Dell OpenManage Server Administrator Version 7.1 User Manual

Download

Dell OpenManage

Server Administrator

Version 7.1

User’s Guide

Notes and Cautions

NOTE: A NOTE indicates important information that helps you make better use of

your computer.

CAUTION: A CAUTION indicates either potential damage to hardware or loss of

data and tells you how to avoid the problem.

____________________

Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden.

Trademarks used in this text: Dell™, the DELL logo, PowerEdge™, PowerVault™, and OpenManage™ are trademarks of Dell Inc. Microsoft Directory Corporation in the United States and/or other countries. EMC Corporation. Java® is a registered trademarks of Oracle and/or its affiliates. Novell registered trademarks of Novell, Inc. in the United States and other countries. Red Hat Enterprise Linux VMware States and/or other jurisdictions. Mozilla Foundation. Citrix trademarks of Citrix Systems, Inc. in the United States and/or other countries.

Server Administrator includes software developed by the Apache Software Foundation (www.apache.org). Server Administrator utilizes the OverLIB JavaScript library. This library can be obtained from www.bosrup.com.

Other trademarks and trade names may be used in this publication to refer to either the entities claiming the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own.

2012 - 06

, and Windows Server® are either trademarks or registered trademarks of Microsoft

are registered trademarks of Red Hat, Inc. in the United States and other countries.

is a registered trademark and ESX Server™ is a trademark of VMware Inc in the United

, Xen®, XenServer®, and XenMotion® are either registered trademarks or

and Firefox® are registered trademarks of the Mozilla

, Windows®, Internet Explorer®, Active

is a registered trademark of EMC

and SUSE® are

and Red Hat

Contents

1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . 9

Overview . . . . . . . . . . . . . . . . . . . . . . . . . 9

What’s New in this Release . . . . . . . . . . . . . . . 11

Installation

Updating Individual System Components

. . . . . . . . . . . . . . . . . . . . . 10

. . . . . 10

Storage Management Service . . . . . . . . . . . 10

Instrumentation Service

Remote Access Controller

. . . . . . . . . . . . . . 11

. . . . . . . . . . . . . 11

Logs . . . . . . . . . . . . . . . . . . . . . . . . 11

Systems Management Standards Availability

Availability on Supported Operating Systems

Server Administrator Home Page

Introduction

Overview

Dell OpenManage Server Administrator (OMSA) provides a comprehensive, one-to-one systems management solution in two ways: from an integrated, web browser-based graphical user interface (GUI) and from a command line interface (CLI) through the operating system. Server Administrator is designed for system administrators to manage systems locally and remotely on a network. It allows system administrators to focus on managing their entire network by providing comprehensive one-to-one systems management.

In the context of Server Administrator, a system refers to a stand-alone system, a system with attached network storage units in a separate chassis, or a modular system consisting of one or more server modules in a modular enclosure.

Server Administrator provides information about:

• Systems that are operating properly and systems that have problems

• Systems that require remote recovery operations

Server Administrator provides easy-to-use management and administration of local and remote systems through a comprehensive set of integrated management services. Server Administrator is the sole installation on the system being managed and is accessible both locally and remotely from the Server Administrator home page. Remotely monitored systems may be accessed through dial-in, LAN, or wireless connections. Server Administrator ensures the security of its management connections through role-based access control (RBAC), authentication, and secure socket layer (SSL) encryption.

Introduction 9

Installation

You can install Server Administrator using the Dell Systems Management Tools and Documentation DVD. The DVD provides a setup program to install,

upgrade, and uninstall Server Administrator, managed system and management station software components. Additionally, you can install Server Administrator on multiple systems through an unattended installation across a network.

The Dell OpenManage installer provides installation scripts and RPM packages to install and uninstall Dell OpenManage Server Administrator and other managed system software components on your managed system. For more information, see the Dell OpenManage Server Administrator Installation

Guide and the Dell OpenManage Management Station Software Installation Guide at support.dell.com/manuals.

NOTE: When you install the open source packages from the Dell Systems

Management Tools and Documentation DVD, the corresponding license files are

automatically copied to the system. When you remove these packages, the corresponding files are removed.

If you have a modular system, you must install Server Administrator on each server module installed in the chassis.

Updating Individual System Components

To update individual system components, use component-specific Dell Update Packages. Use the Dell Server Updates DVD to view the complete version report and to update an entire system. The Server Update Utility is a DVD-ROM–based application for identifying and applying updates to your system. The Server Update Utility can be downloaded from support.dell.com.

See the Server Update Utility User's Guide for more information about obtaining and using the Server Update Utility (SUU) to update your Dell Systems or to view the updates available for any systems listed in the Repository.

Storage Management Service

The Storage Management Service provides storage management information in an integrated graphical view.

For detailed information on the Storage Management Service, see the Dell OpenManage Server Administrator Storage Management User's Guide at support.dell.com/manuals.

10 Introduction

Instrumentation Service

The Instrumentation Service provides rapid access to detailed fault and performance information gathered by industry-standard systems management agents and allows remote administration of monitored systems, including shutdown, startup, and security.

Remote Access Controller

The Remote Access Controller provides a complete remote system management solution for systems equipped with the Dell Remote Access Controller (DRAC) or Baseboard Management Controller (BMC)/Integrated Dell Remote Access Controller (iDRAC) solution. The Remote Access Controller provides remote access to an inoperable system, allowing you to get the system up and running as quickly as possible. The Remote Access Controller also provides an alert notification when a system is down and allows you to remotely restart the system. Additionally, the Remote Access Controller logs the probable cause of system crashes and saves the most recent crash screen.

Logs

Server Administrator displays logs of commands issued to or by the system, monitored hardware events, and system alerts. You can view logs on the home page, print or save them as reports, and send them by e-mail to a designated service contact.

What’s New in this Release

The highlights of this release of OpenManage Server Administrator are:

• Added support for the following operating systems:

– Red Hat Enterprise Linux 5.8 (32-bit and 64-bit)

– Red Hat Enterprise Linux 6.2 (64-bit)

– VMware ESXi 5.0 Update 1

• Added support for the Mozilla Firefox 10, 11, and 12 browsers

• Added support for the following systems:

– PowerEdge M820

– PowerEdge T420

Introduction 11

–PowerEdge T320

• Added support for PowerEdge reseller custom branding. For more information, see

• Added support for the following Network Interface Cards (NICs), Converged Network Adapters (CNAs), and Fibre Channels (FCs):

– Brocade 10Gb CNA (BR1020, BR1741M-k)

– Emulex Single Port FC16 HBA

– Emulex Dual Port FC16 HBA

– Qlogic QLE2460 Single port FC4 Adapter

– Qlogic QLE2462 Dual port FC4 Adapter

– Brocade BR815- Single Port FC8 Adapter

– Brocade BR825- Dual Port FC8 Adapter

– Qlogic QLE2562 Dual Port FC8 Adapter

– Emulex LPe-12002 Dual Port FC8 Adapter

– Qlogic QME2572 Dual Port FC8 Mezz

– Emulex Lpe-1205-M Dual Port FC8 Mezz

– Qlogic QLE2560 Single Port FC8 Adapter

– Emulex LPe-12000 Single Port FC8 Adapter

– Broadcom 57810 Dual Port 10GbE KR Blade Converged Mezzanine

Card

– Broadcom 57810 Dual Port 10Gb Base-T

– Broadcom 57810 Dual Port 10GbE SFP

– Qlogic QME8252-K Mezz

– Qlogic P3+ Dual port 10Gb SFP+/DA

• Deprecated support for the following operating systems:

– RedHat Enterprise Linux 5 SP7 (32-bit and 64-bit)

– RedHat Enterprise Linux 6 SP1 (64-bit)

–VMware ESXi 5.0

OEM Ready

server models that allow

dell.com/oem

12 Introduction

For a list of platforms, operating systems, and browsers support added and deprecated, see the Dell Systems Software Support Matrix Version 7.1 at

support.dell.com/manualsSoftware Systems ManagementDell OpenManage

See the Server Administrator context-sensitive online help for more information on features introduced in this release.

Releases.

Systems Management Standards Availability

Dell OpenManage Server Administrator supports the following major systems management protocols:

• HyperText Transfer Protocol Secure (HTTPS)

• Common Information Model (CIM)

• Simple Network Management Protocol (SNMP)

If your system supports SNMP, you must install and enable the service on your operating system. If SNMP services are available on your operating system, the Server Administrator installation program installs the supporting agents for SNMP.

HTTPS is supported on all operating systems. Support for CIM and SNMP is operating system dependent and, in some cases, operating system-version dependent.

For information on SNMP security concerns, see the Dell OpenManage Server Administrator readme file (packaged with the Server Administrator application) or at support.dell.com/manuals. You must apply updates from your operating system's master SNMP agents to ensure that Dell's SNMP subagents are secure.

Availability on Supported Operating Systems

On supported Microsoft Windows operating systems, Server Administrator supports two systems management standards: CIM/WMI (Windows Management Instrumentation) and SNMP, while on supported Red Hat Enterprise Linux and SUSE Linux Enterprise Server operating systems, Server Administrator supports the SNMP systems management standard.

Introduction 13

Server Administrator adds considerable security to these systems management standards. All attributes set operations (for example, changing the value of an asset tag) must be performed with Dell OpenManage IT Assistant while logged in with the required authority.

Table 1-1 shows the systems management standards that are available for each supported operating system.

Table 1-1. Systems Management Standards Availability

Operating System SNMP CIM

Windows Server 2008 family and Windows Server 2003 family

Red Hat Enterprise Linux Available in the net-snmp

SUSE Linux Enterprise Server Available in the net-snmp

VMware ESX Available in the net-snmp

VMware ESXi SNMP trap support available

Available from the operating system installation media

package from the operating system installation media

package installed by the operating system

Always installed

Unavailable

Available

NOTE: While ESXi supports

SNMP traps, it does not support hardware inventory through SNMP.

Citrix XenServer 6.0 Available in the net-snmp

package from the operating system installation media

Unavailable

Server Administrator Home Page

The Server Administrator home page provides easy-to-set up and easy-to-use web browser-based system management tasks from the managed system or from a remote host through a LAN, dial-up service, or wireless network. When the Dell Systems Management Server Administrator Connection Service (DSM SA Connection Service) is installed and configured on the managed system, you can

14 Introduction

perform remote management functions from any system that has a supported Web browser and connection. Additionally, the Server Administrator home page provides extensive, context-sensitive online help.

Obtaining Technical Assistance

If at any time you do not understand a procedure described in this guide or if your product does not perform as expected, help tools are available to assist you. For more information about these help tools, see “Getting Help” in your system's Hardware Owner’s Manual.

16 Introduction

Additionally, Dell Enterprise Training and Certification is available; see dell.com/training for more information. This service may not be offered in all locations.

Introduction 17

18 Introduction

Setup and Administration

Security Management

Dell OpenManage Server Administrator provides security through RoleBased Access Control (RBAC), authentication, and encryption for both the web-based and command line interfaces.

Role-Based Access Control

RBAC manages security by determining the operations that can be executed by persons in particular roles. Each user is assigned one or more roles, and each role is assigned one or more user privileges that are permitted to users in that role. With RBAC, security administration corresponds closely to an organization's structure.

User Privileges

Server Administrator grants different access rights based on the user's assigned group privileges. The four user levels are: User, Power User, Administrator, and Elevated Administrator.

•

Users

can view most information.

•

Pow er Users

actions are to be performed when a warning or failure event occurs.

•

Administrators

Auto Recovery actions in case a system has a non-responsive operating system, and clear hardware, event, and command logs. also configure the system to send e-mails.

• Elevated Administrators

can set warning threshold values and configure which alert

can configure and perform shutdown actions, configure

Administrators

can view and manage information.

can

Setup and Administration 19

Server Administrator grants read-only access to users logged in with User privileges, read and write access to users logged in with Power User privileges, and read, write, and administrator access to users logged in with Administrator and

Table 2-1. User Privileges

User Privileges Access Type

User Ye s No

Power User Ye s Yes

Administrator Ye s Yes

Elevated Administrator (Linux only) Yes Ye s

Elevated Administrator

View Manage

privileges. See Table 2-1.

Privilege Levels to Access Server Administrator Services

Table 2-2 summarizes the users who have privileges to access and manage Server Administrator services.

Table 2-2. Server Administrator User Privilege Levels

Service User Privilege Level Required

View Manage

Instrumentation U, P, A, EA P, A, EA

Remote Access U, P, A, EA A, EA

Storage Management U, P, A, EA A, EA

Table 2-3 defines the user privilege level abbreviations used in Table 2-2.

Table 2-3. Legend for Server Administrator User Privilege Levels

U User

P Power User

A Administrator

EA Elevated Administrator

20 Setup and Administration

Authentication

The Server Administrator authentication scheme ensures that the correct access types are assigned to the correct user privileges. Additionally, when the command line interface (CLI) is invoked, the Server Administrator authentication scheme validates the context within which the current process is running. This authentication scheme ensures that all Server Administrator functions, whether accessed through the Server Administrator home page or CLI, are properly authenticated.

Microsoft Windows Authentication

For supported Microsoft Windows operating systems, Server Administrator authentication uses Integrated Windows Authentication (formerly called NTLM) to authenticate. This authentication system allows Server Administrator security to be incorporated in an overall security scheme foryournetwork.

Red Hat Enterprise Linux and SUSE Linux Enterprise Server Authentication

For supported Red Hat Enterprise Linux and SUSE Linux Enterprise Server operating systems, Server Administrator uses various authentication methods based on the Pluggable Authentication Modules (PAM) library. Users can log in to Server Administrator either locally or remotely using different account management protocols, such as LDAP, NIS, Kerberos, and Winbind.

VMware ESX Server 4.X Authentication

VMware ESX Server uses the Pluggable Authentication Modules (PAM) structure for authentication when users access the ESX Server host. The PAM configuration for VMware services is located at /etc/pam.d/vmware-authd, which stores paths to authentication modules.

The default installation of ESX Server uses /etc/passwd authentication, just as Linux does, but you can configure ESX Server to use another distributed authentication mechanism.

NOTE: On systems running VMware ESX Server 4.x operating system, to login to

Server Administrator, all users require Administrator privileges. For information on assigning roles, see the VMware documentation.

Setup and Administration 21

VMware ESXi Server 5.X Authentication

ESXi Server authenticates users accessing ESXi hosts using the vSphere/VI Client or Software Development Kit (SDK). The default installation of ESXi uses a local password database for authentication. ESXi authentication transactions with Server Administrator are also direct interactions with the vmware-hostd process. To make sure that authentication works efficiently for your site, perform basic tasks such as setting up users, groups, permissions, and roles, configuring user attributes, adding your own certificates, and determining whether you want to use SSL.

NOTE: On systems running VMware ESXi Server 5.0 operating system, to login to

Server Administrator, all users require Administrator privileges. For information on assigning roles, see the VMware documentation.

Encryption

Server Administrator is accessed over a secure HTTPS connection using secure socket layer (SSL) technology to ensure and protect the identity of the system being managed. Java Secure Socket Extension (JSSE) is used by supported Microsoft Windows, Red Hat Enterprise Linux, and SUSE Linux Enterprise Server operating systems to protect the user credentials and other sensitive data that is transmitted over the socket connection when a user accesses the Server Administrator home page.

Assigning User Privileges

To ensure critical system component security, assign user privileges to all Dell OpenManage software users before installing Dell OpenManage software. New users can log in to Dell OpenManage software using their operating system user privileges.

CAUTION: To protect access to your critical system components,

assign a password to every user account that can access Dell OpenManage software. Users without an assigned password cannot log in to Dell OpenManage software on a system running Windows Server 2003 due to the operating system design.

CAUTION: Disable guest accounts for supported Windows operating systems to

protect access to your critical system components. Consider renaming the guest accounts so that remote scripts cannot enable the accounts using the default guest account names.

22 Setup and Administration

NOTE: For instructions on assigning user privileges for each supported operating

system, see your operating system documentation.

NOTE: Add new users to the operating system if you want to add users to

OpenManage software. You do not have to create new users from within the OpenManage software.

Adding Users to a Domain on Windows Operating Systems

NOTE: You must have Microsoft Active Directory installed on your system to

perform the following procedures. See "Using the Active Directory Login" on page 50 for more information about using Active Directory.

Navigate to

Users and Computers

In the console tree, right-click you want to add the new user, and then point to

Type the appropriate user name information in the dialog box, and then click

Click

Double-click the icon representing the user that you just created.

Click the

Click

Select the appropriate group and click

Click OK, and then click OK again.

Control Panel

, and then click

Member of

Add

tab.

Administrative Tools

Users

or right-click the container in which

Finish

Add

Active Directory

New

User

New users can log in to Dell OpenManage software with the user privileges for their assigned group and domain.

Creating Server Administrator Users for Supported Red Hat Enterprise Linux and SUSE Linux Enterprise Server Operating Systems

Administrator access privileges are assigned to the user logged in as root. To create users with User and Power User privileges, perform the following steps.

NOTE: You must be logged in as root or an equivalent user to perform

these procedures.

NOTE: You must have the useradd utility installed on your system to perform

these procedures.

Setup and Administration 23

Creating Users

NOTE: For information about creating users and user groups, see your operating

system documentation.

Creating Users With User Privileges

Run the following command from the command line:

useradd -d <

home-directory

> -g <

group

> <

username

where <group> is

NOTE: If <group> does not exist, create it by using the groupadd

command.

Ty p e

passwd <

When prompted, enter a password for the new user.

NOTE: Assign a password to every user account that can access Server

Administrator to protect access to your critical system components.

not root

username> and press <Enter>.

The new user can now log in to Server Administrator with User group privileges.

Creating Users With Power User Privileges

Run the following command from the command line:

useradd -d <home-directory> -g root <username>

NOTE: Set root as the primary group.

Ty p e

passwd <

When prompted, enter a password for the new user.

NOTE: Assign a password to every user account that can access Server

Administrator to protect access to your critical system components.

username> and press <Enter>.

The new user can now log in to Server Administrator with Power User group privileges.

24 Setup and Administration

Editing Server Administrator User Privileges on Linux Operating Systems

NOTE: Log in as root or an equivalent user to perform these procedures.

Open the

Add the following in the file:

<User_Name>[Tab]<Host_Name>[Tab]<Rights>

Table 2-4 lists the legend for adding the role definition to the

omarolemap

Table 2-4. Legend for adding the role definition in OpenManage Server

<User_Name> <Host_Name> <Rights>

User Name Host Name Administrator

(+)Group Name Domain User

Wildcard (*) Wildcard (*) User

[Tab] = \t (tab character)

Table 2-5 lists the examples for adding the role definition to the

omarolemap

Table 2-5. Examples for adding the role definition in OpenManage Server

omarolemap

file

Administrator

file.

Administrator

file located at

/opt/dell/srvadmin/etc/omarolemap

<User_Name> <Host_Name> <Rights>

Bob Ahost Poweruser

+root Bhost Administrator

+root Chost Administrator

Bob *.aus.amer.com Poweruser

Mike 192.168.2.3 Poweruser

Save and close the file.

Setup and Administration 25

Best Practices While Using the omarolemap File

The following are the best practices to be considered while working with the omarolemap file:

• Do not delete the following default entries in the

root * Administrator

+root * Poweruser

**User

omarolemap

file.

• Do not change the

• Do not use the loop back address for

omarolemap

file permissions or file format.

<Host_Name>

, for example:

localhost or 127.0.0.1.

• After the connection services are restarted and the changes do not take effect for the

•When the

omarolemap

file, see the command log for the errors.

file is copied from one machine to another

machine, file permissions and the entries of the file needs to be rechecked.

•Prefix the

Group Name

with +.

• Server Administrator uses the default operating system user privileges, if:

– a user is degraded in the

omarolemap

file

– there are duplicate entries of user names or user groups along

with same

• You can also use

<Host_Name>

Space

as a delimiter for columns instead of

[Tab].

Creating Server Administrator Users for VMware ESX 4.X, ESXi 4.X, and ESXi 5.X

To add a user to the Users table:

Click the

Right-click anywhere in the Users table and click

New User

Enter a login, a user name, a numeric user ID (UID), and a password; specifying the user name and UID are optional. If you do not specify the UID, the vSphere Client assigns the next available UID.

Users & Groups

dialog box.

tab and click

Users

Add

to open the

Add

26 Setup and Administration

To allow a user to access the ESX/ESXi host through a command shell, select

Grant shell access to this user

through the vSphere Client do not need shell access.

To add the user to a group, select the group name from the down menu and click

Click OK.

Add

. Users that access the host only

Group

Disabling Guest and Anonymous Accounts in Supported Windows Operating Systems

NOTE: You must be logged in with Administrator privileges to perform

this procedure.

Open the

In the console tree, expand

Double click Properties for those users, or right click the user account and then choose

Select

A red circle with an X appears over the user name to indicate that the account is disabled.

Computer Management

Guest

IUSR_system

Account is disabled

window.

Local Users and Groups

name user account to see the

Guest

Properties

and click OK.

and click

IUSR_system

Users

drop-

name

Configuring the SNMP Agent

Server Administrator supports the Simple Network Management Protocol (SNMP)—a systems management standard—on all supported operating systems. The SNMP support may or may not be installed depending on your operating system and how the operating system was installed. In most cases, SNMP is installed as part of your operating system installation. An installed supported systems management protocol standard, such as SNMP, is required before installing Server Administrator.

You can configure the SNMP agent to change the community name, enable Set operations, and send traps to a management station. To configure your SNMP agent for proper interaction with management applications such as the Dell OpenManage IT Assistant, perform the procedures described in the following sections.

Setup and Administration 27

NOTE: The default SNMP agent configuration usually includes a SNMP community

name such as public. For security reasons, rename the default SNMP community names. For information about renaming the SNMP community names, see the appropriate section below.

NOTE: SNMP Set operations are disabled by default in Server Administrator

version 5.2 or later. Server Administrator provides support to enable or disable SNMP Set operations in Server Administrator. You can use the Server Administrator SNMP Configuration page under Preferences or the Server Administrator command line interface (CLI) to enable or disable SNMP Set operations in Server Administrator. For more information about the Server Administrator CLI, see the Dell OpenManage Server Administrator Command Line Interface User's Guide.

NOTE: For IT Assistant to retrieve management information from a system running

Server Administrator, the community name used by IT Assistant must match a community name on the system running Server Administrator. For IT Assistant to modify information or perform actions on a system running Server Administrator, the community name used by IT Assistant must match a community name that allows Set operations on the system running Server Administrator. For IT Assistant to receive traps (asynchronous event notifications) from a system running Server Administrator, the system running Server Administrator must be configured to send traps to the system running IT Assistant.

The following procedures provide step-by-step instructions for configuring the SNMP agent for each supported operating system:

• “Configuring the SNMP Agent for Systems Running Supported Windows Operating Systems" on page 29.

• “Configuring the SNMP Agent on Systems Running Supported Red Hat Enterprise Linux" on page 32.

• “Configuring the SNMP Agent on Systems Running Supported SUSE Linux Enterprise Server" on page 36.

• "Configuring the SNMP Agent on Systems Running Supported VMware ESX 4.X Operating Systems to Proxy VMware MIBs" on page 39.

• “Configuring the SNMP Agent on Systems Running Supported VMware ESXi 4.X and ESXi 5.X Operating Systems" on page 41.

28 Setup and Administration

Configuring the SNMP Agent for Systems Running Supported Windows Operating Systems

Server Administrator uses the SNMP services provided by the Windows SNMP agent. You can configure the SNMP agent to change the community name, enable Set operations, and send traps to a management station. To configure your SNMP agent for proper interaction with management applications such as IT Assistant, perform the procedures described in the following sections.

NOTE: See your operating system documentation for additional details on SNMP

configuration.

Enabling SNMP Access By Remote Hosts

Windows Server 2003, by default, does not accept SNMP packets from remote hosts. For systems running Windows Server 2003, you must configure the SNMP service to accept SNMP packets from remote hosts if you plan to manage the system by using SNMP management applications from remote hosts.

To enable a system running the Windows Server 2003 operating system to receive SNMP packets from a remote host, perform the following steps:

Open the

Expand the

Scroll down the list of services until you find

SNMP Service

The

Computer Management

Services and Applications

, and then click

SNMP Service Properties

window.

icon in the window, if necessary.

icon and click

Services

SNMP Service

Properties

window appears.

, right-click

Click the

Select

Security

tab.

Accept SNMP packets from any host

Accept SNMP packets from these hosts

, or add the remote host to the

list.

Setup and Administration 29

Changing the SNMP Community Name

Configuring the SNMP community names determines which systems are able to manage your system through SNMP. The SNMP community name used by management applications must match an SNMP community name configured on the Server Administrator system so that the management applications can retrieve management information from Server Administrator.

Open the

Expand the

Scroll down the list of services until you find

SNMP Service

The

Click the

Computer Management

Services and Applications

, and then click

SNMP Service Properties

Security

tab to add or edit a community name.

window.

icon in the window, if necessary.

icon and click

SNMP Service

Properties

window appears.

Services

, right-click

To add a community name:

Click

Add

under the

The

SNMP Service Configuration

Type the community name of a system that is able to manage your system (the default is public) in the click

Add

The

SNMP Service Properties

Accepted Community Names

window appears.

Community Name

window appears.

list.

text box and

To edit a community name:

Select a community name in the and click

The

Make all necessary edits to the community name of the system that is

Edit

SNMP Service Configuration

able to manage your system in the then click

The

Click OK to save the changes.

SNMP Service Properties window appears

30 Setup and Administration

Accepted Community Names

window appears.

Community Name

text box, and

list

Enabling SNMP Set Operations

SNMP Set operations must be enabled on the Server Administrator system to change Server Administrator attributes using IT Assistant.

Open the

Expand the

Scroll down the list of services until you find

SNMP Service

The

Click the

Select a community name in the and click

The

Set the and click

The

Click OK to save the changes.

Configuring Your System to Send SNMP Traps to a Management Station

Computer Management

Services and Applications

, and click

SNMP Service Properties

Security

tab to change the access rights for a community.

Properties.

window appears.

Accepted Community Names

Edit

SNMP Service Configuration

Community Rights

SNMP Service Properties

READ WRITE

window appears.

window.

icon in the window, if necessary.

icon, and then click

SNMP Service

Services

, right-click

window appears.

READ CREATE

list,

Server Administrator generates SNMP traps in response to changes in the status of sensors and other monitored parameters. You must configure one or more trap destinations on the Server Administrator system for SNMP traps to be sent to a management station.

Open the

Expand the

Scroll down the list of services until you find right-click

The

Computer Management

Services and Applications

SNMP Service

, and click

SNMP Service Properties

window.

icon in the window, if necessary.

icon and click

Services

SNMP Service

Properties

window appears.

Setup and Administration 31

Click the

Tr ap s

tab to add a community for traps or to add a trap

destination for a trap community.

To add a community for traps, type the community name in the

Community Name

the

Community Name

To add a trap destination for a trap community, select the community name from the under the

The

Type in the trap destination and click

The

Click OK to save the changes.

Trap Destinations

SNMP Service Configuration

SNMP Service Properties

box and click

box.

Community Name

box.

window appears.

Add to list

, which is located next to

drop-down box and click

window appears.

Add

Configuring the SNMP Agent on Systems Running Supported Red Hat Enterprise Linux

Server Administrator uses the SNMP services provided by the SNMP agent. You can configure the SNMP agent to change the community name, enable Set operations, and send traps to a management station. To configure your SNMP agent for proper interaction with management applications such as IT Assistant, perform the procedures described in the following sections.

net-snmp

NOTE: See your operating system documentation for additional details on SNMP

configuration.

SNMP Agent Access Control Configuration

The management information base (MIB) branch implemented by Server Administrator is identified by the Object Identifier (OID) 1.3.6.1.4.1.674. Management applications must have access to this branch of the MIB tree to manage systems running Server Administrator.

For Red Hat Enterprise Linux and VMware ESXi 4.0 operating systems, the default SNMP agent configuration gives read-only access for the public community only to the MIB-II system branch (identified by the 1.3.6.1.2.1.1 OID) of the MIB tree. This configuration does not allow management applications to retrieve or change Server Administrator or other systems management information outside of the MIB-II system branch.

32 Setup and Administration

Server Administrator SNMP Agent Install Actions

If Server Administrator detects the default SNMP configuration during installation, it attempts to modify the SNMP agent configuration to give read-only access to the entire MIB tree for the public community. Server Administrator modifies the SNMP agent configuration file/etc/snm, p/snmpd.conf, in two ways:

The first change is to create a view to the entire MIB tree by adding the following line if it does not exist:

view all included .1

The second change is to modify the default access line to give read-only access to the entire MIB tree for the public community. Server Administrator looks for the following line:

access notConfigGroup "" any noauth exact systemview none none

If Server Administrator finds the line above, it modifies the line so that it reads:

access notConfigGroup "" any noauth exact all none none

These changes to the default SNMP agent configuration give read-only access to the entire MIB tree for the public community.

NOTE: To ensure that Server Administrator is able to modify the SNMP agent

configuration for providing proper access to systems management data, it is recommended that any other SNMP agent configuration changes be made after installing Server Administrator.

Server Administrator SNMP communicates with the SNMP agent using the SNMP Multiplexing (SMUX) protocol. When Server Administrator SNMP connects to the SNMP agent, it sends an object identifier to the SNMP agent to identify itself as a SMUX peer. Because that object identifier must be configured with the SNMP agent, Server Administrator adds the following line to the SNMP agent configuration file, /etc/snmp/snmpd.conf, during installation if it does not exist:

smuxpeer .1.3.6.1.4.1.674.10892.1

Setup and Administration 33

Changing the SNMP Community Name

Configuring the SNMP community name determines which systems are able to manage your system through SNMP. The SNMP community name used by management applications must match an SNMP community name configured on the Server Administrator system so that the management applications can retrieve management information from Server Administrator.

To change the SNMP community name used for retrieving management information from a system running Server Administrator, edit the SNMP agent configuration file, /etc/snmp/snmpd.conf, and perform the following steps:

Find the line that reads:

com2sec publicsec default public

com2sec notConfigUser default public

Edit this line, replacing

public

with the new SNMP community name.

When edited, the new line should read:

com2sec publicsec default community_name

com2sec notConfigUser default community_name

To enable SNMP configuration changes, restart the SNMP agent by typing:

service snmpd restart

Enabling SNMP Set Operations

SNMP Set operations must be enabled on the system running Server Administrator in order to change Server Administrator attributes using IT Assistant.

To enable SNMP Set operations on the system running Server Administrator, edit the SNMP agent configuration file, /etc/snmp/snmpd.conf, and perform the following steps:

Find the line that reads:

access publicgroup "" any noauth exact all none none

34 Setup and Administration

access notConfigGroup "" any noauth exact all none none

Edit this line, replacing the first

none

with

all

. When edited, the new

line should read:

access publicgroup "" any noauth exact all all none

access notConfigGroup "" any noauth exact all all none

To enable SNMP configuration changes, restart the SNMP agent by typing:

service snmpd restart

Configuring Your System to Send Traps to a Management Station

Server Administrator generates SNMP traps in response to changes in the status of sensors and other monitored parameters. One or more trap destinations must be configured on the system running Server Administrator for SNMP traps to be sent to a management station.

To configure your system running Server Administrator to send traps to a management station, edit the SNMP agent configuration file, /etc/snmp/snmpd.conf, and perform the following steps:

Add the following line to the file:

trapsink IP_address community_name

where

IP_address

is the IP address of the management station and

community_name is the SNMP community name

To enable SNMP configuration changes, restart the SNMP agent by typing:

service snmpd restart

Setup and Administration 35

Configuring the SNMP Agent on Systems Running Supported SUSE Linux Enterprise Server

Server Administrator uses the SNMP services provided by the You can configure the SNMP agent to enable SNMP access from remote hosts, change the community name, enable Set operations, and send traps to a management station. To configure your SNMP agent for proper interaction with management applications such as IT Assistant, perform the procedures described in the following sections.

NOTE: See your operating system documentation for additional details about

SNMP configuration.

Sever Administrator SNMP Install Actions

Server Administrator SNMP communicates with the SNMP agent using the SMUX protocol. When Server Administrator SNMP connects to the SNMP agent, it sends an object identifier to the SNMP agent to identify itself as a SMUX peer. This object identifier must be configured with the SNMP agent, therefore, Server Administrator adds the following line to the SNMP agent configuration file, /etc/snmp/snmpd.conf, during installation if it does not exist:

smuxpeer .1.3.6.1.4.1.674.10892.1

Enabling SNMP Access From Remote Hosts

The default SNMP agent configuration on SUSE Linux Enterprise Server operating systems gives read-only access to the entire MIB tree for the public community from the local host only. This configuration does not allow SNMP management applications such as IT Assistant running on other hosts to discover and manage Server Administrator systems properly. If Server Administrator detects this configuration during installation, it logs a message to the operating system log file, /var/log/messages, to indicate that SNMP access is restricted to the local host. You must configure the SNMP agent to enable SNMP access from remote hosts if you plan to manage the system by using SNMP management applications from remote hosts.

net-snmp

agent.

NOTE: For security reasons, it is advisable to restrict SNMP access to specific

remote hosts if possible.

36 Setup and Administration

To enable SNMP access from a specific remote host to a system running Server Administrator, edit the SNMP agent configuration file, /etc/snmp/snmpd.conf, and perform the following steps:

Find the line that reads:

rocommunity public 127.0.0.1

Edit or copy this line, replacing 127.0.0.1 with the remote host IP address. When edited, the new line should read:

rocommunity public IP_address

NOTE: You can enable SNMP access from multiple specific remote hosts by

adding a

To enable SNMP configuration changes, restart the SNMP agent by typing:

rocommunity directive for each remote host.

/etc/init.d/snmpd restart

To enable SNMP access from all remote hosts to a system running Server Administrator, edit the SNMP agent configuration file, /etc/snmp/snmpd.conf, and perform the following steps:

Find the line that reads:

rocommunity public 127.0.0.1

Edit this line by deleting 127.0.0.1. When edited, the new line should read:

rocommunity public

To enable SNMP configuration changes, restart the SNMP agent by typing:

/etc/init.d/snmpd restart

Changing the SNMP Community Name

Configuring the SNMP community name determines which management stations are able to manage your system through SNMP. The SNMP community name used by management applications must match the SNMP community name configured on the Server Administrator system, so the management applications can retrieve the management information from Server Administrator.

Setup and Administration 37

To change the default SNMP community name used for retrieving management information from a system running Server Administrator, edit the SNMP agent configuration file, /etc/snmp/snmpd.conf, and perform the following steps:

Find the line that reads:

rocommunity public 127.0.0.1

Edit this line by replacing

public

with the new SNMP community

name. When edited, the new line should read:

rocommunity community_name 127.0.0.1

To enable SNMP configuration changes, restart the SNMP agent by typing:

/etc/init.d/snmpd restart

Enabling SNMP Set Operations

SNMP Set operations must be enabled on the system running Server Administrator in order to change Server Administrator attributes using IT Assistant. To enable remote shutdown of a system from IT Assistant, SNMP Set operations must be enabled.

NOTE: Rebooting of your system for change management functionality does not

require SNMP Set operations.

To enable SNMP Set operations on a system running Server Administrator, edit the SNMP agent configuration file, /etc/snmp/snmpd.conf, and perform the following steps:

Find the line that reads:

rocommunity public 127.0.0.1

Edit this line by replacing

rocommunity

with

rwcommunity

When edited, the new line should read:

rwcommunity public 127.0.0.1

To enable SNMP configuration changes, restart the SNMP agent by typing:

/etc/init.d/snmpd restart

38 Setup and Administration

Configuring Your System to Send Traps to a Management Station

To configure your system running Server Administrator to send traps to a management station, edit the SNMP agent configuration file, /etc/snmp/snmpd.conf, and perform the following steps:

Add the following line to the file:

trapsink IP_address community_name

where

IP_address

community_name

To enable SNMP configuration changes, restart the SNMP agent by typing:

/etc/init.d/snmpd restart

is the IP address of the management station and

is the SNMP community name.

Configuring the SNMP Agent on Systems Running Supported VMware ESX 4.X Operating Systems to Proxy VMware MIBs

The ESX 4.X server can be managed through a single default port 162 using the SNMP protocol. To do this, snmpd is configured to use the default port 162 and vmwarehostd is configured to use a different (unused) port, for example, 167. Any SNMP request on the VMWare MIB branch is rerouted to the

vmware-hostd

The VMWare SNMP configuration file can be modified manually on the ESX server or by running VMWare Remote Command-Line Interface (RCLI) command tools can be downloaded from the VMware website at vmware.com/download/vi/drivers_tools.html.

To configure the SNMP agent:

Edit the VMWare SNMP configuration file, manually or run the following vicfg-snmp commands to modify the SNMP configuration settings. This includes the SNMP listening port, community string, and the trap target ipaddress/port and trap community name and then enable the VMWare SNMP service.

using the proxy feature of the

vicfg-snmp

from a remote system (Windows or Linux). The RCLI

snmpd

daemon.

/etc/vmware/snmp.xml

, either

Setup and Administration 39

a vicfg-snmp.pl --server <ESX_IP_addr> --username

root --password <password> -c <community name>

-p X –t <Destination_IP_Address>@162/<community name>

Where X represents an unused port. To find an unused port, check the

/etc/services

file for the port assignment for defined system services. Also, to make sure that the port selected is not currently being used by any application/service, run the following command on the ESX server:

netstat –a command

NOTE: Multiple IP addresses can be entered using a comma-separated list.

To enable VMWare SNMP service, run the following command:

vicfg-snmp.pl --server <ESX_IP_addr> --username root --password <password>

-E

To view the configuration settings, run the following command:

vicfg-snmp.pl --server <ESX_IP_addr> --username root --password <password>

-s

After modification, the configuration file looks like this:

<?xml version="1.0"> <config> <snmpSettings> <enable>true</enable> <communities>public</communities> <targets>143.166.152.248@162/public</targets> <port>167</port> </snmpSettings> </config>

Stop the SNMP service if it is already running on your system by entering the following command:

40 Setup and Administration

service snmpd stop

Add the following line at the end of the

/etc/snmp/snmpd.conf

file:

proxy -v 1 -c public udp:127.0.0.1:X .1.3.6.1.4.1.6876

Where X represents the unused port specified above, while configuring SNMP.

Configure the trap destination using the following command:

<Destination_IP_Address> <community_name>

The trapsink specification is required to send traps defined in the proprietary MIBs.

Restart the mgmt-vmware service with the following command:

service mgmt-vmware restart

Restart the snmpd service with the following command:

service snmpd start

NOTE: If the srvadmin is installed and the services are already started, restart

the services as they depend on the

Run the following command so that the snmpd daemon starts on every

snmpd

service.

reboot:

chkconfig snmpd on

Run the following command to ensure that the SNMP ports are open before sending traps to the management station.

esxcfg-firewall -e snmpd

Setup and Administration 41

Configuring the SNMP Agent on Systems Running Supported VMware ESXi 4.X and ESXi 5.X Operating Systems

Server Administrator supports SNMP traps on VMware ESXi 4.X and ESXi

5.X. If a standalone license is only present, SNMP configuration fails on VMware ESXi operating systems. Server Administrator does not support SNMP Get and Set operations on VMWare ESXi 4.X and ESXi 5.x as the required SNMP support is unavailable. The VMware vSphere CommandLine Interface (CLI) is used to configure systems running VMware ESXi 4.X and ESXi 5.X to send SNMP traps to a management station.

NOTE: For more information about using the VMware vSphere CLI, see

vmware.com/support.

Configuring Your System to Send Traps to a Management Station

To configure your ESXi system running Server Administrator to send traps to a management station, perform the following steps:

Install the VMware vSphere CLI.

Open a command prompt on the system where the VMware vSphere CLI is installed.

Change to the directory where the VMware vSphere CLI is installed. The default location on Linux is

C:\Program Files\VMware\VMware vSphere CLI\bin

Execute the following command:

vicfg-snmp.pl --server <server> --username <username> --password <password> -c <community> -t <hostname>@162/<community>

/usr/bin

. The default location on Windows is

42 Setup and Administration

where

password of the ESXi user, name and management station.

NOTE: The extension .pl is not required on Linux.

NOTE: If you do not specify a user name and password, you are prompted.

The SNMP trap configuration takes effect immediately without restarting any services.

is the hostname or IP address of the ESXi system,

is a user on the ESXi system,

is the hostname or IP address of the

is the SNMP community

is the

Firewall Configuration on Systems Running Supported Red Hat Enterprise Linux Operating Systems and SUSE Linux Enterprise Server

If you enable firewall security while installing Red Hat Enterprise Linux/SUSE Linux, the SNMP port on all external network interfaces is closed by default. To enable SNMP management applications such as IT Assistant to discover and retrieve information from Server Administrator, the SNMP port on at least one external network interface must be open. If Server Administrator detects that the SNMP port is not open in the firewall for any external network interface, Server Administrator displays a warning message and logs a message to the system log.

You can open the SNMP port by disabling the firewall, opening an entire external network interface in the firewall, or opening the SNMP port for at least one external network interface in the firewall. You can perform this action before or after Server Administrator is started.

To open the SNMP port on Red Hat Enterprise Linux using one of the previously described methods, perform the following steps:

At the Red Hat Enterprise Linux command prompt, type press <Enter>

to start the Text Mode Setup Utility.

setup

and

NOTE: This command is available only if you have performed a default

installation of the operating system.

The

Choose a Tool

Select

Firewall Configuration

The

Firewall Configuration

menu appears.

using the down arrow and press <Enter>.

screen appears.

Setup and Administration 43

Press <Tab> to select

Security Level

and then press the spacebar to select the security level you want to set. The selected Security Level is indicated by an asterisk.

NOTE: Press <F1> for more information about the firewall security levels.

The default SNMP port number is 161. If you are using the X Window System graphical user interface, pressing <F1> may not provide information about firewall security levels on newer versions of Red Hat Enterprise Linux.

To disable the firewall, select

To open an entire network interface or the SNMP port, select

Medium,

Press <Tab> to go to

The

Firewall Configuration - Customize

Select whether to open an entire network interface or just the SNMP port

Enabled

Customize

No firewall

Disabled

and continue with step 4.

and press <Enter>.

screen appears.

and go to step 7.

on all network interfaces.

To open an entire network interface, press <Tab> to go to one of the Trusted Devices and press the spacebar. An asterisk in the box to the left of the device name indicates that the entire interface is opened.

To open the SNMP port on all network interfaces, press to

Other ports

Press

<Tab>

The

Firewall Configuration

and type

snmp:udp

to select OK and press

screen appears.

<Enter>

<Tab>

High,

to go

Press

<Tab>

The

Choose a Tool

Press

<Tab>

to select OK and press

menu appears.

to select

Quit

44 Setup and Administration

and press

<Enter>

To open the SNMP port on SUSE Linux Enterprise Server, perform the following steps:

Configure SuSEfirewall2 by executing this on a console

a.# yast2 firewall

Use the arrow keys to navigate to

Press

Alt+d

to open the

Press

Alt+T

to move the cursor to the

Ty p e

snmp

in the text box.

Press

Alt-O

and ‘

Alt-N

’ to go to the next screen.

Press

Alt-A

to accept and apply the changes.

Additional Allowed Ports

Allowed Services

TCP Ports

dialog box.

text box.

Setup and Administration 45

46 Setup and Administration

Using Server Administrator

Starting Your Server Administrator Session

To start a Server Administrator session, double-click the Dell OpenManage Server Administrator icon on your desktop.

The Server Administrator Log in screen is displayed. The default port for Dell OpenManage Server Administrator is 1311. You can change the port, if required. See "Dell Systems Management Server Administration Connection Service and Security Setup" on page 60 for instructions on setting up your system preferences.

NOTE: Servers running on XenServer 6.0 can be managed using Command Line

Interface (CLI) or a central web server installed on a separate machine.

Logging In and Out

OpenManage Server Administrator provides three types of logins. These are:

• Server Administrator Local System

• Server Administrator Managed System

• Central Web Server

Server Administrator Local System Login

This login is available only if you install the Server Instrumentation and Server Administrator Web Server components on the local system.

This option is unavailable for servers running on XenServer 6.0

To log in to Server Administrator on a local system:

Type your preassigned the Systems Management

If you are accessing Server Administrator from a defined domain, you must also specify the correct

Select the Active Directory. See "Using the Active Directory Login" on page 50.

Active Directory Login

Username

Domain

and

Password

window.

name.

check box to log in using Microsoft

Using Server Administrator 47

in the appropriate fields on

Click

Submit

To end your Server Administrator session, click Log Out located in the upper- right corner of each Server Administrator home page.

NOTE: For information about Configuring Active Directory on Systems using CLI,

see the Dell OpenManage Management Station Software Installation Guide.

Server Administrator Managed System Login

This login is available only when you install the Server Administrator Web Server component. To log in to Server Administrator to manage a remote system:

Method 1

1 Double-click the Dell OpenManage Server Administrator icon on

your desktop

Type the managed system's IP Address or system name or Fully Qualified Domain Name (FQDN).

NOTE: If you have entered the system name or FQDN, Dell OpenManage Server

Administrator Web Server host converts the system name or FQDN into the IP Address of the managed system. You can also enter the port number of the managed system. For example, Hostname:Port Number, or IP address:Port Number. If you are connecting to a Citrix XenServer 6.0 managed node, use port 5986 in the format Hostname:Port Number, or IP address:Port Number.

Select the Intranet connection.

Select the using Microsoft Active Directory authentication. Do not check this box if Active Directory software is not used to control access to your network. See "Using the Active Directory Login" on page 50.

Click

Ignore Certificate Warnings

Active Directory Login

Submit

check box, if you are using an

check box. Check this option to log in

48 Using Server Administrator

Method 2

Open your Web browser and type one of the following in the address field and press <Enter>:

https://hostname:1311 where hostname is the assigned name for the managed node system and

1311 is the default port number

https://IP address:1311

where IP address is the IP address for the managed system and 1311 is the default port number. You should type https:// (and not http://) in the address field to receive a valid response in your browser.

NOTE: You must have preassigned user rights to log in to Server Administrator. See

"Setup and Administration" on page 19 for instructions on setting up new users.

Central Web Server Login

This login is available only when you install the Server Administrator Web Server component. Use this login to manage the OpenManage Server Administrator Central Web Server:

1 Double-click on the Dell OpenManage Server Administrator icon on

your desktop. The remote login page is displayed.

CAUTION: The login screen has an Ignore certificate warnings check box.You

should use this option with discretion. It is recommended that you use it only in trusted Intranet environments.

Click the screen.

Enter the Server Administrator from a defined domain)

4 Select the Active Directory Login check box to log in using Microsoft

Active Directory. See

Click

Manage Web Server

User Name, Password

Submit.

link, located at the top-right corner of the

, and

Domain name (if you are accessing

and click

Submit

"Using the Active Directory Login" on page 50.

Using Server Administrator 49

To end your Server Administrator session, click Log Out on the "Global Navigation Bar." The Log Out button is located in the upper-right corner of each Server Administrator home page.

NOTE: When you launch Server Administrator using either Mozilla Firefox version

3.0 and 3.5 or Microsoft Internet Explorer version 7.0 or 8.0, an intermediate warning page may appear displaying the problem with security certificate. To ensure system security, it is recommended that you generate a new X.509 certificate, reuse an existing X.509 certificate, or import a root certificate or certificate chain from a Certification Authority (CA). To avoid encountering such warning messages about the certificate, the certificate used must be from a trusted CA. For more information on X.509 Certificate Management, see

X.509 Certificate Management

To ensure system security, it is recommended that you import a root certificate or certificate chain from a Certification Authority (CA). See the VMware documentation for details.

NOTE: If the certificate authority on the managed system is valid and if the

Server Administrator web server still reports an untrusted certificate error, you can still make the managed system’s CA as trusted by using the certutil.exe file. See your operating system documentation for details on accessing this .exe file. On supported Windows operating systems, you can also use the certificates snap in option to import certificates.

Using the Active Directory Login

You should select the Active Directory Login check box to log in using the Dell Extended Schema Solution in Active Directory.

This solution enables you to provide access to Server Administrator; allowing you to add/control Server Administrator users and privileges to existing users in your Active Directory software. For more information, see "Using Microsoft Active Directory" in the

Dell OpenManage Installation and Security User's Guide

Single Sign-On

The Single Sign-On option in Windows operating systems enables all loggedin users to bypass the login page and access the Server Administrator Web application by clicking the Dell OpenManage Server Administrator icon on your desktop.

NOTE: For more information on Single Sign-On, see the Knowledge Base article at

support.microsoft.com/default.aspx?scid=kb;en-us;Q258063.

50 Using Server Administrator

For local machine access, you must have an account on the machine with the appropriate privileges (User, Power User, or Administrator). Other users are authenticated against the Microsoft Active Directory. To launch Server Administrator using Single Sign-On authentication against Microsoft Active Directory, the following parameters must also be passed in:

authType=ntlm&application=[plugin name]

where plugin name = omsa, ita, etc.

For exam ple:

https://localhost:1311/?authType=ntlm&application= omsa

To launch Server Administrator using Single Sign-On authentication against the local machine user accounts, the following parameters must also be passed in:

authType=ntlm&application=[plugin name]&locallogin=true

Where plugin name = omsa, ita, etc.

For exam ple:

https ://localhost:1311/?authType=ntlm&application= omsa&locallogin=true

Server Administrator has also been extended to allow other products (such as Dell OpenManage IT Assistant) to directly access Server Administrator Web pages without going through the login page (if you are currently logged in and have the appropriate privileges).

Using Server Administrator 51

Configuring Security Settings on Systems Running a Supported Microsoft Windows Operating System

You must configure the security settings for your browser to log in to Server Administrator from a remote management system that is running a supported Microsoft Windows operating system.

The security settings for your browser may prevent the execution of client-side scripts that are used by Server Administrator. To enable the use of client-side scripting, perform the following steps on the remote management system.

NOTE: If you have not configured your browser to enable the use of client-side

scripting, you might receive a blank screen when logging in to Server Administrator. In this case, an error message is displayed instructing you to configure your browser settings.

Internet Explorer

In your Web browser, click

Click the

Click

Copy the Web address used to access the remote managed system from

Trusted Sites

Sites

the browser’s address bar and paste it onto the

Zone

field.

Click

Custom Level

For Windows Server 2003:

Tools

Internet Options

Security

icon.

Add this Web Site to the

–Under

Click OK to save the new settings. Close the browser and log in to Server

Miscellaneous

Active Scripting

, select the

Explorer web browser controls

Allow Meta Refresh

Enable

radio button.

Allow scripting of Internet

radio button.

Administrator.

To allow Single Sign-On for Server Administrator without prompts for user credentials, perform the following steps:

In your Web browser click

Click the

Click

Trusted Sites

Sites

icon.

Too ls

Internet Options

Security

52 Using Server Administrator

Copy the Web address used to access the remote managed system from the browser’s address bar and paste it onto the

Zone

field.

Click

Custom Level

Under

User Authentication

username and password

Click OK to save the new settings.

Close the browser and log in to Server Administrator.

Mozilla Firefox

Start your browser.

Click

Edit

Click

Advanced

Ensure that the

Click OK to save the new settings.

Close the browser.

radio button.

Preferences

Navigator

Scripts and Plugins.

check box is selected under

, select the

Automatic Logon with current

Add this Web Site to the

Enable JavaScript for

The Server Administrator Home Page

NOTE: Do not use your Web browser toolbar buttons (such as Back and Refresh)

while using Server Administrator. Use only the Server Administrator navigation tools.

With only a few exceptions, the Server Administrator home page has three main areas:

•The

global navigation bar

system tree

access privileges.

action window selected system tree object based on the user's access privileges. The action window contains three functional areas:

– The action tabs display the primary actions or categories of actions that

are available for the selected object based on the user's access privileges.

displays all visible system objects based on the user's

provides links to general services.

displays the available management actions for the

Using Server Administrator 53

– The action tabs are divided into subcategories of all available secondary

options for the action tabs based on the user's access privileges.

–The

data area

displays information for the selected system tree object,

action tab, and subcategory based on the user's access privileges.

Additionally, when logged in to the Server Administrator home page, the system model, the assigned name of the system, and the current user's user name and user privileges are displayed in the top-right corner of the window.

Table 3-1 lists the GUI field names and the applicable system, when Server Administrator is installed on the system.

Table 3-1. System Availability for the Following GUI Field Names

GUI Field Name Applicable System

Modular Enclosure Server module Main System System Main system Chassis

Modular System

Non-Modular System

Figure 3-1 shows a sample Server Administrator home page layout for a user logged in with administrator privileges on a non-modular system.

54 Using Server Administrator

Figure 3-1. Sample Server Administrator Home Page — Non-Modular System

system tree

action tab

action tab subcategories

action window

global navigation bar

action tab subcategories

action tab

system tree

action window

Figure 3-2 shows a sample Server Administrator home page layout for a user logged in with administrator privileges on a modular system.

Figure 3-2. Sample Server Administrator Home Page — Modular System

Using Server Administrator 55

Clicking an object in the system tree opens a corresponding action window for that object. You can navigate in the action window by clicking action tabs to select major categories and clicking the action tab subcategories to access more detailed information or more focused actions. The information displayed in the data area of the action window can range from system logs to status indicators to system probe gauges. Underlined items in the data area of the action window indicate a further level of functionality. Clicking an underlined item creates a new data area in the action window that contains a greater level of detail. For example, clicking Main System Chassis/Main System under the Health subcategory of the Properties action tab lists the health status of all the components contained in the Main System Chassis/Main System object that are monitored for health status.

NOTE: Administrator or Power User privileges are required to view most of the

system tree objects, system components, action tabs, and data area features that are configurable. Additionally, only users logged in with Administrator privileges can access critical system features such as the shutdown functionality included under the Shutdown tab.

Server Administrator User Interface Differences Across Modular and Non-Modular Systems

Table 3-2 lists the availability of Server Administrator features across modular and non-modular systems. A tick mark indicates availability, while a cross mark indicates non-availability of the feature.

Table 3-2. Server Administrator User Interface Differences Across Modular and NonModular Systems

Features Modular System Non-Modular System

Batteries

Power Supplies

Fans

Hardware Performance

(

xx0x

system onwards)

Intrusion

Memory

Network

56 Using Server Administrator

Table 3-2. Server Administrator User Interface Differences Across Modular and NonModular Systems

Ports

Power Management

(

xx0x

system onwards)

Processors

Remote Access

Removable Flash Media

Slots

Te mp e ra t ur e s

Vo lt ag es

Modular Enclosure (Chassis Information and CMC Information)

Global Navigation Bar

The global navigation bar and its links are available to all user levels in the program.

•Click

Preferences

to open the

Preferences Home Page."

Support

About

to connect to the Dell Support website.

to display Server Administrator version and

Log Out

to end the current Server Administrator program session.

Preferences

home page. See "Using the

System Tree

The system tree appears on the left side of the Server Administrator home page and lists the components of your system that are viewable. The system components are categorized by component type. When you expand the main object known as Modular Enclosure categories of system/server module components that may appear are Main System Chassis/Main System, Software, and Storage.



System/Server Module, the major

Using Server Administrator 57

To expand a branch of the tree, click the plus sign ( ) to the left of an object, or double-click the object. A minus sign ( ) indicates an expanded entry that cannot be expanded further.

Action Window

When you click an item on the system tree, details about the component or object appear in the data area of the action window. Clicking an action tab displays all available user options as a list of subcategories.

Clicking an object on the system/server module tree opens that component's action window, displaying the available action tabs. The data area defaults to a preselected subcategory of the first action tab for the selected object. The preselected subcategory is usually the first option. For example, clicking the Main System Chassis/Main System object opens an action window in which the Properties action tab and Health subcategory are displayed in the window's data area.

Data Area

The data area is located below the action tabs on the right side of the home page. The data area is where you perform tasks or view details about system components. The content of the window depends on the system tree object and action tab that are currently selected. For example, when you select BIOS from the system tree, the Properties tab is selected by default and the version information for the system BIOS appears in the data area. The data area of the action window contains many common features, including status indicators, task buttons, underlined items, and gauge indicators.

The Server Administrator user interface displays the date in the <mm/dd/yyyy> format.

System/Server Module Component Status Indicators

The icons that appear next to component names show the status of that component (as of the latest page refresh).

Table 3-3. System/Server Module Component Status Indicators

component is healthy (normal).

58 Using Server Administrator

Table 3-3. System/Server Module Component Status Indicators

component has a warning (noncritical) condition. A warning condition occurs when a probe or other monitoring tool detects a reading for a component that falls within certain minimum and maximum values. A warning condition requires prompt attention.

component has a failed or critical condition. A critical condition occurs when a probe or other monitoring tool detects a reading for a component that falls within certain minimum and maximum values. A critical condition requires immediate attention.

component's health status is unknown.

Task Buttons

Most windows opened from the Server Administrator home page contain at least five task buttons: Print, Export, Email, Help and Refresh. Other task buttons are included on specific Server Administrator windows. Log windows, for example, also contain Save As and Clear Log task buttons.

•Clicking

( )prints a copy of the open window to your default

printer.

•Clicking

Export

( )generates a text file that lists the values for each data field on the open window. The export file is saved to a location you specify. See Setting User and System Preferences for instructions on customizing the delimiter separating the data field values

•Clicking

( )creates an e-mail message addressed to your

designated e-mail recipient. See Setting User and System Preferences for instructions on setting up your e-mail server and default e-mail recipie

•Clicking

Refresh

( )reloads the system component status information

nt.

in the action window data area.

•Clicking

Save As

saves an HTML file of the action window in a

Clear Log

.zip

file.

erases all events from the log displayed in the action

window data area.

•Clicking

Help

()

provides detailed information about the specific

window or task button you are viewing.

NOTE: The Export, Email, Save As, and Clear Log buttons are only visible for users

logged in with Power User or Administrator privileges.

Using Server Administrator 59

Underlined Items

Clicking an underlined item in the action window data area displays additional details about that item.

Gauge Indicators

Temperature probes, fan probes, and voltage probes are each represented by a gauge indicator. For example, Figure 3-3 shows readings from a system's CPU fan probe.

Figure 3-3. Gauge Indicator

Using the Online Help

Context-sensitive online help is available for every window of the Server Administrator home page. Clicking Help opens an independent help window that contains detailed information about the specific window you are viewing. The online help is designed to guide you through the specific actions required to perform all aspects of the Server Administrator services. Online help is available for all windows you can view, based on the software and hardware groups that Server Administrator discovers on your system and your user privilege level.

60 Using Server Administrator

Using the Preferences Home Page

The left-hand pane of the Preferences home page (where the system tree is displayed on the Server Administrator home page) displays all available configuration options in the system tree window.

The available Preferences home page configuration options are:

• General Settings

•

Server Administrator

You can view the Preferences tab after you log in to manage a remote system. This tab is also available when you log in to manage the Server Administrator Web server or manage the local system.

Like the Server Administrator home page, the Preferences home page has three main areas:

• The global navigation bar provides links to general services.

–Click

•The left-hand pane of the displayed on the Server Administrator home page) displays the preference categories for the managed system or the Server Administrator Web server.

• The action window displays the available settings and preferences for the managed system or the Server Administrator Web Server.

Figure 3-4 shows a sample Preferences home page layout.

Home

to return to the Server Administrator home page.

Preferences

home page (where the system tree is

Using Server Administrator 61

Figure 3-4. Sample Preferences Home Page - Managed System

Managed System Preferences

When you log in to a remote system, the Preferences home page defaults to the Node Configuration window under the Preferences tab.

Click the Server Administrator object to enable or disable access to users with User or Power User privileges. Depending on the user’s group privileges, the Server Administrator object action window may have the Preferences tab.

Under the Preferences tab, you can:

• Enable or disable access to users with User or Power User privileges.

• Configure the Command Log Size

•Configure SNMP

Server Administrator Web Server Preferences

When you log in to manage the Server Administrator Web server, the Preferences home page defaults to the User Preferences window under the Preferences tab.

Due to the separation of the Server Administrator Web server from the managed system, the following options are displayed when you log in to the Server Administrator Web server, using the Manage Web Server link:

• Web Server Preferences

• X.509 Certificate Management

62 Using Server Administrator

For more information on accessing these features, see

Services

Dell Systems Management Server Administration Connection Service and Security Setup

Setting User and System Preferences

Server Administrator

You set user and secure port system preferences from the Preferences home page.

NOTE: You must be logged in with Administrator privileges to set or reset user or

system preferences.

Perform the following steps to set up your user preferences:

Click

Preferences

The

Preferences

Click

General Settings

To add a preselected e-mail recipient, type the e-mail address of your designated service contact in the

NOTE: Click Email in any window to send an e-mail message with an attached

HTML file of the window to the designated e-mail address.

NOTE: The Web Server URL is not retained if you restart OpenManage Server

Administrator service or the system where Server Administrator is installed. Use the omconfig command to re-enter the URL.

on the global navigation bar.

home page appears.

Mail To:

field, and click

Apply Changes

Perform the following steps to set up your secure port system preferences:

Click

The

Preferences

on the global navigation bar.

home page appears.

Click

In the

•The

General Settings

Server Preferences

Session Timeout

, and the

Web Server

tab.

window, set options as necessary.

feature can set a limit on the amount of time

that a Server Administrator session can remain active. Select the

Enable

radio button to allow Server Administrator to time out if there is no user interaction for a specified number of minutes. Users whose session times out must log in again to continue. Select the

Disable

radio button to disable the Server Administrator session timeout feature.

Using Server Administrator 63

•The

HTTPS Port

field specifies the secure port for Server Administrator.

The default secure port for Server Administrator is 1311.

NOTE: Changing the port number to an invalid or in-use port number might

prevent other applications or browsers from accessing Server Administrator on the managed system. See the Dell OpenManage Installation and Security User's Guide for the list of default ports.

•The

IP Address to Bind to

field specifies the IP address(es) for the managed system that Server Administrator binds to when starting a session. Select the applicable for your system. Select the

All

radio button to bind to all IP addresses

Specific

radio button to bind to

a specific IP address.

NOTE: Changing the IP Address to Bind to value to a value other than All may

prevent other applications or browsers from accessing Server Administrator on the managed system.

•The

Mail To

field specifies the e-mail IDs to which you want to send emails about updates by default. You can configure multiple e-mail IDs and use a comma to separate each one.

•The

SMTP Server name

and

DNS Suffix for SMTP Server

fields specify your company or organization's Simple Mail Transfer Protocol (SMTP) and domain name server (DNS) suffix. To enable Server Administrator to send e-mails, you must type the IP address and DNS suffix for the SMTP Server for your company or organization in the appropriate fields.

NOTE: For security reasons, your company or organization might not allow

e-mails to be sent through the SMTP server to outside accounts.

•The

Command Log Size

field specifies the largest file size in MB for

the command log file.

NOTE: This field appears only when you log in to manage the Server

Administrator Web Server.

•The

Support Link

field specifies the URL for the business entity that

provides support for your managed system.

•The

Custom Delimiter

the data fields in the files created using the character is the default delimiter. Other options are

*, ~, ?, |

, and ,.

64 Using Server Administrator

field specifies the character used to separate

Export

button. The ;

!, @, #, $, %, ^

•The

SSL Encryption

field specifies the encryption levels for the

secured HTTPS sessions. The available encryption levels include

Negotiate

•

and

128-bit or higher

Auto Negotiate

— Allows connection from browser with any encryption strength. The browser auto negotiates with the Server Administrator web server and uses the highest available encryption level for the session. Legacy browsers with weaker encryption can connect to the Server Administrator.

•

128-bit or higher

— Allows connections from browsers with 128-bit or higher encryption strength. One of the following cipher suites is applicable based on the browser for any established sessions:

SSL_RSA_WITH_RC4_128_SHA

SSL_RSA_WITH_RC4_128_MD5

SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

SSL_RSA_WITH_3DES_EDE_CBC_SHA

TLS_RSA_WITH_AES_128_CBC_SHA

TLS_DHE_DSS_WITH_AES_128_CBC_SHA

SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA

•

Key Signing Algorithm

— Displays the supported signing algorithms. Select an algorithm from the drop down list. If you select either SHA 512 or SHA 256, ensure that your operating system/browser supports this algorithm. If you select one of these options without the requisite operating system/browser support, Server Administrator displays a

cannot display the webpage

error. This field is meant only for Server Administrator auto-generated self-signed certificates. The drop down list is grayed out if you import or generate new certificates into Server Administrator

Auto

NOTE: The 128-bit or higher option does not allow connections from

browsers with lower SSL encryption strength, such as 40 bit and 56 bit.

NOTE: Restart the Server Administrator web server for the changes to take

effect.

NOTE: If the encryption level is set to 128-bit or higher, you can access or

modify the Server Administrator settings using a browser with the same or higher encryption levels.

Using Server Administrator 65

When you finish setting options in the click

Apply Changes

X.509 Certificate Management

Server Preferences

window,

Web certificates are necessary to ensure the identity of a remote system and ensure that information exchanged with the remote system cannot be viewed or changed by others. To ensure system security, it is recommended that:

• You generate a new X.509 certificate, reuse an existing X.509 certificate, or import a root certificate or certificate chain from a Certification Authority (CA).

• All systems that have Server Administrator installed have unique host names.

NOTE: You must be logged in with Administrator privileges to perform certificate

management.

To manage X.509 certificates through the Preferences home page, click General Settings, click the Web Ser ver tab, and click X.509 Certificate.

The following are the available options:

•

Generate a new X.509 certificate

— Creates a certificate for access to

Server Administrator.

•

Certificate Maintenance

— Selects an existing certificate that your company has title to, and uses this certificate to control access to Server Administrator.

•

Import a root certificate

— Allows you to import the root certificate, as well as the certificate response (in PKCS#7 format), received from the trusted certificate authority.

•

Import certificate chain from a CA

— Allows you to import the certificate response (in PKCS#7 format) from the trusted certificate authority. Some of the reliable certificate authorities are Verisign, Thawte, and Entrust.

Server Administrator Web Server Action Tabs

The following are the action tabs that are displayed when you log in to manage the Server Administrator web server:

•Shutdown

•Logs

• Session Management

66 Using Server Administrator

Using the Server Administrator Command Line Interface

The Server Administrator command line interface (CLI) allows users to perform essential systems management tasks from the operating system command prompt of a monitored system.

The CLI allows a user with a very well-defined task in mind to rapidly retrieve information about the system. Using CLI commands, for example, administrators can write batch programs or scripts to execute at specific times. When these programs execute, they can capture reports on components of interest, such as fan RPMs. With additional scripting, the CLI can be used to capture data during periods of high system usage to compare with the same measurements at times of low system usage. Command results can be routed to a file for later analysis. The reports can help administrators to gain information that can be used to adjust usage patterns, to justify purchasing new system resources, or to focus on the health of a problem component.

For complete instructions on the functionality and use of the CLI, see the Dell OpenManage Server Administrator Command Line Interface User's Guide.

Using Server Administrator 67

68 Using Server Administrator

Server Administrator Services

Overview

The Dell OpenManage Server Administrator Instrumentation Service monitors the health of a system and provides rapid access to detailed fault and performance information gathered by industry-standard systems management agents. The reporting and viewing features allow retrieval of overall health status for each chassis that comprises your system. At the subsystem level, you can view information about the voltages, temperatures, fan rpm, and memory function at key points in the system. A detailed account of every relevant cost of ownership (COO) detail about your system can be seen in the summary view. Version information for BIOS, firmware, operating system, and all installed systems management software is easy to retrieve.

Additionally, system administrators can use the Instrumentation Service to perform the following essential tasks:

• Specify minimum and maximum values for certain critical components. The values, called thresholds, determine the range in which a warning event for that component occurs (minimum and maximum failure values are specified by the system manufacturer).

• Specify how the system responds when a warning or failure event occurs. Users can configure the actions that a system takes in response to notifications of warning and failure events. Alternatively, users who have around-the-clock monitoring can specify that no action is to be taken and rely on human judgment to select the best action in response to an event.

• Populate all of the user-specifiable values for the system, such as the name of the system, the phone number of the system's primary user, the depreciation method, whether the system is leased or owned, and so on.

NOTE: You must configure the Simple Network Management Protocol (SNMP)

service to accept SNMP packets for both managed systems and network management stations running Microsoft Windows Server 2003. See

SNMP Agent for Systems Running Supported Windows Operating Systems

Server Administrator Services 69

Configuring the

for details.

Managing Your System

The Server Administrator home page defaults to the System object of the system tree view. The default for the System object opens the Health components under the Properties tab.

The Preferences home page defaults to the Access Configuration window under the Preferences tab.

From the Preferences home page, you can restrict access to users with User and Power User privileges, set the SNMP password, and configure user settings and DSM SA Connection Service settings.

NOTE: Context-sensitive online help is available for every window of the Server

Administrator home page. Click Help to open an independent help window that contains detailed information about the specific window you are viewing. The online help is designed to guide you through the specific actions required to perform all aspects of the Server Administrator services. Online help is available for all windows you can view, based on the software and hardware groups that Server Administrator discovers on your system and your user privilege level.

NOTE: You must have Administrator or Power User privileges to view many of the

Managing System/Server Module Tree Objects

The Server Administrator system/server module tree displays all visible system objects based on the software and hardware groups that Server Administrator discovers on the managed system and on the user's access privileges. The system components are categorized by component type. When you expand the main object—"Modular Enclosure"—"System/Server Module"—the major categories of system components that may appear are, "Main System Chassis/Main System," "Software," and "Storage."

70 Server Administrator Services

If Storage Management Service is installed, depending on the controller and storage attached to the system, the Storage tree object expands to display various objects.

For detailed information on the Storage Management Service component, see the Dell OpenManage Server Administrator Storage Management User's Guide at support.dell.com/manuals.

Server Administrator Home Page System Tree Objects

Unsupported Features in OpenManage Server Administrator

Due to the limitations of the VMware ESX and ESXi version 4.X and 5.X operating systems, some features available with earlier versions of OpenManage Server Administrator are not available in this release. These include:

Unsupported Features on ESX 4.X

• Fibre Channel over Ethernet (FCoE) Capable and iSCSI over Ethernet (iSoE) capable information

Unsupported Features on ESXi 4.X/5.X

• FCoE-capable and iSoE-capable information

• Alert Management — Alert Actions

• Network Interface — Administrative Status

• Network Interface — DMA

• Network Interface — Internet Protocol (IP) Address

• Network Interface — Maximum Transmission Unit

• Network Interface — Operational Status

• Preferences — SNMP Configuration

• Remote Shutdown — Power Cycle System with Shutdown operating system First

• About Details — Server Administrator component details not listed under

Details

tab

Server Administrator Services 71

•Rolemap

NOTE: Server Administrator always displays the date in <mm/dd/yyyy> format.

NOTE: Administrator or Power User privileges are required to view many of the

Modular Enclosure

NOTE: For the purposes of Server Administrator, modular enclosure refers to a

system that may contain one or more modular systems that appear as a separate Server Module in the system tree. Like a stand-alone Server Module, a Modular Enclosure contains all of the essential components of a system. The only difference is that there are slots for at least two Server Modules within a larger container, and each of them is as complete a system as a Server Module.

To view the modular system’s chassis information and Controller (CMC) information, click

the Modular Enclosure object

Properties

Subtabs: Information

Under the Properties tab, you can:

• View the chassis information for the modular system being monitored.

• View detailed Chassis Management Controller (CMC) information for the modular system being monitored.

Chassis Management

Accessing and Using Chassis Management Controller

To launch the Chassis Management Controller Log in window from the Server Administrator home page:

Click the

Interface

Modular Enclosure

CMC Information

. The CMC

object

tab, and then click

window is displayed.

Launch the CMC Web

You can monitor and manage your modular enclosure after connecting to the CMC.

72 Server Administrator Services

System/Server Module

The System/Server Module object contains three main system component groups: "Main System Chassis/Main System," "Software," and "Storage." The Server Administrator home page defaults to the System object of the system tree view. Most administrative functions can be managed from the System/Server Module object action window. The System/Server Module object action window has the following tabs, depending on the user's group privileges: Properties, Shutdown, Logs, Alert Management, and Session

Management.

Properties

Subtabs: Health | Summary | Asset Information | Auto Recovery

Under the Properties tab, you can:

• View the current health alert status for hardware and software components in the

Main System Chassis/Main System

• View detailed summary information for all components in the system being monitored.

• View and configure asset information for the system being monitored.

• View and set the Automatic System Recovery (operating system watchdog timer) actions for the system being monitored.

NOTE: Automatic System Recovery options may not be available because the

operating system watchdog timer is enabled in BIOS. To configure the auto recovery options, the operating system watchdog timer must be disabled.

object and the

Storage

object.

NOTE: Automatic System Recovery actions may not execute exactly per the

time-out period (n seconds) when the watchdog identifies a system that has stopped responding. The action execution time ranges from n-h+1 to n+1 seconds, where n is the time-out period and h is the heart beat interval. The value of the heart beat interval is 7 seconds when n  30 and 15 seconds when n > 30.

NOTE: The functionality of the watchdog timer feature cannot be guaranteed

when an uncorrectable memory event occurs in the system DRAM Bank_1. If an uncorrectable memory event occurs in this location, the BIOS code resident in this space may become corrupted. Because the watchdog feature uses a call to BIOS to effect the shutdown or reboot behavior, the feature may not work properly. If this occurs, you must manually reboot the system. The watchdog timer can be set to a maximum of 720 seconds.

Server Administrator Services 73

Shutdown

Subtabs: Remote Shutdown | Thermal Shutdown | Web Server Shutdown

Under the Shutdown tab, you can:

• Configure the operating system shutdown and remote shutdown options.

• Set the thermal shutdown severity level to shut down your system in the event that a temperature sensor returns a warning or failure value.

NOTE: A thermal shutdown occurs only when the temperature reported by

the sensor goes above the temperature threshold. A thermal shutdown does not occur when the temperature reported by the sensor goes below the temperature threshold.

• Shut down the DSM SA Connection Service (Web server).

NOTE: Server Administrator is still available using the command line

interface (CLI) when the DSM SA Connection Service is shut down. The CLI functions do not require the DSM SA Connection Service to be running.

Logs

Subtabs: Hardware | Alert | Command

Under the Logs tab, you can:

• View the Embedded System Management (ESM) log or the System Event Log (SEL) for a list of all events related to your system's hardware components. The status indicator icon next to the log name changes from normal status ( ) to noncritical status( ) when the log file reaches 80 percent capacity. On Dell PowerEdge

x9xx

and

xx1x

systems, the status indicator icon next to the log name changes to critical status ( ) when the log file reaches 100 percent capacity.

NOTE: It is recommended that you clear the hardware log when it reaches

80 percent capacity. If the log is allowed to reach 100 percent capacity, the latest events are discarded from the log.

• View the Alert log for a list of all events generated by the Server Administrator Instrumentation Service in response to changes in the status of sensors and other monitored parameters.

NOTE: See the Server Administrator Messages Reference Guide for a

complete explanation of each alert event ID's corresponding description, severity level, and cause.

74 Server Administrator Services

• View the Command log for a list of each command executed from either the

Server Administrator

NOTE: See "Server Administrator Logs" for complete instructions on viewing,

printing, saving, and e-mailing logs.

home page or from its command line interface.

Alert Management

Subtabs: Alert Actions | Platform Events | SNMP Traps

Under the Alert Management tab, you can:

• View current alert actions settings and set the alert actions that you want to be performed in the event that a system component sensor returns a warning or failure value.

• View current Platform Event Filter settings and set the Platform Event Filtering actions to be performed in the event that a system component sensor returns a warning or failure value. You can also use the

Destination

option to select a destination (IPv4 or IPv6 address) where an

Configure

alert for a platform event is to be sent.

NOTE: Server Administrator does not display the scope ID of the IPv6 address in its

graphical user interface.

• View current SNMP trap alert thresholds and set the alert threshold levels for instrumented system components. The selected traps are triggered if the system generates a corresponding event at the selected severity level.

NOTE: Alert actions for all potential system component sensors are listed on

the Alert Actions window, even if they are not present on your system. Setting alert actions for system component sensors that are not present on your system has no effect.

Session Management

Subtabs: Session

Under the Session Management tab, you can:

• View session information for current users that have logged in to Server Administrator.

• Terminate user sessions.

NOTE: Only users with administrative privileges can view the Session

Management page and terminate session(s) of logged-in users.

Server Administrator Services 75

Main System Chassis/Main System

Click the Main System Chassis/Main System object to manage your system's essential hardware and software components.

The available components are:

• Batteries

•BIOS

•Fans

•Firmware

•Hardware Performance

•Intrusion

•Memory

•Network

•Ports

• Power Management

• Power Supplies

•Processors

• Remote Access

• Removable Flash Media

•Slots

•Temperatures

•Voltages

NOTE: Hardware performance is supported only on Dell PowerEdge xx0x and

above systems. The power supplies option is not available on Dell PowerEdge 1900 system. Power management is supported on limited Dell PowerEdge xx0x and above systems. Power Supply Monitoring and Power Monitoring features are available only for systems that have two or more redundant, hot-swappable power supplies installed. These features are unavailable for permanently installed, nonredundant power supplies that lack power management circuitry.

The system/server module may contain one main system chassis or several chassis. The main system chassis/main system contains the essential components of a system. The Main System Chassis/Main System object action window has the following tab: Properties.

76 Server Administrator Services

Properties

Subtabs: Health | Information | System Components (FRU)| Front Panel

Under the Properties tab, you can:

• View the health or status of hardware components and sensors. Each listed component has a "System/Server Module Component Status Indicators" icon next to its name. indicates that a component is healthy (normal).

indicates that a component has a warning (noncritical) condition and requires prompt attention. indicates a component has a failure (critical) condition and requires immediate attention. indicates that a component's health status is unknown. The available monitored components include:

– Batteries

–Fans

– Hardware Log

–Intrusion

–Memory

–Network

– Power Management

– Power Supplies

– Processors

–Temperatures

–Voltages

NOTE: Batteries are supported only on Dell PowerEdge x9xx and

xx0x systems.

Power supplies is not available on Dell PowerEdge 1900 system. Power management is supported on limited Dell PowerEdge xx0x systems. Power Supply Monitoring and Power Monitoring features are available only for systems that have two or more redundant, hot-swappable power supplies installed. These features are unavailable for permanently installed, nonredundant power supplies that lack power management circuitry.

NOTE: If the QLogic QLE2460 4Gb Single-Port Fibre Channel HBA, QLogic

QLE2462 4Gb Dual-Port Fibre Channel HBA, Qlogic QLE2562 Dual Port FC8 Adapter, or Qlogic QLE2560 Single Port FC8 Adapter cards are installed on yx2x systems, the System Components (FRU) screen is not displayed.

Server Administrator Services 77

• View information about the main system chassis attributes such as the Host Name, iDRAC version, Lifecycle Controller version, Chassis Model, Chassis Lock, Chassis Service Tag, Express Service Code, and Chassis Asset Tag. The Express Service Code (ESC) attribute is a 11-digit numeric-only conversion of the Dell system Service Tag. You can key in this attribute into a telephone while calling Dell Technical Support for auto call routing.

• View detailed information about the field-replaceable units (FRUs) installed in your system (under the

System Components (FRU)

subtab.)

• Enable or disable the managed system's front panel buttons, namely Power button and Non-Masking Interrupt (NMI) button (if present on the system). Also, select the managed system’s LCD Security Access level. The managed system’s LCD information can be selected from the drop-down menu. You can also enable Indication of Remote KVM session from the

Batteries

Front Panel

subtab.

Click the Batteries object to view information about your system’s installed batteries. Batteries maintain the time and date when your system is turned off. The battery saves the system’s BIOS setup configuration, which allows the system to reboot efficiently. The Batteries object action window can have the following tabs, depending on the user’s group privileges: Properties and

Alert Management.

Properties

Subtab: Information

Under the Properties tab, you can view the current readings and status of your system’s batteries.

Alert Management

Under the Alert Management tab, you can configure the alerts that you want to take effect in case of a battery warning or critical/failure event.

BIOS

Click the BIOS object to manage key features of your system's BIOS. Your system’s BIOS contains programs stored on a flash memory chipset that control communications between the microprocessor and peripheral devices, such as the keyboard and the video adapter, and other miscellaneous functions,

78 Server Administrator Services

such as system messages. The BIOS object action window can have the following tabs, depending on the user's group privileges:

Properties and Setup.

Properties

Subtab: Information

Under the Properties tab, you can view BIOS information.

Setup

Subtab: BIOS

Under the Setup tab, you can set the state for each BIOS setup object.

You can modify the state of many BIOS setup features including but not limited to the Serial Port, Hard Disk Drive Sequence, User Accessible USB Ports, CPU Virtualization Technology, CPU HyperThreading, AC Power Recovery Mode, Embedded SATA Controller, System Profile, Console Redirection, and Console Redirection Failsafe Baud Rate. You can also configure internal USB device, optical drive controller settings, automatic system recovery (ASR) Watchdog Timer, embedded hypervisor, and additional LAN network ports on motherboard information. You can also view the Trusted Platform Module (TPM) and Trusted Cryptographic Module (TCM) settings.

Depending on your specific system configuration, additional setup items may be displayed. However, some BIOS setup options may be shown on the F2 BIOS Setup screen that are not accessible in Server Administrator.

For yx2x systems, the configurable BIOS features are grouped as specific categories. The categories include System Information, Memory Settings, System Profile Settings, Unified Extensible Firmware Interface (UEFI) Boot Settings, Network Interface Controller cards, One-Time Boot, and Slot Disablement. For example, On the System BIOS Settings page, when you click the Memory Settings link, the features pertaining to the system memory appear. You can view or modify the settings by navigating to the respective categories.

You can set a BIOS Setup password, on the BIOS Setup - System Security page. You must enter the password to enable and modify the BIOS settings. Else, the BIOS settings appear in a read-only mode. You must restart the system after setting the password.

Server Administrator Services 79

When pending values from the previous session exist or the inband configuration is disabled from an out-of-band interface, Server Administrator does not allow BIOS Setup configuration.

NOTE: The NIC configuration information within the Server Administrator BIOS

setup may be inaccurate for embedded NICs. Using the BIOS setup screen to enable or disable NICs might produce unexpected results. It is recommended that you perform all configurations for embedded NICs through the actual System Setup screen that is available by pressing <F2> while a system is booting.

NOTE: The BIOS Setup tab for your system only displays the BIOS features that are

supported on your system.

Fans

Click the Fans object to manage your system fans. Server Administrator monitors the status of each system fan by measuring fan rpms. Fan probes report rpms to the Server Administrator Instrumentation Service. When you select Fans from the device tree, details appear in the data area in the right-hand pane of the Server Administrator home page. The Fans object action window can have the following tabs, depending on the user's group privileges: Properties and Alert Management.

Properties

Subtab: Fan Probes

Under the Properties tab, you can:

• View the current readings for your system's fan probes and configure minimum and maximum values for fan probe warning threshold.

NOTE: Some fan probe fields differ according to the type of firmware your

system has: BMC or ESM. Some threshold values are not editable on BMC-based systems.

• Select fan control options.

Alert Management

Subtabs: Alert Actions | SNMP Traps

Under the Alert Management tab, you can:

• View current alert actions settings and set the alert actions that you want to be performed in the event that a fan returns a warning or failure value.

80 Server Administrator Services

• View current SNMP trap alert thresholds and set the alert threshold levels for fans. The selected traps are triggered if the system generates a corresponding event at the selected severity level.

Firmware

Click the Firmware object to manage your system firmware. Firmware consists of programs or data that have been written to ROM. Firmware can boot and operate a device. Each controller contains firmware that helps provide the controller's functionality. The Firmware object action window can have the following tab, depending on the user's group privileges: Properties.

Properties

Subtab: Information

Under the Properties tab, you can view your system's firmware information.

Hardware Performance

Click the Hardware Performance object to view the status and cause for the system’s performance degradation. The Hardware Performance object action window can have the following tab, depending on the user's group privileges: Properties.

Table 4-1 lists the possible values for status and cause of a probe:

Table 4-1. Possible Values for Status and Cause of a Probe

Status Values Cause Values

Degraded User Configuration

Insufficient Power Capacity

Unknown Reason

Normal [N/A]

Properties

Subtab: Information

Under the Properties tab, you can view the details of system’s performance degradation.

Server Administrator Services 81

Intrusion

Click the Intrusion object to manage your system's chassis intrusion status. Server Administrator monitors chassis intrusion status as a security measure to prevent unauthorized access to your system's critical components. Chassis intrusion indicates that someone is opening or has opened the cover to the system's chassis. The Intrusion object action window can have the following tabs, depending on the user's group privileges: Properties and Alert

Management.

Properties

Subtab: Intrusion

Under the Properties tab, you can view the chassis intrusion status.

Alert Management

Subtabs: Alert Actions | SNMP Traps

Under the Alert Management tab, you can:

• View current alert actions settings and set the alert actions that you want to be performed in the event that the intrusion sensor returns a warning or failure value.

• View current SNMP trap alert thresholds and set the alert threshold levels for the intrusion sensor. The selected traps are triggered if the system generates a corresponding event at the selected severity level.

Memory

Click the Memory object to manage your system's memory devices. Server Administrator monitors the memory device status for each memory module present in the monitored system. Memory device prefailure sensors monitor memory modules by counting the number of ECC memory corrections. Server Administrator also monitors memory redundancy information if your system supports this feature. The Memory object action window can have the following tabs, depending on the user's group privileges: Properties and Alert Management.

82 Server Administrator Services

Properties

Subtab: Memory

Under the Properties tab, you can view memory redundancy status, memory array attributes, total capacity of the memory arrays, details of memory arrays, memory device details, and memory device status.

NOTE: If a system with spare bank memory enabled enters a redundancy lost

state, it may not be apparent which memory module is the cause. If you cannot determine which Dual In-line Memory Module (DIMM) to replace, see the switch to spare memory bank detected log entry in the ESM system log to find which memory module failed.

Alert Management

Subtabs: Alert Actions | SNMP Traps

Under the Alert Management tab, you can:

• View current alert actions settings and set the alert actions that you want to be performed in the event that a memory module returns a warning or failure value.

• View current SNMP trap alert thresholds and set the alert threshold levels for memory modules. The selected traps are triggered if the system generates a corresponding event at the selected severity level.

Network

Click the Network object to manage your system's NICs. Server Administrator monitors the status of each NIC present in your system to ensure continuous remote connection. Dell OpenManage Server Administrator reports FCoE and iSoE capabilities of the NICs. Also, NIC teaming details are reported if they are already configured on the system. Two or more physical NICs can be teamed into a single logical NIC, to which an administrator can assign an IP address. Teaming can be configured using NIC vendor tools. For example, Broadcom - BACS. If one of the physical NICs fails, the IP address remains accessible because it is bound to the logical NIC rather than to a single physical NIC. If Team Interface is configured, the detailed team properties are displayed. The relation between physical NICs and Team Interface and vice-versa is also reported, if these physical NICs are members of the Team Interface.

Server Administrator Services 83

On Windows2008 Hypervisor operating system, Server Administrator does not report the IP addresses of the physical NIC ports that are used to assign an IP to a virtual machine.

NOTE: The order in which devices are detected is not guaranteed to match the

physical port ordering of the device. Click the hyperlink under Interface Name to view NIC information.

In case of ESX and ESXi operating systems, the network device is considered a group. For example, the virtual ethernet interface that is used by the Service Console (vswif) and virtual network interface that is used by VMKernel (vmknic) devices on ESX and vmknic device on ESXi.

The Network object action window can have the following tab, depending on the user's group privileges: Properties.

Properties

Subtab: Information

Under the Properties tab, you can view information about the physical NIC interfaces and also the team interfaces installed on your system.

NOTE: In the IPv6 Addresses section, Server Administrator displays only two

addresses, in addition to the link-local address.

Ports

Click the Ports object to manage your system's external ports. Server Administrator monitors the status of each external port present in your system. The Ports object action window can have the following tab, depending on the user's group privileges: Properties.

Properties

Subtab: Information

Under the Properties tab, you can view information about your system's internal and external ports.

Power Management

NOTE: Power Supply Monitoring and Power Monitoring features are available only

for systems that have two or more redundant, hot-swappable power supplies installed. These features are unavailable for permanently installed, non-redundant power supplies that lack power management circuitry.

84 Server Administrator Services

Monitoring

Subtabs: Consumption | Statistics

Under the Consumption tab you can view and manage your system’s Power Consumption information in Watts and BTU/hr.

BTU/hr=Watt X 3.413 (Value rounded off to the nearest whole number)

Server Administrator monitors power consumption status, amperage, and tracks power statistic details.

You can also view the System Instantaneous Headroom and System Peak Headroom. The values are displayed in both Watts and BTU/hr (British Thermal Unit). Power thresholds can be set in Watts and BTU/hr.

The Statistics tab allows you to view and reset your system’s Power tracking statistics like energy consumption, system peak power, and system peak amperage.

Management

Subtabs: Budget | Profiles

The Budget tab allows you to view the Power Inventory attributes like System Idle Power and System Maximum Potential Power in Watts and BTU/hr. You can also use the Power Budget option to Enable Power Cap and set the Power Cap for your system.

The Profiles tab allows you to choose a power profile to maximize your system’s performance and conserve energy.

Alert Management

Subtabs: Alert Actions | SNMP Traps

Use the Alert Actions tab to set system alert actions for various system events like System Power Probe Warning and System Peak Power.

Use the SNMP Traps tab to configure SNMP traps for your system.

Certain Power Management features may be available only on systems enabled with the Power Management Bus (PMBus).

Server Administrator Services 85

Power Supplies

Click the Power Supplies object to manage your system’s power supplies. Server Administrator monitors power supply status, including redundancy, to ensure that each power supply present in your system is functioning properly. The Power Supplies object action window can have the following tabs, depending on the user's group privileges: Properties and Alert Management.

NOTE: Power Supply Monitoring and Power Monitoring features are available only

Properties

Subtab: Elements

Under the Properties tab, you can:

• View information about your power supply redundancy attributes.

• Check the status of individual power supply elements, including the Firmware Version of the power supply, Rated Input Wattage, and Maximum Output Wattage. The Rated Input Wattage attribute is displayed only on PMBus systems starting

xx1x.

Alert Management

Subtabs: Alert Actions | SNMP Traps

Under the Alert Management tab, you can:

• View current alert actions settings and set the alert actions that you want to be performed in the event that a system power returns a warning or failure value.

• Configure Platform Event Alert destinations for IPv6 addresses.

• View current SNMP trap alert thresholds and set the alert threshold levels for system power watts. The selected traps are triggered if the system generates a corresponding event at the selected severity level.

NOTE: The System Peak Power trap generates events only for informational

severity.

86 Server Administrator Services

Processors

Click the Processors object to manage your system's microprocessor(s). A processor is the primary computational chip inside a system that controls the interpretation and execution of arithmetic and logic functions. The Processors object action window can have the following tabs, depending on the user's group privileges: Properties and Alert Management.

Properties

Subtab: Information

Under the Properties tab, you can view information about your system's microprocessor(s) and access detailed capabilities and cache information.

Alert Management

Subtabs: Alert Actions

Under the Alert Management tab, you can view current alert actions settings and set the alert actions that you want to be performed in the event that a processor returns a warning or failure value.

Remote Access

Click the Remote Access object to manage the Baseboard Management Controller (BMC) or Integrated Dell Remote Access Controller (iDRAC) features and Remote Access Controller features.

Selecting Remote Access tab allows you to manage the BMC/iDRAC features such as, general information on the BMC/iDRAC. You can also manage the configuration of the BMC/iDRAC on a local area network (LAN), serial port for the BMC/iDRAC, terminal mode settings for the serial port, BMC/iDRAC on a serial over LAN connection, and BMC/iDRAC users.

NOTE: BMC is supported on Dell PowerEdge x9xx systems and iDRAC is supported

on Dell PowerEdge xx0x and xx1x systems only.

NOTE: If an application other than Server Administrator is used to configure the

BMC/iDRAC while Server Administrator is running, the BMC/iDRAC configuration data displayed by Server Administrator may become asynchronous with the BMC/iDRAC. It is recommended that Server Administrator be used to configure the BMC/iDRAC while Server Administrator is running.

Server Administrator Services 87

DRAC allows you to access your system's remote system management capabilities. The Server Administrator DRAC provides remote access to inoperable systems, alert notification when a system is down, and the ability to restart a system.

The Remote Access object action window can have the following tabs, depending on the user's group privileges: Properties, Configuration, and Users.

Properties

Subtab: Information

Under the Properties tab, you can view general information on the remote access device. You can also view the attributes of the IPv4 and IPv6 addresses.

Click Reset to Defaults to reset all the attributes to their system default values.

Configuration

Subtabs: LAN | Serial Port | Serial Over LAN |Additional Configuration

Under the Configuration tab when BMC/iDRAC is configured, you can configure the BMC/iDRAC on a LAN, serial port for BMC/iDRAC, and BMC/iDRAC on a serial over LAN connection.

NOTE: The Additional configuration tab is available only on systems with iDRAC.

Under the Configuration tab, when DRAC is configured, you can configure network properties.

NOTE: The Enable NIC, NIC Selection, and Encryption Key fields are displayed only

on Dell PowerEdge x9xx systems.

Under the Additional Configuration tab you can either enable or disable IPv4/IPv6 properties.

NOTE: Enabling/disabling IPv4/IPv6 is possible only in a dual stack environment

(where both the IPv4 and IPv6 stacks are loaded).

88 Server Administrator Services

Users

Subtab: Users

Under the Users tab, you can modify the remote access user configuration. You can add, configure, and view information about Remote Access Controller users.

NOTE: On Dell PowerEdge x9xx systems:

- Ten user IDs are displayed. If a DRAC card is installed, sixteen user IDs are displayed.

- Serial Over LAN Payload column is displayed.

Removable Flash Media

Click the Removable Flash Media object to view the health and redundancy status of the Internal SD Modules and vFlash media. The Removable Flash Media action window has the Properties tab.

Properties

Subtab: Information

Under the Properties tab, you can view information about the Removable Flash Media and Internal SD Modules. This includes details about the Connector Name, its state and storage size.

Alert Management

Subtabs: Alert Actions | SNMP Traps

Under the Alert Management tab, you can:

• View current alert actions settings and set the alert actions that you want to be performed in the event that the removable flash media probe returns a warning or failure value.

• View current SNMP trap alert thresholds and set the alert threshold levels for removable flash media probes. The selected traps are triggered if the system generates a corresponding event at the selected severity level.

Alert management is common for Internal SD modules and vFlash. Configuring alert actions/SNMP/PEF for either the SD modules or vFlash automatically configures it for the other.

Server Administrator Services 89

Slots

Click the Slots object to manage the connectors or sockets on your system board that accept printed circuit boards, such as expansion cards. The Slots object action window has a Properties tab.

Properties

Subtab: Information

Under the Properties tab, you can view information about each slot and installed adapter.

Temperatures

Click the Te mp e r at u r es object to manage your system temperature in order to prevent thermal damage to your system’s internal components. Server Administrator monitors the temperature in a variety of locations in your system's chassis to ensure that temperatures inside the chassis do not become too high. The Temperatures object action window displays the following tabs, depending on the user's group privileges: Properties and Alert Management.

Properties

Subtab: Temperature Probes

Under the Properties tab, you can view the current readings and status of your system's temperature probes and configure minimum and maximum values for temperature probe warning threshold.

NOTE: Some temperature probe fields differ according to the type of firmware your

system has: BMC or ESM. Some threshold values are not editable on BMC-based systems. When assigning probe threshold values, Server Administrator sometimes rounds the minimum or maximum values you enter to the closest assignable value.

Alert Management

Subtabs: Alert Actions | SNMP Traps

Under the Alert Management tab, you can:

• View current alert actions settings and set the alert actions that you want to be performed in the event that a temperature probe returns a warning or failure value.

90 Server Administrator Services

• View current SNMP trap alert thresholds and set the alert threshold levels for temperature probes. The selected traps are triggered if the system generates a corresponding event at the selected severity level.

NOTE: You can set minimum and maximum temperature probe threshold values for

an external chassis to whole numbers only. If you attempt to set either the minimum or maximum temperature probe threshold value to a number that contains a decimal, only the whole number before the decimal place is saved as the threshold setting.

Voltages

Click the Vo lt ag es object to manage voltage levels in your system. Server Administrator monitors voltages across critical components in various chassis locations in the monitored system. The Vo lt age s object action window can have the following tabs, depending on the user's group privileges: Properties and Alert Management.

Properties

Subtab: Voltage Probes

Under the Properties tab, you can view the current readings and status of your system's voltage probes and configure minimum and maximum values for voltage probe warning threshold.

NOTE: Some voltage probe fields differ according to the type of firmware your

system has: BMC or ESM. Some threshold values are not editable on BMC-based systems.

Alert Management

Subtabs: Alert Actions | SNMP Traps

Under the Alert Management tab, you can:

• View current alert actions settings and set the alert actions that you want to be performed in the event that a system voltage sensor returns a warning or failure value.

• View current SNMP trap alert thresholds and set the alert threshold levels for voltage sensors. The selected traps are triggered if the system generates a corresponding event at the selected severity level.

Server Administrator Services 91

Software

Click the Software object to view detailed version information about the managed system's essential software components, such as the operating system and the systems management software. The Software object action window has the following tab, depending on the user's group privileges: Properties.

Properties

Subtab: Summary

Under the Properties tab, you can view a summary of the monitored system's operating system and system management software.

Operating System

Click the Operating System object to view basic information about your operating system. The Operating System object action window has the following tab, depending on the user's group privileges: Properties.

Properties

Subtab: Information

Under the Properties tab, you can view basic information about your operating system.

Storage

Server Administrator provides the Storage Management Service:

The Storage Management Service provides features for configuring storage devices. In most cases, the Storage Management Service is installed using Ty p i c a l Setup. The Storage Management Service is available on Microsoft Windows, Red Hat Enterprise Linux, and SUSE Linux Enterprise Server operating systems.

When the Storage Management Service is installed, click the Storage object to view the status and settings for various attached array storage devices, system disks, and so on.

In the case of Storage Management Service, the Storage object action window has the following tab, depending on the user's group privileges: Properties.

92 Server Administrator Services

Properties

Subtab: Health

Under the Properties tab, you can view the health or status of attached storage components and sensors such as array subsystems and operating system disks.

Managing Preferences: Home Page Configuration Options

The left pane of the Preferences home page (where the system tree is displayed on the Server Administrator home page) displays all available configuration options in the system tree window. The options displayed are based on the systems management software installed on the managed system.

The available Preferences home page configuration options are:

• General Settings

•

Server Administrator

General Settings

Click the General Settings object to set user and DSM SA Connection Service (Web server) preferences for selected Server Administrator functions. The General Settings object action window has the following tabs, depending on the user's group privileges: User and Web S e rver.

User

Subtab: Properties

Under the User tab, you can set user preferences, such as the home page appearance and the default e-mail address for the Email button.

Web Server

Subtabs: Properties | X.509 Certificate

Under the Web Ser ver tab, you can:

• Set DSM SA Connection Service preferences. See Dell Systems

Management Server Administration Connection Service and Security Setup for instructions on configuring your server preferences.

Server Administrator Services 93

• Configure the SMTP server address and Bind IP address in either the IPv4 or IPv6 addressing mode.

• Perform X.509 certificate management by generating a new X.509 certificate, reusing an existing X.509 certificate, or importing a root certificate or certificate chain from a Certification Authority (CA). For more information about certificate management, see "X.509 Certificate Management" on page 66.

Server Administrator

Click the Server Administrator object to enable or disable access to users with User or Power User privileges and to configure the SNMP root password. The Server Administrator object action window can have the following tab, depending on the user's group privileges: Preferences.

Preferences

Subtabs: Access Configuration | SNMP Configuration

Under the Preferences tab, you can:

• Enable or disable access to users with User or Power User privileges.

• Configure the SNMP root password.

NOTE: The default SNMP configuration user is root and the password

is calvin.

•Configure the SNMP Set Operations.

NOTE: After configuring SNMP Set Operations, services must be restarted for the

change to take effect. On systems running supported Microsoft Windows operating systems, the Windows SNMP Service must be restarted. On systems running supported Red Hat Enterprise Linux and SUSE Linux Enterprise Server operating systems, Server Administrator services must be restarted by running the

srvadmin-services.sh restart command.

94 Server Administrator Services

Working With Remote Access Controller

NOTE: Baseboard Management Controller (BMC) is supported on Dell PowerEdge

x9xx systems and the Integrated Dell Remote Access Controller (iDRAC) is supported on Dell PowerEdge xx0x and xx1x systems.

Overview

This chapter provides information on accessing and using the remote access features of BMC/iDRAC and DRAC.

The Dell systems baseboard management controller (BMC)/Integrated Dell Remote Access Controller (iDRAC) monitors the system for critical events by communicating with various sensors on the system board and sends alerts and log events when certain parameters exceed their preset thresholds. The BMC/iDRAC supports the industry-standard Intelligent Platform Management Interface (IPMI) specification, enabling you to configure, monitor, and recover systems remotely.

The DRAC is a systems management hardware and software solution designed to provide remote management capabilities, crashed system recovery, and power control functions for Dell systems.

By communicating with the system’s baseboard management controller (BMC)/ Integrated Dell Remote Access Controller (iDRAC), the DRAC can be configured to send you e-mail alerts for warnings or errors related to voltages, temperatures, and fan speeds. The DRAC also logs event data and the most recent crash screen (available only on systems running Microsoft Windows operating system) to help you diagnose the probable cause of a system crash.

The Remote Access Controller provides remote access to an inoperable system, allowing you to get the system up and running as quickly as possible. The Remote Access Controller also provides alert notification when a system is down and allows you to remotely restart a system. Additionally, the Remote Access Controller logs the probable cause of system crashes and saves the most recent crash screen.

Working with Remote Access Controller 95

You can log in to the Remote Access Controller through the Server Administrator home page or by directly accessing the controller's IP address using a supported browser.

When using the Remote Access Controller, you can click Help for more detailed information about the specific window you are viewing. Remote Access Controller help is available for all windows accessible to the user based on user privilege level and the specific hardware and software groups that Server Administrator discovers on the managed system.

NOTE: See the Dell OpenManage Baseboard Management Controller Utilities

User's Guide for more information about the BMC.

NOTE: See the Dell Remote Access Controller 5 User’s Guide for more information

on using DRAC 5.

NOTE: See the Integrated Dell Remote Access Controller User’s Guide for detailed

information on configuring and using the iDRAC.

Table 5-1 lists the GUI field names and the applicable system, when Server Administrator is installed on the system.

Table 5-1. System Availability for the following GUI Field Names

GUI Field Name Applicable System

Modular Enclosure Modular System Server Modules Modular System Main System Modular System System Non-Modular System Main System Chassis Non-Modular System

See the Dell Systems Software Support Matrix available at support.dell.com, for more information on the systems support for remote access devices.

Server Administrator allows remote, in-band access to event logs, power control, and sensor status information and provides the ability to configure the BMC/iDRAC. To manage BMC/iDRAC and DRAC through the Server Administrator graphical user interface, click the Remote Access object, which is a subcomponent of the Main System Chassis/Main System group.

96 Working with Remote Access Controller

You can perform the following tasks:

• View basic information

• Configure the remote access device on a LAN connection

• Configure the remote access device on a serial over LAN connection

• Configure the remote access device on a serial port connection

• Configure additional remote access device properties

• Configure users on the remote access device

• Set platform event filter alerts

You can view BMC/iDRAC or DRAC information based on which hardware is providing the remote access capabilities for the system.

The reporting and configuration of BMC/iDRAC and DRAC can also be managed using the omreport/omconfig chassis remoteaccess CLI command.

In addition, the Server Administrator Instrumentation Service allows you to manage the Platform Event Filters (PEF) parameters and alert destinations.

NOTE: You can view BMC data on Dell PowerEdge x9xx systems only.

Viewing Basic Information

You can view basic information about the BMC/iDRAC, IPv4 Address, and DRAC. You can also reset the Remote access controller settings to their default values. To do this:

NOTE: You must be logged in with Administrator privileges to reset the BMC settings.

Click the Modular Enclosure System/Server Module Main System Chassis/Main System Remote Access.

The Remote Access page displays the following base information of the system’s BMC:

Remote Access Device

• Device type

•IPMI Version

• System GUID

• Number of Possible Active Sessions

Working with Remote Access Controller 97

• Number of Current Active Sessions

•LAN Enabled

•SOL Enabled

•MAC Address

IPv4 Address

• IP Address Source

•IP Address

•IP Subnet

•IP Gateway

IPv6 Address

• IP Address Source

• IPv6 Address 1

•Default Gateway

• IPv6 Address 2

•Link Local Address

• DNS Address Source

• Preferred DNS Server

• Alternate DNS Server

NOTE: You can view IPv4 and IPv6 address details only if you enable the IPv4 and

IPv6 address properties under Additional Configuration in the Remote Access tab.

Configuring the Remote Access Device to Use a LAN Connection

To configure the remote access device for communication over a LAN connection.

Click the

Chassis/Main System

Click the

98 Working with Remote Access Controller

Modular Enclosure

 Remote Access object.

Configuration

tab.

System/Server Module

Main System

Click

LAN

The

LAN Configuration

NOTE: BMC/iDRAC management traffic does not function properly if the LAN

on motherboard (LOM) is teamed with any network adapter add-in-cards.

Configure the following NIC configuration details:

window appears.

– Enable NIC (this option is available on Dell PowerEdge

and when DRAC is installed. Select this option for NIC teaming. In

Dell PowerEdge

x9xx systems, you can team NICs for added

redundancy.)

NOTE: Your DRAC contains an integrated 10BASE-T/100BASE-T Ethernet NIC

and supports TCP/IP. The NIC has a default address of 192.168.20.1 and a default gateway of 192.168.20.1.

NOTE: If your DRAC is configured to the same IP address as another NIC on

the same network, an IP address conflict occurs. The DRAC stops responding to network commands until the IP address is changed on the DRAC. The DRAC must be reset even if the IP address conflict is resolved by changing the IP address of the other NIC.

NOTE: Changing the IP address of the DRAC causes the DRAC to reset.

If SNMP polls the DRAC before it initializes, a temperature warning is logged because the correct temperature is not transmitted until the DRAC is initialized.

–NIC Selection

NOTE: NIC Selection cannot be configured on modular systems.

NOTE: The NIC Selection option is available only on yx1x systems and earlier.

– Primary and Failover Network options

For yx2x systems, the

Primary Network

options for Remote Management (iDRAC7) NIC are: LOM1, LOM2, LOM3, LOM4, and Dedicated. The

Failover Network

options are: LOM1, LOM2, LOM3,

LOM4, All LOMs, and None.

x9xx

systems

The dedicated option is available when the iDRAC7 Enterprise License is present and valid.

NOTE: The number of LOMs varies based on the system or hardware

configuration.

– Enable IPMI Over LAN

Working with Remote Access Controller 99

– IP Address Source

–IP Address

–Subnet Mask

– Gateway Address

– Channel Privilege Level Limit

– New Encryption Key (This option is available on Dell PowerEdge

systems.)

Configure the following optional VLAN configuration details:

NOTE: VLAN configuration is not applicable for systems with iDRAC

– Enable VLAN ID

–VLAN ID

–Priority

Configure the following IPv4 Properties:

– IP Address Source

–IP Address

–Subnet Mask

– Gateway Address

Configure the following IPv6 Properties:

– IP Address Source

–IP Address

–Prefix Length

–Default Gateway

– DNS Address Source

– Preferred DNS Server

– Alternate DNS Server

x9xx

NOTE: You can configure the IPv4 and IPv6 address details only if you enable

the IPv4 and IPv6 properties under Additional Configuration.

Click

Apply Changes.

100 Working with Remote Access Controller

Dell OpenManage Server Administrator Version 7.1 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Introduction

Overview

Installation

Updating Individual System Components

Storage Management Service

Instrumentation Service

Remote Access Controller

Logs

What’s New in this Release

Systems Management Standards Availability

Availability on Supported Operating Systems

Server Administrator Home Page

Other Documents You May Need

Obtaining Technical Assistance

Setup and Administration

Security Management

Role-Based Access Control

Authentication

Microsoft Windows Authentication

Red Hat Enterprise Linux and SUSE Linux Enterprise Server Authentication

VMware ESX Server 4.X Authentication

VMware ESXi Server 5.X Authentication

Encryption

Assigning User Privileges

Creating Server Administrator Users for Supported Red Hat Enterprise Linux and SUSE Linux Enterprise Server Operating Systems

Editing Server Administrator User Privileges on Linux Operating Systems

Creating Server Administrator Users for VMware ESX 4.X, ESXi 4.X, and ESXi 5.X

Disabling Guest and Anonymous Accounts in Supported Windows Operating Systems

Configuring the SNMP Agent

Configuring the SNMP Agent for Systems Running Supported Windows Operating Systems

Configuring the SNMP Agent on Systems Running Supported Red Hat Enterprise Linux

Configuring the SNMP Agent on Systems Running Supported SUSE Linux Enterprise Server

Configuring the SNMP Agent on Systems Running Supported VMware ESX 4.X Operating Systems to Proxy VMware MIBs

Configuring the SNMP Agent on Systems Running Supported VMware ESXi 4.X and ESXi 5.X Operating Systems

Firewall Configuration on Systems Running Supported Red Hat Enterprise Linux Operating Systems and SUSE Linux Enterprise Server

Using Server Administrator

Starting Your Server Administrator Session

Logging In and Out

Server Administrator Local System Login

Server Administrator Managed System Login

Central Web Server Login

Single Sign-On

Configuring Security Settings on Systems Running a Supported Microsoft Windows Operating System

The Server Administrator Home Page

Server Administrator User Interface Differences Across Modular and Non-Modular Systems

Global Navigation Bar

System Tree

Action Window

Using the Online Help

Using the Preferences Home Page

Managed System Preferences

Server Administrator Web Server Preferences

Server Administrator Web Server Action Tabs

Using the Server Administrator Command Line Interface

Server Administrator Services

Overview

Managing Your System

Managing System/Server Module Tree Objects

Server Administrator Home Page System Tree Objects

Unsupported Features in OpenManage Server Administrator

Modular Enclosure

System/Server Module

Managing Preferences: Home Page Configuration Options

General Settings

Server Administrator

Working With Remote Access Controller

Overview

Viewing Basic Information

Configuring the Remote Access Device to Use a LAN Connection