Manualshelf

Installation Manual

ManualsBrandsTechBenchSystems ManualsComputers & AccessoriesDell PowerEdge R610 Virtualization Server 2.53GHz 8-Core E5540 32GB 2x146GB PERC6
141142143144145146147148149150
Using the iDRAC6 Directory Service 147
unique Attributes and Classes to solve environment-specific needs. Dell has
extended the schema to include the necessary changes to support remote
management Authentication and Authorization.
Each Attribute or Class that is added to an existing Active Directory Schema
must be defined with a unique ID. To maintain unique IDs across the
industry, Microsoft maintains a database of Active Directory Object
Identifiers (OIDs) so that when companies add extensions to the schema,
they can be guaranteed to be unique and not to conflict with each other.
To extend the schema in Microsoft's Active Directory, Dell received unique
OIDs, unique name extensions, and uniquely linked attribute IDs for the
attributes and classes that are added into the directory service.
Dell extension: dell
Dell base OID: 1.2.840.113556.1.8000.1280
RAC LinkID range:12070 to 12079
Overview of the iDRAC Schema Extensions
To provide the greatest flexibility in the multitude of customer environments,
Dell provides a group of properties that can be configured by the user
depending on the desired results. Dell has extended the schema to include an
Association, Device, and Privilege property. The Association property is used
to link together the users or groups with a specific set of privileges to one or
more iDRAC devices. This model provides an Administrator maximum
flexibility over the different combinations of users, iDRAC privileges, and
iDRAC devices on the network without adding too much complexity.
Active Directory Object Overview
For each physical iDRAC on the network that you want to integrate with
Active Directory for Authentication and Authorization, create at least one
Association Object and one iDRAC Device Object. You can create multiple
Association Objects, and each Association Object can be linked to as many
users, groups of users, or iDRAC Device Objects as required. The users and
iDRAC user groups can be members of any domain in the enterprise.
However, each Association Object can be linked (or, may link users, groups of
users, or iDRAC Device Objects) to only one Privilege Object. This example
allows an Administrator to control each user’s privileges on specific iDRACs.