Users Guide
To delete a CMC user, the command syntax is:
racadm config -g cfgUserAdmin -o cfgUserAdminUserName
-i <index>""
racadm config -g cfgUserAdmin -i 2 -o
cfgUserAdminPrivilege 0x0
A null string of double quotation marks ("") instructs CMC to remove the user configuration at the specified index, and then reset the user
configuration to the factory default values.
Enabling CMC User With Permissions
To enable a user with specific administrative permissions (role-based authority):
1. Locate an available user index using the command syntax:
racadm getconfig -g cfgUserAdmin -i <index>
2. Type the following commands with the new user name and password.
racadm config -g cfgUserAdmin -o
cfgUserAdminPrivilege -i <index> <user privilege bitmask value>
NOTE: For a list of valid bit mask values for specific user privileges, see the
Chassis Management Controller for
PowerEdge VRTX RACADM Command Line Reference Guide
available at dell.com/support/manuals. The default
privilege value is 0, which indicates the user does not has any privileges enabled.
Configuring Active Directory Users
If your company uses the Microsoft Active Directory software, you can configure the software to provide access to CMC, allowing you to
add and control CMC user privileges to your existing users in your directory service. This is a licensed feature.
NOTE:
On the following Operating Systems, you can recognize the users of CMC users by using Active Directory.
• Microsoft Windows 2000
• Microsoft Windows Server 2003
• Microsoft Windows Server 2008
You can configure user authentication through Active Directory to log in to the CMC. You can also provide role-based authority, which
enables an administrator to configure specific privileges for each user.
Supported Active Directory Authentication Mechanisms
You can use Active Directory to define CMC user access using two methods:
• Standard schema solution that uses Microsoft’s default Active Directory group objects only.
• Extended schema solution that has customized Active Directory objects provided by Dell. All the access control objects are maintained
in Active Directory. It provides maximum flexibility to configure user access on different CMCs with varying privilege levels.
Standard Schema Active Directory Overview
As shown in the following figure, using standard schema for Active Directory integration requires configuration on both Active Directory
and CMC.
In Active Directory, a standard group object is used as a role group. A user who has CMC access is a member of the role group. To give
this user access to a specific CMC card, the role group name and its domain name need to be configured on the specific CMC card. The
role and the privilege level is defined on each CMC card and not in the Active Directory. You can configure up to five role groups in each
CMC. The following table shows the default role group privileges.
116
Configuring User Accounts and Privileges