Configuring Standard Schema Active Directory - Dell iDRAC7 User Manual

Role Groups
Role Group 5
NOTE: The Bit Mask values are used only when setting Standard Schema with the RACADM.
Single Domain Versus Multiple Domain Scenarios
If all the login users and role groups, including the nested groups, are in the same domain, then only the domain
controllers' addresses must be configured on iDRAC7. In this single domain scenario, any group type is supported.
If all the login users and role groups, or any of the nested groups, are from multiple domains, then Global Catalog server
addresses must be configured on iDRAC7. In this multiple domain scenario, all the role groups and nested groups, if any,
must be a Universal Group type.

Configuring Standard Schema Active Directory

To configure iDRAC7 for a Active Directory login access:
1. On an Active Directory server (domain controller), open the Active Directory Users and Computers Snap-in.
2. Create a group or select an existing group. Add the Active Directory user as a member of the Active Directory
group to access iDRAC7.
3. Configure the group name, domain name, and the role privileges on iDRAC7 using the iDRAC7 Web interface or
RACADM.
Related Links
Configuring Active Directory With Standard Schema Using iDRAC7 Web Interface
Configuring Active Directory With Standard Schema Using RACADM
Configuring Active Directory With Standard Schema Using iDRAC7 Web Interface
NOTE: For information about the various fields, see the
1. In the iDRAC7 Web interface, go to Overview → iDRAC Settings → User Authentication → Directory Services →
Microsoft Active Directory.
The Active Directory summary page is displayed.
2. Click Configure Active Directory.
The Active Directory Configuration and Management Step 1 of 4 page is displayed.
3. Optionally, enable certificate validation and upload the CA-signed digital certificate used during initiation of SSL
connections when communicating with the Active Directory (AD) server. For this, the Domain Controllers and
Global Catalog FQDN must be specified. This is done in the next steps. And hence the DNS should be configured
properly in the network settings.
4. Click Next.
The Active Directory Configuration and Management Step 2 of 4 page is displayed.
5. Enable Active Directory and specify the location information about Active Directory servers and user accounts.
Also, specify the time iDRAC7 must wait for responses from Active Directory during iDRAC7 login.
NOTE: If certificate validation is enabled, specify the Domain Controller Server addresses and the Global
Catalog FQDN. Make sure that DNS is configured correctly under Overview → iDRAC Settings → Network.
6. Click Next. The Active Directory Configuration and Management Step 3 of 4 page is displayed.
7. Select Standard Schema and click Next.
The Active Directory Configuration and Management Step 4a of 4 page is displayed.
8. Enter the location of Active Directory global catalog server(s) and specify privilege groups used to authorize users.
128
Default Privilege Level
None
Permissions Granted
No assigned permissions
iDRAC7 Online Help .
Bit Mask
0x00000000