Manualshelf

Installation Manual

ManualsBrandsTechBenchSystems ManualsComputers & AccessoriesDell PowerEdge R610 Virtualization Server 2.53GHz 8-Core E5540 32GB 2x146GB PERC6
141142143144145146147148149150
Using the iDRAC6 Directory Service 149
Users, user groups, or nested user groups from any domain can be added into
the Association Object. Extended Schema solutions support any user group
type and any user group nesting across multiple domains allowed by
Microsoft Active Directory.
Accumulating Privileges Using Extended Schema
The Extended Schema Authentication mechanism supports Privilege
Accumulation from different privilege objects associated with the same user
through different Association Objects. In other words, Extended Schema
Authentication accumulates privileges to allow the user the super set of all
assigned privileges corresponding to the different privilege objects associated
with the same user.
Figure 7-2 provides an example of accumulating privileges using
Extended Schema.
Figure 7-2. Privilege Accumulation for a User
The figure shows two Association Objects—iA01 and iA02. User1 is
associated to iDRAC2 through both association objects. Therefore, User1 has
accumulated privileges that are the result of combining the privileges set for
objects Priv1 and Priv2 on iDRAC2.
iA01 iA02
Group1 Priv1 Priv2
User1 User2 iDRAC1 iDRAC2
Domain 2Domain 1