Standard schema versus dell extended schema – Dell KVM 2321DS User Manual

142

LDAP Feature for the Remote Console Switch

used to associate specific access control information with specific instances of

Dell Remote Console Switches and Users. In this case, access control

information is stored in a specific attribute type in the Group object.
The hierarchical structures present in AD can complicate your ability to access

information stored in the directory objects. To avoid potential delays

associated with navigation of the hierarchies, the suite of Dell Remote Console

Switches is designed to use an aspect of AD known as the Global Catalog (GC).

The GC provides a “quick look-up” service by providing access to a subset of

the data stored in the complete AD database and by “collapsing” all of the

hierarchies and geographic distribution into a single relatively flat structure.

The GC is queried using the same LDAP directory queries that work on the

complete AD database. The AD product requires at least one of the Domain

Controllers in an enterprise to also be configured to provide GC services and

actual deployments of AD can have any or all of the Domain Controllers

configured to provide GC services. The suite of Dell Remote Console Switches

uses DNS to determine the network coordinates of each GC server so that the

Dell Remote Console Switches can gracefully handle situations where some

GC servers are not available on the network. DNS SRV records are used for this

purpose so that the Dell Remote Console Switches always attempt to contact

alternative GC servers at the “nearest” site first, depending on the

administrative settings configured in the SRV records.

Standard Schema versus Dell Extended Schema

To provide the greatest flexibility in the multitude of customer environments,

Dell provides a group of objects that can be configured by the user depending

on the desired results. Dell has extended the schema to include an

Association, Device, and Privilege object. The Association object is used to

link together the users or groups with a specific set of privileges to one or more

SIPs. The Device Object defines the individual Remote Console Switches

within the Active Directory structure and the privilege object is linked to

device objects via association objects to assign usage permissions.
This model provides an Administrator maximum flexibility over the different

combinations of users, privileges, and SIPs on the Remote Console Switch

without adding too much complexity.
Before installing the Dell Schema Extensions, Administrators should read

through the descriptions and instructions within this chapter to determine

which schema is right for their particular installation. Altering a schema