Standard schema active directory overview – Dell POWEREDGE M1000E User Manual
Page 128
Supported Active Directory Authentication Mechanisms
You can use Active Directory to define CMC user access using two methods:
•
Standard schema
solution that uses Microsoft’s default Active Directory group objects only.
•
Extended schema
solution that has customized Active Directory objects provided by Dell. All the access control
objects are maintained in Active Directory. It provides maximum flexibility to configure user access on different
CMCs with varying privilege levels.
Related Links
Standard Schema Active Directory Overview
Extended Schema Active Directory Overview
Standard Schema Active Directory Overview
As shown in the following figure, using standard schema for Active Directory integration requires configuration on both
Active Directory and CMC.
In Active Directory, a standard group object is used as a role group. A user who has CMC access is a member of the role
group. To give this user access to a specific CMC card, the role group name and its domain name need to be configured
on the specific CMC card. The role and the privilege level is defined on each CMC card and not in the Active Directory.
You can configure up to five role groups in each CMC. The following table shows the default role group privileges.
Table 21. : Default Role Group Privileges
Role Group
Default Privilege Level
Permissions Granted
Bit Mask
1
None
•
CMC Login User
•
Chassis Configuration
Administrator
•
User Configuration
Administrator
•
Clear Logs
Administrator
•
Chassis Control
Administrator (Power
Commands)
0x00000fff
128