Users Guide
Figure8-3 shows how to setup the Active Directory objects in multiple domains for RAC. In this scenario, you have two DRAC 4 cards (RAC1 and RAC2) and
three existing Active Directory users (User1, User2, and User3). User1 is in Domain1, but User2 and User3 are in Domain2. You want to give User1 and User2
Administrator privileges on both the RAC1 and the RAC2 card and give User3 a Login privilege on the RAC2 card.
Figure 8-3. Setting Up RAC Active Directory Objects in Multiple Domains
To set up the objects for this multiple domain scenario, perform the following tasks:
1. Ensure that the domain forest function is in Native or Windows 2003 mode.
2. Create two Association Objects, AO1 (of Universal scope) and AO2, in any domain. The figure shows the objects in Domain2.
3. Create two RAC Device Objects, RAC1 and RAC2, to represent the two remote systems.
4. Create two Privilege Objects, Priv1 and Priv2, in which Priv1 has all privileges (Administrator) and Priv2 has Login privileges.
5. Group User1 and User2 into Group1. The group scope of Group1 must be Universal.
6. Add Group1 as Members in Association Object 1 (AO1), Priv1 as Privilege Objects in AO1, and both RAC1 and RAC2 as Products in AO1.
7. Add User3 as Members in Association Object 2 (AO2), Priv2 as Privilege Objects in AO2, and RAC2 as a Product in AO2.
For Server Administrator or IT Assistant, on the other hand, the users in a single Association can be in separate domains without needing to be added to a
universal group. The following is a very similar example to show how Server Administrator or IT Assistant systems in separate domains affect the setup of
directory objects. Instead of RAC devices, you'll have two systems running Server Administrator (Server Administrator Products sys1 and sys2). Sys1 and sys2
are in different domains. You can use any existing Users or Groups that you have in Active Directory. Figure8-4 shows how to set up the Server Administrator
Active Directory objects for this example.
Figure 8-4. Setting Up Server Administrator Active Directory Objects in Multiple Domains
To set up the objects for this multiple domain scenario, perform the following tasks:
1. Ensure that the domain forest function is in Native or Windows 2003 mode.