Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerDRAC5 Version 1.20 with Dell OpenManage 5.2
121122123124125126127128129130
124 Using the DRAC 5 With Microsoft Active Directory
Enabling SSL on a Domain Controller
If you are using Microsoft Enterprise Root CA to automatically assign all your domain controllers to an
SSL certificate, perform the following steps to enable SSL on each domain controller.
1
Install a Microsoft Enterprise Root CA on a Domain Controller.
a
Select
Start
Control Panel
Add or Remove Programs
.
b
Select
Add/Remove Windows Components
.
c
In the
Windows Components
Wizard
, select the
Certificate Services
check box.
d
Select
Enterprise root CA
as
CA Type
and click
Next
.
e
Enter
Common name for this CA
, click
Next
, and click
Finish
.
2
Enable SSL on each of your domain controllers by installing the SSL certificate for each controller.
a
Click
Start
Administrative Tools
Domain Security Policy
.
b
Expand the
Public Key Policies
folder, right-click
Automatic Certificate Request Settings
and
click
Automatic Certificate Request
.
c
In the
Automatic Certificate Request Setup Wizard
, click
Next
and select
Domain Controller
.
d
Click
Next
and click
Finish
.
Exporting the Domain Controller Root CA Certificate
NOTE: If your system is running Windows 2000, the following steps may vary.
1
Locate the domain controller that is running the Microsoft Enterprise CA service.
2
Click
Start
Run
.
3
In the
Run
field, type
mmc
and click
OK
.
4
In the
Console 1
(MMC) window, click
File (
or
Console
on Windows 2000 machines
)
and select
Add/Remove Snap-in
.
5
In the
Add/Remove Snap-In
window, click
Add
.
6
In the
Standalone Snap-In
window, select
Certificates
and click
Add
.
7
Select
Computer
account and click
Next
.
8
Select
Local Computer
and click
Finish
.
9
Click
OK
.
10
In the
Console 1
window, expand the
Certificates
folder, expand the
Personal
folder, and click the
Certificates
folder.
11
Locate and right-click the root CA certificate, select
All Tasks
, and click
Export...
.
12
In the
Certificate Export Wizard
, click
Next
, and select
No do not export the private key
.
13
Click
Next
and select
Base-64 encoded X.509 (.cer)
as the format.
14
Click
Next
and save the certificate to a directory on your system.