Home > Dell > Server > Dell Drac 5 User Manual

Dell Drac 5 User Manual

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Dell Drac 5 User Manual. The Dell manuals for Server are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 121

    Page 121 Using the DRAC 5 With Microsoft Active Directory121 8In the Extended Schema Settings section: aTy p e t h e DRAC Name. This name must be the same as the common name of the new RAC object you created in your Domain Controller (see step 3 of Creating a RAC Device Object). bTy p e t h e DRAC Domain Name (for example, drac5.com). Do not use the NetBIOS name. The DRAC Domain Name is the fully qualified domain name of the sub-domain where the RAC Device Object is located. 9Click Apply to save the... 
    Using the DRAC 5 With Microsoft Active Directory121
8In the Extended Schema Settings section:
aTy p e  t h e  DRAC Name. This name must be the same as the common 
name of the new RAC object you created in your Domain Controller 
(see step 3 of Creating a RAC Device Object).
bTy p e  t h e  DRAC Domain Name (for example, drac5.com). Do not 
use the NetBIOS name. The 
DRAC Domain Name is the fully 
qualified domain name of the sub-domain where the RAC Device 
Object is located.
9Click Apply to save the...

    Page 122

    Page 122 122Using the DRAC 5 With Microsoft Active Directory 15If Use DHCP (for NIC IP Address) is selected under Network Settings, then select Use DHCP to obtain DNS server address. To manually input a DNS server IP address, deselect Use DHCP to obtain DNS server addresses and type your primary and alternate DNS server IP addresses. 16Click Apply Changes. The DRAC 5 Extended Schema Active Directory feature configuration is complete. Configuring the DRAC 5 With Extended Schema Active Directory and... 
    122Using the DRAC 5 With Microsoft Active Directory
15If Use DHCP (for NIC IP Address) is selected under Network Settings, 
then select 
Use DHCP to obtain DNS server address. 
To manually input a DNS server IP address, deselect 
Use DHCP to obtain 
DNS server addresses
 and type your primary and alternate DNS server IP 
addresses.
16Click Apply Changes. 
The DRAC 5 Extended Schema Active Directory feature configuration is 
complete.
Configuring the DRAC 5 With Extended Schema Active Directory and...

    Page 123

    Page 123 Using the DRAC 5 With Microsoft Active Directory123 2If you want to specify an LDAP, Global Catalog server, or Association Object domain instead of using the servers returned by the DNS server to search for a user name, type the following command to enable the Specify Server option: racadm config -g cfgActive Directory -o cfgADSpecifyServer Enable 1 NOTE: If you use this option, the hostname in the CA certificate is not matched against the name of the specified server. This is particularly useful... 
    Using the DRAC 5 With Microsoft Active Directory123
2If you want to specify an LDAP, Global Catalog server, or Association 
Object domain instead of using the servers returned by the DNS server to 
search for a user name, type the following command to enable the 
Specify 
Server
 option:
racadm config -g cfgActive Directory -o 
cfgADSpecifyServer Enable 1
 NOTE: If you use this option, the hostname in the CA certificate is not 
matched against the name of the specified server. This is particularly useful...

    Page 124

    Page 124 124Using the DRAC 5 With Microsoft Active Directory To specify the Association Object, ensure that you provide the IP or FQDN of the Global Catalog also. NOTE: If you specify the IP address as 0.0.0.0, DRAC 5 will not search for any server. You can specify a list of LDAP, Global Catalog servers, or Association Objects separated by commas. DRAC 5 allows you to specify up to four IP addresses or hostnames. If LDAPS is not correctly configured for all domains and applications, enabling it may produce... 
    124Using the DRAC 5 With Microsoft Active Directory
To specify the Association Object, ensure that you provide the IP or 
FQDN of the Global Catalog also.
 NOTE: If you specify the IP address as 0.0.0.0, DRAC 5 will not search for any 
server.
You can specify a list of LDAP, Global Catalog servers, or Association 
Objects separated by commas. DRAC 5 allows you to specify up to four 
IP addresses or hostnames.
If LDAPS is not correctly configured for all domains and applications, 
enabling it may produce...

    Page 125

    Page 125 Using the DRAC 5 With Microsoft Active Directory125 Accumulating Privileges Using Extended Schema The Extended Schema Authentication mechanism supports Privilege Accumulation from different privilege objects associated with the same user through different Association Objects. In other words, Extended Schema Authentication accumulates privileges to allow the user the super set of all assigned privileges corresponding to the different privilege objects associated with the same user. Figure 6-5... 
    Using the DRAC 5 With Microsoft Active Directory125
Accumulating Privileges Using Extended Schema
The Extended Schema Authentication mechanism supports Privilege 
Accumulation from different privilege objects associated with the same user 
through different Association Objects. In other words, Extended Schema 
Authentication accumulates privileges to allow the user the super set of all 
assigned privileges corresponding to the different privilege objects associated 
with the same user.
Figure 6-5...

    Page 126

    Page 126 126Using the DRAC 5 With Microsoft Active Directory For example, Priv1 had the privileges: Login, Virtual Media, and Clear Logs and Privr2 had the privileges: Login, Configure DRAC, and Test Alerts. User1 will now have the privilege set: Login, Virtual Media, Clear Logs, Configure DRAC, and Test Alerts, which is the combined privilege set of Priv1 and Priv2 Extended Schema Authentication, thus, accumulates privileges to allow the user the maximum set of privileges possible considering the assigned... 
    126Using the DRAC 5 With Microsoft Active Directory
For example, Priv1 had the privileges: Login, Virtual Media, and Clear Logs 
and Privr2 had the privileges: Login, Configure DRAC, and Test Alerts. 
User1 will now have the privilege set: Login, Virtual Media, Clear Logs, 
Configure DRAC, and Test Alerts, which is the combined privilege set of 
Priv1 and Priv2
Extended Schema Authentication, thus, accumulates privileges to allow the 
user the maximum set of privileges possible considering the assigned...

    Page 127

    Page 127 Using the DRAC 5 With Microsoft Active Directory127 Configuring Active Directory (Standard Schema and Extended Schema) 1In the Active Directory Main Menu page, select Configure Active Directory and click Next. 2In the Active Directory Configuration and Management page, enter the Active Directory settings. Table 6-10 describes the Active Directory Configuration and Management page settings. 3Click Apply to save the settings. 4Click the appropriate Active Directory Configuration page button to... 
    Using the DRAC 5 With Microsoft Active Directory127
Configuring Active Directory (Standard Schema and Extended Schema)
1In the Active Directory Main Menu page, select Configure Active 
Directory
 and click Next. 
2In the Active Directory Configuration and Management page, enter the 
Active Directory settings.
Table 6-10 describes the 
Active Directory Configuration and 
Management 
page settings.
3Click Apply to save the settings.
4Click the appropriate Active Directory Configuration page button to...

    Page 128

    Page 128 128Using the DRAC 5 With Microsoft Active Directory DRAC NameThe name that uniquely identifies the DRAC 5 card in Active Directory. This value is NULL by default. The name must be a 1-254 character ASCII string with no blank spaces between characters. DRAC Domain NameThe DNS name (string) of the domain, where the Active Directory DRAC 5 object resides. This value is NULL by default. The name must be a valid domain name consisting of x.y, where x is a 1-254 character ASCII string with no blank... 
    128Using the DRAC 5 With Microsoft Active Directory
DRAC NameThe name that uniquely identifies the DRAC 5 card in 
Active Directory. This value is NULL by default.
The name must be a 1-254 character ASCII string with no 
blank spaces between characters.
DRAC Domain NameThe DNS name (string) of the domain, where the Active 
Directory DRAC 5 object resides. This value is NULL by 
default.
The name must be a valid domain name consisting of x.y, 
where x is a 1-254 character ASCII string with no blank...

    Page 129

    Page 129 Using the DRAC 5 With Microsoft Active Directory129 Table 6-12. Role Group Privileges Setting Description Role Group Privilege LevelSpecifies the user’s maximum DRAC user privilege to one of the following: Administrator, Power User, Guest user, None, or Custom. See Table 6-13 for Role Group permissions Login to DRACEnables the user to log in to the DRAC. Configure DRACEnables the user to configure the DRAC. Configure UsersEnables the user to allow specific users to access the system. Clear LogsEnables... 
    Using the DRAC 5 With Microsoft Active Directory129
Table 6-12. Role Group Privileges
Setting Description
Role Group Privilege LevelSpecifies the user’s maximum DRAC user 
privilege to one of the following: Administrator, 
Power User, Guest user, None, or Custom.
See Table 6-13 for Role Group permissions
Login to DRACEnables the user to log in to the DRAC.
Configure DRACEnables the user to configure the DRAC.
Configure UsersEnables the user to allow specific users to access 
the system.
Clear LogsEnables...

    Page 130

    Page 130 130Using the DRAC 5 With Microsoft Active Directory Uploading an Active Directory CA Certificate 1In the Active Directory Main Menu page, select Upload Active Directory CA Certificate and click Next. 2In the Certificate Upload page, in the File Path field, type the file path of the certificate or click Browse to navigate to the certificate file. NOTE: The File Path value displays the relative file path of the certificate you are uploading. You must type the absolute file path, which includes the... 
    130Using the DRAC 5 With Microsoft Active Directory
Uploading an Active Directory CA Certificate
1In the Active Directory Main Menu page, select Upload Active Directory 
CA Certificate
 and click Next.
2In the Certificate Upload page, in the File Path field, type the file path of 
the certificate or click 
Browse to navigate to the certificate file.
 NOTE: The File Path value displays the relative file path of the certificate you 
are uploading. You must type the absolute file path, which includes the...
    Start reading Dell Drac 5 User Manual

    Related Manuals for Dell Drac 5 User Manual

    All Dell manuals