Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 5.20 for Dell PowerEdge M1000E
141142143144145146147148149150
NOTE: All command line out-of-band interfaces including secure shell (SSH), Telnet, Serial, and remote
RACADM remain unchanged if this option is selected.
2. Click Apply.
The settings are saved.
You can test the Active Directory using Kerberos authentication using the RACADM command:
testfeature -f adkrb -u <user>@<domain>
where <user> is a valid Active Directory user account.
A command success indicates that CMC is able to acquire Kerberos credentials and access the user's Active Directory account.
If the command is not successful, resolve the error and run the command again. For more information, see RACADM Chassis
Management Controller for Dell PowerEdge M1000e RACADM Command Line Reference Guide
on dell.com/support/
manuals
.
Uploading the Keytab File
The Kerberos keytab file serves as the CMC's user name and password credentials to the Kerberos Data Center (KDC), which in
turns allows access to the Active Directory. Each CMC in the Kerberos realm must be registered with the Active Directory and must
have a unique keytab file.
You can upload a Kerberos Keytab generated on the associated Active Directory Server. You can generate the Kerberos Keytab
from the Active Directory Server by executing the ktpass.exe utility. This keytab establishes a trust relationship between the Active
Directory Server and CMC.
To upload the keytab file:
1. In the system tree, go to Chassis Overview, and then click User AuthenticationDirectory Services.
2. Select Microsoft Active Directory (Standard Schema).
3. In the Kerberos Keytab section, click Browse, select keytab file, and click Upload.
When the upload is complete, a message is displayed indicating whether the keytab file is successfully uploaded or not.
Configuring CMC SSO Login Or Smart Card Login For Active Directory Users Using RACADM
In addition to the steps performed while configuring Active Directory, run the following command to enable SSO:
racadm config -g cfgActiveDirectory -o cfgADSSOEnable 1
In addition to the steps performed while configuring Active Directory, use the following objects to enable smart card login:
cfgSmartCardLogonEnable
cfgSmartCardCRLEnable
146