Installation Manual

ManualsBrandsTechMikeNY ManualsComputers & AccessoriesTechMikeNY High-End PowerEdge R620 Server 2X 2.90Ghz E5-2690 8C 384GB 8X 512GB SSD (Certified Refurbished)

131

132

133

134

135

136

137

138

139

140

If you want to disable the certificate validation during SSL handshake, enter the following RACADM command:

– Using config command: racadm config -g cfgActiveDirectory -o

cfgADCertValidationEnable 0

– Using set command: racadm set iDRAC.ActiveDirectory.CertValidationEnable 0

In this case, no Certificate Authority (CA) certificate needs to be uploaded.

To enforce the certificate validation during SSL handshake (optional):

– Using config command: racadm config -g cfgActiveDirectory -o

cfgADCertValidationEnable 1

– Using set command: racadm set iDRAC.ActiveDirectory.CertValidationEnable 1

In this case, you must upload the CA certificate using the following RACADM command:

racadm sslcertupload -t 0x2 -f <ADS root CA certificate>

NOTE: If certificate validation is enabled, specify the Domain Controller Server addresses and the Global

Catalog FQDN. Make sure that DNS is configured correctly under Overview → iDRAC Settings → Network.

Using the following RACADM command may be optional.

racadm sslcertdownload -t 0x1 -f <RAC SSL certificate>

2. If DHCP is enabled on iDRAC7 and you want to use the DNS provided by the DHCP server, enter the following

RACADM commands:

– Using config command: racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP

– Using set command: racadm set iDRAC.IPv4.DNSFromDHCP 1

3. If DHCP is disabled on iDRAC7 or you want manually input the DNS IP address, enter the following RACADM

commands:

– Using config command:

racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 0

racadm config -g cfgLanNetworking -o cfgDNSServer1 <primary DNS IP

address>

racadm config -g cfgLanNetworking -o cfgDNSServer2 <secondary DNS IP

address>

– Using set command:

racadm set iDRAC.IPv4.DNSFromDHCP 0

racadm set iDRAC.IPv4.DNSFromDHCP.DNS1 <primary DNS IP address>

racadm set iDRAC.IPv4.DNSFromDHCP.DNS2 <secondary DNS IP address>

4. If you want to configure a list of user domains so that you only need to enter the user name when logging in to the

Web interface, enter the following command:

– Using config command: racadm config -g cfgUserDomain -o cfgUserDomainName <fully

qualified domain name or IP Address of the domain controller> -i <index>

– Using set command: racadm set iDRAC.UserDomain.<index>.Name <fully qualified

domain name or IP Address of the domain controller>

You can configure up to 40 user domains with index numbers between 1 and 40.

Extended Schema Active Directory Overview

Using the extended schema solution requires the Active Directory schema extension.

Active Directory Schema Extensions

The Active Directory data is a distributed database of

attributes

and

classes

. The Active Directory schema includes the

rules that determine the type of data that can be added or included in the database. The user class is one example of a

133