Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerDRAC5 Version 1.20 with Dell OpenManage 5.2
121122123124125126127128129130
126 Using the DRAC 5 With Microsoft Active Directory
Using Active Directory to Log In To the DRAC 5
You can use Active Directory to log in to the DRAC 5 using one of the following methods:
Web-based interface
Remote RACADM
Serial or telnet console.
The login syntax is consistent for all three methods:
<username@domain>
or
<domain>\<username> or <domain>/<username>
where username is an ASCII string of 1–256 bytes.
White space and special characters (such as \, /, or @) cannot be used in the user name or the domain
name.
NOTE: You cannot specify NetBIOS domain names, such as Americas, as these names cannot be resolved.
Frequently Asked Questions
Table 6-9 lists frequently asked questions and answers.
Table 6-9. Using DRAC 5 With Active Directory: Frequently Asked Questions
Question Answer
Can I log into the DRAC 5 using Active Directory
across multiple trees?
Yes. The DRAC 5’s Active Directory querying algorithm
supports multiple trees in a single forest.
Does the log in to the DRAC 5 using Active
Directory work in mixed mode (that is, the
domain controllers in the forest run different
operating systems, such as Microsoft
Windows NT
®
4.0, Windows 2000, or Windows
Server 2003)?
Yes. In mixed mode, all objects used by the DRAC 5 querying
process (among user, RAC Device Object, and Association
Object) have to be in the same domain.
The Dell-extended Active Directory Users and Computers
snap-in checks the mode and limits users in order to create
objects across domains if in mixed mode.
Does using the DRAC 5 with Active Directory
support multiple domain environments?
Yes. The domain forest function level must be in Native mode
or Windows 2003 mode. In addition, the groups among
Association Object, RAC user objects, and RAC Device Objects
(including Association Object) must be universal groups.
Can these Dell-extended objects (Dell
Association Object, Dell RAC Device, and Dell
Privilege Object) be in different domains?
The Association Object and the Privilege Object must be in the
same domain. The Dell-extended Active Directory Users and
Computers snap-in forces you to create these two objects in the
same domain. Other objects can be in different domains.