For each of the systems that you want to integrate with
Active Directory for authentication and authorization, there must
be at least one Association Object and one Product Object. The Product
Object represents the system. The Association Object links it with
users and privileges. You can create as many Association Objects as
you need.
Each Association Object can be linked to as many users, groups
of users, and Product Objects as required. The users and Product Objects
can be from any domain. However, each Association Object may only
link to one Privilege Object. This behavior allows an administrator
to control users and their rights on specific systems.
The Product Object links the system to Active Directory for authentication
and authorization queries. When a system is added to the network,
the administrator must configure the system and its product object
with its Active Directory name so that users can perform authentication
and authorization with Active Directory. The administrator must also
add the system to at least one Association Object for users to authenticate.
The following figure illustrates that the Association Object provide
the connection that is needed for all of the authentication and authorization.
Figure 1. Typical Setup
for Active Directory Objects
In addition, you can set up Active Directory objects in a single
domain or in multiple domains. Setting up objects in a single domain
does not vary, whether you are setting up RAC, or Server Administrator
objects. When multiple domains are involved, however, there are some
differences.
The following figure shows the set up of the Active Directory objects
in a single domain. In this scenario, you have two DRAC 4 cards (RAC1
and RAC2) and three existing Active Directory users (User1, User2,
and User3). You want to give User1 and User2 administrator privilege
on both DRAC 4 cards and give User3 login privilege on the RAC2 card.
Figure 2. Setting Up RAC
Active Directory Objects in a Single Domain
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\