Dell iDRAC7 User Manual page 140

The Active Directory Configuration and Management Step 2 of 4 page is displayed.
5. Specify the location information about Active Directory (AD) servers and user accounts. Also, specify the time
iDRAC7 must wait for responses from AD during login process.
NOTE: If certificate validation is enabled, specify the Domain Controller Server addresses and the FQDN.
Make sure that DNS is configured correctly under Overview → iDRAC Settings → Network.
6. Click Next. The Active Directory Configuration and Management Step 3 of 4 page is displayed.
7. Select Extended Schema and click Next.
The Active Directory Configuration and Management Step 4 of 4 page is displayed.
8. Enter the name and location of the iDRAC7 device object in Active Directory (AD) and click Finish.
The Active Directory settings for extended schema mode is configured.
Configuring Active Directory With Extended Schema Using RACADM
To configure Active Directory with Extended Schema using the RACADM:
1. Open a command prompt and enter the following RACADM commands:
– Using config command:
racadm config -g cfgActiveDirectory -o cfgADEnable 1
racadm config -g cfgActiveDirectory -o cfgADType 1
racadm config -g cfgActiveDirectory -o cfgADRacName <RAC common name>
racadm config -g cfgActiveDirectory -o cfgADRacDomain <fully qualified
rac domain name>
racadm config -g cfgActiveDirectory -o cfgADDomainController1 <fully
qualified domain name or IP Address of the domain controller>
racadm config -g cfgActiveDirectory -o cfgADDomainController2 <fully
qualified domain name or IP Address of the domain controller>
racadm config -g cfgActiveDirectory -o cfgADDomainController3 <fully
qualified domain name or IP Address of the domain controller>
– Using set command:
racadm set iDRAC.ActiveDirectory.Enable 1
racadm set iDRAC.ActiveDirectory.Schema 2
racadm set iDRAC.ActiveDirectory.RacName <RAC common name>
racadm set iDRAC.ActiveDirectory.RacDomain <fully qualified rac domain
name>
racadm set iDRAC.ActiveDirectory.DomainController1 <fully qualified
domain name or IP address of the domain controller>
racadm set iDRAC.ActiveDirectory.DomainController2 <fully qualified
domain name or IP address of the domain controller>
racadm set iDRAC.ActiveDirectory.DomainController3 <fully qualified
domain name or IP address of the domain controller>
NOTE: You must configure at least one of the three addresses. iDRAC7 attempts to connect to each of the
configured addresses one-by-one until it makes a successful connection. With Extended Schema, these are
the FQDN or IP addresses of the domain controllers where this iDRAC7 device is located.
To disable the certificate validation during SSL handshake (optional):
– Using config command: racadm config -g cfgActiveDirectory -o
cfgADCertValidationEnable 0
– Using set command: racadm set iDRAC.ActiveDirectory.CertValidationEnable 0
NOTE: In this case, you do not have to upload a CA certificate.
To enforce the certificate validation during SSL handshake (optional):
140