Manuals / Dell / Computer Equipment / Switch

Dell 2321DS manual Ldap SSL Certificates, Enabling SSL on a Domain Controller, 187

Models: 2321DS

1 280

Download 280 pages 56.62 Kb

Page 204

Access Control	The value of this field specifies which attribute in the LDAP
Attribute	directory is to be used to contain discretionary access control
(Standard	information and is only enabled when Standard Schema is
schema set only)	selected.
	The Access Control Attribute is chosen from among the
	attributes in the LDAP directory object representing the group
	whose membership includes both the user and the appliance or
	attached computer that you are trying to access.
	When using the Standard schema, it is necessary for Group
	objects in the Group Container to have an attribute that is
	chosen to contain the permission level associated with the
	Group. The Access Control Attribute field, available when the
	Standard schema is selected, contains the name of the chosen
	attribute. The chosen attribute must be capable of storing a
	character string value; for example, the default attribute is “info”
	which is an attribute accessible via the Active Directory Users
	and Computers (ADUC) snap-in. Using ADUC, the value of the
	info attribute is set by accessing the “Notes” property of the
	Group object.

LDAP SSL Certificates

All LDAP protocol exchanges (between a Remote Console Switch and Active Directory servers) are secured by SSL. When the LDAP protocol is being protected by SSL, it is referred to as LDAPS (Lightweight Directory Access Protocol over SSL). Each LDAPS connection begins with a protocol handshake that triggers a security certificate transmission from the responding Active Directory server to the Remote Console Switch. Once received, the Remote Console Switch is responsible for verifying the certificate. In order to verify the certificate, the appliance must be configured with a copy of the root Certification Authority's (CA) certificate. Before this can be done, the certificate must first be generated.

Enabling SSL on a Domain Controller

If you plan to use Microsoft Enterprise Root CA to automatically assign all your domain controllers SSL certificate, you must perform the following steps to enable SSL on each domain controller if you have not previously done so.

1Install a Microsoft Enterprise Root CA on a Domain Controller.

187

LDAP Feature for the Remote Console Switch

Image 204

Dell 2321DS manual Ldap SSL Certificates, Enabling SSL on a Domain Controller, 187

Contents

Dell Remote Console Switch System User’s Guide Page Safety and EMC Approvals and Markings STZContents Controlling Your System at the Analog Setting the Preemption Warning Launching the Remote Console Switch SoftwareNavigating the Oscar Interface Displaying Version InformationLaunching the VNC or RDP Viewer Customizing the Explorer WindowVii Viii Configuring Virtual Media Remotely 133 135141 Installing a Web Certificate 167 Upgrading Firmware Using the AMP 172155 159Standard Schema versus Dell Extended Schema Extensions to Access Your RCS 202177 Structure of Active Directory 177Xii Xiii Safety Precautions GeneralXiv Page Rack Mounting of Systems XviLAN Options XviiRemote Console Switch Features and Benefits SIP Intelligent ModuleMultiplatform Support On-board Web InterfaceDSView 3 Management Software Plug-in Virtual Media SecurityEncryption Flash Upgradeable Maximum Resolution Refresh Rate Video TypeOperation Modes VideoRemote Console Switch Software Features and Benefits Easy to Install and ConfigureCascade Tier Expansion Powerful Customization Capabilities Extensive Remote Console Switch ManagementIPv4 and IPv6 Capabilities Interoperability with Avocent ProductsProduct Overview Installation Remote Console Switch Quick Setup ChecklistInstallation Remote Console Switch Installation and Setup Getting StartedRack Mounting Your Remote Console Switch Unit Setting Up Your NetworkKeyboards OU Mounting Bracket Installation To install the 2321DS Remote Console Switch mounting bracket Installation Installing the Remote Console Switch Unit DS Remote Console Switch Mounting Bracket InstallationNetwork Server Installation Main Menu Network Configuration Menu Web Interface Port Configuration Menu Select option 1, User Input 10. User Input Menu END RSA Private KEY Connecting a SIP Video OptimizationMouse Acceleration Installation Adding a Cascade Switch Installation Local User CAT ACI Port Installation Cascading with Legacy Switches Adding a PEM Optional 14. Remote Console Switch Configuration With a PEM On-board Web Interface Installation and Setup Connecting to the NetworkSupported Browsers Launching the On-board Web InterfaceRemote Console Switch Software Installation and Setup Supplied with the Remote Console Switch SoftwareSupported Operating Systems System Hardware Configuration Requirements Installing the Remote Console Switch SoftwareDrive\WIN32\SETUP.EXE Controlling Your System at the Analog Ports Viewing and Selecting Ports and DevicesViewing the Status of Your Switch Oscar Interface Status Symbols SymbolDescriptionSoft Switching Selecting DevicesNavigating the Oscar Interface Oscar Interface Navigation Basics This Keystroke Configuring Oscar Interface Menus Oscar Interface Navigation Basics This Keystroke Does ThisSetup Dialog Box Changing the Display BehaviorMenu Dialog Box Setting Console Security Security Dialog BoxSelect Enable Screen Saver Controlling the Status Flag Flag Dialog Box Setting the Interface Language Assigning Device TypesDevices Dialog Box Assigning Device Names Device Modify Dialog BoxConfiguring Network Settings Configuring Virtual Media Settings Network IPv4 Mode Dialog BoxDisplaying Version Information Scanning Your System12. Scan Dialog Box Setting the Preemption Warning Displaying Configuration Information 13. Preempt Dialog BoxRunning System Diagnostics Diagnostic Test Details DescriptionBroadcasting to Servers 15. Broadcast Dialog Box Power Controlling Devices Power windowPower Window Status Symbols Description PDU Settings window PDUs Window Status Symbols DescriptionPDUs window Click Setup PDUs PDU Inlets windowPDU Outlets window Controlling Your System at the Analog Ports Launching the Remote Console Switch Software Navigating the Remote Console Switch SoftwareViewing Your System in the Explorer Explorer Window Features Explorer WindowRemote Console Switch Software Basic Operations Product Type Dialog Box Configure Tiered Switches Dialog Box Product Type Dialog Box Remote Console Switch Software Basic Operations Configure Tiered Switches Dialog Box Select Remote Console Switches to Add Dialog Box Accessing Your Remote Console Switch Remote Console Switch View Tab Selected Launching the VNC or RDP Viewer Changing Server and Switch Properties Changing General PropertiesGeneral Properties tab Changing Server Network Properties Changing Switch Network Properties 10. Server Network Properties Tab11. Switch Network Properties Tab Changing Information Properties Viewing Server Connections Properties 12. Information Properties TabVNC properties 13. Server Connections Property TabRemote Console Switch Software Basic Operations RDP properties 14. Server VNC Properties tab15. Server RDP Properties tab Changing Server and Switch Options Accessing a Server via a Browser WindowGeneral options Changing DirectDraw Support Windows Operating Systems Only 16. Options Dialog Box Custom Field LabelsHTTP/HTTPS options VNC optionsRDP options Organizing Your System 17. Sites View Tab Selected Modifying Custom Field Names Creating FoldersAssigning a Unit to a Site, Location, or Folder 20. Assign To Dialog BoxDeleting and Renaming Select Edit Delete. -or Customizing the Explorer Window Modifying the Selected View on StartupChanging the Default Browser Managing Your Local DatabasesSaving a Database 100Exporting a Database 101Loading a Database 102Accessing Servers from the Remote Console Switch Software 103Remote Console Switch Software Servers Tab 104Accessing Servers from the On-board Web Interface 105Interacting With the Server Being Viewed 106Viewer Window Features Viewer Menu bar107 Adjusting the Viewer Adjusting the Viewer ToolbarConnection Status Indicator Sharing Mode 108Setting the Toolbar Hide Delay Time 109Expanding and Refreshing Your Viewer 110Adjusting the Viewer Resolution 111Adjusting the Video Quality Adjusting Color Depth112 Manual Video Adjust Dialog Box Options 113Minimizing Remote Video Session Discoloration Improving Screen Background Color Display114 Setting Mouse Scaling Adjusting the Mouse115 Minimizing Mouse Trailing Improving Mouse Performance116 Viewing Multiple Servers Using the Scan Mode Reducing Mouse Cursor FlickeringScanning Your Servers 117118 10. Viewer Thumbnail ViewerAccessing Scan Mode from the Remote Console Switch Software 119Thumbnail View Status Indicators Accessing Scan Mode from the On-board Web InterfaceSetting up your Scanning Preferences 120Navigating the Thumbnail Viewer 121Using Macros to Send Keystrokes to the Server 122Session Options General Tab 123Screen Capturing 124Preemption 125Preemption Scenarios Current User Preempted by Preemption of Remote User by a Remote Administrator Connection Sharing126 Exclusive Mode 127128 Common Virtual Media Terms 129Configuring Virtual Media Locally Enabling/Disabling Virtual Media Using the Oscar Interface130 Setting Virtual Media Options Using the Oscar Interface 131Write Access 132Reserve Mass StorageConfiguring Virtual Media Remotely 133134 Virtual Media Window On-board Web InterfaceLaunching Virtual Media 135136 Dell Virtual Media Client Showing No ConnectionVirtual Floppy Drive 137Virtual CD/DVD Drive Virtual Media Connection Status138 Resetting the USB Bus Reserving a Virtual Media Session139 Migrating Switches from the Remote Console Switch Software 140Viewing and Configuring Remote Console Switch Parameters Changing Remote Console Switch Parameters141 142 Setting Up User Accounts User Access Level Rights Operations Remote Console143 144 Snmp145 Users WindowUser Access Rights Window 146Locking and Unlocking User Accounts 147Enabling and Configuring Snmp 148Snmp Configuration Window 149Enabling Individual Snmp Traps 150Viewing and Resynchronizing Server Connections 151Modifying a Server Name 152Viewing and Configuring Tiered Switch Connections 153Viewing the SIPs and Avocent IQ Modules 154Viewing Remote Console Switch Version Information 155SIPs Subcategory 156157 12. SIPs Firmware Version Window158 13. SIP Version WindowUpgrading Firmware 15914. Upgrade Switch Firmware Window 16015. Upgrade SIP Firmware Window 161Controlling User Status 162163 17. User Status WindowRebooting Your System Managing Remote Console Switch Configuration Files164 Managing User Databases 165166 Installing a Web Certificate 167Managing PDUs 168169 170 Accessing the AMP 171Upgrading Firmware Using the AMP Upgrading Remote Console Switch Firmware172 173 174 Using the Resync Wizard 175176 Overview Structure of Active Directory177 Domain Controller Computers Object Classes178 Schema Extensions Attributes179 Standard Schema versus Dell Extended Schema 180Standard Installation 181Configure the Override Admin Account Configuring DNS Settings182 Configuring the Network Time Protocol Settings 183Enabling Ldap Authentication Entering Authentication Parameters184 185 Authentication Panel Field Descriptions 186Ldap SSL Certificates Enabling SSL on a Domain Controller187 Click Start Administrative Tools Domain Security Policy 188189 190 On-board Web Interface Send Security Certificate191 Field DescriptionLogin Timeout CA Certificate Information Display192 Configuring Group Objects 193194 Operation KVM Appliance KVM User Admin 195Active Directory Object Overview for Standard Schema 196Dell Extended Schema Active Directory Object Overview 197198 Typical Setup for Active Directory Objects 199Setting Up Active Directory Objects in a Single Domain 200Setting Up Active Directory Objects in Multiple Domains 201Extending the Active Directory Schema Optional 202Opening the Active Directory Users and Computers Snap-In 203Creating a SIP Object Creating a Privilege Object204 Using Dell Association Objects Syntax 205Creating an Association Object Adding Objects to an Association Object206 Console Redirection Access Security 207Target Device Naming Requirements for Ldap Implementation 208Frequently Asked Questions 209210 211 Appendix a Updating the Remote Console Switch Software 212213 Table B.2 Tree View Control Keyboard and Mouse ShortcutsOperation Description 214 215 216 Figure C-1. TCP Port CommunicationAppendix D MIBs and Snmp Traps 217MIB Groups Product ID Group dsProductID218 219 Table D-1. Product IP Group Objects Object Type Description220 Object Type DescriptionSIP Group dsSIP 221Snmp Trap Object Group 222Table D-2. SIP Group Objects Object Type Description User Name223 Target User NameImage Type New Image VersionImage Upgrade Results 224Tiered Switch Identification Tiered Switch Old Identification225 SIP Identification226 Filename IdentificationFirmware Condition Device Identification227 ConditionExplanation User Account Lock ReasonSIP Image Upgrade Result 228User Account Unlocked Reason IP AddressVirtual Media Drive Access Mode Image Upgrade Result Code229 Type of SIP Image230 Enterprise Traps 231232 233 Trap Trap Message Severity234 Trap Trap Message Severity Description235 236 237 238 239 240 SIP241 242 243 244 245 246 Upgrading the Remote Console Switch Upgrade Firmware Using the On-board Web InterfaceUpgrading Firmware Using a Serial Console 247248 Upgrading Remote Console Switch Firmware in Oscar 249Recovering From a Failed Flash Upgrade Upgrading the SIP module firmware250 251 Figure E-2. SIP Status Dialog Box252 Dimension 253Analog Port Sets Safety and EMC Approvals and Markings 254Serial Power Control PDU Port 255Table F-2 DS Remote Console Switch Product Specifications 256Appendix G Technical Support 257Index 258259 Ldap 260261 Snmp 262263