Dell OpenManage Server
Administrator
Version 6.5
Installation Guide
Notes and Cautions
NOTE: A NOTE indicates important information that helps you make better use of your computer.
CAUTION: A CAUTION indicates potential damage to hardware or loss of data if instructions are not followed.
___________________
Information in this document is subject to change without notice. © 2011 Dell Inc. All rights reserved.
Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden.
Trademarks used in this text: Dell™, the DELL™ logo, PowerEdge™, PowerVault™, and OpenManage™ are trademarks of Dell Inc. Microsoft®, Windows®, Internet Explorer®, Active Directory®, Windows Server®, and Windows NT® are either trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries. EMC® is a registered trademark of EMC Corporation. Java® is a trademark or registered trademark of Sun Microsystems, Inc. in the U.S. and other countries. Novell® and SUSE® are registered trademarks of Novell, Inc. in the United States and other countries. Red Hat® and Red Hat Enterprise Linux® are registered trademarks of Red Hat, Inc. in the United States and other countries. VMware® is a registered trademark and ESX Server™ is a trademark of VMware Inc in the United States and/or other jurisdictions. Mozilla® and Firefox® are registered trademarks of the Mozilla Foundation. Citrix®, Xen®, XenServer® and XenMotion® are either registered trademarks or trademarks of Citrix Systems, Inc. in the United States and/or other countries. X Window™ is a trademark of The Open Group. Altiris™ is a trademark of Altiris, Inc.
Server Administrator includes software developed by the Apache Software Foundation (www.apache.org). Server Administrator utilizes the OverLIB JavaScript library. This library can be obtained from www.bosrup.com.
Other trademarks and trade names may be used in this publication to refer to either the entities claiming the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own.
January 2011
Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . |
11 |
Dell OpenManage Systems Management |
|
Software . . . . . . . . . . . . . . . . . . . . . . . . . |
12 |
Dell Systems Management Tools and |
12 |
Documentation DVD . . . . . . . . . . . . . . . . |
|
Dell Server Updates DVD . . . . . . . . . . . . . . |
15 |
Dell Management Console DVD . . . . . . . . . . |
15 |
Other Documents You Might Need . . . . . . . . . . . |
16 |
Obtaining Technical Assistance . . . . . . . . . . . . |
18 |
2 Dell OpenManage Security . . . . . . . . . . . |
19 |
Security Features . . . . . . . . . . . . . . . . . . . . |
19 |
Security Management . . . . . . . . . . . . . . . . . . |
20 |
RBAC . . . . . . . . . . . . . . . . . . . . . . . . |
20 |
User Privileges . . . . . . . . . . . . . . . . . . . |
20 |
Privilege Levels to Access |
|
Server Administrator Services . . . . . . . . . . . |
21 |
Authentication . . . . . . . . . . . . . . . . . . . |
22 |
Encryption . . . . . . . . . . . . . . . . . . . . . |
23 |
Microsoft Active Directory . . . . . . . . . . . . . |
23 |
Authentication Protocols for Linux |
23 |
Operating Systems . . . . . . . . . . . . . . . . . |
Contents 3
3 Setup and Administration . . . . . . . . . . . |
25 |
Before You Begin. . . . . . . . . . . . . . . . . . . . . |
25 |
Installation Requirements . . . . . . . . . . . . . . . . |
25 |
Supported Operating Systems and |
25 |
Web Browsers . . . . . . . . . . . . . . . . . . . |
|
System Requirements . . . . . . . . . . . . . . . . |
26 |
Windows Server 2003 R2 and the R2 IPMI |
|
Device Driver . . . . . . . . . . . . . . . . . . . . |
28 |
Digital Certificates . . . . . . . . . . . . . . . . . |
29 |
Configuring a Supported Web Browser . . . . . . . . . |
30 |
Viewing Localized Versions of the |
30 |
Web-Based Interface . . . . . . . . . . . . . . . . |
|
Microsoft Active Directory . . . . . . . . . . . . . |
30 |
Configuring the SNMP Agent . . . . . . . . . . . . . . |
30 |
Configuring the SNMP Agent for Systems |
|
Running Supported Windows |
31 |
Operating Systems . . . . . . . . . . . . . . . . . |
|
Configuring the SNMP Agent on Systems |
|
Running Supported Red Hat Enterprise Linux |
|
Operating Systems . . . . . . . . . . . . . . . . . |
35 |
Configuring the SNMP Agent on Systems |
|
Running Supported SUSE Linux Enterprise Server |
40 |
Operating Systems . . . . . . . . . . . . . . . . . |
|
Secure Port Server and Security Setup . . . . . . . . . |
44 |
Setting User and Server Preferences . . . . . . . |
44 |
X.509 Certificate Management . . . . . . . . . . . |
46 |
4Deployment Scenarios for
Server Administrator . . . . . . . . . . . . . . . . 49
Server Administrator Components on
Managed System . . . . . . . . . . . . . . . . . . . . . 50
4 Contents
5Installing Managed System Software on Microsoft Windows
Operating Systems . . . . . . . . . . . . . . . . . 55
Overview . . . . . . . . . . . . . . . . . . . . . . . . . |
55 |
|
|
Unattended and Scripted Silent Installation . . . . |
55 |
|
|
Installation Procedures Prerequisite Checker . . . . . |
56 |
|
|
Remote Enablement Requirements . . . . . . . . . . . |
57 |
|
|
Installing WinRM . . . . . . . . . . . . . . . . . . |
57 |
|
|
Certificate Authority - Signed/Self-Signed |
|
|
|
Certificate. . . . . . . . . . . . . . . . . . . . . . |
57 |
|
|
Using a Certificate Signed by the CA. . . . . . . . |
58 |
|
|
Using the SelfSSL Tool to Generate |
|
|
|
Self-signed Certificates. . . . . . . . . . . . . . . |
58 |
|
|
Configuring User Authorization for WinRM |
|
|
|
and WMI Servers . . . . . . . . . . . . . . . . . . |
61 |
|
|
Configuring the Windows Firewall |
|
|
|
for WinRM . . . . . . . . . . . . . . . . . . . . . |
62 |
|
|
Configuring the Envelope Size for WinRM . . . . . |
62 |
|
|
Installing and Upgrading Server Administrator. . . . . |
63 |
|
|
Typical Installation . . . . . . . . . . . . . . . . . |
64 |
|
|
Custom Installation . . . . . . . . . . . . . . . . . |
64 |
|
|
Server Administrator Installation With |
|
|
|
Citrix Application Server . . . . . . . . . . . . . . |
66 |
|
|
Upgrading Managed System Software . . . . . . . . . |
67 |
|
|
Upgrading Guidelines. . . . . . . . . . . . . . . . |
67 |
|
|
Upgrade. . . . . . . . . . . . . . . . . . . . . . . |
68 |
|
|
Modify. . . . . . . . . . . . . . . . . . . . . . . . |
69 |
|
|
Repair . . . . . . . . . . . . . . . . . . . . . . . . |
70 |
|
|
System Recovery on Failed Installation . . . . . . . . . |
71 |
|
|
Failed Updates . . . . . . . . . . . . . . . . . . . |
72 |
|
|
Contents |
|
|
5 |
|
Windows Installer Logging . . . . . . . . . . . . . . . |
72 |
Performing an Unattended Installation of |
73 |
Managed System Software . . . . . . . . . . . . . . . |
|
Creating and Distributing the Typical |
73 |
Unattended Installation Package . . . . . . . . . . |
|
Creating and Distributing Custom |
|
Unattended Installation Packages . . . . . . . . . |
75 |
Specifying Log File Locations. . . . . . . . . . . . |
76 |
Unattended Installation Features . . . . . . . . . . |
76 |
Customization Parameters . . . . . . . . . . . . . |
79 |
MSI Return Code . . . . . . . . . . . . . . . . . . |
81 |
Uninstalling Managed System Software . . . . . . . . |
81 |
Uninstalling Managed System Software |
81 |
Using Dell-provided Media . . . . . . . . . . . . . |
|
Uninstalling Managed System Software |
|
Features Using the Operating System . . . . . . . |
83 |
Unattended Uninstall Using the Product GUID . . . |
83 |
Performing an Unattended Uninstallation |
|
of Managed System Software . . . . . . . . . . . |
83 |
Managed System Software Installation Using |
|
Third-Party Deployment Software . . . . . . . . . . . . |
85 |
6Installing Dell OpenManage Software On Microsoft Windows Server 2008
Core and Microsoft Hyper-V Server . . . . 87
Installing Managed System and |
|
Management Station Software . . . . . . . . . . . . . |
88 |
Running PreReqChecker In CLI Mode . . . . . . . |
88 |
Installing Managed System Software |
89 |
In CLI Mode . . . . . . . . . . . . . . . . . . . . . |
|
Uninstalling Systems Management Software . . . |
90 |
6 Contents
7Installing Managed System Software on Supported Linux
Operating Systems . . . . . . . . . . . . . . . . . 91
Software License Agreement . . . . . . . . . . . . . . |
93 |
|
|
Server Administrator Device Drivers . . . . . . . . . . |
93 |
|
|
Dynamic Kernel Support. . . . . . . . . . . . . . . . . |
93 |
|
|
Determining the Running Kernel . . . . . . . . . . |
94 |
|
|
Dynamic Kernel Support Prerequisites . . . . . . |
94 |
|
|
Using Dynamic Kernel Support After |
|
|
|
Server Administrator Installation. . . . . . . . . . |
94 |
|
|
Copying a Dynamically Built Device Driver |
|
|
|
to Systems Running the Same Kernel . . . . . . . |
95 |
|
|
OpenIPMI Device Driver. . . . . . . . . . . . . . . . . |
96 |
|
|
Degradation of Functionality When the |
|
|
|
Server Administrator Instrumentation Service |
96 |
|
|
is Started . . . . . . . . . . . . . . . . . . . . . . |
|
|
|
Installing Managed System Software . . . . . . . . . . |
97 |
|
|
Prerequisites for Installing Managed System |
97 |
|
|
Software . . . . . . . . . . . . . . . . . . . . . . |
|
|
|
Installing Managed System Software Using |
|
|
|
Dell-Provided Media . . . . . . . . . . . . . . . . |
98 |
|
|
Determining the OpenManage Server Administrator |
105 |
|
|
Architecture . . . . . . . . . . . . . . . . . . . . |
|
|
|
Dependent RPMs for Remote Enablement . . . . . . . |
106 |
|
|
Installing Dependent RPMs . . . . . . . . . . . . |
106 |
|
|
Post-Installation Configuration for |
108 |
|
|
Remote Enablement . . . . . . . . . . . . . . . . . . . |
|
|
|
Creating Server Certificate for WSMAN . . . . . . |
108 |
|
|
Configuring CRL for the openwsman Client . . . . |
109 |
|
|
Running sfcb and openwsman . . . . . . . . . . . |
109 |
|
|
Contents |
|
|
7 |
|
Winbind Configuration for openwsman and |
|
sfcb for Red Hat Enterprise Linux |
110 |
Operating Systems . . . . . . . . . . . . . . . . |
|
Winbind Configuration for openwsman and |
|
sfcb for SUSE Linux Enterprise Server |
|
Operating Systems . . . . . . . . . . . . . . . . |
111 |
Workaround for the Libssl Issue . . . . . . . . . |
112 |
Uninstalling Managed System Software . . . . . . . |
113 |
Uninstalling Managed System Software |
113 |
Using the Uninstall Script . . . . . . . . . . . . . |
|
Uninstalling Managed System Software |
|
Using the RPM Command. . . . . . . . . . . . . |
113 |
Using Dell OpenManage with Citrix XenServer. . . . |
113 |
Managed System Software Installation |
|
Using Third-Party Deployment Software . . . . . . . |
115 |
8 Dell OpenManage on VMware ESXi . . . |
117 |
Dell OpenManage on VMware ESXi 4.0 |
|
and ESXi 4.1 . . . . . . . . . . . . . . . . . . . . . . |
117 |
Using the vSphere CLI . . . . . . . . . . . . . . |
117 |
Using the VMware vSphere |
|
Management Assistant . . . . . . . . . . . . . . |
118 |
Troubleshooting . . . . . . . . . . . . . . . . . . |
119 |
120
120
121
121
8
Configuring the SNMP Agent on Systems Running
VMware ESXi 4/ESXi 4.1 . . . . . . . . . . . . . . . . . 122
Configuring Your System to Send Traps to a Management Station Using the vSphere CLI. . . . 122
9 Using Microsoft Active Directory . . . . . 125
Controlling Access to Your Network . . . . . . . . . . |
125 |
Active Directory Schema Extensions . . . . . . . |
125 |
Extending the Active Directory Schema . . . . . . . . |
133 |
Using the Dell Schema Extender . . . . . . . . . . |
134 |
Active Directory Users and |
|
Computers Snap-In . . . . . . . . . . . . . . . . . |
139 |
Adding Users and Privileges to |
|
Active Directory . . . . . . . . . . . . . . . . . . |
140 |
Configuring Your Systems or Devices . . . . . . . |
143 |
10 Prerequisite Checker . . . . . . . . . . . . . . 145
Command Line Operation of the
Prerequisite Checker . . . . . . . . . . . . . . . . . . 145
11 Frequently Asked Questions . . . . . . . . . 149
General. . . . . . . . . . . . . . . . . . . . . . . . . . |
149 |
Microsoft Windows . . . . . . . . . . . . . . . . . . . |
149 |
Red Hat Enterprise Linux or SUSE Linux |
|
Enterprise Server . . . . . . . . . . . . . . . . . . . . |
156 |
Contents 9
A Dell OpenManage Linux Installer
Packages . . . . . . . . . . . . . . . . . . . . . . . . . . 169
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
10 Contents
1
This guide contains information to help you install Dell OpenManage Server Administrator on managed systems. A managed system has supported instrumentation agents installed that allow the system to be discovered and polled for status through Server Administrator. Server Administrator provides easy-to-use management and administration of local and remote systems through a comprehensive set of integrated management services. For more information on Server Administrator, see "Dell OpenManage Server Administrator".
This document also contains information on installing and using the Remote Enablement feature of Dell OpenManage Server Administrator. It contains information on using the Dell OpenManage Server Administrator Web Server to manage remote systems. The Remote Enablement feature is currently supported on Microsoft Windows, Microsoft Hyper-V, Hyper-V Server, Red Hat Enterprise Linux, Suse Enterprise Linux, VMware ESXi, ESX, and Citrix XenServer 5.6 operating systems.
In addition, this guide provides information and instructions for configuring your systems before and during a deployment or upgrade. The following topics are covered in this document:
•Dell OpenManage Security
•Setup and Administration
•Deployment Scenarios for Server Administrator
•Installing Managed System Software on Microsoft Windows Operating Systems
•Installing Dell OpenManage Software On Microsoft Windows Server 2008 Core and Microsoft Hyper-V Server
•Installing Managed System Software on Supported Linux Operating Systems
Introduction 11
•Dell OpenManage on VMware ESXi
•Using Microsoft Active Directory
•Prerequisite Checker
•Frequently Asked Questions
NOTE: If you install management station and managed system software on the same system, install identical software versions to avoid system conflicts.
Dell OpenManage systems management software is a suite of applications for your Dell systems that enables you to manage your systems with proactive monitoring, diagnosis, notification, and remote access.
Dell systems management software comprises of 3 DVDs:
•Dell Systems Management Tools and Documentation DVD
•Dell Server Updates DVD
•Dell Management Console DVD
From the purpose of using the Dell Systems Management Tools and Documentation DVD, a system can be classified into:
•Managed System
A managed system is any system that is monitored and managed using Dell OpenManage Server Administrator (one of the systems management tools on the DVD). You can manage systems running Server Administrator locally or remotely through a supported Web browser. For more information on Server Administrator, see "Dell OpenManage Server Administrator".
•Management Station
A management station can be any computer (laptop, desktop, or server) that you can use to remotely manage one or more managed systems from a central location.
12 Introduction
The following applications comprise the Dell management station software that you can install using the Dell Systems Management Tools and Documentation DVD:
•Active Directory Snap-In
•BMC Utilities
•DRAC Tools
For information about installing these applications, see the Dell OpenManage Management Station Software Installation Guide available on the Dell Systems Management Tools and Documentation DVD or at support.dell.com/support/edocs/software/omswrels/index.htm. This link also contains user documentation on Dell OpenManage applications.
The Dell Systems Management Tools and Documentation DVD also contains the following products:
Dell Systems Build and Update Utility
Functionality
You can use the Dell Systems Build and Update Utility to:
•Update your system firmware and install an operating system.
•Update the firmware and BIOS in a pre-operating system environment on multiple systems.
•Configure your system hardware.
•Customize the Server Update Utility (SUU) and use it to update your system.
For information on performing these tasks and details on the Dell Systems Build and Update Utility, see the Dell Systems Build and Update Utility User's Guide at support.dell.com/support/edocs/software/omswrels/index.htm.
Location on the DVD
<DVD root>
Introduction 13
Dell OpenManage Server Administrator
Functionality
Dell OpenManage Server Administrator provides a comprehensive set of integrated management services designed for system administrators to manage systems locally and remotely on a network. Server Administrator is the sole installation on the managed system and is accessible both locally and remotely from the Server Administrator Home page. Remotely monitored systems may be accessed by dial-in, LAN, or wireless connections. Server Administrator ensures the security of its management connections through role-based access control (RBAC), authentication, and industry-standard secure socket layer (SSL) encryption.
For information on installing Server Administrator, see "Installing Managed System Software on Microsoft Windows Operating Systems" or "Installing Managed System Software on Supported Linux Operating Systems".
For details on using Server Administrator, see the Dell OpenManage Server Administrator User's Guide at support.dell.com/support/edocs/software/omswrels/index.htm.
The Storage Management Service provides enhanced features for managing a system's locally-attached RAID and non-RAID disk storage.
The Storage Management Service provides the following features:
•Enables you to view the status of the local and remote storage attached to a monitored system.
•Supports SAS, SCSI, SATA, and ATA, but does not support Fibre Channel.
•Allows you to perform controller and enclosure functions for all supported RAID and non-RAID controllers and enclosures from a single graphical interface or a CLI, without the use of the controller BIOS utilities.
•Protects your data by configuring data redundancy, assigning hot spares, or rebuilding failed drives.
Location on the DVD
<DVD_drive>\SYSMGMT\srvadmin
14 Introduction
The Dell Server Updates DVD is a part of the Dell OpenManage subscription service kit along with the Dell Systems Management Tools and Documentation
DVD. The Dell Server Updates DVD is available only to those customers who have subscribed to the subscription service.
The Dell Server Updates DVD contains Dell Update Packages (DUPs) and Dell OpenManage Server Update Utility (SUU). DUPs allow administrators to update a wide range of system components simultaneously and apply scripts to similar sets of Dell systems to bring system software components up to the same version levels.
SUU is an application that identifies and applies updates to your system. You can use SUU to update your Dell system or to view the updates available for any system supported by SUU.
In addition to helping you install, configure, and update programs and operating systems, the Dell Server Updates DVD also provides newer versions of software for your system.
For more information on DUPs and SUU, see the Dell Update Packages User’s Guide and the Dell OpenManage Server Update Utility User's Guide at support.dell.com/support/edocs/software/omswrels/index.htm.
For more information on the subscription service, see www.dell.com/openmanagesubscription or contact your sales representative.
The Dell Management Console is a Web-based systems management software that enables you to discover and inventory devices on your network. It also provides advanced functions, such as health and performance monitoring of networked devices and patch management capabilities for Dell systems.
The Dell Management Console DVD is available with all Dell xx0x and later systems. You can also download the Dell Management Console from www.dell.com/openmanage.
Introduction 15
In addition to this guide, you can access the following guides available on the
Dell Systems Management Tools and Documentation DVD or at support.dell.com/manuals. On the Manuals page, click Software Systems Management. Click on the appropriate product link on the right-side to access the documents.
•The Dell Unified Server Configurator User’s Guide provides information on using Unified Server Configurator.
•The Dell Management Console User’s Guide has information about installing, configuring, and using Dell Management Console. Dell Management Console is a Web-based systems management software that enables you to discover and inventory devices on your network. It also provides advanced functions, such as health and performance monitoring of networked devices and patch management capabilities for Dell systems.
•The Dell Systems Build and Update Utility User’s Guide provides information on using the Systems Build and Update Utility.
•The Dell Systems Software Support Matrix provides information about the various Dell systems, the operating systems supported by these systems, and the Dell OpenManage components that can be installed on these systems.
•The Dell OpenManage Server Administrator User's Guide describes the installation and use of Server Administrator. Server Administrator provides easy-to-use management and administration of local and remote systems through a comprehensive set of integrated management services.
•The Dell OpenManage Server Administrator SNMP Reference Guide documents the Simple Network Management Protocol (SNMP) management information base (MIB). The SNMP MIB defines variables that extend the standard MIB to cover the capabilities of systems management agents.
•The Dell OpenManage Server Administrator CIM Reference Guide documents the Common Information Model (CIM) provider, which is an extension of the standard management object format (MOF) file.
This guide explains the supported classes of management objects.
16 Introduction
•The Dell OpenManage Server Administrator Messages Reference Guide lists the messages that are displayed in the Server Administrator home page Alert log, or on your operating system’s event viewer. This guide explains the text, severity, and cause of each alert message that Server Administrator issues.
•The Dell OpenManage Server Administrator Command Line Interface User's Guide documents the complete command line interface for Server Administrator, including an explanation of CLI commands to view system status, access logs, create reports, configure various component parameters, and set critical thresholds.
•The Dell OpenManage IT Assistant User’s Guide has information about installing, configuring, and using IT Assistant. IT Assistant provides
a central point of access to monitor and manage systems on a local area network (LAN) or wide area network (WAN). By allowing an administrator a comprehensive view across the enterprise, IT Assistant can increase system uptime, automate repetitive tasks, and prevent interruption in critical business operations.
•The Dell Remote Access Controller 5 User’s Guide provides complete information about installing and configuring a DRAC 5 controller and using DRAC 5 to remotely access an inoperable system.
•The Integrated Dell Remote Access Controller User's Guide provides complete information about configuring and using an Integrated Dell Remote Access Controller to remotely manage and monitor your system and its shared resources through a network.
•The Dell Update Packages User's Guide provides information about obtaining and using Dell Update Packages for Windows and Linux as part of your system update strategy.
•The Dell OpenManage Server Update Utility User's Guide provides information on using the Dell OpenManage Server Update Utility.
•The software kit (DVD) contain readme files for applications found on the media.
Introduction 17
If at any time you do not understand a procedure described in this guide, or if your product does not perform as expected, different types of help are
available. For more information, see "Getting Help" in your system's Hardware Owner’s Manual.
Additionally, Dell Enterprise Training and Certification is available; see www.dell.com/training for more information. This service might not be offered in all locations.
18 Introduction
2
Dell OpenManage systems management software components provide the following security features:
•Authentication for users through hardware-stored user IDs and passwords, or by using the optional Microsoft Active Directory.
•Support for Network Information Services (NIS), Winbind, Kerberos, and Lightweight Directory Access Protocol (LDAP) authentication protocols for Linux operating systems.
•Role-based authority that allows specific privileges to be configured for each user.
•User ID and password configuration through the Web-based interface or the command line interface (CLI), in most cases.
•SSL encryption of 128-bit and 40-bit (for countries where 128-bit is not acceptable).
NOTE: Telnet does not support SSL encryption.
•Session time-out configuration (in minutes) through the Web-based interface or Command Line Interface (CLI).
•Port Configuration to allow Dell OpenManage systems management software to connect to a remote device through firewalls.
NOTE: For information about ports that various Dell OpenManage systems management components use, see the User Guide for that component.
Dell OpenManage Security |
|
19 |
|
Dell provides security and access administration through role-based access control (RBAC), authentication, and encryption, or through Active Directory (or through Winbind, Kerberos, LDAP, or NIS on Linux operating systems) for both the Web-based and command line interfaces.
RBAC manages security by determining the operations that can be executed by users in specific roles. Each user is assigned one or more roles, and each role is assigned one or more user privileges that are permitted to users in that role. With RBAC, security administration can correspond closely to an organization's structure. For information about setting up users, see your operating system documentation.
Server Administrator grants different access rights based on the user's assigned group privileges. The three user levels are User, Power User, and
Administrator.
Users can view most information.
Power Users can set warning threshold values and configure which alert actions are to be taken when a warning or failure event occurs.
Administrators can configure and perform shutdown actions, configure Auto Recovery actions in case a system has a non-responsive operating system, and clear hardware, event, and command logs. Administrators can configure alert actions, including sending e-mail messages when an alert is generated.
20 |
|
Dell OpenManage Security |
|
Server Administrator grants read-only access to users logged in with User privileges; read and write access to users logged in with Power User privileges; and read, write, and administrator access to users logged in with Administrator privileges. See Table 2-1.
Table 2-1. User Privileges
User Privileges |
|
Access Type |
|
|
|
|
|
|
Admin |
Write |
Read |
|
|
|
|
User |
|
|
X |
|
|
|
|
Power User |
|
X |
X |
|
|
|
|
Administrator |
X |
X |
X |
|
|
|
|
Admin access allows you to shut down the managed system.
Write access allows you to modify or set the values on the managed system.
Read access allows you to view the data reported by Server Administrator. Read access does not allow you to change or set the values on the managed system.
Table 2-2 summarizes which user levels have privileges to access and manage Server Administrator Services.
Table 2-2. Server Administrator User Privilege Levels
Service |
User Privilege Level Required |
|
|
|
|
|
View |
Manage |
|
|
|
Instrumentation |
U, P, A |
P, A |
|
|
|
Remote Access |
U, P, A |
A |
|
|
|
Update |
U, P, A |
A |
|
|
|
Storage Management |
U, P, A |
A |
|
|
|
Dell OpenManage Security |
|
21 |
|
Table 2-3 defines the user privilege level abbreviations used in Table 2-2.
Table 2-3. Legend for Server Administrator User Privilege Levels
U |
User |
|
|
P |
Power User |
|
|
A |
Administrator |
|
|
The Server Administrator authentication scheme ensures that the access types are assigned to the correct user privileges. Additionally, when you invoke the CLI, the Server Administrator authentication scheme validates the context within which the current process is running. This authentication scheme ensures that all Server Administrator functions, whether accessed through the Server Administrator home page or CLI, are properly authenticated.
Microsoft Windows Authentication
For supported Windows operating systems, Server Administrator authentication uses Integrated Windows Authentication (formerly called NTLM) to authenticate. This authentication system allows Server Administrator security to be incorporated in an overall security scheme for your network.
Red Hat Enterprise Linux and SUSE Linux Enterprise Server Authentication
For supported Red Hat Enterprise Linux and SUSE Linux Enterprise Server operating systems, Server Administrator authentication is based on the Pluggable Authentication Modules (PAM) library. This documented library of functions allows an administrator to determine how individual applications authenticate users.
22 |
|
Dell OpenManage Security |
|
Access to Server Administrator is enabled over a secure HTTPS connection using secure socket layer (SSL) technology to ensure and protect the identity of the system being managed. Java Secure Socket Extension (JSSE) is used by supported Windows, Red Hat Enterprise Linux, and SUSE Linux Enterprise Server operating systems to protect the user credentials and other sensitive data that is transmitted over the socket connection when a user accesses the Server Administrator.
The Active Directory Service (ADS) software acts as the central authority for network security. ADS allows the operating system to verify a user's identity and control that user’s access to network resources. For Dell OpenManage applications running on supported Windows platforms, Dell provides schema extensions for customers to modify their Active Directory database to support remote management authentication and authorization. IT Assistant, Server Administrator, and Dell Remote Access Controllers can interface with Active Directory to add and control users and privileges from one central database. For information about using Active Directory, see "Using Microsoft Active Directory."
Dell OpenManage applications (version 5.2 and later) support Network Information Services (NIS), Winbind, Kerberos, and Lightweight Directory Access Protocol (LDAP) authentication protocols for Linux operating systems.
Dell OpenManage Security |
|
23 |
|
24 |
|
Dell OpenManage Security |
|
3
•Read the Installation Requirements to ensure that your system meets or exceeds the minimum requirements.
•Read the applicable Dell OpenManage readme files and the Dell Systems Software Support Matrix located at support.dell.com/support/edocs/software/omswrels/index.htm. These files contain the latest information about software, firmware, and driver versions, in addition to information about known issues.
•If you are running any application on the media, close the application before installing Server Administrator applications.
•Read the installation instructions for your operating system.
•On Linux operating systems, ensure that all operating system RPM packages that the Server Administrator RPMs require are installed.
This section describes the general requirements of the Dell OpenManage Server Administrator and includes information on:
•"Supported Operating Systems and Web Browsers "
•"System Requirements"
Prerequisites specific to an operating system are listed as part of the installation procedures.
For supported operating systems and Web browsers, see the Dell Systems Software Support Matrix located at support.dell.com/support/edocs/software/omswrels/index.htm.
Setup and Administration |
|
25 |
|
NOTE: The Dell OpenManage installer offers Multilingual User Interface support on Microsoft Windows Storage Server 2003 R2, Microsoft Windows Storage Server 2003 R2, Express x64 Edition with Unified Storage, Microsoft Windows Storage Server 2003 R2, Workgroup x64 Edition with Unified Storage, and Windows Server 2008 (x86 and x64) R2 operating systems. The Multilingual User Interface Pack is a set of language specific resource files that can be added to the English version of a supported Windows operating system. However, the Dell OpenManage 6.5 installer supports only six languages: English, German, Spanish, French, Simplified Chinese, and Japanese.
NOTE: When Multilingual User Interface (MUI) is set to non-Unicode languages like Simplified Chinese or Japanese, set the system locale to Simplified Chinese or Japanese. This enables the Prerequisite Checker messages to be displayed. This is because any non-Unicode application runs only when the system locale
(also called Language for non-Unicode Programs on XP) is set to match the application's language.
Dell OpenManage Server Administrator must be installed on each system to be managed. You can then manage each system running Server Administrator locally or remotely through a supported Web browser.
Managed System Requirements
•One of the "Supported Operating Systems and Web Browsers"
•A minimum of 2 GB of RAM
•A minimum of 512 MB of free hard drive space
•Administrator rights
•A TCP/IP connection on the managed system and the remote system to facilitate remote system management
•One of the supported systems management protocol standards (see "Supported Systems Management Protocol Standards")
•A mouse, keyboard, and monitor to manage a system locally. The monitor requires a minimum screen resolution of 800 x 600. The recommended screen resolution is 1024 x 768
26 |
|
Setup and Administration |
|
•The Server Administrator Remote Access Controller service requires that a remote access controller (RAC) be installed on the system to be managed. See the relevant Dell Remote Access Controller User’s Guide for complete software and hardware requirements
NOTE: The RAC software is installed as part of the Typical Setup installation option, when installing managed system software, provided that the managed system meets all of the RAC installation prerequisites. See the relevant Dell Remote Access Controller User’s Guide for complete software and hardware requirements.
•The Server Administrator Storage Management Service requires that Dell OpenManage Server Administrator be installed on the system in order to be properly managed. See the Dell OpenManage Server Administrator Storage Management User’s Guide for complete software and
hardware requirements.
•Microsoft Software Installer (MSI) version 3.1 or later
NOTE: Dell OpenManage software detects the MSI version on your system. If the version is lower than 3.1, the Prerequisite Checker prompts you to upgrade to MSI version 3.1. After upgrading the MSI to version 3.1, you may have to reboot the system in order to install other software applications such as Microsoft SQL Server.
Supported Systems Management Protocol Standards
A supported systems management protocol must be installed on the managed system before installing your management station or managed system software. On supported Windows and Linux operating systems, Dell OpenManage software supports: Common Information Model (CIM), Windows Management Instrumentation (WMI), and Simple Network Management Protocol (SNMP). You must install the SNMP package provided with the operating system.
NOTE: For information about installing a supported systems management protocol standard on your managed system, see your operating system documentation.
Setup and Administration |
|
27 |
|
Table 3-1 shows the availability of the systems management standards for each supported operating system.
Table 3-1. Availability of Systems Management Protocol by Operating Systems
Operating System |
SNMP |
CIM/WMI |
|
|
|
Supported Microsoft |
Available from the operating system |
Always installed |
Windows operating |
installation media. |
|
systems. |
|
|
|
|
|
Supported Red Hat |
Install the SNMP package provided |
Available. |
Enterprise Linux operating |
with the operating system. |
Install the CIM |
systems. |
|
packages |
|
|
provided on the |
|
|
Dell Systems |
|
|
Management |
|
|
Tools and |
|
|
Documentation |
|
|
DVD - |
|
|
SFCB/SFCC/ |
|
|
CMPI-Devel |
|
|
|
Supported SUSE Linux |
Install the SNMP package provided |
Available. |
Enterprise Server operating |
with the operating system. |
Install the CIM |
systems. |
|
packages |
|
|
provided on the |
|
|
Dell Systems |
|
|
Management |
|
|
Tools and |
|
|
Documentation |
|
|
DVD - |
|
|
SFCB/SFCC/ |
|
|
CMPI-Devel |
|
|
|
The information in this section is applicable only to Dell PowerVault x00 systems and Dell PowerEdge x8xx systems and later.
Windows Server 2003 R2 and Windows Storage Server R2 contain an optional component called Hardware Management. This component contains an IPMI driver. During installation, the component installs and enables its IPMI driver.
28 |
|
Setup and Administration |
|
When you launch Server Administrator, it first determines if the Windows Server 2003 R2 IPMI driver is enabled. If the driver is enabled, Server Administrator uses the Windows Server 2003 R2 IPMI driver to provide its IPMI-based functionality. If the Windows Server 2003 R2 IPMI
driver is not enabled, Server Administrator uses its own internal IPMI support to provide its IPMI-based functionality. For Server Administrator, it is recommended that you use the Windows Server 2003 R2 IPMI driver instead of the internal IPMI support. If your system is running Windows Server 2003 R2 or Windows Storage Server R2, it is recommended that after you install Server Administrator, you also install the optional Hardware Management component of R2.
To install the Windows Server 2003 R2 IPMI driver on Dell PowerVault x00 systems, perform the following additional step:
•From a command shell, execute the following command:
Rundll32 ipmisetp.dll, AddTheDevice
After installing the Hardware Management component of
Windows Server 2003 R2, restart the DSM SA Data Manager service so that Server Administrator can switch over from using its own internal IPMI support to using the Windows Server 2003 R2 IPMI driver. To restart the service, you can either manually restart the service or reboot the system.
If you uninstall the Windows Server 2003 R2 IPMI driver later, either by manually uninstalling it or by uninstalling the Hardware Management component (which uninstalls the driver), restart the DSM SA Data Manager service so that Server Administrator can switch over from using the Windows Server 2003 R2 IPMI driver to using its own internal IPMI support. To restart the service, you can either manually restart the service or reboot the system.
All Server Administrator packages for Microsoft are digitally signed with a Dell certificate that helps guarantee the integrity of the installation packages. If these packages are repackaged, edited, or manipulated in other ways,
the digital signature is invalidated. This manipulation results in an unsupported installation package and the Prerequisite Checker does not allow you to install the software.
Setup and Administration |
|
29 |
|
For a list of supported Web browsers, see "Supported Operating Systems and Web Browsers."
NOTE: Ensure that the Web browser is configured to bypass the proxy server for local addresses.
Use Regional and Language Options in the Windows Control Panel to view localized versions of the Web-based interface, on systems running Windows operating systems.
If you use Active Directory service software, you can configure it to control access to your network. Dell has modified the Active Directory database to support remote management authentication and authorization. Dell OpenManage Server Administrator, IT Assistant, and Dell Remote Access Controllers, can interface with Active Directory. With this tool, you can add and control users and privileges from one central database. If you use Active Directory to control user access to your network, see "Using Microsoft Active Directory."
Dell OpenManage software supports the SNMP systems management standard on all supported operating systems. The SNMP support may or may not be installed depending on your operating system and how the operating system was installed. An installed supported systems management protocol standard, such as SNMP, is required before installing Dell OpenManage software. See "Installation Requirements" for more information.
You can configure the SNMP agent to change the community name, enable Set operations, and send traps to a management station. To configure your SNMP agent for proper interaction with management applications such as IT Assistant, perform the procedures described in the following sections.
NOTE: The default SNMP agent configuration usually includes an SNMP community name such as public. For security reasons, change the default SNMP community names. For information about changing SNMP community names, see
30 |
|
Setup and Administration |
|