User's Manual
Using the DRAC 4 With Microsoft Active Directory 131
4
Install the RAC SSL Certificate in each domain controller’s
Trusted Root
Certification Authority
.
If you have installed your own certificate, ensure that the CA signing your
certificate is in the
Trusted Root Certification Authority
list. If the
Authority is not in the list, you must install it on all your Domain
Controllers.
5
Click
Next
and select whether you would like Windows to automatically
select the certificate store based on the type of certificate, or browse to a
store of your choice.
6
Click
Finish
and click
OK
.
Using Active Directory to Log In to the DRAC 4
You can use Active Directory to log in to the DRAC 4 through the Web-based
interface, remote racadm, or the serial or telnet console.
The login syntax is consistent for all three methods:
<username@domain> or <domain>\<username> or
<domain>/<username>
where <username> is an ASCII string of 1–256 bytes. No white space and
no special characters (such as \, /, or @) are allowed in either the user name or
the domain name.
NOTE: You cannot specify NetBIOS domain names, such as Americas, since those
names cannot be resolved.
4096-Bit Key Encryption
DRAC 4 firmware version 1.40 and later support 4096-bit key encryption
between the managed system and the Active Directory server—a practice that
is recommended by Microsoft.
In the standard Active Directory environment, the user name and password is
authenticated by exchanging user information between Active Directory
systems in a corporate network. In firmware 1.40 and later, user authentication
is achieved by exchanging user information and the CA certificate directly
between the DRAC 4 card and the Active Directory system using 4096-bit key
encryption. The Active Directory server transmits a trusted CA certificate to