If Global Controller Address(es) is configured, iDRAC6 continues to query the Global Catalog. If additional privileges are retrieved from the Global Catalog, these privileges will be accumulated.

Does iDRAC6 always use LDAP over SSL?

Yes. All the transportation is over secure port 636 and/or 3269.

During test setting, iDRAC6 does a LDAP CONNECT only to help isolate the problem, but it does not do an LDAP BIND on an insecure connection.

Why does iDRAC6 enable certificate validation by default?

iDRAC6 enforces strong security to ensure the identity of the domain controller that iDRAC6 connects to. Without certificate validation, a hacker could spoof a domain controller and hijack the SSL connection. If you choose to trust all the domain controllers in your security boundary without certificate validation, you can disable it through the GUI or the CLI.

Does iDRAC6 support the NetBIOS name?

Not in this release.

What should I check if I cannot log into the iDRAC6 using Active Directory?

You can diagnose the problem by clicking Test Settings at the bottom of the Active Directory Configuration and Management page in the iDRAC6 Web-based interface. Then, you can fix the specific problem indicated by the test results. For additional information, see "Testing Your Configurations" on page 177.

Most common issues are explained in this section; however, in general you should check the following:

1Ensure that you use the correct user domain name during a login and not the NetBIOS name.

2If you have a local iDRAC6 user account, log into the iDRAC6 using your local credentials.

After you are logged in:

a Ensure that you have checked the Enable Active Directory option on the iDRAC6 Active Directory Configuration and Management page.

b Ensure that the DNS setting is correct on the iDRAC6 Networking configuration page.

Using the iDRAC6 Directory Service

185

Page 185
Image 185
Dell IDRAC6 manual Does iDRAC6 always use Ldap over SSL?, Why does iDRAC6 enable certificate validation by default?, 185