SSO login fails with AD users on Windows 7 and Windows Server 2008 R2. What should I do to resolve this?

You must enable the encryption types for Windows 7 and Windows Server

2008 R2. To enable the encryption types:

1Log in as administrator or as a user with adminstrative privilege.

2Go to Start and run gpedit.msc. The Local Group Policy Editor window is displayed.

3Navigate to Local Computer SettingsWindows SettingsSecurity SettingsLocal PoliciesSecurity Options.

4Right-clickNetwork Security: Configure encryption types allowed for kerberos and select Properties.

5Enable all the options.

6Click OK. You can now log in to iDRAC using SSO.

Perform the following additional settings for Extended Schema:

1In the Local Group Policy Editor window, navigate to Local Computer SettingsWindows SettingsSecurity SettingsLocal PoliciesSecurity Options.

2Right-clickNetwork Security: Restrict NTLM: Outgoing NTLM traffic to remote server and select Properties.

3Select Allow all.

4Click OK and then close the Local Group Policy Editor window.

5Go to Start and run cmd. The command prompt window is displayed.

6Run the command gpupdate /force. The group policies are updated. Close the command prompt window.

7Go to Start and run regedit. The Registry Editor window is displayed.

8Navigate to HKEY_LOCAL_MACHINESystemCurrentControlSetControlLSA.

9In the right-pane, right-click and select NewDWORD (32-bit) Value.

10Name the new key as SuppressExtendedProtection.

11Right-clickSuppressExtendedProtection and click Modify.

12In the Value data field, type 1 and click OK.

Configuring iDRAC6 for Single Sign-On or Smart Card Login

201

Page 201
Image 201
Dell IDRAC6 manual 201