AO1

Figure 5-3. Setting Up Active Directory Objects in Multiple Domains
Domain1	Domain2
	AO1	AO2

Group1

Priv1

Priv2

User1

User2

User3

RAC1

RAC2

To set up the objects for the multiple domain scenario, perform the following tasks:

1Ensure that the domain forest function is in Native or Windows 2003 mode.

2Create two Association Objects, AO1 (of Universal scope) and AO2, in any domain. The figure shows the objects in Domain2.

3Create two RAC Device Objects, RAC1 and RAC2, to represent the two DRAC 4 cards.

4Create two Privilege Objects, Priv1 and Priv2, in which Priv1 has all privileges (administrator) and Priv2 has login privileges.

5Group user1 and user2 into Group1. The group scope of Group1 must be Universal.

6Add Group1 as Members in Association Object 1 (AO1), Priv1 as Privilege Objects in AO1, and RAC1, RAC2 as RAC Devices in AO1.

7Add user3 as Members in Association Object 2 (AO2), Priv2 as Privilege Objects in AO2, and RAC2 as RAC Devices in AO2.

Using the DRAC 4 With Microsoft® Active Directory

Page 89

Image 89

Dell Remote Access Controller 4 Firmware Version 1.30 manual AO1

Contents

W . d e l l . c o m s u p p o r t . d e l l . c o m Firmware Version 1.30 User’s Guide May Contents Configuring Red Hat Enterprise Linux for Configuring the Drac 4 Network SettingsViewing Localized Versions of the Web-Based Interface Removing Drac 4-Related Applications and Drivers Adding and Configuring Drac 4 Users and Alerts Configuring Red Hat Enterprise Linux Minicom forEnabling Microsoft Telnet for Telnet Console Redirection First Steps to Troubleshoot a Remote System Installing the Dell Extension to the Active Directory Users Configuring Active Directory to Access Your DracConfiguring the Drac 4 Active Directory Settings Using Active Directory to Log In To the Drac 100 Enabling and Disabling the Virtual Media Feature 115 Installing Operating Systems Using Virtual Media 114Viewing a List of Serial/Telnet Commands 128 111 Creating Bootable Deployment Image Files 146 Using the racadm Utility to Configure the Drac 137134 136 152 151153 154 165 164166 167 173 172174 175 179 178180 181 194 190197 199 CfgNetTuningNicFullDuplex Read/Write 205 CfgNetTuningNicAutoneg Read/Write 204200 203 217 214218 219 Drac 4 Power Requirements Setting Up Active Directory ObjectsManagement Station COM Port Settings Overall Architecture of Virtual Media 111 Certificate Signing Request Generation Enable email Alert PropertiesWatchdog Information Fields Last Crash Screen Page Buttons DellAssociationObject Class Drac 4 Network Error CodesList of Attributes Added to Log/Verbose Level Options 131 Table A-6 Getconfig Subcommand Options 152 Table A-7 Table A-5 Config Subcommand OptionsTable A-10 Fwupdate Subcommand Options 157 Table A-11 Table A-12 Getssinfo Subcommand Options 159 Table A-13 Table A-33 Setrac Subcommand Options 173 Table A-34 Table A-28 Serveraction Subcommand Options 169 Table A-29Table A-35 Sslcsrgen Subcommand Options 175 Table A-36 Table A-41 Sslcertview Subcommand Options 178 Table A-42 Drac 4 Overview What’s New in Drac 4 in this Release? Drac 4/I Hardware Features RJ-45 Connector Drac 4 Hardware Features Power Requirements Hardware SpecificationsConnectors Lists the power requirements for the Drac Lists the features of each type of connection Supported Remote Access ConnectionsDrac 4 Security Features Supported Web Browsers Supported PlatformsSupported Operating Systems Features Other Documents You May Need Drac 4 Overview Software Installation and Configuration Overview Installing the Drac 4 HardwareInstalling and Setting Up the Drac What You Need to Get Started Installing the Software on the Managed System Disabling the Windows Automatic Reboot Option Configuring a Supported Web Browser Installing the Software on the Management StationMount /mnt/cdrom Cd /mnt/cdrom Rpm -ivh linux/rac/*.rpm Rpm -e racadm Installing the Sun Java Plug-In to Use Console Redirection Installing the Sun Java Plug-InInstalling the Sun Java Plug-In to Use Mozilla Viewing Localized Versions of the Web-Based Interface Rpm -iv j2re-14versionnumber-linux-i586.rpm Configuring Drac 4 PropertiesFor example Register the Java plug-in Configuring the Drac 4 Network Settings Using the Option ROM Configuring the Drac 4 Network Settings Waiting for response from Dhcp Server Virtual Media Configuration Options Adding and Configuring Snmp Alerts Adding and Configuring Drac 4 Users Clearing the Web Browser Cache With Mozilla Updating the Drac 4 FirmwareClearing the Web Browser Cache With Internet Explorer Accessing the Drac 4 Through a Network Drac 4 Software Basics for Red Hat Enterprise Linux Service racsvc statusWhere action is start, stop, status, or probe Removing Drac 4-Related Applications and Drivers Additional InformationRemoving the Drac Drac 4 NIC Serial and Telnet Console Features F2 = System Setup Configuring the System Setup Program on the Managed System Kernel ............. console=ttyS0,57600 Serial --unit=0 --speed=57600 terminal --timeout=10 serialAppend two options to the kernel line Sample File /etc/innitab Enabling Login to the Console After BootCo2345respawn/sbin/agetty -h -L 57600 ttyS0 vt100 TtyS0 Enabling the Serial/Telnet Console on the Drac Using racadm Remotely Racadm config -g group -o object valueRacadm getconfig -g group Racadm config -g cfgSerial -o cfgSerialSshEnable Using the Secure Shell SSHRacadm getconfig -g cfgSerial AES192-CBC You can change the SSH port with the commandAES128-CBC 3DES-192-CBC Required Pinout for DB-9 Null Modem Cable Signal Name Connecting the DB-9 CablePage Type minicom -c on Configuring HyperTerminal for Serial Console RedirectionClear the init, reset, connect, and hangup Page Enabling Microsoft Telnet for Telnet Console Redirection Using a Serial or Telnet Console Logging Accessing the Web-Based InterfaceManaging and Recovering a Remote System Adding and Configuring Drac 4 Users Adding and Configuring Drac 4 Users and AlertsPassword User Properties Property Description User Name Use the information in -3 to enable email alerts Configuring User email Alerts Email Alert Severity Description Informational Go Back To User ConfigurationSevere Alert Description Configuring the Drac 4 NIC Email Alert Settings Duplex ModeCheck box is selected Default Smtp Email Server Drac 4 Network Configuration Page Buttons Configuring Alerts by Severity Adding and Configuring Snmp Alerts Such as chassis intrusion Severity Options Description InformationalSystem Fan Sensors Monitors the system fan speed RPM 10. Snmp Alerts Page Buttons Action Print Managing a Remote SystemSnmp Alert Properties PropertyDescription Ensuring Drac 4 Network Security Updating the Drac 4 Firmware Type IssuerSerial Key Size From the CA Default certificate you received with your DracUpload Certificate View Server Certificate State S 14. Required CSR Fields Properties Description Locality LManagement Generate 16. Certificate Management Page Buttons Action Print Viewing System Information Service Tag Bios VersionServer Address System Information Recovering and Troubleshooting the Managed System First Steps to Troubleshoot a Remote System Managing Power on a Remote System SEL provides buttons see -24 in the top-right corner Using the SEL 25. Status Indicator Icons Description Using the Drac 4 LogDate/ Time User Viewing the Last System Crash Screen Using the Diagnostic Console Ifconfig 28. Diagnostic Commands Description ArpNetstat Ping IP Address 30. Drac 4 Network Error Codes Description Troubleshooting Network Problems Troubleshooting Alerting Problems RAC189A RAC065A Frequently Asked Questions Managing and Recovering a Remote System Managing and Recovering a Remote System Using the Drac 4 With Microsoft Active Directory Active Directory Schema Extensions Active Directory Object Overview Overview of the RAC Schema Extensions RAC4 Privilege Object User1 User2 User3 Group1 Priv1 AO1 Using the Dell Schema Extender Configuring Active Directory to Access Your DracExtending the Active Directory Schema Click Next to run the Dell Schema Extender Click Finish 840.113556.1.8000.1280.1.1.1.3 Description DellRAC4Privileges Class840.113556.1.8000.1280.1.1.1.4 Description Attributes DellRAC4Privileges DellProduct Class False DelIsLogClearAdmin Ldaptypecaseignorestring Opening the Active Directory Users and Computers Snap-In Adding Drac 4 Users and Privileges to Active DirectoryCreating a RAC Device Object Creating a Privilege Object Select the scope for the Association Object Click OK Creating an Association ObjectAdding Objects to an Association Object Click Next and click Finish Enabling SSL on a Domain Controller Click Finish and click OK Exporting the Domain Controller Root CA CertificateSelect Computer account and click Next Click the Configuration tab and select Network Configuring the Drac 100 Using Active Directory to Log In To the DracRacadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 101 Lists frequently asked questions and answers 102 Racadm sslcertupload -t 0x1 -f websslcert 103 Using Console RedirectionOverview Current console redirection sessions Maximum console redirection sessions 105 Racadm racreset command Using Console Redirection Frequently Asked Questions AnswerRunning the racadm racreset hard command 106 107 108 Rpm -qa grep radeon7000mdellserver Run Xconfigurator if not previously run before109 Run Xwindows startx 110 Overall Architecture of Virtual Media Managed System 111 Operating System Requirements on the Managed System 113 Installing the Virtual Media Plug-InUsing the Virtual Media Feature Installing Operating Systems Using Virtual Media Booting From the Virtual Media Racadm config -g cfgRacVirtual -o cfgVirMediaDisable Enabling and Disabling the Virtual Media FeatureCat /var/log/messages grep Virtual 115 Configuring the Virtual Floppy as a Hard Drive Configuring the Virtual Floppy Feature as a Super FloppyRacadm config -g cfgRacVirtual -o cfgFloppyEmulation DELL-VIRTUALS-120 Removable Media Drive Racvmcli InstallationExecution Environment 117 VM-CLI Parameters Interfaces and APIsRacvmcli parameters OS-shell options Drac 4 IP Address 119 UDRAC-user-name Cdevice-name image-file CD/DVD Device or Image File 121 Drive Number 0 failed to Racadm getconfig -gDetect Virtual device Drive Number 1 failed to CfgRacVirtual Other console startup Use the racadm vmdisconnect command toMessages 123 Drive Removable Media Drive Drive Number 0 VirtualfloppyDrive Number 1 Virtualcdrom 124 125 Cat /etc/fstab grep /dev/hde Cat /var/log/messages grepMount /mnt/cdrom1 126 127 Logging into the DracStarting a Text Console Racadm config -g cfgSerial -o cfgSerialHistorySize number Viewing a List of Serial/Telnet CommandsSetsvctag Firmware Unsupported Command 128 Racadm Command Description Using the racadm CLIPrompt a racadm help more 129 Lists the options for the racadm command Using the racadm CLI RemotelyRacadm Synopsis Racadm Options Racadm Command Options Type the following command to disable the remote capability131 Option Description 132 Racadm Subcommand Descriptions Racadm Error Messages Configuring Multiple Drac 4sConfiguration File Overview 133 Racadm getconfig -f myfile.cfg Creating a Drac 4 Configuration File CfgLanNetworking CfgNicIpAddress=143.154.133.121 Use the racresetcfg subcommand to keep all Drac 4s the sameSee the example in the previous bullet 135 Racadm config -g groupName -o objectName -i index Configuration File ExampleRacadm getconfig -g groupName -i index 136 File contents are as follows Using the racadm Utility to Configure the DracThis file will be updated as follows 137 Racadm getconfig -g cfgUserAdmin -i index Racadm getconfig -u username# cfgUserAdminIndex=XX CfgUserAdminUserName= Before Adding a Drac 4 User Specific object Adding a Drac 4 User With Alerting Capabilities139 140 Adding a Drac 4 User With Permissions 141 Configuring Drac 4 Network PropertiesRacadm getconfig -g cfgLanNetworking Racadm subcmd Transport Error message Racadm subcmd Error messageRacadm subcmd Firmware Error message 142 143 Requirements Tasks 145 Vmdeploy To create image files from existing bootable media Creating Bootable Deployment Image FilesLinux Users Windows Users 147 Troubleshooting the DracTroubleshooting Troubleshooting Help Racadm help Racadm help subcommandSynopsis Description Arp Config/getconfigClearasrscreen Racadm arp Racadm config -p -c -f filename Racadm config -g Config Subcommand DescriptionRacadm getconfig Filename Racadm Getconfig Table A-6. getconfig Subcommand Options Description Getconfig Subcommand DescriptionFilename command 152 Coredump Table A-7 describes the coredump subcommandExamples Racadm coredump 154 Output Example Coredumpdelete FwupdateCurrent task stack Ipev -#005e0000 binary data FW dcmdCoreDump No Core dump available Table A-10 describes the fwupdate subcommand options 156 Load the update file into the Drac 4 RAMdisk areaTable A-9. fwupdate Subcommand Definition Input 157 Table A-10. fwupdate Subcommand Options Description 158 Racadm -r Racip -u user -p password fwupdate -g -u -aUpdating the Firmware Table A-12 describes the getssinfo subcommand options Table A-11 describes the getssinfo subcommandGetssninfo Racadm getssninfo -A -u username Web GetsysinfoRoot Thu 06 Mar 143.166.174.19 2004 103239 GMT-0600 Watchdog information/recovery action Table A-15 describes the getsysinfo subcommand optionsFollowing data element is output as a string 161 Racadm getsysinfo -w -s RestrictionsRacadm getsysinfo -A -w -s Racadm ifconfig IfconfigGetractime Racadm getractime -u -d Ping NetstatSetniccfg/getniccfg Racadm ping ipaddress Description for setniccfg Table A-21. setniccfg/getniccfg Subcommand DefinitionDescription for getniccfg 165 Racdump GetsvctagExample Racadm getsvctag Racadm racreset hard soft graceful delay in seconds RacresetTransport Error RC=-1 Table A-25 describes the racreset subcommand options RacresetcfgTable A-26 describes the racresetcfg subcommand Racadm racresetcfg Racadm serveraction -d delay action Table A-27 describes the serveraction subcommandTable A-27. serveraction SubcommandDefinition Serveraction Table A-29 describes the getraclog command Serveraction command returns without output if successfulTable A-29 Getraclog Command Definition Getraclog Clrraclog Table A-30 describes the getsel commandGetsel Racadm clrraclog Gettracelog ClrselRacadm clrsel Racadm gettracelog Racadm gettracelog -m Racadm setrac -h -o -T -d Setrac Table A-33. setrac Subcommand Options Table A-34 describes the sslcsrgen subcommandTable A-34. sslcsrgen SubcommandDescription Sslcsrgen Table A-35. sslcsrgen Subcommand Options Description Table A-35 describes the sslcsrgen subcommand optionsOptions 175 Racadm sslcertupload -t 0x1 -f c\cert\cert.txt SslcertuploadRacadm sslcertupload -t type -f filename Racadm sslcertdownload -t 0x1 -f c\cert\cert.txt SslcertdownloadRacadm sslcertdownload -t type -f filename Racadm sslcertview -t type -A SslcertviewOutput Examples Testemail 1024 DSU+123431 DSU+153431 RMC Default Certificate Dell IncRound Rock Texas john@dell.com Racadm testemail -i index -u username Racadm testtrap -i index Testtrap Table A-46. vmdisconnect Subcommand Description Table A-46 describes the vmdisconnect subcommandVmdisconnect Racadm vmdisconnect Racadm Subcommand Man Pages IdRacDescriptionInfo Read Only IdRacInfoIdRacProductInfo Read Only IdRacMisc Read/Write IdRacVersionInfo Read OnlyIdRacName Read/Write IdRacType Read CfgLanNetworkingCfgDNSDomainNameFromDHCP Read/Write CfgDNSDomainName Read/Write CfgDNSRegisterRac Read/Write CfgDNSRacName Read/Write CfgDNSServer1 Read/Write CfgDNSServersFromDHCP Read/WriteCfgDNSServer2 Read/Write 187 CfgNicNetmask Read/Write CfgNicEnable Read/WriteCfgNicIpAddress Read/Write CfgNicGateway Read/Write CfgCurrentLanNetworkingCfgNicUseDhcp Read/Write CfgNicMacAddress Read Only CfgNicCurrentNetmask Read Only CfgNicCurrentIpAddress Read OnlyCfgNicCurrentGateway Read Only CfgNicCurrentDhcpWasUsed Read Only CfgRemoteHosts CfgRhostsSmtpEmailEnable Read/WriteCfgDNSCurrentDomainName Read Only CfgDNSCurrentServer1 Read Only CfgRhostsSmtpServerIpAddr Read/Write CfgRhostsFwUpdateTftpEnable Read/WriteCfgRhostsFwUpdateIpAddr Read/Write CfgRhostsFwUpdatePath Read/Write CfgUserAdminCfgUserAdminPrivilege Read/Write Legal Values Table B-1. Bit Masks for User Privileges CfgUserAdminUserName Read/WriteCfgUserAdminPassword Write Only CfgUserAdminAlertFilterSysEventMask Read/Write CfgUserAdminAlertFilterRacEventMask Read/WriteCfgUserAdminEmailEnable Read/Write 195 CfgUserAdminEmailCustomMsg Read/Write CfgUserAdminEmailAddress Read/WriteCfgUserAdminIndex Read Only CfgTraps CfgTrapsSnmpCommunity Read/Write CfgTrapsEnable Read/WriteCfgTrapsFilterRacEventMask Read/Write 197 CfgTrapsIndex Read Only CfgSessionManagementCfgTrapsFilterSysEventMask Read/Write CfgSsnMgtMaxSessions Read/Write CfgSsnMgtSshIdleTimeout Read/WriteCfgSsnMgtMaxSessionsPerUser Read/Write 199 CfgSerialBaudRate Read/Write CfgSerialConsoleEnable Read/WriteCfgSerial CfgSerialConsoleQuitKey Read/Write CfgSerialConsoleIdleTimeout Read/WriteCfgSerialConsoleShellType Read/Write 201 CfgSerialHistorySize Read/Write CfgSerialConsoleCommand Read/WriteCfgSerialConsoleNoAuth Read/Write CfgSerialTelnetEnable Read/Write CfgSerialSshEnable Read/WriteCfgSerialCom2RedirEnable Read/Write 203 CfgNetTuningNicAutoneg Read/Write CfgNetTuningCfgNetTuningNic100MB Read/Write CfgSerialTelnet7flsBackspace Read/Write CfgNetTuningNicMtu Read/Write CfgNetTuningNicFullDuplex Read/WriteCfgNetTuningIpTtl Read/Write Legal Values Integer from 1 to Default 0x40 CfgNetTuningTcpSrttBase Read/Write CfgNetTuningIpReassTtl Read/WriteCfgNetTuningTcpSrttDflt Read/Write Legal Values Integer from 6 to Default 0x6 206 CfgNetTuningTcpReXmtMax Read/Write CfgNetTuningTcpReXmtMin Read/WriteCfgNetTuningTcpMsl Read/Write 207 Tuning the Drac 4 for Satellite Connectivity CfgNetTuningIpSubnetsAreLocal Read/WriteWhere value is obtained from Table B-2 Ini files are used Legal Values Boolean, either 1 or 0 True or False Default CfgOobSnmpTrapsEnable Read/WriteCfgOobSnmp CfgOobSnmpAgentCommunity Read/Write CfgOobSnmpAgentEnable Read/Write CfgRacTuningDescription =Disable, 1=Enable transmission of Snmp traps CfgRacTuneHttpPort Read/Write CfgRacTuneSshPort Read/Write CfgRacTuneHttpsPort Read/WriteCfgRacTuneTelnetPort Read/Write 211 CfgRacTuneRemoteRacadmEnable Read/Write CfgRacTuneFwUpdateResetDelay Read/WriteLegal Values 115200, 57600, 19200, Default 212 CfgRacTuneHostCom2BaudRate Read/Write CfgRacTuneConRedirPort Read/Write IfcRacManagedNodeOsIfcRacMnOsHostname Read/Write IfcRacMnOsOsName Read/Write IfcRacMnOsOsType Read Only CfgRacSecurityCfgRacSecCsrCommonName Read/Write CfgRacSecCsrOrganizationName Read/Write CfgRacSecCsrStateName Read/Write CfgRacSecCsrOrganizationUnit Read/WriteCfgRacSecCsrLocalityName Read/Write CfgRacSecCsrEmailAddr Read/Write CfgRacSecCsrCountryCode Read/WriteCfgRacSecCsrKeySize Read/Write Description CSR state Legal Values Or 0 True or False Default Description CfgVirMediaDisable Read/WriteCfgRacVirtual CfgFloppyEmulation Read/Write CfgActiveDirectory CfgVirtualBootOnce Read/WriteCfgVirAtapiSrvPort Read/Write CfgADRacDomain Read/Write CfgADAuthTimeout Read/Write CfgADEnable Read/WriteCfgADRacName Read/Write 219 Drac 4-Generated Event Mask Definitions Event Filter Operation and Event Mask PropertiesCfgADRootDomain Read/Write 220 Racadm -g cfgTraps -o cfgTrapsFilterSysEventMask -i1 System-Generated Alert Mask Definitions221 Miscmask 222 Alert Filter PropertiesStatMask SenMask Email Test Command Alert Test CommandsAlert Data Definitions Racadm testemail -i index Racadm testemail -u username Synopsis Trap Test CommandRacadm testtrap -t -i trap index 224 Other characters Acronym for application programming interfaceAbbreviation for compact disc Acronym for custom factory integration Abbreviation for Dynamic Domain Naming System Abbreviation for Dell Remote Access ControllerAbbreviation for Domain Name System Abbreviation for disk storage unit Abbreviation for local area network Abbreviation for international standards organizationAbbreviation for light-emitting diode Abbreviation for management information base Abbreviation for uninterruptible power supply Abbreviation for remote access controllerRAM disk Acronym for system event log Index 229 Drac 4, removing related applications and drivers 231 Index

Figure 5-3. Setting Up Active Directory Objects in Multiple Domains

Domain1

Domain2

Group1

User1

Using the DRAC 4 With Microsoft® Active Directory