Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 5.20 for Dell PowerEdge M1000E

121

122

123

124

125

126

127

128

129

130

• Enable Active Directory, enter the root domain name, and the timeout value.

• If you want the directed call to search the domain controller and global catalog, select the Search AD Server to search

(Optional) option and specify the domain controller and global catalog details.

4. Click Apply to save the settings.

NOTE: You must apply the settings before continuing. If you do not apply the settings, the settings are lost when

you navigate to the next page.

5. In the Standard Schema Settings section, click a Role Group. The Configure Role Group page is displayed.

6. Specify the group name, domain, and privileges for a role group.

7. Click Apply to save the role group settings and then click Go Back To Configuration page.

8. If you have enabled certificate validation, you must upload the domain forest root certificate authority-signed certificate to

CMC. In the Manage Certificates section, type the file path of the certificate or browse to the certificate file. Click Upload to

upload the file to CMC.

NOTE: The File Path value displays the relative file path of the certificate you are uploading. You must type the

absolute file path, which includes the full path and the complete file name and file extension.

The SSL certificates for the domain controllers must be signed by the root certificate authority-signed certificate. The root

certificate authority-signed certificate must be available on the management station accessing CMC.

9. If you have enabled Single Sign-On (SSO), in the Kerberos Keytab section, click Browse, specify the keytab file and click

Upload. When the upload is complete, a message is displayed indicating a successful or failed upload.

10. Click Apply. The CMC Web server automatically restarts after you click Apply.

11. Log out and then log in to CMC to complete the CMC Active Directory configuration.

12. Select Chassis in the system tree, and navigate to the Network tab. The Network Configuration page appears.

13. Under Network Settings, if Use DHCP (for CMC Network Interface IP Address) is selected, select Use DHCP to obtain

DNS server address.

To manually enter a DNS server IP address, clear Use DHCP to obtain DNS server addresses and type the primary and

alternate DNS server IP addresses.

14. Click Apply Changes.

The CMC Standard Schema Active Directory feature configuration is complete.

Configuring Active Directory With Standard Schema Using RACADM

To configure CMC Active Directory with Standard Schema using the RACADM:

1. Open a serial/Telnet/SSH text console to the CMC, and type:

racadm config -g cfgActiveDirectory -o cfgADEnable 1

racadm config -g cfgActiveDirectory -o cfgADType 2

racadm config -g cfgActiveDirectory -o

cfgADRootDomain <fully qualified root domain name>

racadm config -g cfgStandardSchema -i <index> -o

cfgSSADRoleGroupName <common name of the role

group>

racadm config -g cfgStandardSchema -i <index>-o

cfgSSADRoleGroupDomain <fully qualified domain

name>

racadm config -g cfgStandardSchema -i <index> -o

cfgSSADRoleGroupPrivilege <Bit mask number for

specific user permissions>

racadm sslcertupload -t 0x2 -f <ADS root CA

certificate>

racadm sslcertdownload -t 0x1 -f <RAC SSL

certificate>

NOTE: For bit mask number values, see the database property chapter of the

Chassis Management Controller for

Dell PowerEdge M1000e RACADM Command Line Reference Guide

2. Specify a DNS server using one of the following options:

• If DHCP is enabled on CMC and you want to use the DNS address obtained automatically by the DHCP server, type the

following command:

racadm config -g cfgLanNetworking -o

cfgDNSServersFromDHCP 1

129