LDAP Feature for the Remote Console Switch : Frequently Asked Questions

Frequently Asked Questions
Table 9‑3 lists frequently asked questions and answers.
 
Table 9 3. Using the RCS with Active Directory: FAQ
Can I log into the Remote Console Switch using Active Directory across multiple forests?
The RCS Active Directory query algorithm only supports a single tree in a single forest.
Does the login to the Remote Console Switch using Active Directory work in mixed mode (that is, the domain controllers in the forest run different operating systems, such as Microsoft Windows NT® 4.0, Windows 2000, or Windows Server 2003)?
Yes. In mixed mode, all objects used by the Remote Console Switch querying process (among user, SIP Device Object, and Association Object) have to be in the same domain.
The Dell-extended Active Directory Users and Computers snap-in checks the mode and limits users in order to create objects across domains if in mixed mode.
Does using the Remote Console Switch with Active Directory support multiple domain environments?
Yes. The domain forest function level must be in Native mode or Windows 2003 mode. In addition, the groups among Association Object, Remote Console Switch user objects, and SIP Device Objects (including Association Object) must be universal groups.
Can these Dell-extended objects (Dell Association Object, Dell Remote Console Switch Device, and Dell Privilege Object) be in different domains?
The Association Object and the Privilege Object must be in the same domain. The Dell-extended Active Directory Users and Computers snap-in forces you to create these two objects in the same domain. Other objects can be in different domains.
Yes. All Active Directory servers’ SSL certificates in the forest must be signed by the same root CA since Remote Console Switch only allows uploading one trusted CA SSL certificate.
What can I do if I cannot log into the Remote Console Switch using Active Directory authentication? How do I troubleshoot the issue?
Ensure that you have checked the Enable Active Directory check box (Remote Console Switch Software) or the Use LDAP Authentication check box (on-board web interface) on the Remote Console Switch Active Directory configuration page.
Ensure that the DNS setting is correct on the Remote Console Switch Networking configuration page.
Ensure Network Time Protocol is enabled on at least one server specified on the NTP panel.
Ensure that you have uploaded the Active Directory certificate from your Active Directory root CA to the Remote Console Switch.
Check the Domain Controller SSL certificates to ensure that they have not expired.
Ensure that your "Remote Console Switch Name", "Root Domain Name", and "Remote Console Switch Domain Name" match your Active Directory environment configuration.
Ensure that you use the correct user domain name during a login and not the NetBIOS name.