Enabling Kerberos Authentication 171
1
Log into your system using a valid Active Directory account.
2
Provide the iDRAC6 name in the address bar of your browser in the
following format:
https://idracname.domainname.com
(for example,
https://idrac–test.domain.com
).
NOTE: Depending on your browser settings, you may be prompted to
download and install single sign-on plug-in when using this feature for the
first time.
NOTE: For SSO, if you are using Internet Explorer, go to Tools→ Internet
Options→ Security tab→ Local Intranet→ click Sites→ click Advanced and then
add an entry *.domain.com to the zone. If you are using Firefox, type
about:config, and then add domain.com for the properties network.negotiate-
auth.delegation-uris and network.negotiate-auth.trusted-uris.
You are logged into iDRAC6 with appropriate Microsoft Active Directory
privileges if:
• You are a Microsoft Active Directory user
• You are configured in iDRAC6 for Active Directory login
• iDRAC6 is enabled for Kerberos Active Directory authentication
Configuring Active Directory Users for Smart
Card Logon
Before using the Active Directory Smart Card logon feature, ensure that
you have already configured iDRAC6 for Active Directory login and the user
account that has been issued the Smart Card has been enabled for iDRAC6
Active Directory login.
Also ensure that you have enabled the Active Directory logon setting. You
must also enable iDRAC6 to be a kerberized service by uploading a valid
keytab file obtained from the Active Directory root domain, to iDRAC6.
NOTE: The Smart Card based Two Factor Authentication (TFA) and the single sign-
on (SSO) features are not supported if the Active directory is configured for
Extended schema. Further, both the Smart Card based TFA and Single Sign–on are
supported on Microsoft Windows operating systems with Internet Explorer
®
. Smart
Card based TFA is not supported on Firefox browsers whereas Single Sign–on to
iDRAC6 is supported on Firefox browsers.
To Next Page
Loading...
Need help?
General
