Users Guide

Using the DRAC 5 With Microsoft Active Directory 107

The RAC Device object is the link to the RAC firmware for querying Active Directory for authentication

and authorization. When a RAC is added to the network, the Administrator must configure the RAC

and its device object with its Active Directory name so users can perform authentication and

authorization with Active Directory. Additionally, the Administrator must add the RAC to at least one

Association Object in order for users to authenticate.

Figure 6-1 illustrates that the Association Object provides the connection that is needed for all of the

Authentication and Authorization.

Figure 6-1. Typical Setup for Active Directory Objects

NOTE: The RAC privilege object applies to both DRAC 4 and DRAC 5.

You can create as many or as few association objects as required. However, you must create at least one

Association Object, and you must have one RAC Device Object for each RAC (DRAC 5) on the network

that you want to integrate with Active Directory for Authentication and Authorization with the RAC

(DRAC 5).

The Association Object allows for as many or as few users and/or groups as well as RAC Device Objects.

However, the Association Object only includes one Privilege Object per Association Object. The

Association Object connects the "Users" who have "Privileges" on the RACs (DRAC 5s).

Association Object

User(s) Group(s) Privilege Object RAC Device Object(s)

RAC Privilege Object