White Papers
Active Directory Configuration
6
AttributeName = CertValidationEnable
CurrentValue = Enabled
…
Check the current value (CurrentValue),which is Enabled. Therefore, the Certificate Validation is
Enabled, which is the correct value we try to set. Therefore, Certificate Validation has been
successfully enabled.
Similarly, customer can check if other attributes have been set correctly.
6. Test the Setting
To test if the setting works and the user group has the corresponding privilege, see Appendix D.
If the test is passed, customer can log in to iDRAC by using the AD credential. Customer can also try
SSH, WSMAN, and RACADM command with the AD credential.
7. Summary:
This White paper provides the workflow to set up the AD for 12G PowerEdge servers with iDRAC 7
LC . It also provides the WSMAN commands used for the workflow and the mapping of GUI name to
the Attribute Name and Display Name for the AD–related attributes.
This paper uses Standard Schema and static IP address as an example to show customer the
workflow, and winrm commands for setting up AD. For using Extended Schema and/or DHCP, the
workflow and winrm commands are the same. Only the corresponding attributes value must be
changed accordingly.
Appendix A : Confirming the iDRAC7 has an Enterprise License
Installed
To use Active Directory authentication, you must have an Enterprise License installed on your
iDRAC7.
To check the license you have:
1. Browse through to https://<idrac_ip_address>, and then log in to iDRAC as an administrative
user (the default username is root, and password is calvin.)
2. Go to Overview > Server > Licenses.
3. To view the license information, expand the "+" in the left pane. . However, if only Basic or
Express is displayed, and the plus (+) symbol is not displayed, it implies that you cannot use the
Active Directory feature. However, you can quickly upgrade to an Enterprise License electronically,
by using the License Self-Service Portal (linked on the Licensing page) or by contacting your Dell
Sales representative.