Figure 1. Configuration of iDRAC with Active Directory Standard Schema

In Active Directory, a standard group object is used as a role group. A user who has iDRAC access is a member of the role group. To give this user access to a specific iDRAC, the role group name and its domain name need to be configured on the specific iDRAC. The role and the privilege level is defined on each iDRACand not in the Active Directory. You can configure up to five role groups in each iDRAC. Table reference no shows the default role group privileges.

Table 14. Default Role Group Privileges

Role Groups

Default Privilege Level

Permissions Granted

Bit Mask

 

 

 

 

Role Group 1

None

Login to iDRAC,

0x000001ff

 

 

Configure iDRAC,

 

 

 

Configure Users, Clear

 

 

 

Logs, Execute Server

 

 

 

Control Commands,

 

 

 

Access Virtual Console,

 

 

 

Access Virtual Media,

 

 

 

Test Alerts, Execute

 

 

 

Diagnostic Commands

 

Role Group 2

None

Login to iDRAC,

0x000000f9

 

 

Configure iDRAC,

 

 

 

Execute Server Control

 

 

 

Commands, Access

 

 

 

Virtual Console, Access

 

 

 

Virtual Media, Test

 

 

 

Alerts, Execute

 

 

 

Diagnostic Commands

 

Role Group 3

None

Login to iDRAC

0x00000001

Role Group 4

None

No assigned permissions

0x00000000

Role Group 5

None

No assigned permissions

0x00000000

145

Page 145
Image 145
Dell iDRAC8 manual Configuration of iDRAC with Active Directory Standard Schema