Home > Dell > System > Dell Drac 5 User Guide

Dell Drac 5 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Dell Drac 5 User Guide. The Dell manuals for System are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 111

    Page 111 Using the DRAC 5 With Microsoft Active Directory111 Configuring the DRAC 5 With Standard Schema Active Directory and RACADM Using the following commands to configure the DRAC 5 Active Directory Feature with Standard Schema using the RACADM CLI instead of the Web-based interface. 1 Open a command prompt and type the following racadm commands: racadm config -g cfgActiveDirectory -o cfgADEnable 1 racadm config -g cfgActiveDirectory -o cfgADType 2 racadm config -g cfgActiveDirectory -o cfgADRootDomain <... 
    Using the DRAC 5 With Microsoft Active Directory111
Configuring the DRAC 5 With Standard Schema Active Directory and
RACADM
Using the following commands to configure the DRAC 5 Active Directory 
Feature with Standard Schema using the RACADM CLI instead of the 
Web-based interface.
1
Open a command prompt and type the following racadm commands:
racadm config -g cfgActiveDirectory -o cfgADEnable 1
racadm config -g cfgActiveDirectory -o cfgADType 2
racadm config -g cfgActiveDirectory -o 
cfgADRootDomain <...

    Page 112

    Page 112 112Using the DRAC 5 With Microsoft Active Directory Instead of DRAC 5 searching for Active Directory servers, you can specify the servers DRAC 5 needs to connect to, to authenticate the user. See Specify Server for Active Directory Configuration on page 131 for information on RACADM commands to specify servers. Extended Schema Active Directory Overview There are two ways to enable Extended Schema Active Directory: • With the DRAC 5 web-based user interface. See Configuring the DRAC 5 With Extended... 
    112Using the DRAC 5 With Microsoft Active Directory
Instead of DRAC 5 searching for Active Directory servers, you can specify the 
servers DRAC 5 needs to connect to, to authenticate the user. See Specify 
Server for Active Directory Configuration on page 131
 for information on 
RACADM commands to specify servers.
Extended Schema Active Directory Overview
There are two ways to enable Extended Schema Active Directory:
• With the DRAC 5 web-based user interface. See Configuring the DRAC 
5 With Extended...

    Page 113

    Page 113 Using the DRAC 5 With Microsoft Active Directory113 The Active Directory OID database maintained by Microsoft can be viewed at http://msdn.microsoft.com/certification/ADAcctInfo.asp by entering our extension Dell. Overview of the RAC Schema Extensions To provide the greatest flexibility in the multitude of customer environments, Dell provides a group of properties that can be configured by the user depending on the desired results. Dell has extended the schema to include an Association, Device, and... 
    Using the DRAC 5 With Microsoft Active Directory113
The Active Directory OID database maintained by Microsoft can be viewed 
at http://msdn.microsoft.com/certification/ADAcctInfo.asp by entering our 
extension Dell.
Overview of the RAC Schema Extensions
To provide the greatest flexibility in the multitude of customer 
environments, Dell provides a group of properties that can be configured by 
the user depending on the desired results. Dell has extended the schema to 
include an Association, Device, and...

    Page 114

    Page 114 114Using the DRAC 5 With Microsoft Active Directory Figure 6-2. Typical Setup for Active Directory Objects NOTE: The RAC privilege object applies to both DRAC 4 and DRAC 5. You can create as many or as few association objects as required. However, you must create at least one Association Object, and you must have one RAC Device Object for each RAC (DRAC 5) on the network that you want to integrate with Active Directory for Authentication and Authorization with the RAC (DRAC 5). The Association... 
    114Using the DRAC 5 With Microsoft Active Directory
Figure 6-2. Typical Setup for Active Directory Objects
 
NOTE: The RAC privilege object applies to both DRAC 4 and DRAC 5.
You can create as many or as few association objects as required. However, 
you must create at least one Association Object, and you must have one RAC 
Device Object for each RAC (DRAC 5) on the network that you want to 
integrate with Active Directory for Authentication and Authorization with 
the RAC (DRAC 5). 
The Association...

    Page 115

    Page 115 Using the DRAC 5 With Microsoft Active Directory115 When adding Universal Groups from separate domains, create an Association Object with Universal Scope. The Default Association objects created by the Dell Schema Extender Utility are Domain Local Groups and will not work with Universal Groups from other domains. Figure 6-3. Setting Up Active Directory Objects in a Single Domain To configure the objects for the single domain scenario, perform the following tasks: 1 Create two Association Objects.... 
    Using the DRAC 5 With Microsoft Active Directory115
When adding Universal Groups from separate domains, create an Association 
Object with Universal Scope. The Default Association objects created by the 
Dell Schema Extender Utility are Domain Local Groups and will not work 
with Universal Groups from other domains.
Figure 6-3. Setting Up Active Directory Objects in a Single Domain
To configure the objects for the single domain scenario, perform the 
following tasks:
1
Create two Association Objects....

    Page 116

    Page 116 116Using the DRAC 5 With Microsoft Active Directory See Adding DRAC 5 Users and Privileges to Active Directory on page 124 for detailed instructions. Figure 6-4 provides an example of Active Directory objects in multiple domains. In this scenario, you have two DRAC 5 cards (RAC1 and RAC2) and three existing Active Directory users (user1, user2, and user3). User1 is in Domain1, and user2 and user 3 are in Domain2. In this scenario, configure user1 and user 2 with administrator privileges to both DRAC... 
    116Using the DRAC 5 With Microsoft Active Directory
See Adding DRAC 5 Users and Privileges to Active Directory on page 124 
for detailed instructions.
Figure 6-4 provides an example of Active Directory objects in multiple 
domains. In this scenario, you have two DRAC 5 cards (RAC1 and RAC2) 
and three existing Active Directory users (user1, user2, and user3). User1 is in 
Domain1, and user2 and user 3 are in Domain2. In this scenario, configure 
user1 and user 2 with administrator privileges to both DRAC...

    Page 117

    Page 117 Using the DRAC 5 With Microsoft Active Directory117 4Create two Privilege Objects, Priv1 and Priv2, in which Priv1 has all privileges (administrator) and Priv2 has login privileges. 5Group user1 and user2 into Group1. The group scope of Group1 must be Universal. 6Add Group1 as Members in Association Object 1 (AO1), Priv1 as Privilege Objects in AO1, and RAC1, RAC2 as RAC Devices in AO1. 7Add User3 as Members in Association Object 2 (AO2), Priv2 as Privilege Objects in AO2, and RAC2 as RAC Devices in... 
    Using the DRAC 5 With Microsoft Active Directory117
4Create two Privilege Objects, Priv1 and Priv2, in which Priv1 has all 
privileges (administrator) and Priv2 has login privileges.
5Group user1 and user2 into Group1. The group scope of Group1 must 
be Universal.
6Add Group1 as Members in Association Object 1 (AO1), Priv1 as Privilege 
Objects in AO1, and RAC1, RAC2 as RAC Devices in AO1.
7Add User3 as Members in Association Object 2 (AO2), Priv2 as Privilege 
Objects in AO2, and RAC2 as RAC Devices in...

    Page 118

    Page 118 118Using the DRAC 5 With Microsoft Active Directory You can extend your schema using one of the following methods: • Dell Schema Extender utility • LDIF script file If you use the LDIF script file, the Dell organizational unit will not be added to the schema. The LDIF files and Dell Schema Extender are located on your Dell Systems Management Tools and Documentation DVD in the following respective directories: •DVD drive:\support\OMActiveDirectory Tools\RAC4-5\LDIF_Files •DVD... 
    118Using the DRAC 5 With Microsoft Active Directory
You can extend your schema using one of the following methods: 
• Dell Schema Extender utility
• LDIF script file
If you use the LDIF script file, the Dell organizational unit will not be added 
to the schema. 
The LDIF files and Dell Schema Extender are located on your Dell Systems 
Management Tools and Documentation DVD in the following respective 
directories:
•DVD drive:\support\OMActiveDirectory Tools\RAC4-5\LDIF_Files
•DVD...

    Page 119

    Page 119 Using the DRAC 5 With Microsoft Active Directory119 Table 6-2. Class Definitions for Classes Added to the Active Directory Schema Class Name Assigned Object Identification Number (OID) dellRacDevice1.2.840.113556.1.8000.1280.1.1.1.1 dellAssociationObject1.2.840.113556.1.8000.1280.1.1.1.2 dellRACPrivileges1.2.840.113556.1.8000.1280.1.1.1.3 dellPrivileges1.2.840.113556.1.8000.1280.1.1.1.4 dellProduct1.2.840.113556.1.8000.1280.1.1.1.5 Table 6-3. dellRacDevice Class OID 1.2.840.113556.1.8000.1280.1.1.1.1... 
    Using the DRAC 5 With Microsoft Active Directory119
Table 6-2. Class Definitions for Classes Added to the Active Directory Schema
Class Name Assigned Object Identification Number (OID)
dellRacDevice1.2.840.113556.1.8000.1280.1.1.1.1
dellAssociationObject1.2.840.113556.1.8000.1280.1.1.1.2
dellRACPrivileges1.2.840.113556.1.8000.1280.1.1.1.3
dellPrivileges1.2.840.113556.1.8000.1280.1.1.1.4
dellProduct1.2.840.113556.1.8000.1280.1.1.1.5
Table 6-3. dellRacDevice Class
OID 1.2.840.113556.1.8000.1280.1.1.1.1...

    Page 120

    Page 120 120Using the DRAC 5 With Microsoft Active Directory Table 6-5. dellRAC4Privileges Class OID 1.2.840.113556.1.8000.1280.1.1.1.3 Description Used to define the privileges (Authorization Rights) for the DRAC 5 device. Class Type Auxiliary Class SuperClasses None AttributesdellIsLoginUser dellIsCardConfigAdmin dellIsUserConfigAdmin dellIsLogClearAdmin dellIsServerResetUser dellIsConsoleRedirectUser dellIsVirtualMediaUser dellIsTestAlertUser dellIsDebugCommandAdmin Table 6-6. dellPrivileges Class OID... 
    120Using the DRAC 5 With Microsoft Active Directory
Table 6-5. dellRAC4Privileges Class
OID 1.2.840.113556.1.8000.1280.1.1.1.3
Description Used to define the privileges (Authorization Rights) for the 
DRAC 5 device.
Class Type Auxiliary Class
SuperClasses None
AttributesdellIsLoginUser
dellIsCardConfigAdmin
dellIsUserConfigAdmin
dellIsLogClearAdmin
dellIsServerResetUser
dellIsConsoleRedirectUser
dellIsVirtualMediaUser
dellIsTestAlertUser
dellIsDebugCommandAdmin
Table 6-6. dellPrivileges Class
OID...
    Start reading Dell Drac 5 User Guide

    Related Manuals for Dell Drac 5 User Guide

    All Dell manuals