Table of Contents
Advertisement
Figure 3. Privilege Accumulation for a User
The figure shows two Association Objects—A01 and A02. User1 is associated to iDRAC72 through both association
objects.
Extended Schema Authentication accumulates privileges to allow the user the maximum set of privileges possible
considering the assigned privileges of the different privilege objects associated to the same user.
In this example, User1 has both Priv1 and Priv2 privileges on iDRAC72. User1 has Priv1 privileges on iDRAC71 only. User2
has Priv1 privileges on both iDRAC71 and iDRAC72. In addition, this figure shows that User1 can be in a different domain
and can be a member of a group.
Configuring Extended Schema Active Directory
To configure Active Directory to access iDRAC7:
1.
Extend the Active Directory schema.
2.
Extend the Active Directory Users and Computers Snap-in.
3.
Add iDRAC7 users and their privileges to Active Directory.
4.
Configure iDRAC7 Active Directory properties using iDRAC7 Web interface or RACADM.
Related Links
Extended Schema Active Directory Overview
Installing Dell Extension to the Active Directory Users and Computers Snap-In
Adding iDRAC7 Users and Privileges to Active Directory
Configuring Active Directory With Extended Schema Using iDRAC7 Web Interface
Configuring Active Directory With Extended Schema Using RACADM
Extending Active Directory Schema
Extending your Active Directory schema adds a Dell organizational unit, schema classes and attributes, and example
privileges and association objects to the Active Directory schema. Before you extend the schema, make sure that you
have Schema Admin privileges on the Schema Master Flexible Single Master Operation (FSMO) Role Owner of the
domain forest.
NOTE: Make sure to use the schema extension for this product is different from the previous generations of RAC
products. The earlier schema does not work with this product.
133
Advertisement
Table of Contents
Troubleshooting
