Filter
Top Products
Using the iDRAC6 Directory Service 149
Identifiers (OIDs) so that when companies add extensions to the schema,
they can be guaranteed to be unique and not to conflict with each other.
To extend the schema in Microsoft's Active Directory, Dell received unique
OIDs, unique name extensions, and uniquely linked attribute IDs for the
attributes and classes that are added into the directory service.
Dell extension: dell
Dell base OID: 1.2.840.113556.1.8000.1280
RAC LinkID range:12070 to 12079
Overview of the iDRAC Schema Extensions
To provide the greatest flexibility in the multitude of customer environments,
Dell provides a group of properties that can be configured by the user
depending on the desired results. Dell has extended the schema to include an
Association, Device, and Privilege property. The Association property is used
to link together the users or groups with a specific set of privileges to one or
more iDRAC devices. This model provides an Administrator maximum
flexibility over the different combinations of users, iDRAC privileges, and
iDRAC devices on the network without adding too much complexity.
Active Directory Object Overview
For each physical iDRAC on the network that you want to integrate with
Active Directory for Authentication and Authorization, create at least one
Association Object and one iDRAC Device Object. You can create multiple
Association Objects, and each Association Object can be linked to as many
users, groups of users, or iDRAC Device Objects as required. The users and
iDRAC user groups can be members of any domain in the enterprise.
However, each Association Object can be linked (or, may link users, groups of
users, or iDRAC Device Objects) to only one Privilege Object. This example
allows an Administrator to control each user’s privileges on specific iDRACs.
The iDRAC Device object is the link to the iDRAC firmware for querying
Active Directory for authentication and authorization. When a iDRAC is
added to the network, the Administrator must configure the iDRAC and its
device object with its Active Directory name so users can perform
authentication and authorization with Active Directory. Additionally, the
Administrator must add the iDRAC to at least one Association Object in
order for users to authenticate.