Dell OpenManage Server Administrator Version 6.2 Manual

Dell™ OpenManage™
Server Administrator Version 6.2
User’s Guide
www.dell.com | support.dell.com
Notes and Cautions
NOTE: A NOTE indicates important information that helps you make better use of
your computer.
CAUTION: A CAUTION indicates either potential damage to hardware or loss of
data and tells you how to avoid the problem.
____________________
Information in this document is subject to change without notice. © 2009 Dell Inc. All rights reserved.
Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden.
Trademarks used in this text: Dell, the DELL logo, PowerEdge, PowerVault, and OpenManage are trademarks of Dell Inc.; Microsoft, Windows, Internet Explorer, Active Directory, Windows Server, and W indows NT are either trademarks or regist ered trademarks of Microsoft Corporation in the United States and/or other countries; Java is a trademark or registered trademark of Sun Microsystems, Inc. in the U.S. and other countries; Novell and SUSE are registered trademarks of Novell, Inc. in the United States and other countries; Intel and Pentium are registered trademarks and Intel386 is a trademark of Intel Corporation; Red Hat and Red Hat Enterprise Linux are registered trademarks of Red Hat, Inc. in the United States and other countries; UNIX is a registered trademark of The Open Group in the United States and other countries.
Server Administrator includes software developed by the Apache Software Foundation (www.apache.org). Server Administrator utilizes the Ov erLIB JavaScript library. This library can be obtained from www.bosrup.com.
Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own.
December 2009
Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . 9
Overview . . . . . . . . . . . . . . . . . . . . . . . . . 9
What’s New in Version 6.2 . . . . . . . . . . . . . . . 11
Installation
Updating Individual System Components
. . . . . . . . . . . . . . . . . . . . . . 9
. . . . . 10
Storage Management Service . . . . . . . . . . . 10
Instrumentation Service
Remote Access Controller
. . . . . . . . . . . . . . 10
. . . . . . . . . . . . . 11
Logs . . . . . . . . . . . . . . . . . . . . . . . . 11
Availability on Supported Operating Systems
Server Administrator Home Page
Other Documents You Might Need
. . . . . . . . . . . . 13
. . . . . . . . . . . 14
. . . . . 13
Obtaining Technical Assistance . . . . . . . . . . . . 16
2 Setup and Administration . . . . . . . . . . . . 17
Security Management . . . . . . . . . . . . . . . . . . 17
Role-Based Access Control
Authentication
. . . . . . . . . . . . . . . . . . . 18
Microsoft Windows Authentication
Red Hat Enterprise Linux and SUSE Linux Enterprise Server Authentication
VMware ESX server 3 and 4
VMware ESX server 3i and 4i
. . . . . . . . . . . . 17
. . . . . . . . 19
. . . . . . . . . 19
. . . . . . . . . . . . 19
. . . . . . . . . . . 19
Contents 3
Encryption . . . . . . . . . . . . . . . . . . . . . 20
Assigning User Privileges
. . . . . . . . . . . . . . . . 20
Creating Server Administrator Users for Supported Red Hat Enterprise Linux and SUSE Linux Enterprise Server Operating Systems
. . . . . . . . . . . . . 21
Editing Server Administrator User Privileges on Linux Operating Systems
. . . . . . . . . . . . . . 22
Creating Server Administrator Users for VMware
ESX Server 3 and 3i . . . . . . . . . . . . . . . . . 24
Creating Server Administrator Users for VMware
ESX Server 4 and 4i . . . . . . . . . . . . . . . . . 25
Disabling Guest and Anonymous Accounts in Supported Windows Operating Systems
. . . . . . . . . . . . . . 25
Configuring the SNMP Agent . . . . . . . . . . . . . . 25
Configuring the SNMP Agent for Systems Running Supported Windows Operating Systems
. . . . . . 27
Configuring the SNMP Agent on Systems Running Supported Red Hat Enterprise Linux and VMware
ESX 4.0 Operating Systems . . . . . . . . . . . . . 30
Configuring the SNMP Agent on Systems Running Supported SUSE Linux Enterprise Server and
VMware ESX 3.5 Operating Systems . . . . . . . . 33
Configuring the SNMP Agent on Systems Running Supported VMware ESX 4.0 Operating Systems to Proxy VMware MIBs
. . . . . . . . . . . . . . . . 37
Configuring the SNMP Agent on Systems Running Supported VMware ESXi 4.0 Operating Systems . 39
3 Using Server Administrator . . . . . . . . . . . 43
4 Contents
Firewall Configuration on Systems Running Supported Red Hat Enterprise Linux Operating Systems and SUSE Linux Enterprise Server
. . . . . . . . . . . . . . . . . 40
Starting Your Server Administrator Session . . . . . . 43
Logging In and Out . . . . . . . . . . . . . . . . . . . 43
Server Administrator Local System Login
. . . . . 43
Server Administrator Managed System Login . . . 44
Central Web Server Login
Single Sign-On
. . . . . . . . . . . . . . . . . . . 46
. . . . . . . . . . . . . 45
Configuring Security Settings on Systems Running a Supported Microsoft Windows Operating System 47
The Server Administrator Home Page
. . . . . . . . . 48
Server Administrator User Interface Differences Across Modular and Non-Modular Systems
Global Navigation Bar
. . . . . . . . . . . . . . . 52
. . . 51
System Tree . . . . . . . . . . . . . . . . . . . . 53
Action Window
Using the Online Help
. . . . . . . . . . . . . . . . . . . 53
. . . . . . . . . . . . . . . . . . 55
Using the Preferences Home Page . . . . . . . . . . . 56
Managed System Preferences
. . . . . . . . . . . 57
Server Administrator Web Server Preferences . . 57
Server Administrator Web Server Action Tabs
. . . . . 61
Controlling Server Administrator . . . . . . . . . . . . 62
Starting Server Administrator
Stopping Server Administrator
Restarting Server Administrator
Using the Server Administrator Command Line Interface
. . . . . . . . . . . 62
. . . . . . . . . . . 62
. . . . . . . . . . 63
63
4 Server Administrator Services . . . . . . . . 65
Managing Your System . . . . . . . . . . . . . . . . . 66
Managing System/Server Module Tree Objects
. . . . 66
Contents 5
Server Administrator Home Page System Tree Objects 67
Unsupported Features in OpenManage Server Administrator
Modular Enclosure
System/Server Module
. . . . . . . . . . . . . . . . . . . . 67
. . . . . . . . . . . . . . . . . 68
. . . . . . . . . . . . . . . 69
Managing Preferences: Home Page Configuration Options
. . . . . . . . . . . . . . . . . . . . . . . . . . 87
General Settings
. . . . . . . . . . . . . . . . . . 87
Server Administrator . . . . . . . . . . . . . . . . 88
5 Working With Remote Access Controller 89
Overview . . . . . . . . . . . . . . . . . . . . . . . . . 89
6 Server Administrator Logs . . . . . . . . . . 101
6 Contents
Viewing Basic Information
. . . . . . . . . . . . . . . 91
Configuring the Remote Access Device to use a LAN Connection
. . . . . . . . . . . . . . . . . . . . . 92
Configuring the Remote Access Device to use a Serial Port Connection
. . . . . . . . . . . . . . . . . 94
Configuring the Remote Access Device to use a Serial Over LAN Connection
Additional Configuration for iDRAC
Configuring Remote Access Device Users
. . . . . . . . . . . . . . 95
. . . . . . . . . . . 96
. . . . . . . 96
Setting Platform Event Filter Alerts . . . . . . . . . . . 97
Setting Platform Event Alert Destinations
. . . . . 99
Overview . . . . . . . . . . . . . . . . . . . . . . . . . 101
Integrated Features . . . . . . . . . . . . . . . . . . . 101
Log Window Task Buttons
. . . . . . . . . . . . . 101
Server Administrator Logs
Hardware Log
Alert Log
. . . . . . . . . . . . . . . . . . . . . . 103
. . . . . . . . . . . . . . . 102
. . . . . . . . . . . . . . . . . . . 102
Command Log . . . . . . . . . . . . . . . . . . . 104
7 Setting Alert Actions . . . . . . . . . . . . . . . 105
Setting Alert Actions for Systems Running Supported Red Hat Enterprise Linux and SUSE Linux Enterprise Server Operating Systems
. . . . . . . . . . . . . . . . 105
Setting Alert Actions in Microsoft Windows Server 2003, and Windows Server 2008
. . . . . . . . . . . . 106
Setting Alert Action Execute Application in Windows Server 2008
BMC/iDRAC Platform Events Filter Alert Messages
Understanding Service Names
. . . . . . . . . . . . . . . . . . . . . . . 107
. . 108
. . . . . . . . . . . . . 110
A Troubleshooting . . . . . . . . . . . . . . . . . . 111
Login Failure Scenarios . . . . . . . . . . . . . . . . . 111
Fixing a Faulty Server Administrator Installation on Supported Windows Operating Systems
OpenManage Server Administrator Services
. . . . . . . . 111
. . . . . 112
Contents 7
B Frequently Asked Questions . . . . . . . . . 117
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
8 Contents
1

Introduction

Overview

Dell™ OpenManage™ Server Administrator provides a comprehensive, one­to-one systems management solution in two ways: from an integrated, Web browser-based graphical user interface (GUI) and from a command line interface (CLI) through the operating system. Server Administrator is designed for system administrators to manage systems locally and remotely on a network. It allows system administrators to focus on managing their entire network by providing comprehensive one-to-one systems management.
For the purposes of Server Administrator, a system can be a stand-alone system, a system with attached network storage units in a separate chassis, or a modular system consisting of one or more server modules in a modular enclosure.
Server Administrator provides information about:
Systems that are operating properly and systems that have problems
Systems that require remote recovery operations.
Server Administrator provides easy-to-use management and administration of local and remote systems through a comprehensive set of integrated management services. Server Administrator is the sole installation on the system being managed and is accessible both locally and remotely from the Server Administrator home page. Remotely monitored systems may be accessed by dial-in, LAN, or wireless connections. Server Administrator ensures the security of its management connections through role-based access control (RBAC), authentication, and industry-standard secure socket layer (SSL) encryption.

Installation

You can install Server Administrator using the Dell Systems Management Tools and Documentation DVD. The DVD provides a setup program to install,
upgrade, and uninstall Server Administrator, managed system and
Introduction 9
management station software components. Additionally, you can install Server Administrator on multiple systems through an unattended installation across a network.
The Dell™ OpenManage™ installer provides installation scripts and RPM packages to install and uninstall Dell OpenManage Server Administrator and other managed system software components on your managed system. For more information, see the Dell OpenManage Server Administrator
Installation Guide and the Dell OpenManage Management Station Software Installation Guide. You can access these documents on the Dell Support
website at support.dell.com/manuals.
If you have a modular system, you must install Server Administrator on each server module installed in the chassis.

Updating Individual System Components

To update individual system components, use component-specific Dell Update Packages. Use the Dell Server Updates DVD to view the complete version report and to update an entire system. The Server Update Utility is a DVD-ROM–based application for identifying and applying updates to your system. The Server Update Utility can be downloaded from support.dell.com.
See the Server Update Utility User's Guide for more information about obtaining and using the Server Update Utility (SUU) to update your Dell Systems or to view the updates available for any systems listed in the Repository.

Storage Management Service

The Storage Management Service provides storage management information in an integrated graphical view.
For detailed information on the Storage Management Service, see the Dell OpenManage Server Administrator Storage Management User's Guide on the Dell Support website at support.dell.com/manuals.

Instrumentation Service

The Instrumentation Service provides rapid access to detailed fault and performance information gathered by industry-standard systems management agents and allows remote administration of monitored systems, including shutdown, startup, and security.
10 Introduction

Remote Access Controller

The Remote Access Controller provides a complete remote system management solution for systems equipped with Dell Remote Access Controller (DRAC) or baseboard management controller (BMC)/Integrated Dell Remote Access Controller (iDRAC) solution. The Remote Access Controller provides remote access to an inoperable system, allowing you to get the system up and running as quickly as possible. The Remote Access Controller also provides alert notification when a system is down and allows you to remotely restart a system. Additionally, the Remote Access Controller logs the probable cause of system crashes and saves the most recent crash screen.

Logs

Server Administrator displays logs of commands issued to or by the system, monitored hardware events, and system alerts. You can view logs on the home page, print or save them as reports, and send them by e-mail to a designated service contact.

What’s New in Version 6.2

These are the release highlights of OpenManage Server Administrator 6.2:
Support for reporting the health of Internal SD modules and vFlash media on new generation Dell systems.
Support for configuring boot order and adding/removing devices from boot list.
Support for configuring e-SATA port and Processor C1-E.
Support for Microsoft
Server Administrator Central Web Server support for Linux.
Support for Turkish language operating system.
Support for key signing algorithm.
®
Windows®
7.
NOTE: For the supported operating systems list, see the Dell Systems Software
Support Matrix located on the Dell Support website at support.dell.com/manuals.
NOTE: See the Server Administrator context sensitive online help for more
information on features introduced in this release.
Introduction 11
Systems Management Standards Availability
Overview
Dell™ OpenManage™ Server Administrator supports the following major systems management protocols:
HyperText Transfer Protocol Secure (HTTPS)
Common Information Model (CIM)
Simple Network Management Protocol (SNMP)
If your system supports SNMP, you must install and enable the service on your operating system. If SNMP services are available on your operating system, the Server Administrator installation program installs the supporting agents for SNMP.
HTTPS is supported on all operating systems. Support for CIM and SNMP is operating system dependent and, in some cases, operating system-version dependent.
For information on SNMP security concerns, see the Dell OpenManage Server Administrator readme file (packaged with the Server Administrator application) or on the Dell Support Website at support.dell.com/manuals. You must apply updates from your operating system's master SNMP agents to ensure that Dell's SNMP subagents are secure.
Availability on Supported Operating Systems
On supported Microsoft® Windows® operating systems, Server Administrator supports two systems management standards: CIM/WMI (Windows Management Instrumentation) and SNMP, while on supported Red Hat operating systems, Server Administrator supports the SNMP systems management standard.
Server Administrator adds considerable security to these systems management standards. All attributes set operations (for example, changing the value of an asset tag) must be performed with Dell OpenManage IT Assistant while logged in with the required authority.
12 Introduction
®
Enterprise Linux® and SUSE® Linux Enterprise Server

Availability on Supported Operating Systems

Table 1-1 shows the systems management standards that are available for each supported operating system.
Table 1-1. Systems Management Standards Availability
Operating System SNMP CIM
Windows Server Windows Server 2003 family
Red Hat Enterprise Linux Available in the net-snmp
SUSE Linux Enterprise Server Available in the net-snmp
VMware ESX 3.5 and 4.0 Available in the net-snmp
VMware ESXi 4.0 SNMP trap support available
®
2008 family and
Available from the operating system installation media
package from the operating system installation media
package from the operating system installation media
package installed by the operating system
NOTE: While ESXi supports
SNMP traps, it does not support hardware inventory through SNMP.
Always installed
Unavailable
Unavailable
Available
Available

Server Administrator Home Page

The Server Administrator home page provides easy-to-set up and easy-to-use Web browser-based system management tasks from the managed system or from a remote host through a LAN, dial-up service, or wireless network. When the Dell Systems Management Server Administrator Connection Service (DSM SA Connection Service) is installed and configured on the managed system, you can perform remote management functions from any system that has a supported Web browser and connection. Additionally, the Server Administrator home page provides extensive, context-sensitive online help.
Introduction 13

Other Documents You Might Need

Besides this User's Guide, you can find the following documents on the Dell Support website at support.dell.com/manuals:
•The
•The
•The
•The
•The
•The
•The
•The
•The
Dell Systems Software Support Matrix
various Dell systems, the operating systems supported by these systems, and the Dell OpenManage components that can be installed on these systems.
Dell OpenManage Server Administrator Installation Guide
instructions to help you install Dell OpenManage Server Administrator.
Dell OpenManage Management Station Software Installation Guide
contains instructions to help you install Dell OpenManage management station software that includes Baseboard Management Utility, DRAC Tools, and Active Directory Snap-In.
Dell OpenManage Server Administrator SNMP Reference Guide
documents the Simple Network Management Protocol (SNMP) management information base (MIB). The SNMP MIB defines variables that extend the standard MIB to cover the capabilities of systems management agents.
Dell OpenManage Server Administrator CIM Reference Guide
the Common Information Model (CIM) provider, an extension of the standard management object format (MOF) file. The CIM provider MOF documents supported classes of management objects.
Dell OpenManage Server Administrator Messages Reference Guide
the messages that are displayed in your Server Administrator home page Alert log or on your operating system’s event viewer. This guide explains the text, severity, and cause of each Instrumentation Service Alert message that Server Administrator issues.
Dell OpenManage Server Administrator Command Line Interface
User's Guide
Administrator, including an explanation of CLI commands to view system status, access logs, create reports, configure various component parameters, and set critical thresholds.
Integrated Dell Remote Access Controller User’s Guide
detailed information on configuring and using the iDRAC.
Dell Chassis Management Controller User’s Guide
information on installing, configuring and using CMC.
documents the complete command line interface for Server
provides information about the
contains
documents
provides
provides detailed
lists
14 Introduction
•The
Dell Online Diagnostics User's Guide
provides complete information
on installing and using Online Diagnostics on your system.
•The
Dell OpenManage Baseboard Management Controller Utilities
User Guide
provides additional information about using Server
Administrator to configure and manage your system's BMC.
•The
Dell OpenManage Server Administrator Storage Management
User's Guide
is a comprehensive reference guide for configuring and
managing local and remote storage attached to a system.
•The
Dell Remote Access Controller Racadm User's Guide
provides
information about using the racadm command-line utility.
•The
Dell Remote Access Controller 5 User’s Guide
provides complete information about installing and configuring a DRAC 5 controller and using DRAC 5 to remotely access an inoperable system.
•The
Dell Update Packages User's Guide
provides information about obtaining
and using Dell Update Packages as part of your system update strategy.
•The
Dell OpenManage Server Update Utility User's Guide
provides information about obtaining and using the Server Update Utility (SUU) to update your Dell systems or to view the updates available for any systems listed in the Repository.
•The
Dell Management Console User’s Guide
has information about installing, configuring, and using Dell Management Console. Dell Management Console is a Web-based systems management software that enables you to discover and inventory devices on your network. It also provides advanced functions, such as health and performance monitoring of networked devices and patch management capabilities for Dell systems.
•The
Dell Lifecycle Controller User Guide
provides information on setting up and using the Unified Server Configurator to perform systems and storage management tasks throughout your system’s lifecycle. You can use the Unified Server Configurator to deploy an operating system, configure a Redundant Array of Independent Disks (RAID), and run diagnostics to validate the system and attached hardware. Remote Services capabilities enable automated system platform discovery by management consoles and enhance remote operating system deployment capabilities. These capabilities are exposed through the web services based hardware management interface provided by the Lifecycle Controller firmware.
•The
Glossary
for information on terms used in this document.
Introduction 15

Obtaining Technical Assistance

If at any time you do not understand a procedure described in this guide or if your product does not perform as expected, help tools are available to assist you. For more information about these help tools, see "Getting Help" in your system's Hardware Owner’s Manual.
Additionally, Dell Enterprise Training and Certification is available; see www.dell.com/training for more information. This service may not be offered in all locations.
16 Introduction
2

Setup and Administration

Security Management

Server Administrator provides security through role-based access control (RBAC), authentication, and encryption for both the Web-based and command line interfaces.

Role-Based Access Control

RBAC manages security by determining the operations that can be executed by persons in particular roles. Each user is assigned one or more roles, and each role is assigned one or more user privileges that are permitted to users in that role. With RBAC, security administration corresponds closely to an organization's structure.
User Privileges
Server Administrator grants different access rights based on the user's assigned group privileges. The four user levels are: User, Power User, Administrator, and Elevated Administrator.
Users
can view most information.
Pow er Users
actions are to be taken when a warning or failure event occurs.
Administrators
Auto Recovery actions in case a system has a non-responsive operating system, and clear hardware, event, and command logs. also configure the system to send e-mails.
Elevated Administrators
Server Administrator grants read-only access to users logged in with User privileges, read and write access to users logged in with Power User privileges, and read, write, and administrator access to users logged in with Administrator and
can set warning threshold values and configure which alert
can configure and perform shutdown actions, configure
Administrators
can view and manage information.
Elevated Administrator
privileges. See Table 2-1.
can
Setup and Administration 17
Table 2-1. User Privileges
User Privileges Access Type
View Manage
User Ye s N o
Power User Ye s Ye s
Administrator Ye s Ye s
Elevated Administrator (Linux only) Yes Ye s
Privilege Levels to Access Server Administrator Services
Table 2-2 summarizes which user levels have privileges to access and manage Server Administrator services.
Table 2-2. Server Administrator User Privilege Levels
Service User Privilege Level Required
View Manage
Instrumentation U, P, A, EA P, A, EA
Remote Access U, P, A, EA A, EA
Storage Management U, P, A, EA A, EA
Table 2-3 defines the user privilege level abbreviations used in Table 2-2.
Table 2-3. Legend for Server Administrator User Privilege Levels
U User
P Power User
A Administrator
EA Elevated Administrator

Authentication

The Server Administrator authentication scheme ensures that the correct access types are assigned to the correct user privileges. Additionally, when the command line interface (CLI) is invoked, the Server Administrator authentication scheme validates the context within which the current
18 Setup and Administration
process is running. This authentication scheme ensures that all Server Administrator functions, whether accessed through the Server Administrator home page or CLI, are properly authenticated.

Microsoft Windows Authentication

For supported Microsoft® Windows® operating systems, Server Administrator authentication uses Integrated Windows Authentication (formerly called NTLM) to authenticate. This authentication system allows Server Administrator security to be incorporated in an overall security scheme foryournetwork.

Red Hat Enterprise Linux and SUSE Linux Enterprise Server Authentication

For supported Red Hat® Enterprise Linux® and SUSE® Linux Enterprise Server operating systems, Server Administrator uses various authentication methods based on the Pluggable Authentication Modules (PAM) library. Users can log in to Server Administrator either locally or remotely using different account management protocols, such as LDAP, NIS, Kerberos, and Winbind.

VMware ESX server 3 and 4

ESX Server uses the Pluggable Authentication Modules (PAM) structure for authentication when users access the ESX Server host. The PAM configuration for VMware services is located in /etc/pam.d/vmware-authd, which stores paths to authentication modules.
The default installation of ESX Server uses /etc/passwd authentication, just as Linux does, but you can configure ESX Server to use another distributed authentication mechanism.

VMware ESX server 3i and 4i

ESXi authenticates users accessing ESXi hosts using the vSphere/VI Client or SDK. The default installation of ESXi uses a local password database for authentication. ESXi authentication transactions with Server Administrator are also direct interactions with the vmware-hostd process. To make sure that authentication works efficiently for your site, perform basic tasks such as setting up users, groups, permissions, and roles, configuring user attributes, adding your own certificates, and determining whether you want to use SSL.
Setup and Administration 19

Encryption

Server Administrator is accessed over a secure HTTPS connection using secure socket layer (SSL) technology to ensure and protect the identity of the system being managed. Java
Secure Socket Extension (JSSE) is used by supported Microsoft Windows, Red Hat Enterprise Linux, and SUSE Linux Enterprise Server operating systems to protect the user credentials and other sensitive data that is transmitted over the socket connection when a user accesses the Server Administrator home page.

Assigning User Privileges

To ensure critical system component security, assign user privileges to all
Dell
OpenManage™ software users before installing Dell OpenManage software. New users can log into Dell OpenManage software using their operating system user privileges.
CAUTION: To protect access to your critical system components,
assign a password to every user account that can access Dell OpenManage software. Users without an assigned password cannot log into Dell OpenManage software on a system running Windows Server 2003 due to the operating system design.
CAUTION: Disable guest accounts for supported Windows operating systems to
protect access to your critical system components. Consider renaming the accounts so that remote scripts cannot enable the accounts using the name.
NOTE: For instructions on assigning user privileges for each supported operating
system, see your operating system documentation.
NOTE: Add new users to the operating system if you want to add users to
OpenManage software. You do not have to create new users from within the OpenManage software.
Adding Users to a Domain on Windows Operating Systems
NOTE: You must have Microsoft Active Directory® installed on your system to
perform the following procedures. See "Microsoft Active Directory" for more information about using Active Directory.
1
Navigate to
Users and Computers
Control Panel→
.
Administrative Tools→
Active Directory
20 Setup and Administration
2
In the console tree, right-click you want to add the new user, and then point to
3
Type the appropriate user name information in the dialog box, and then click
Next
.
4
Click
Next
, and then click
5
Double-click the icon representing the user that you just created.
6
Click the
7
Click
8
Select the appropriate group and click
9
Click OK, and then click OK again.
Member of
Add
.
tab.
Users
Finish
or right-click the container in which
New→
User
.
.
Add
.
New users can log into Dell OpenManage software with the user privileges for their assigned group and domain.

Creating Server Administrator Users for Supported Red Hat Enterprise Linux and SUSE Linux Enterprise Server Operating Systems

Administrator access privileges are assigned to the user logged in as root. To create users with User and Power User privileges, perform the following steps.
NOTE: You must be logged in as root or an equivalent user to perform
these procedures.
NOTE: You must have the useradd utility installed on your system to perform
these procedures.
Creating Users
NOTE: For information about creating users and user groups, see your operating
system documentation.
Creating Users With User Privileges
1
Run the following command from the command line:
useradd -d <
where <group> is
NOTE: If <group> does not exist, you must create it by using the groupadd
command.
home-directory
not root
.
> -g <
group
> <
username
Setup and Administration 21
>
2
Ty p e
passwd <
3
When prompted, enter a password for the new user.
NOTE: You must assign a password to every user account that can access Server
Administrator to protect access to your critical system components.
username> and press <Enter>.
The new user can now log in to Server Administrator with User group privileges.
Creating Users With Power User Privileges
1
Run the following command from the command line:
useradd -d <home-directory> -g root <username>
NOTE: You must set root as the primary group.
2
Ty p e
passwd <
3
When prompted, enter a password for the new user.
NOTE: You must assign a password to every user account that can access
Server Administrator to protect access to your critical system components.
username> and press <Enter>.
The new user can now log in to Server Administrator with Power User group privileges.

Editing Server Administrator User Privileges on Linux Operating Systems

NOTE: You must be logged in as root or an equivalent user to perform these
procedures.
1
Open the
2
Add the following in the file:
<User_Name>[Tab]<Host_Name>[Tab]<Rights>
omarolemap
file located at
/opt/dell/srvadmin/etc/omarolemap
.
Table 2-4 lists the legends for adding the role definition to the
omarolemap
Table 2-4. Legends for adding the role definition in OpenManage Server
<User_Name> <Host_Name> <Rights>
User Name Host Name Administrator
(+)Group Name Domain User
file
Administrator
22 Setup and Administration
Table 2-4. Legends for adding the role definition in OpenManage Server
Administrator
Wildcard (*) Wildcard (*) User
[Tab] = \t (tab character)
Table 2-5 lists the examples for adding the role definition to the
omarolemap
Table 2-5. Examples for adding the role definition in OpenManage Server
<User_Name> <Host_Name> <Rights>
Bob Ahost Poweruser
+root Bhost Administrator
+root Chost Administrator
Bob *.aus.amer.com Poweruser
Mike 192.168.2.3 Poweruser
3
Save and close the file.
4
Run the following command from the command line to restart the
file.
Administrator
connection service:
service dsm_om_connsvc restart
NOTE: Make sure that you restart the connection service for the changes to
take effect.
Best Practices while Using the omarolemap File
The following lists the best practices to be considered while working with omarolemap file:
Do not delete the following default entries in
•root
•+root
*
Do not change the
* Administrator
* Power user
* User
omarolemap
file permissions or file format.
omarolemap
Setup and Administration 23
file.
Server Administrator uses the default operating system user privilege, if a user is degraded in the
Do not use the loop back address for localhost or 127.0.0.1.
After the connection services are restarted and the changes do not take effect for the
•When file permissions and the entries of the file needs to be rechecked.
•Prefix the
Server Administrator uses the default operating system user privileges, if there are duplicate entries of user names or user groups along with same
Space
omarolemap
omarolemap
Group Name
<Host_Name>
can also be used as a delimiter for columns instead of
omarolemap
file, see the command log for the errors.
file is copied from one machine to another machine,
with +.
.
file.
<Host_Name>
, for example:
[Tab]

Creating Server Administrator Users for VMware ESX Server 3 and 3i

To add a user to the Users table:
1
Log in to the VI Client through the ESX Server 3 or 3i host.
2
Select the server from the inventory panel.
3
Click the
4
Right-click anywhere in the
New User
5
Enter a login, a user name, a numeric user ID (UID), and a password; specifying the user name and UID are optional. If you don’t specify the UID, the VI Client assigns the next available UID. If you want the user to be able to access the ESX Server 3 host through a command shell, select
Grant shell access to this user
6
For each existing group you want the user to be part of, enter the group name and click warns you and does not add the group to the
7
Click OK.
The login and user name you entered now appear in the Users table.
Users & Groups
dialog box.
Add
. If you type a nonexistent group name, the VI Client
tab and click
Users
table and click
.
Users
.
Add
Group membership
to open the
Add
list.
24 Setup and Administration

Creating Server Administrator Users for VMware ESX Server 4 and 4i

To add a user to the Users table:
1
Log in to the host using the vSphere Client.
2
Click the
3
Right-click anywhere in the Users table and click New User dialog box.
4
Enter a login, a user name, a numeric user ID (UID), and a password; specifying the user name and UID are optional. If you do not specify the UID, the vSphere Client assigns the next available UID.
5
To allow a user to access the ESX host through a command shell, select
Grant shell access to this user
vSphere Client do not need shell access.
6
To add the user to a group, select the group name from the down menu and click
7
Click OK.
Users & Groups
Add
tab and click
. Users that access the host only through the
.
Users
.
Add
to open the Add
Group
drop-

Disabling Guest and Anonymous Accounts in Supported Windows Operating Systems

NOTE: You must be logged in with Administrator privileges to perform
this procedure.
1
Open the
2
In the console tree, expand
3
Double click Properties for those users, or right click the user account and then choose
4
Select
A red circle with an X appears over the user name. The account is disabled.
Computer Management
Guest
or
IUSR_system
Account is disabled
window.
Local Users and Groups
name user account to see the
Guest
Properties
and click OK.
.
and click
or
IUSR_system
Users
.
name

Configuring the SNMP Agent

Server Administrator supports the Simple Network Management Protocol (SNMP)—a systems management standard—on all supported operating systems. The SNMP support may or may not be installed depending on your
Setup and Administration 25
operating system and how the operating system was installed. In most cases, SNMP is installed as part of your operating system installation. An installed supported systems management protocol standard, such as SNMP, is required before installing Server Administrator.
You can configure the SNMP agent to change the community name, enable Set operations, and send traps to a management station. To configure your SNMP agent for proper interaction with management applications such as the Dell OpenManage™ IT Assistant, perform the procedures described in the following sections.
NOTE: The default SNMP agent configuration usually includes a SNMP community
name such as public. For security reasons, change the SNMP community names from their default values. For information about changing SNMP community names, see the appropriate section below.
NOTE: SNMP Set operations are disabled by default in Server Administrator
version 5.2 or later. Server Administrator provides support to enable or disable SNMP Set operations in Server Administrator. You can use the Server Administrator SNMP Configuration page under Preferences or the Server Administrator command line interface (CLI) to enable or disable SNMP Set operations in Server Administrator. For more information about the Server Administrator CLI, see the
Dell OpenManage Server Administrator Command Line Interface User's Guide.
NOTE: For IT Assistant to retrieve management information from a system running
Server Administrator, the community name used by IT Assistant must match a community name on the system running Server Administrator. For IT Assistant to modify information or perform actions on a system running Server Administrator, the community name used by IT Assistant must match a community name that allows Set operations on the system running Server Administrator. For IT Assistant to receive traps (asynchronous event notifications) from a system running Server Administrator, the system running Server Administrator must be configured to send traps to the system running IT Assistant.
The following procedures provide step-by-step instructions for configuring the SNMP agent for each supported operating system:
"Configuring the SNMP Agent for Systems Running Supported Windows Operating Systems"
"Configuring the SNMP Agent on Systems Running Supported Red Hat Enterprise Linux and VMware ESX 4.0 Operating Systems"
"Configuring the SNMP Agent on Systems Running Supported SUSE Linux Enterprise Server and VMware ESX 3.5 Operating Systems"
26 Setup and Administration

Configuring the SNMP Agent for Systems Running Supported Windows Operating Systems

Server Administrator uses the SNMP services provided by the Windows SNMP agent. You can configure the SNMP agent to change the community name, enable Set operations, and send traps to a management station. To configure your SNMP agent for proper interaction with management applications such as IT Assistant, perform the procedures described in the following sections.
NOTE: See your operating system documentation for additional details on SNMP
configuration.
Enabling SNMP Access By Remote Hosts
Windows Server 2003, by default, does not accept SNMP packets from remote hosts. For systems running Windows Server 2003, you must configure the SNMP service to accept SNMP packets from remote hosts if you plan to manage the system by using SNMP management applications from remote hosts.
To enable a system running the Windows Server 2003 operating system to receive SNMP packets from a remote host, perform the following steps:
1
Open the
2
Expand the
3
Expand the
4
Scroll down the list of services until you find
SNMP Service
The
Computer Management
Computer Management
Services and Applications
, and then click
SNMP Service Properties
window.
icon in the window, if necessary.
icon and click
Services
SNMP Service
Properties
.
window appears.
.
, right-click
5
Click the
6
Select
Accept SNMP packets from these hosts
Changing the SNMP Community Name
Security
tab.
Accept SNMP packets from any host
list.
, or add the remote host to the
Configuring the SNMP community names determines which systems are able to manage your system through SNMP. The SNMP community name used by management applications must match an SNMP community name configured on the Server Administrator system so that the management applications can retrieve management information from Server Administrator.
Setup and Administration 27
1
Open the
2
Expand the
3
Expand the
4
Scroll down the list of services until you find
SNMP Service
The
5
Click the
a
b
Computer Management
window.
Computer Management
Services and Applications
, and then click
SNMP Service Properties
Security
tab to add or edit a community name.
Properties
window appears.
To add a community name, click
Community Names
The
SNMP Service Configuration
list.
Type the community name of a system that is able to manage your system (the default is public) in the click
Add
.
The
SNMP Service Properties
c
To change a community name, select a community name in the
Accepted Community Names
The
SNMP Service Configuration
d
Make all necessary edits to the community name of the system that is
window appears.
list and click
able to manage your system in the then click
The
OK
.
SNMP Service Properties window appears
icon in the window, if necessary.
icon and click
SNMP Service
Services
.
, right-click
.
Add
under the
Accepted
window appears.
Community Name
Edit
text box and
.
window appears.
Community Name
text box, and
.
6
Click OK to save the changes.
Enabling SNMP Set Operations
SNMP Set operations must be enabled on the Server Administrator system to change Server Administrator attributes using IT Assistant.
1
Open the
2
Expand the
3
Expand the
4
Scroll down the list of services until you find
SNMP Service
Computer Management
Computer Management
Services and Applications
, and click
Properties.
window.
icon in the window, if necessary.
icon, and then click
SNMP Service
Services
, right-click
.
28 Setup and Administration
The
SNMP Service Properties
5
Click the
6
Select a community name in the and click
The
7
Set the and click
The
8
Click OK to save the changes.
Configuring Your System to Send SNMP Traps to a Management Station
Security
Edit
tab to change the access rights for a community.
.
SNMP Service Configuration
Community Rights
OK
.
SNMP Service Properties
window appears.
Accepted Community Names
window appears.
to
READ WRITE
or
READ CREATE
window appears.
list,
,
Server Administrator generates SNMP traps in response to changes in the status of sensors and other monitored parameters. You must configure one or more trap destinations on the Server Administrator system for SNMP traps to be sent to a management station.
1
Open the
2
Expand the
3
Expand the
4
Scroll down the list of services until you find right-click
The
Computer Management
Computer Management
Services and Applications
SNMP Service
, and click
SNMP Service Properties
window.
icon in the window, if necessary.
icon and click
Services
SNMP Service
Properties
.
window appears.
.
,
5
Click the
Tr ap s
tab to add a community for traps or to add a trap
destination for a trap community.
a
To add a community for traps, type the community name in the
Community Name
the
Community Name
b
To add a trap destination for a trap community, select the community name from the
c
under the
The
Trap Destinations
SNMP Service Configuration
box and click
Community Name
Type in the trap destination and click
The
SNMP Service Properties
box.
box.
window appears.
Add to list
drop-down box and click
, which is located next to
Add
window appears.
Add
.
Setup and Administration 29
6
Click OK to save the changes.

Configuring the SNMP Agent on Systems Running Supported Red Hat Enterprise Linux and VMware ESX 4.0 Operating Systems

Server Administrator uses the SNMP services provided by the net-snmp SNMP agent. You can configure the SNMP agent to change the community name, enable Set operations, and send traps to a management station. To configure your SNMP agent for proper interaction with management applications such as IT Assistant, perform the procedures described in the following sections.
NOTE: See your operating system documentation for additional details on SNMP
configuration.
SNMP Agent Access Control Configuration
The management information base (MIB) branch implemented by Server Administrator is identified by the OID 1.3.6.1.4.1.674. Management applications must have access to this branch of the MIB tree to manage systems running Server Administrator.
For Red Hat Enterprise Linux and VMware ESXi 4.0 operating systems, the default SNMP agent configuration gives read-only access for the "public" community only to the MIB-II "system" branch (identified by the 1.3.6.1.2.1.1 OID) of the MIB tree. This configuration does not allow management applications to retrieve or change Server Administrator or other systems management information outside of the MIB-II "system" branch.
Server Administrator SNMP Agent Install Actions
If Server Administrator detects the default SNMP configuration during installation, it attempts to modify the SNMP agent configuration to give read-only access to the entire MIB tree for the "public" community. Server Administrator modifies the /etc/snmp/snmpd.conf SNMP agent configuration file in two ways.
The first change is to create a view to the entire MIB tree by adding the following line if it does not exist:
view all included .1
30 Setup and Administration
Loading...
+ 96 hidden pages