Chapter 7: User Management125Once the test is completed, a message will be displayed that lets youknow the test was successful or, if the test failed, a detailed errormessage will be displayed. It will display successful result or detailerror message in failure case. It also can display group informationretrieved from remote LDAP server for the test user in case ofsuccess.Returning User Group Information from Active Directory ServerThe Dominion KX II supports user authentication to Active Directory®(AD) without requiring that users be defined locally on the Dominion KXII. This allows Active Directory user accounts and passwords to bemaintained exclusively on the AD server. Authorization and AD userprivileges are controlled and administered through the standardDominion KX II policies and user group privileges that are applied locallyto AD user groups.IMPORTANT: If you are an existing Raritan, Inc. customer, and havealready configured the Active Directory server by changing the ADschema, the Dominion KX II still supports this configuration andyou do not need to perform the following operations. See Updatingthe LDAP Schema for information about updating the ADLDAP/LDAPS schema.To enable your AD server on the Dominion KX II:1. Using the Dominion KX II, create special groups and assign properpermissions and privileges to these groups. For example, creategroups such as KVM_Admin and KVM_Operator.2. On your Active Directory server, create new groups with the samegroup names as in the previous step.3. On your AD server, assign the Dominion KX II users to the groupscreated in step 2.4. From the Dominion KX II, enable and configure your AD serverproperly. See Implementing LDAP/LDAPS Remote Authentication.Important Notes: