Filter
Top Products
Configuring iDRAC6 for Single Sign-On or Smart Card Login 201
SSO login fails with AD users on Windows 7 and Windows Server 2008 R2.
What should I do to resolve this?
You must enable the encryption types for Windows 7 and Windows Server
2008 R2. To enable the encryption types:
1
Log in as administrator or as a user with adminstrative privilege.
2
Go to
Start
and run
gpedit.msc
. The
Local Group Policy Editor
window is
displayed.
3
Navigate to
Local Computer Settings
Windows Settings
Security
Settings
Local Policies
Security Options
.
4
Right-click
Network Security: Configure encryption types allowed for
kerberos
and select
Properties
.
5
Enable all the options.
6
Click
OK
.
You can now log in to iDRAC using SSO.
Perform the following additional settings for Extended Schema:
1
In the
Local Group Policy Editor
window, navigate to
Local Computer
Settings
Windows Settings
Security Settings
Local Policies
Security Options
.
2
Right-click
Network Security: Restrict NTLM: Outgoing NTLM traffic
to remote server
and select
Properties
.
3
Select
Allow all
.
4
Click
OK
and then close the
Local Group Policy Editor
window.
5
Go to
Start
and run
cmd
. The
command prompt
window is displayed.
6
Run the command
gpupdate /force
. The group policies are updated.
Close the
command prompt
window.
7
Go to
Start
and run
regedit
. The
Registry Editor
window is displayed.
8
Navigate to
HKEY_LOCAL_MACHINE
System
CurrentControlSet
Control
LSA
.
9
In the right-pane, right-click and select
New
DWORD (32-bit) Value
.
10
Name the new key as
SuppressExtendedProtection
.
11
Right-click
SuppressExtendedProtection
and click
Modify.
12
In the
Value data
field, type
1
and click
OK
.