Installation Manual
Using the iDRAC6 Directory Service 163
Configuring Microsoft Active Directory With Extended Schema Using
RACADM
Use the following commands to configure the iDRAC6 Microsoft Active
Directory feature with Extended Schema using the RACADM CLI tool
instead of the Web-based interface.
1
Open a command prompt and type the following
RACADM
commands:
racadm config -g cfgActiveDirectory -o cfgADEnable 1
racadm config -g cfgActiveDirectory -o cfgADType 1
racadm config -g cfgActiveDirectory -o
cfgADRacName <RAC common name>
racadm config -g cfgActiveDirectory -o
cfgADRacDomain <
fully qualified rac domain name
>
racadm config -g cfgActiveDirectory -o
cfgADDomainController1 <
fully qualified domain name
or IP Address of the domain controller
>
racadm config -g cfgActiveDirectory -o
cfgADDomainController2 <
fully qualified domain name
or IP Address of the domain controller
>
racadm config -g cfgActiveDirectory -o
cfgADDomainController3 <
fully qualified domain name
or IP Address of the domain controller
>
NOTE: At least one of the three addresses is required to be configured.
iDRAC attempts to connect to each of the configured addresses one-by-one
until it makes a successful connection. When the extended schema option is
selected, these are the FQDN or IP addresses of the domain controllers where
this iDRAC device is located. Global catalog servers are not used in extended
schema mode at all.
NOTE: The FQDN or IP address that you specify in this field should match the
Subject or Subject Alternative Name field of your domain controller certificate
if you have certificate validation enabled.
CAUTION: In this release, the Smart Card based Two Factor Authentication
(TFA) feature is not supported if the Active directory is configured for Extended
schema. The Single Sign-On (SSO) feature is supported for both Standard and
Extended schema.