Users Guide
Using the DRAC 5 With Microsoft Active Directory 109
See "Adding DRAC 5 Users and Privileges to Active Directory" for detailed instructions.
Figure 6-3 provides an example of Active Directory objects in multiple domains. In this scenario, you
have two DRAC 5 cards (RAC1 and RAC2) and three existing Active Directory users (user1, user2, and
user3). User1 is in Domain1, and user2 and user 3 are in Domain2. In this scenario, configure user1 and
user 2 with administrator privileges to both DRAC 5 cards and configure user3 with login privileges to
the RAC2 card.
Figure 6-3. Setting Up Active Directory Objects in Multiple Domains
To configure the objects for the multiple domain scenario, perform the following tasks:
1
Ensure that the domain forest function is in Native or Windows 2003 mode.
2
Create two Association Objects, AO1 (of Universal scope) and AO2, in any domain.
Figure 6-3 shows the objects in Domain2.
3
Create two RAC Device Objects, RAC1 and RAC2, to represent the two DRAC 5 cards.
4
Create two Privilege Objects, Priv1 and Priv2, in which Priv1 has all privileges (administrator) and
Priv2 has login privileges.
5
Group user1 and user2 into Group1. The group scope of Group1 must be Universal.
6
Add Group1 as Members in Association Object 1 (AO1), Priv1 as Privilege Objects in AO1, and RAC1,
RAC2 as RAC Devices in AO1.
AO1 AO2
Priv2Priv1Group1
RAC2RAC1User3User2User1
Domain2Domain1