Directory service software, configure it to control access to the network. The Active
Directory database is modified to support remote management authentication and authorization. Server
Administrator, as well as Integrated Remote Access Controllers (iDRAC), Remote Access Controllers
(RAC), can now interface with Active Directory. With this tool, you can add and control users and
privileges from one central database.
Active Directory Schema Extensions
The Active Directory data exists in a distributed database of Attributes and Classes. An example of a
Active Directory Class is the User class. Some example Attributes of the user class might be the user’s first
name, last name, phone number, and so on. Define every Attribute or Class that is added to an existing
Active Directory schema with a unique ID. To maintain unique IDs throughout the industry, Microsoft
maintains a database of Active Directory Object Identifiers (OIDs).
The Active Directory schema defines the rules for what data can be included in the database. To extend
the schema in Active Directory, install the latest received unique OIDs, unique name extensions, and
unique linked attribute IDs for the new attributes and classes in the directory service from the Systems
Management Tools and Documentation DVD.
Dell extension is: dell
Dell base OID is: 1.2.840.113556.1.8000.1280
Dell LinkID range is:12070 to 12079
Overview Of The Active Directory Schema Extensions
Dell created classes, or groups of objects, that can be configured by the user to meet their unique needs.
New classes in the schema include an Association, a Product, and a Privilege class. An association object
links the user or group to a given set of privileges and to systems (Product Objects) in the network. This
model gives an administrator control over the different combinations of user, privilege, and system or
RAC device on the network, without adding complexity.
Active Directory Object Overview
For each of the systems that you want to integrate with Active Directory for authentication and
authorization, there must be at least one Association Object and one Product Object. The Product Object
37