What are the details on extending the schema for Active Directory integration into Out of Band Management?
Taken from Intel's documentation:
As a brief explanation, Active Directory allows dividing a domain into substructures called organizational units (OUs). OUs are container objects that can be nested within other OUs. An OU can contain users, groups, and other OUs. OUs are part of the Active Directory scheme for managing privileges and accesses. One of the parameters that must be specified for each Intel AMT device before it can be set up in an AD environment is the OU where it will be installed.
The OU created for holding AMT objects does not need special privileges. However, if the SCS user does not have sufficient permissions to add users to Active Directory, the SCS will not be able to add new entries to the OU. The SCS user needs “Create/Delete Intel-Management-Engine objects” permission in the OU as well as full control over Intel-Management-Engine object.
Schema extension operation creates a new class, Intel-Management-Engine, based on the AD computer object, with the following new attributes:
When the SCS performs setup for an Intel AMT device, the SCS service:
here is some preparation that should be done before the integration with AD can be used.
Here the simple configuration (without SSL authentication for AMT devices)
Seems that is all preparation that is necessary for use the simple AD integration Mode.Associated screenshots: