User1 is in Domain1, and user2 and user 3 are in Domain2. You want to give user1 and user 2 an administrator privilege to both Remote Console Switches and give user3 a login privilege to the RCS2.

Figure 9-8. Setting Up Active Directory Objects in Multiple Domains

Domain 1

Domain 2

AO1

AO2

Group1

Priv1

Priv2

User1

User2

User3

RCS1

RCS2

To set up the objects for the multiple domain scenario, perform the following tasks:

1Ensure that the domain forest function is in Native or Windows 2003 mode.

2Create two Association Objects, AO1 (of Universal scope) and AO2, in any domain. The figure shows the objects in Domain2.

3Create two RCS Device Objects, RCS1 and RCS2, to represent the two Remote Console Switches.

4Create two Privilege Objects, Priv1 and Priv2, in which Priv1 has all privileges (administrator) and Priv2 has login privileges.

5Group user1 and user2 into Group1. The group scope of Group1 must be Universal.

6Add Group1 as Members in Association Object 1 (AO1), Priv1 as Privilege Objects in AO1, and RCS1, RCS2 as RCS Devices in AO1.

201

LDAP Feature for the Remote Console Switch

Page 218
Image 218
Dell 2321DS manual 201, Setting Up Active Directory Objects in Multiple Domains