14.
Upload the certificate you saved in step 13 to iDRAC.
Importing iDRAC firmware SSL certificate
iDRAC SSL certificate is the identical certificate used for iDRAC Web server. All iDRAC controllers are shipped with a default self-
signed certificate.
If the Active Directory Server is set to authenticate the client during an SSL session initialization phase, you need to upload iDRAC
Server certificate to the Active Directory Domain controller. This additional step is not required if the Active Directory does not
perform a client authentication during an SSL session’s initialization phase.
NOTE: If your system is running Windows 2000, the following steps may vary.
NOTE: If iDRAC firmware SSL certificate is CA-signed and the certificate of that CA is already in the domain controller's
Trusted Root Certificate Authority list, do not perform the steps in this section.
To import iDRAC firmware SSL certificate to all domain controller trusted certificate lists:
1.
Download iDRAC SSL certificate using the following RACADM command:
racadm sslcertdownload -t 0x1 -f <RAC SSL certificate>
2.
On the domain controller, open an
MMC Console
window and select
Certificates
→
Trusted Root Certification Authorities
.
3.
Right-click
Certificates
, select
All Tasks
and click
Import
.
4.
Click
Next
and browse to the SSL certificate file.
5.
Install iDRAC SSL Certificate in each domain controller’s
Trusted Root Certification Authority
.
If you have installed your own certificate, make sure that the CA signing your certificate is in the
Trusted Root Certification
Authority
list. If the Authority is not in the list, you must install it on all your domain controllers.
6.
Click
Next
and select whether you want Windows to automatically select the certificate store based on the type of certificate,
or browse to a store of your choice.
7.
Click
Finish
and click
OK
. The iDRAC firmware SSL certificate is imported to all domain controller trusted certificate lists.
Supported Active Directory authentication mechanisms
You can use Active Directory to define iDRAC user access using two methods:
•
Standard schema
solution, which uses Microsoft’s default Active Directory group objects only.
•
Extended schema
solution, which has customized Active Directory objects. All the access control objects are maintained in
Active Directory. It provides maximum flexibility to configure user access on different iDRACs with varying privilege levels.
Related links
Standard schema Active Directory overview
Extended schema Active Directory overview
Standard schema Active Directory overview
As shown in the following figure, using standard schema for Active Directory integration requires configuration on both Active
Directory and iDRAC.
132
Содержание iDRAC 7
Страница 1: ...iDRAC 8 7 v2 40 40 40 User s Guide ...
Страница 108: ...For more information see the iDRAC RACADM Command Line Interface Reference Guide available at dell com idracmanuals 108 ...
Страница 268: ...By default the logs are available at Event viewer Applications and Services Logs System 268 ...