Dell KVM 1082DS User Manual

LDAP Feature for the RCS

xxx

|

xxx

139

Dell Extended Schema Active Directory Object Overview

For each of the physical RCSs on the network that you want to integrate with
Active Directory for Authentication and Authorization, you must create at least
one RCS Device Object to represent the physical switch and one Association
Object. The Association object is used to link together the users or groups with
a specific set of privileges to one or more SIPs. This model provides an
Administrator maximum flexibility over the different combinations of users,
RCS privileges, and SIPs on the Remote Console Switch without adding too
much complexity

The RCS Device Object is the link to the RCS for querying Active Directory for
authentication and authorization. When a RCS is added to the network, the
Administrator must configure the RCS and its device object with its Active
Directory name so that users can perform authentication and authorization with
Active Directory. The Administrator will also need to add the Remote Console
Switch to at least one Association Object in order for users to authenticate.

You can create as many Association Objects as you want, and each Association
Object can be linked to as many users, groups of users, or RCS Device Objects
as desired. The users and RCS Device Objects can be members of any domain
in the enterprise.

However, each Association Object may be linked (or, may link users, groups of
users, or RCS Device Objects) to only one Privilege Object. A Privilege Object
allows an Administrator to control which users have what kind of privileges on
specific SIPs.

The following figure illustrates that the Association Object provides the
connection that is needed for all of the Authentication and Authorization.

Figure 5.11: Typical Setup for Active Directory Objects