DRAC Authentication

Bas van der Vlies basv at sara.nl
Mon Feb 23 10:46:56 CST 2009


Jared wrote:
> Well, for me it's not a matter of one vs. the other, but rather both
> options would be useful.  I'd like to manage authentication via LDAP so
> that, for normal and routine maintenance, administration is done via
> named accounts, which gives us a proper audit trail and accountability
> for our various admins.  This is, by far, the biggest reason I want I
> want to manage this using a central directory.
> 
> As for your point about possible network outages, etc., that's certainly
> a valid concern.  I wouldn't disable the built-in root/admin account,
> and would still keep it up to date with the password reset script I
> mentioned, but it'd only exist for emergency purposes only.  Eg., if and
> only if you couldn't login to the DRAC using your standard named admin
> account, then you would use the built-in local admin account.
> 
> I just have issues using shared admin accounts; no accountability  =
> easy to abuse.

I totally agree and i hope that the "DRAC-team" will add LDAP as
authentication method.

Regards

>
-- 
********************************************************************
*  Bas van der Vlies                    e-mail: basv at sara.nl       *
*  SARA - Academic Computing Services   Amsterdam, The Netherlands *
********************************************************************



More information about the Linux-PowerEdge mailing list