Dell IDRAC6 User Manual page 179

Integrated dell remote access controller 6 version 1.5
Hide thumbs Also See for IDRAC6:
Table of Contents

Advertisement

The Generic LDAP Configuration and Management Step 1 of 3 page is
displayed. Use this page to configure the digital certificate used during
initiation of SSL connections when communicating with a generic LDAP
server. These communications use LDAP over SSL (LDAPS). If you enable
certificate validation, upload the certificate of the Certificate Authority
(CA) that issued the certificate used by the LDAP server during initiation
of SSL connections. The CA's certificate is used to validate the
authenticity of the certificate provided by the LDAP server during SSL
initiation.
NOTE:
In this release, non-SSL port based LDAP bind is not supported. Only
LDAP over SSL is supported.
4 Under Certificate Settings, select Enable Certificate Validation to enable
certificate validation. If enabled, iDRAC6 uses the CA certificate to
validate the LDAP server certificate during Secure Socket Layer (SSL)
handshake; if disabled, iDRAC6 skips the certificate validation step of the
SSL handshake. You can disable certificate validation during testing or if
your system administrator chooses to trust the domain controllers in the
security boundary without validating their SSL certificates.
CAUTION:
openldap.lab) in the subject field of the LDAP server certificate during certificate
generation. The LDAP server address field in iDRAC6 should be set to match the
same FQDN address for certificate validation to work.
5 Under Upload Directory Service CA Certificate, type the file path of the
certificate or browse to find the certificate file.
NOTE:
You must type the absolute file path, which includes the full path and
the complete file name and file extension.
6
lick Upload.
C
The certificate of the root CA that signs all the domain controllers'
Security Socket Layer (SSL) server certificates is uploaded.
7 Click Next. The Generic LDAP Configuration and Management Step 2
of 3 page is displayed. Use this page to configure location information
about generic LDAP servers and user accounts.
NOTE:
In this release, the Smart Card based Two Factor Authentication (TFA)
and the Single Sign-On (SSO) features are not supported for generic LDAP
Directory Service.
Ensure that CN = open LDAP FQDN is set (for example, CN=
Using the iDRAC6 Directory Service
179

Hide quick links:

Advertisement

Table of Contents
loading

Table of Contents