Figure 1. Configuration of iDRAC with Active Directory Standard Schema
In Active Directory, a standard group object is used as a role group. A user who has iDRAC access is a
member of the role group. To give this user access to a specific iDRAC, the role group name and its
domain name need to be configured on the specific iDRAC. The role and the privilege level is defined on
each iDRACand not in the Active Directory. You can configure up to five role groups in each iDRAC. Table
reference no shows the default role group privileges.
Table 14. Default Role Group Privileges
Role Groups Default Privilege Level Permissions Granted Bit Mask
Role Group 1 None Login to iDRAC,
Configure iDRAC,
Configure Users, Clear
Logs, Execute Server
Control Commands,
Access Virtual Console,
Access Virtual Media,
Test Alerts, Execute
Diagnostic Commands
Role Group 2 None Login to iDRAC,
Configure iDRAC,
Execute Server Control
Commands, Access
Virtual Console, Access
Virtual Media, Test
Alerts, Execute
Diagnostic Commands
Role Group 3 None Login to iDRAC 0x00000001
Role Group 4 None No assigned permissions 0x00000000
Role Group 5 None No assigned permissions 0x00000000