Installation Manual

Configuring iDRAC6 for Single Sign-On or Smart Card Login 189
Using Microsoft Active Directory SSO
The SSO feature enables you to log into the iDRAC6 directly after logging
into your workstation without entering your domain user authentication
credentials, such as user name and password. To log into the iDRAC6 using
this feature, you should have already logged into your system using a valid
Active Directory user account. Also, you should have configured the user
account to log into the iDRAC6 using the Active Directory credentials. The
iDRAC6 uses the cached Active Directory credentials to log you in.
You can enable iDRAC6 to use Kerberos—a network authentication
protocol—to enable SSO. For more information, see "About Kerberos
Authentication" on page 185. Ensure that you have performed the steps listed
in the "Prerequisites for Active Directory SSO and Smart Card
Authentication" on page 186 section before configuring iDRAC6 for SSO
logon.
Configuring iDRAC6 to Use SSO
Perform the following steps to configure iDRAC6 for SSO using iDRAC Web
interface:
1
Log in to iDRAC Web interface.
2
Go to
iDRAC Settings
Network/Security
tab
Directory Service
tab
Microsoft
Active Directory
.
3
Click
Configure Active Directory
. The
Active Directory Configuration
and Management Step 1 of 4
page is displayed.
4 Upload the keytab obtained from the Active Directory root domain,
to the iDRAC6. To do this,
under
Upload Kerberos Keytab
, type the path
of the keytab file or click
Browse
to locate the file. Click
Upload
. The
Kerberos keytab will be uploaded into iDRAC6. The keytab is the same file
you created while performing the tasks listed in the "Prerequisites for
Active Directory SSO and Smart Card Authentication" on page 186.
5
Click
Next
. The
Active Directory Configuration and Management
Step 2
of 4
page is displayed.
6
Select
Enable Single Sign-On
to enable SSO login.