Users Guide
The figure shows two Association Objects—A01 and A02. User1 is associated to iDRAC2 through both association objects.
Extended Schema Authentication accumulates privileges to allow the user the maximum set of privileges possible considering the
assigned privileges of the different privilege objects associated to the same user.
In this example, User1 has both Priv1 and Priv2 privileges on iDRAC2. User1 has Priv1 privileges on iDRAC1 only. User2 has Priv1
privileges on both iDRAC1 and iDRAC2. In addition, this figure shows that User1 can be in a different domain and can be a member
of a group.
Configuring Extended schema Active Directory
To configure Active Directory to access iDRAC:
1. Extend the Active Directory schema.
2. Extend the Active Directory Users and Computers Snap-in.
3. Add iDRAC users and their privileges to Active Directory.
4. Configure iDRAC Active Directory properties using iDRAC Web interface or RACADM.
Related links
Extended schema Active Directory overview
Installing Dell extension to the Active Directory users and computers snap-in
Adding iDRAC users and privileges to Active Directory
Configuring Active Directory with Extended schema using iDRAC web interface
Configuring Active Directory with Extended schema using RACADM
Extending Active Directory schema
Extending your Active Directory schema adds a Dell organizational unit, schema classes and attributes, and example privileges and
association objects to the Active Directory schema. Before you extend the schema, make sure that you have the Schema Admin
privileges on the Schema Master Flexible Single Master Operation (FSMO) Role Owner of the domain forest.
NOTE: Make sure to use the schema extension for this product is different from the previous generations of RAC
products. The earlier schema does not work with this product.
NOTE: Extending the new schema has no impact on previous versions of the product.
You can extend your schema using one of the following methods:
• Dell Schema Extender utility
• LDIF script file
If you use the LDIF script file, the Dell organizational unit is not added to the schema.
The LDIF files and Dell Schema Extender are on your Dell Systems Management Tools and Documentation DVD in the following
respective directories:
• DVDdrive :\SYSMGMT\ManagementStation\support\OMActiveDirectory_Tools\Remote_Management_Advanced\LDIF_Files
• <DVDdrive>: \SYSMGMT\ManagementStation\support\OMActiveDirectory_Tools\Remote_Management_Advanced\Schema
Extender
To use the LDIF files, see the instructions in the readme included in the LDIF_Files directory.
You can copy and run the Schema Extender or LDIF files from any location.
Using Dell Schema Extender
CAUTION: The Dell Schema Extender uses the SchemaExtenderOem.ini file. To make sure that the Dell Schema
Extender utility functions properly, do not modify the name of this file.
1. In the Welcome screen, click Next.
2. Read and understand the warning and click Next.
3. Select Use Current Log In Credentials or enter a user name and password with schema administrator rights.
4. Click Next to run the Dell Schema Extender.
130