201
LDAP Feature for the Remote Console Switch
User1 is in Domain1, and user2 and user 3 are in Domain2. You want to give
user1 and user 2 an administrator privilege to both Remote Console Switches
and give user3 a login privilege to the RCS2.
Figure 9-8. Setting Up Active Directory Objects in Multiple Domains
To set up the objects for the multiple domain scenario, perform the following
tasks:
1
Ensure that the domain forest function is in Native or Windows 2003
mode.
2
Create two Association Objects, AO1 (of Universal scope) and AO2, in any
domain. The figure shows the objects in Domain2.
3
Create two RCS Device Objects, RCS1 and RCS2, to represent the two
Remote Console Switches.
4
Create two Privilege Objects, Priv1 and Priv2, in which Priv1 has all
privileges (administrator) and Priv2 has login privileges.
5
Group user1 and user2 into Group1. The group scope of Group1 must be
Universal.
6
Add Group1 as Members in Association Object 1 (AO1), Priv1 as Privilege
Objects in AO1, and RCS1, RCS2 as RCS Devices in AO1.
User1
User2
User3
RCS1
RCS2
Group1
Priv1
Priv2
AO1
AO2
Domain 2
Domain 1