Owner's Manual
Configuring RACs Using Microsoft Active Directory 21
5
Configuring RACs Using Microsoft
Active Directory
The Active Directory
®
(AD) service maintains a common database of all
information needed for controlling users on a network. If you are using the
AD software, you can configure it to provide access to the RACs, allowing you
to add and control user privileges for the existing users in your directory
service.
AD centralizes all RAC user IDs and passwords using standard or extended
schema. Standard schema uses AD group objects only, and extended schema
uses Dell™-defined AD objects. When using AD to configure RAC access,
you must choose standard or extended schema. For more information on
standard and extended schema, see the appropriate RAC user guide listed in
"Other Documents You May Need."
Using DRACT, you can perform the following actions for selected RACs on
your network:
• Configure standard or extended schema based AD settings for selected
RACs.
• Create RAC objects on AD server for extended schema-based AD.
NOTE: Before you connect the AD server to DRACT, ensure that your AD server is
configured to communicate with the RAC. For more information, see the appropriate
RAC user guide listed in "Other Documents You May Need."
You can upload the digital certificate used during the initiation of the Secure
Sockets Layer (SSL) connections when communicating with an AD server;
these communications use LDAP over SSL (LDAPS).
If certificate validation is enabled, it is necessary to upload the certificate of
the Certificate Authority (CA) that issued the AD server certificate during
initiation of SSL connections. The CA certificate is used to validate the
authenticity of the certificate provided by the AD server during SSL
initiation. The AD CA Certificate is the certificate that signs all the domain
controllers' SSL server certificates.