racadm config -g cfgActiveDirectory -o cfgADRacName <RAC common name>

racadm config -g cfgActiveDirectory -o cfgADRacDomain <fully qualified rac domain name>

racadm config -g cfgActiveDirectory -o cfgADDomainController1 <fully qualified domain name or IP Address of the domain controller>

racadm config -g cfgActiveDirectory -o cfgADDomainController2 <fully qualified domain name or IP Address of the domain controller>

racadm config -g cfgActiveDirectory -o cfgADDomainController3 <fully qualified domain name or IP Address of the domain controller>

NOTE: At least one of the three addresses is required to be configured. iDRAC attempts to connect to each of the configured addresses one-by-one until it makes a successful connection. When the extended schema option is selected, these are the FQDN or IP addresses of the domain controllers where this iDRAC device is located. Global catalog servers are not used in extended schema mode at all.

NOTE: The FQDN or IP address that you specify in this field should match the Subject or Subject Alternative Name field of your domain controller certificate if you have certificate validation enabled.

CAUTION: In this release, the Smart Card based Two Factor Authentication (TFA) feature is not supported if the Active directory is configured for Extended schema. The Single Sign-On (SSO) feature is supported for both Standard and Extended schema.

If you want to use DNS lookup to obtain the Active Directory Domain Controller server address, type the following command:

racadm config -g cfgActiveDirectory -o cfgADDcSRVLookupEnable=1

To perform the DNS lookup with the domain name of the login user:

racadm config -g cfgActiveDirectory -o cfgADDcSRVLookupbyUserdomain=1

To specify the domain name to use on the DNS lookup:

Using the iDRAC6 Directory Service

165

Page 165
Image 165
Dell IDRAC6 manual 165