![Dell IDRAC6 User Manual Download Page 158](http://html.mh-extra.com/html/dell/idrac6/idrac6_user-manual_81842158.webp)
158
Using iDRAC6 With Microsoft Active Directory
Active Directory Certificate Validation
I am using an IP address for a Domain Controller Address, and I failed certificate
validation. What is the problem?
Check the
Subject or Subject Alternative Name
field of your domain controller
certificate. Usually Active Directory uses the hostname, not the IP address,
of the domain controller in the
Subject or Subject Alternative Name
field of
the domain controller certificate. You can fix the problem by taking any of
the following actions:
•
Configure the hostname (FQDN) of the domain controller as the
domain
controller address(es)
on iDRAC6 to match the Subject or Subject
Alternative Name of the server certificate.
•
Re-issue the server certificate to use an IP address in the Subject or
Subject Alternative Name field so it matches the IP address configured
in iDRAC6.
•
Disable certificate validation if you choose to trust this domain controller
without certificate validation during the SSL handshake.
Why does iDRAC6 enable certificate validation by default?
iDRAC6 enforces strong security to ensure the identity of the domain
controller that iDRAC6 connects to. Without certificate validation, a hacker
could spoof a domain controller and hijack the SSL connection. If you choose
to trust all the domain controllers in your security boundary without
certificate validation, you can disable it through the GUI or the CLI.
Extended and Standard Schema
I'm using extended schema in a multiple domain environment. How do I configure
the domain controller address(es)?
Use the host name (FQDN) or the IP address of the domain controller(s) that
serves the domain in which iDRAC6 object resides.
Do I need to configure Global Catalog Address(es)?
If you are using extended schema, you cannot configure global catalog
addresses, because they are not used with extended schema.
Summary of Contents for IDRAC6
Page 38: ...38 iDRAC6 Enterprise Overview ...
Page 84: ...84 Configuring the Managed Server ...
Page 120: ...120 Configuring iDRAC6 Enterprise Using the Web Interface ...
Page 160: ...160 Using iDRAC6 With Microsoft Active Directory ...
Page 166: ...166 Configuring Smart Card Authentication ...
Page 222: ...222 Using GUI Console Redirection ...
Page 228: ...228 Configuring the vFlash Media Card for Use With iDRAC6 ...
Page 270: ...270 Using the RACADM Command Line Interface ...
Page 308: ...308 Using iDRAC6 Configuration Utility ...
Page 334: ...334 Recovering and Troubleshooting the Managed System ...
Page 382: ...382 RACADM Subcommand Overview ...
Page 452: ...452 iDRAC6 Enterprise Property Database Group and Object Definitions ...
Page 462: ...462 Glossary ...
Page 472: ...472 Index ...