Dell Drac 5 User Guide
Here you can view all the pages of manual Dell Drac 5 User Guide. The Dell manuals for System are available online for free. You can easily download all the documents as PDF.
Page 121
Using the DRAC 5 With Microsoft Active Directory121 Table 6-8. List of Attributes Added to the Active Directory Schema Attribute Name/Description Assigned OID/Syntax Object Identifier Single Valued dellPrivilegeMember List of dellPrivilege Objects that belong to this Attribute.1.2.840.113556.1.8000.1280.1.1.2.1 Distinguished Name (LDAPTYPE_DN 1.3.6.1.4.1.1466.115.121.1.12)FA L S E dellProductMembers List of dellRacDevices Objects that belong to this role. This attribute is the forward link to the...
Page 122
122Using the DRAC 5 With Microsoft Active Directory dellIsVirtualMediaUser TRUE if the user has Virtual Media rights on the device.1.2.840.113556.1.8000.1280.1.1.2.9 Boolean (LDAPTYPE_BOOLEAN 1.3.6.1.4.1.1466.115.121.1.7)TRUE dellIsTestAlertUser TRUE if the user has Test Alert User rights on the device.1.2.840.113556.1.8000.1280.1.1.2.10 Boolean (LDAPTYPE_BOOLEAN 1.3.6.1.4.1.1466.115.121.1.7)TRUE dellIsDebugCommandAdmin TRUE if the user has Debug Command Admin rights on the...
Page 123
Using the DRAC 5 With Microsoft Active Directory123 Installing the Dell Extension to the Active Directory Users and Computers Snap-In When you extend the schema in Active Directory, you must also extend the Active Directory Users and Computers snap-in so the administrator can manage RAC (DRAC 5) devices, Users and User Groups, RAC Associations, and RAC Privileges. When you install your systems management software using the Dell Systems Management Tools and Documentation DVD, you can extend the...
Page 124
124Using the DRAC 5 With Microsoft Active Directory 4Select the Active Directory Users and Computers snap-in and click Add. 5Click Close and click OK. Adding DRAC 5 Users and Privileges to Active Directory Using the Dell-extended Active Directory Users and Computers snap-in, you can add DRAC 5 users and privileges by creating RAC, Association, and Privilege objects. To add each object type, perform the following procedures: •Create a RAC device Object • Create a Privilege Object • Create an Association...
Page 125
Using the DRAC 5 With Microsoft Active Directory125 6Right-click the privilege object that you created, and select Properties. 7Click the RAC Privileges tab and select the privileges that you want the user to have (for more information, see Table 5-4). Creating an Association Object The Association Object is derived from a Group and must contain a Group Type. The Association Scope specifies the Security Group Type for the Association Object. When you create an Association Object, choose the...
Page 126
126Using the DRAC 5 With Microsoft Active Directory Click the Privilege Object tab to add the privilege object to the association that defines the user’s or user group’s privileges when authenticating to a RAC device. Only one privilege object can be added to an Association Object. Adding Privileges 1Select the Privileges Object tab and click Add. 2Type the Privilege Object name and click OK. Click the Products tab to add one or more RAC devices to the association. The associated devices specify the...
Page 127
Using the DRAC 5 With Microsoft Active Directory127 8In the Extended Schema Settings section: aTy p e t h e DRAC Name. This name must be the same as the common name of the new RAC object you created in your Domain Controller (see step 3 of Creating a RAC Device Object on page 124). bTy p e t h e DRAC Domain Name (for example, drac5.com). Do not use the NetBIOS name. The DRAC Domain Name is the fully qualified domain name of the sub-domain where the RAC Device Object is located. 9Click Apply to...
Page 128
128Using the DRAC 5 With Microsoft Active Directory 15If Use DHCP (for NIC IP Address) is selected under Network Settings, then select Use DHCP to obtain DNS server address. To manually input a DNS server IP address, deselect Use DHCP to obtain DNS server addresses and type your primary and alternate DNS server IP addresses. 16Click Apply Changes. The DRAC 5 Extended Schema Active Directory feature configuration is complete. Configuring the DRAC 5 With Extended Schema Active Directory and...
Page 129
Using the DRAC 5 With Microsoft Active Directory129 3If DHCP is disabled on the DRAC 5 or you want to input your DNS IP address, type following racadm commands: racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 0 racadm config -g cfgLanNetworking -o cfgDNSServer1 racadm config -g cfgLanNetworking -o cfgDNSServer2 Press Enter to complete the DRAC 5 Active Directory feature configuration. Instead of DRAC 5 searching for Active Directory servers, you can specify the servers DRAC 5 needs to...
Page 130
130Using the DRAC 5 With Microsoft Active Directory Figure 6-5. Privilege Accumulation for a User The figure shows two Association Objects—A01 and A02. These Association Objects may be part of the same or different domains. User1 is associated to RAC1 and RAC2 through both association objects. Therefore, User1 has accumulated privileges that results when combining the Privileges set for objects Priv1 and Priv2. For example, Priv1 had the privileges: Login, Virtual Media, and Clear Logs and Privr2...