Manualshelf

White Papers

ManualsBrandsDell ManualsConverged InfrastructureSystems Management Solution Resources
12345678910
Active Directory® Client Profile
92
ComputerSystem
(See Referencing Profile)
Dell_OEMActiveDirectoryService
RegisteredProfile
(See Profile Registration Profile)
ElementConformsToProfile
(See Profile Registration Profile)
1
1..*
Identity
(See Simple Identity Management Profile)
EnabledLogicalElementCapabilities
ElementCapabilites
0..1
1..*
0..1
1..*
Dell_OEMActiveDirectoryGroup
ServiceAffectsElement
*
1
AssignedIdentity
(See Simple Identity Management Profile)
1..*
HostedService
1
OwningCollectionElement
(See Simple Identity Management Profile)
93
94
95
96
97
98
99
100
101
103
104
105
106
108
109
110
111
113
114
Figure 1 – Active Directory® Client Profile: Class Diagram
The Active Directory client service in a managed system is represented by the
Dell_OEMActiveDirectoryService instance class. The capability to disable and enable the Active Directory
client is advertised through the CIM_EnabledLogicalElementCapabilities instance. The Active Directory
groups are represented by the Dell_OEMActiveDirectoryGroup class.
The security principal of the Active Directory group associated with the Dell_OEMActiveDirectoryGroup by
CIM_AssignedIdentity is represented by CIM_Identity.
Profile information is represented with the CIM_RegisteredProfile instance.
6.1 Active Directory Schemas 102
Active Directory authentication can be configured using two different schemas. Depending on which type
of schema is used for authentication, the configuration requirements of the classes, properties and
methods in the profile may change. The Dell_OEMActiveDirectoryService.SchemaType property
represents the current type of schema used by the Active Directory.
6.1.1 Extended Schema 107
When the Active Directory extended schema is used, the role and privilege objects reside on the Active
Directory. Authorization occurs on the Active Directory and not on the Active Directory client-managed
system. The configuration of the Active Directory client involves providing information about the managed
system’s object name and domain within the Active Directory.
6.1.2 Standard Schema 112
When the Active Directory standard schema is used, the role and privilege objects reside on the managed
system, Authorization occurs on the managed system and not on the Active Directory server. Active
10 Version 1.0.0a