Home > Dell > Server > Dell Drac 5 User Manual

Dell Drac 5 User Manual

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Dell Drac 5 User Manual. The Dell manuals for Server are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 101

    Page 101 Using the DRAC 5 With Microsoft Active Directory101 Figure 6-1. Configuration of DRAC 5 with Microsoft Active Directory and Standard Schema Table 6-1. Default Role Group Privileges Role GroupsDefault Privilege LevelPermissions Granted Bit Mask Role Group 1Administrator Login to DRAC, Configure DRAC, Configure Users, Clear Logs, Execute Server Control Commands, Access Console Redirection, Access Virtual Media, Te s t A l e r t s, Execute Diagnostic Commands0x000001ff Role Group 2Power User... 
    Using the DRAC 5 With Microsoft Active Directory101
Figure 6-1. Configuration of DRAC 5 with Microsoft Active Directory and 
Standard Schema
Table 6-1. Default Role Group Privileges
Role 
GroupsDefault 
Privilege LevelPermissions Granted Bit Mask
Role 
Group 1Administrator Login to DRAC, Configure 
DRAC, Configure Users, 
Clear Logs, Execute Server 
Control Commands, Access 
Console Redirection, Access 
Virtual Media, Te s t  A l e r t s, 
Execute Diagnostic 
Commands0x000001ff
Role 
Group 2Power User...

    Page 102

    Page 102 102Using the DRAC 5 With Microsoft Active Directory NOTE: The Bit Mask values are used only when setting Standard Schema with the RACADM. There are two ways to enable Standard Schema Active Directory: With the DRAC 5 web-based user interface. See Configuring the DRAC 5 With Standard Schema Active Directory and Web-Based Interface. With the RACADM CLI tool. See Configuring the DRAC 5 With Standard Schema Active Directory and RACADM. Configuring Standard Schema Active Directory to Access Your DRAC 5... 
    102Using the DRAC 5 With Microsoft Active Directory
 NOTE: The Bit Mask values are used only when setting Standard Schema with the 
RACADM.
There are two ways to enable Standard Schema Active Directory:
 With the DRAC 5 web-based user interface. See Configuring the DRAC 5 
With Standard Schema Active Directory and Web-Based Interface.
 With the RACADM CLI tool. See Configuring the DRAC 5 With 
Standard Schema Active Directory and RACADM.
Configuring Standard Schema Active Directory to Access Your DRAC 5...

    Page 103

    Page 103 Using the DRAC 5 With Microsoft Active Directory103 Configuring the DRAC 5 With Standard Schema Active Directory and Web-Based Interface 1Open a supported Web browser window. 2Log in to the DRAC 5 Web-based interface. 3Expand the System tree and click Remote Access. 4Click the Configuration tab and select Active Directory. 5On the Active Directory Main Menu page, select Configure Active Directory and click Next. 6In the Common Settings section: aSelect the Enable Active Directory check box. bTy p e... 
    Using the DRAC 5 With Microsoft Active Directory103
Configuring the DRAC 5 With Standard Schema Active Directory and
Web-Based Interface
1Open a supported Web browser window.
2Log in to the DRAC 5 Web-based interface.
3Expand the System tree and click Remote Access.
4Click the Configuration tab and select Active Directory. 
5On the Active Directory Main Menu page, select Configure Active 
Directory
 and click Next.
6In the Common Settings section: 
aSelect the Enable Active Directory check box.
bTy p e...

    Page 104

    Page 104 104Using the DRAC 5 With Microsoft Active Directory 14Click Go Back To Active Directory Configuration and Management. 15Click Go Back To Active Directory Main Menu. 16Upload your domain forest Root CA certificate into the DRAC 5. aSelect the Upload Active Directory CA Certificate check-box and then click Next. bIn the Certificate Upload page, type the file path of the certificate or browse to the certificate file. NOTE: The File Path value displays the relative file path of the certificate you are... 
    104Using the DRAC 5 With Microsoft Active Directory
14Click Go Back To Active Directory Configuration and Management.
15Click Go Back To Active Directory Main Menu.
16Upload your domain forest Root CA certificate into the DRAC 5.
aSelect the Upload Active Directory CA Certificate check-box and 
then click 
Next.
bIn the Certificate Upload page, type the file path of the certificate or 
browse to the certificate file.
 NOTE: The File Path value displays the relative file path of the certificate you 
are...

    Page 105

    Page 105 Using the DRAC 5 With Microsoft Active Directory105 Configuring the DRAC 5 With Standard Schema Active Directory and RACADM Using the following commands to configure the DRAC 5 Active Directory Feature with Standard Schema using the RACADM CLI instead of the Web-based interface. 1 Open a command prompt and type the following racadm commands: racadm config -g cfgActiveDirectory -o cfgADEnable 1 racadm config -g cfgActiveDirectory -o cfgADType 2 racadm config -g cfgActiveDirectory -o cfgADRootDomain <... 
    Using the DRAC 5 With Microsoft Active Directory105
Configuring the DRAC 5 With Standard Schema Active Directory and
RACADM
Using the following commands to configure the DRAC 5 Active Directory 
Feature with Standard Schema using the RACADM CLI instead of the 
Web-based interface.
1
Open a command prompt and type the following racadm commands:
racadm config -g cfgActiveDirectory -o cfgADEnable 1
racadm config -g cfgActiveDirectory -o cfgADType 2
racadm config -g cfgActiveDirectory -o 
cfgADRootDomain <...

    Page 106

    Page 106 106Using the DRAC 5 With Microsoft Active Directory Extended Schema Active Directory Overview There are two ways to enable Extended Schema Active Directory: With the DRAC 5 web-based user interface. See Configuring the DRAC 5 With Extended Schema Active Directory and Web-Based Interface. With the RACADM CLI tool. See Configuring the DRAC 5 With Extended Schema Active Directory and RACADM. Active Directory Schema Extensions The Active Directory data is a distributed database of Attributes and Classes.... 
    106Using the DRAC 5 With Microsoft Active Directory
Extended Schema Active Directory Overview
There are two ways to enable Extended Schema Active Directory:
 With the DRAC 5 web-based user interface. See Configuring the DRAC 5 
With Extended Schema Active Directory and Web-Based Interface.
 With the RACADM CLI tool. See Configuring the DRAC 5 With 
Extended Schema Active Directory and RACADM.
Active Directory Schema Extensions
The Active Directory data is a distributed database of Attributes and Classes....

    Page 107

    Page 107 Using the DRAC 5 With Microsoft Active Directory107 Overview of the RAC Schema Extensions To provide the greatest flexibility in the multitude of customer environments, Dell provides a group of properties that can be configured by the user depending on the desired results. Dell has extended the schema to include an Association, Device, and Privilege property. The Association property is used to link together the users or groups with a specific set of privileges to one or more RAC devices. This model... 
    Using the DRAC 5 With Microsoft Active Directory107
Overview of the RAC Schema Extensions
To provide the greatest flexibility in the multitude of customer 
environments, Dell provides a group of properties that can be configured by 
the user depending on the desired results. Dell has extended the schema to 
include an Association, Device, and Privilege property. The Association 
property is used to link together the users or groups with a specific set of 
privileges to one or more RAC devices. This model...

    Page 108

    Page 108 108Using the DRAC 5 With Microsoft Active Directory Figure 6-2. Typical Setup for Active Directory Objects NOTE: The RAC privilege object applies to both DRAC 4 and DRAC 5. You can create as many or as few association objects as required. However, you must create at least one Association Object, and you must have one RAC Device Object for each RAC (DRAC 5) on the network that you want to integrate with Active Directory for Authentication and Authorization with the RAC (DRAC 5). The Association... 
    108Using the DRAC 5 With Microsoft Active Directory
Figure 6-2. Typical Setup for Active Directory Objects
 
NOTE: The RAC privilege object applies to both DRAC 4 and DRAC 5.
You can create as many or as few association objects as required. However, 
you must create at least one Association Object, and you must have one RAC 
Device Object for each RAC (DRAC 5) on the network that you want to 
integrate with Active Directory for Authentication and Authorization with 
the RAC (DRAC 5). 
The Association...

    Page 109

    Page 109 Using the DRAC 5 With Microsoft Active Directory109 When adding Universal Groups from separate domains, create an Association Object with Universal Scope. The Default Association objects created by the Dell Schema Extender Utility are Domain Local Groups and will not work with Universal Groups from other domains. Figure 6-3. Setting Up Active Directory Objects in a Single Domain To configure the objects for the single domain scenario, perform the following tasks: 1 Create two Association Objects.... 
    Using the DRAC 5 With Microsoft Active Directory109
When adding Universal Groups from separate domains, create an Association 
Object with Universal Scope. The Default Association objects created by the 
Dell Schema Extender Utility are Domain Local Groups and will not work 
with Universal Groups from other domains.
Figure 6-3. Setting Up Active Directory Objects in a Single Domain
To configure the objects for the single domain scenario, perform the 
following tasks:
1
Create two Association Objects....

    Page 110

    Page 110 110Using the DRAC 5 With Microsoft Active Directory See Adding DRAC 5 Users and Privileges to Active Directory for detailed instructions. Figure 6-4 provides an example of Active Directory objects in multiple domains. In this scenario, you have two DRAC 5 cards (RAC1 and RAC2) and three existing Active Directory users (user1, user2, and user3). User1 is in Domain1, and user2 and user 3 are in Domain2. In this scenario, configure user1 and user 2 with administrator privileges to both DRAC 5 cards and... 
    110Using the DRAC 5 With Microsoft Active Directory
See Adding DRAC 5 Users and Privileges to Active Directory for detailed 
instructions.
Figure 6-4 provides an example of Active Directory objects in multiple 
domains. In this scenario, you have two DRAC 5 cards (RAC1 and RAC2) and 
three existing Active Directory users (user1, user2, and user3). User1 is in 
Domain1, and user2 and user 3 are in Domain2. In this scenario, configure 
user1 and user 2 with administrator privileges to both DRAC 5 cards and...
    Start reading Dell Drac 5 User Manual

    Related Manuals for Dell Drac 5 User Manual

    All Dell manuals