Home > Dell > System > Dell Drac 5 User Guide

Dell Drac 5 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Dell Drac 5 User Guide. The Dell manuals for System are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 151

    Page 151 Enabling Single Sign-On151 8 Enabling Single Sign-On Single Sign-On allows you to log into the DRAC without providing your credentials, after you have logged into the operating system using a valid Active Directory account. In this case, DRAC uses the credentials cached in the operating system. DRAC uses Kerberos, a network authentication protocol, for single sign-on. Prerequisites for Setting up Single Sign-On • Configure DRAC 5 for Active Directory login. For more information, see Using Active... 
    Enabling Single Sign-On151
8
Enabling Single Sign-On
Single Sign-On allows you to log into the DRAC without providing your 
credentials, after you have logged into the operating system using a valid 
Active Directory account. In this case, DRAC uses the credentials cached in 
the operating system. DRAC uses Kerberos, a network authentication 
protocol, for single sign-on.
Prerequisites for Setting up Single Sign-On
• Configure DRAC 5 for Active Directory login. For more information, see 
Using Active...

    Page 152

    Page 152 152Enabling Single Sign-On Logging Into DRAC 5 Using Single Sign-On NOTE: To log into the DRAC 5, ensure that you have the latest runtime components of Microsoft Visual C++ 2005 Libraries. For more information, see the Microsoft website. 1Log into your system using a valid Active Directory account. 2Type the web address of the DRAC 5 in the address bar of your browser. NOTE: Depending on your browser settings, you may be prompted to download and install the Single Sign-On ActiveX plug-in when using... 
    152Enabling Single Sign-On
Logging Into DRAC 5 Using Single Sign-On
 NOTE: To log into the DRAC 5, ensure that you have the latest runtime 
components of Microsoft Visual C++ 2005 Libraries. For more information, 
see the Microsoft website.
1Log into your system using a valid Active Directory account.
2Type the web address of the DRAC 5 in the address bar of your browser.
 NOTE: Depending on your browser settings, you may be prompted to 
download and install the Single Sign-On ActiveX plug-in when using...

    Page 153

    Page 153 Configuring Smart Card Authentication153 9 Configuring Smart Card Authentication The Dell Remote Access Controller 5 (DRAC 5) version 1.30 and later support the two-factor-authentication for logging into the DRAC 5 Web interface. This support is provided by the Smart Card Logon feature on the DRAC 5. The traditional authentication schemes use user name and password to authenticate users. This provides minimal security. Two-factor-authentication, on the other hand, provides a higher-level of... 
    Configuring Smart Card Authentication153
9
Configuring Smart Card 
Authentication
The Dell Remote Access Controller 5 (DRAC 5) version 1.30 and later 
support the two-factor-authentication for logging into the DRAC 5 Web 
interface. This support is provided by the Smart Card Logon feature on the 
DRAC 5. 
The traditional authentication schemes use user name and password to 
authenticate users. This provides minimal security.
Two-factor-authentication, on the other hand, provides a higher-level of...

    Page 154

    Page 154 154Configuring Smart Card Authentication When you select Enable with Remote Racadm, all CLI out-of-band interfaces, except remote racadm, are disabled. NOTE: Dell recommends that the DRAC 5 administrator use the Enable with Remote Racadm setting only to access the DRAC 5 user interface to run scripts using the remote racadm commands. If the administrator does not need to use the remote racadm, Dell recommends the Enabled setting for Smart Card logon. Also, ensure that the DRAC 5 local user... 
    154Configuring Smart Card Authentication
When you select Enable with Remote Racadm, all CLI out-of-band 
interfaces, except remote racadm, are disabled. 
 NOTE: Dell recommends that the DRAC 5 administrator use the Enable with 
Remote Racadm setting only to access the DRAC 5 user interface to run 
scripts using the remote racadm commands. If the administrator does not 
need to use the remote racadm, Dell recommends the Enabled setting for 
Smart Card logon. Also, ensure that the DRAC 5 local user...

    Page 155

    Page 155 Configuring Smart Card Authentication155 For example, in case the Smart Card certificate has been issued to the user, sampleuser@domain.com, the username should be configured as sampleuser. Configuring Active Directory Users for Smart Card Logon To configure the Active Directory users to log into the DRAC 5 using the Smart Card, the DRAC 5 administrator should configure the DNS server, upload the Active Directory CA certificate to the DRAC 5, and enable the Active Directory logon. See Using the... 
    Configuring Smart Card Authentication155
For example, in case the Smart Card certificate has been issued to the user, 
[email protected], the username should be configured as 
sampleuser.
Configuring Active Directory Users for 
Smart Card Logon
To configure the Active Directory users to log into the DRAC 5 using the 
Smart Card, the DRAC 5 administrator should configure the DNS server, 
upload the Active Directory CA certificate to the DRAC 5, and enable the 
Active Directory logon. See Using the...

    Page 156

    Page 156 156Configuring Smart Card Authentication Table 9-1. Smart Card Settings Setting Description Configure Smart Card Logon • Disabled — Disables Smart Card logon. Subsequent logins from the graphical user interface (GUI) display the regular login page. All command line out-of-band interfaces including secure shell (SSH), Telnet, Serial, and remote RACADM are set to their default state. • Enabled — Enables Smart Card logon. After applying the changes, logout, insert your Smart Card, enter your Smart... 
    156Configuring Smart Card Authentication
Table 9-1. Smart Card Settings
Setting Description
Configure Smart Card 
Logon
• Disabled — Disables Smart Card logon. Subsequent logins 
from the graphical user interface (GUI) display the regular 
login page. All command line out-of-band interfaces 
including secure shell (SSH), Telnet, Serial, and remote 
RACADM are set to their default state.
• Enabled — Enables Smart Card logon. After applying the 
changes, logout, insert your Smart Card, enter your Smart...

    Page 157

    Page 157 Configuring Smart Card Authentication157 Logging Into the DRAC 5 Using the Smart Card The DRAC 5 Web interface displays the Smart Card login page if you have enabled the Smart Card Logon feature. NOTE: Ensure that the DRAC 5 local user and/or Active Directory configuration is complete before enabling the Smart Card Logon for the user. NOTE: Depending on your browser settings, you may be prompted to download and install the Smart Card reader ActiveX plug-in when using this feature for the first... 
    Configuring Smart Card Authentication157
Logging Into the DRAC 5 Using the Smart Card
The DRAC 5 Web interface displays the Smart Card login page if you have 
enabled the Smart Card Logon feature.
 NOTE: Ensure that the DRAC 5 local user and/or Active Directory configuration is 
complete before enabling the Smart Card Logon for the user. 
 
NOTE: Depending on your browser settings, you may be prompted to download and 
install the Smart Card reader ActiveX plug-in when using this feature for the first...

    Page 158

    Page 158 158Configuring Smart Card Authentication Logging Into the DRAC 5 Using Active Directory Smart Card Authentication 1Log into the DRAC 5 using https. https:// If the default HTTPS port number (port 443) has been changed, type: https://: where IP address is the IP address for the DRAC 5 and port number is the HTTPS port number. The DRAC 5 Login page is displayed prompting you to insert the Smart Card. 2Insert the Smart Card into the reader and enter your Smart Card PIN. 3Click Login. You are logged... 
    158Configuring Smart Card Authentication
Logging Into the DRAC 5 Using Active Directory 
Smart Card Authentication
1Log into the DRAC 5 using https. 
https://
If the default HTTPS port number (port 443) has been changed, type:
https://: 
where IP address is the IP address for the DRAC 5 and port number 
is the HTTPS port number.
The DRAC 5 Login page is displayed prompting you to insert the Smart 
Card.
2Insert the Smart Card into the reader and enter your Smart Card PIN.
3Click Login.
You are logged...

    Page 159

    Page 159 Configuring Smart Card Authentication159 Unable to Log into Local DRAC 5 If a local DRAC 5 user cannot log in, check if the username and the user certificates uploaded to the DRAC 5 have expired. The DRAC 5 trace logs may provide important log messages regarding the errors; although the error messages are sometimes intentionally ambiguous due to security concerns. Unable to Log into DRAC 5 as an Active Directory User If you cannot log into the DRAC 5 as an Active Directory user, try to log into the... 
    Configuring Smart Card Authentication159
Unable to Log into Local DRAC 5
If a local DRAC 5 user cannot log in, check if the username and the user 
certificates uploaded to the DRAC 5 have expired. The DRAC 5 trace logs 
may provide important log messages regarding the errors; although the error 
messages are sometimes intentionally ambiguous due to security concerns.
Unable to Log into DRAC 5 as an Active Directory User
If you cannot log into the DRAC 5 as an Active Directory user, try to log into 
the...

    Page 160

    Page 160 160Configuring Smart Card Authentication 
    160Configuring Smart Card Authentication
    Start reading Dell Drac 5 User Guide

    Related Manuals for Dell Drac 5 User Guide

    All Dell manuals