Support User Manuals

Dell 2 Biscuit Joiner User Manual

Open as PDF

of 231

racadm config -g cfgStandardSchema -i <index> -o

cfgSSADRoleGroupPrivilege <Bit Mask Value for specific RoleGroup

permissions>

racadm config -g cfgActiveDirectory -o cfgADDomainController1 <fully

qualified domain name or IP address of the domain controller>

racadm config -g cfgActiveDirectory -o cfgADDomainController2 <fully

qualified domain name or IP address of the domain controller>

racadm config -g cfgActiveDirectory -o cfgADDomainController3 <fully

qualified domain name or IP address of the domain controller>

NOTE: Enter the FQDN of the domain controller, not the FQDN of the domain. For example,

enter servername.dell.com instead of dell.com.

NOTE:

At least one of the three addresses is required to be configured. CMC attempts to connect

to each of the configured addresses one-by-one until it makes a successful connection.

With Standard Schema, these are the addresses of the domain controllers where the user

accounts and the role groups are located.

racadm config -g cfgActiveDirectory -o cfgADGlobalCatalog1 <fully

qualified domain name or IP address of the domain controller>

racadm config -g cfgActiveDirectory -o cfgADGlobalCatalog2 <fully

qualified domain name or IP address of the domain controller>

racadm config -g cfgActiveDirectory -o cfgADGlobalCatalog3 <fully

qualified domain name or IP address of the domain controller>

NOTE:

The Global Catalog server is only required for standard schema when the user accounts and

role groups are in different domains. In multiple domain case, only the Universal Group can

be used.

NOTE:

The FQDN or IP address that you specify in this field should match the Subject or Subject

Alternative Name field of your domain controller certificate if you have certificate validation

enabled.

If you want to disable the certificate validation during the SSL handshake, run the following RACADM

command:

• Using the config command: racadm config -g cfgActiveDirectory -o

cfgADCertValidationEnable 0

In this case, you do not have to upload the Certificate Authority (CA) certificate.

To enforce the certificate validation during SSL handshake (optional):

• Using the config command: racadm config -g cfgActiveDirectory -o

cfgADCertValidationEnable 1

In this case, you must upload the CA certificate using the following RACADM command:

racadm sslcertupload -t 0x2 -f <ADS root CA certificate>

129

previous next