In any Remote Console Switch installation, any user privilege allows the user to launch the Appliance Management Panel (AMP). The AMP functionality for that user is limited by the User Privilege level established in the Remote Console Switch. LDAP with Dell Extended Schema adds an extra level of security to appliance management by allowing administrators to limit a user's access to the AMP.Authorization to use the AMP is defined by whether User Privilege level is or is not configured in the KVM Appliance Privileges tab of the Dell Privilege Object (DPO). The Console Redirection Access checkbox in the KVM SIP Privileges tab of the DPO provides the means for a user who cannot view the AMP to launch Video Viewer sessions to a subset of SIPs through the RCS Client. This authorization is controlled by a combination of the configuration parameters set in the DPO and the SIP Objects contained in the Dell Association Object (DAO).If you do not wish a user to have authorization to access the AMP, but you do wish them to be able to launch viewer sessions from the RCS Client, perform the following steps:
3 Create a DPO. Do not check any of the three boxes on the “KVM Appliance Privileges” tab. Check the Console Redirection Access box on the “KVM SIP Privileges” tab.
NOTE: If you check any of the KVM Appliance Privileges check boxes and you check the Console Redirection Access box, the normal User Privileges associated with the privilege level checked in the KVM Appliance Privileges box will take precedence over the Console Redirection Access checkbox, and the user will still be able to view the AMP.