As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option available to users is information handling systems. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in information handling systems allow for information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, information handling systems may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
Networked information handling systems often use directory services, such as Windows Active Directory (AD). A directory service, sometimes also known as name service, maps the names of network resources to their respective network addresses. Using a directory service, a user does not have to remember the physical address of a network resource; providing a name locates the resource. A directory server is a server which provides directory service. Typically, each resource on a network is considered an object on the directory server. Information about a particular resource may be stored as attributes of that object. In some directory services, information within objects can be made secure so that only users with the available permissions can access it.
In addition, information handling systems may often include host management controllers (HMCs) and chassis management controllers (CMCs). A host management controller may include a system integral to an information handling system which is configured to provide out-of-band management facilities for management of an information handling system. A chassis management controller may include a system integral to a chassis housing a plurality of modular information handling systems which is configured to provide chassis-level management of a chassis.
Using traditional approaches, a directory service typically creates a device object for each host management controller and chassis management controller within a network. In order to support various access privileges, each such device object is also typically associated with one or more association objects, each of which associates the device object to users/user groups with access to the device object as well as a privilege object defining the access level of such users/user groups to the device object.
Under such approaches, the number of device objects may become remarkably large as an organization adds host management controllers and chassis management controllers to its enterprise network, as a device object is created for each new management controller. Accordingly, in large organizations, a special organizational unit (OU) must often be created solely for management of management controllers. Further, a directory service object creation privilege must be delegated to a special service account or group for such organization unit so that such special service account or group can manage dynamic device creation under such organizational unit. In addition, as information handling systems are decommissioned, their associated management controller device objects must all be destroyed. Thus, management of directory service device objects comes with a high degree of management complexity and cost.