Standard Schema Versus Dell Extended Schema - Dell PowerEdge KVM 1081AD User Manual

used to associate specific access control information with specific instances of
Dell Remote Console Switches and Users. In this case, access control
information is stored in a specific attribute type in the Group object.
The hierarchical structures present in AD can complicate your ability to access
information stored in the directory objects. To avoid potential delays
associated with navigation of the hierarchies, the suite of Dell Remote Console
Switches is designed to use an aspect of AD known as the Global Catalog (GC).
The GC provides a "quick look-up" service by providing access to a subset of
the data stored in the complete AD database and by "collapsing" all of the
hierarchies and geographic distribution into a single relatively flat structure.
The GC is queried using the same LDAP directory queries that work on the
complete AD database. The AD product requires at least one of the Domain
Controllers in an enterprise to also be configured to provide GC services and
actual deployments of AD can have any or all of the Domain Controllers
configured to provide GC services. The suite of Dell Remote Console Switches
uses DNS to determine the network coordinates of each GC server so that the
Dell Remote Console Switches can gracefully handle situations where some
GC servers are not available on the network. DNS SRV records are used for this
purpose so that the Dell Remote Console Switches always attempt to contact
alternative GC servers at the "nearest" site first, depending on the
administrative settings configured in the SRV records.

Standard Schema versus Dell Extended Schema

To provide the greatest flexibility in the multitude of customer environments,
Dell provides a group of objects that can be configured by the user depending
on the desired results. Dell has extended the schema to include an
Association, Device, and Privilege object. The Association object is used to
link together the users or groups with a specific set of privileges to one or more
SIPs. The Device Object defines the individual Remote Console Switches
within the Active Directory structure and the privilege object is linked to
device objects via association objects to assign usage permissions.
This model provides an Administrator maximum flexibility over the different
combinations of users, privileges, and SIPs on the Remote Console Switch
without adding too much complexity.
Before installing the Dell Schema Extensions, Administrators should read
through the descriptions and instructions within this chapter to determine
which schema is right for their particular installation. Altering a schema
142
LDAP Feature for the Remote Console Switch