Rack PoweR ManageR
Installer/User GUIde c
Rack Power Manager
Installer/User Guide
Emerson, Emerson Network Power and the Emerson Network Power logo are trademarks or
service marks of Emerson Electric Co. Avocent, the Avocent logo, AlterPath, Cyclades, DSR
and DSView are trademarks or service marks of Avocent Corporation or its affiliates in the
U.S. and other countries. All other marks are the property of their respective owners. This
document may contain confidential and/or proprietary information of Avocent Corporation,
and its receipt or possession does not convey any right to reproduce, disclose its contents, or
to manufacture or sell anything that it may describe. Reproduction, disclosure, or use without
specific authorization from Avocent Corporation is strictly prohibited. ©2013 Avocent
Corporation. All rights reserved.
590-1087-501C
T A B L E O F C O N T E N T S
Product Overview 1
System Components 1
Third party products 2
Supported Units 2
Power devices 3
Installation 5
About Installation 5
Minimum requirements for the Rack Power Manager software 5
Before installing and configuring the Rack Power Manager software 6
Installing the Rack Power Manager Software 6
Configuring the Rack Power Manager Software 8
Running the Rack Power Manager Software 9
Minimum client requirements 10
Opening a client session 10
Uninstalling the Rack Power Manager Software 11
Java Installation 12
i
Transition 15
DSView™ 3 Software and Power Manager Plug-in to RPM software 15
Data Replication 15
Back up the DSView 3 Software 16
Backup the Power Management database 17
Install Rack Power Manager Hub Server 18
Migration Utility 19
Exporting the Data 19
Importing the Data 20
Configure RPM Hub and Spoke servers 22
DSView software to RPM software 22
Data Replication 22
Back up the DSView Software 23
Extract the PostgreSQL data file 24
ii Rack Power Manager Installer/User Guide
Install Rack Power Manager Hub Server 24
Importing the Data 25
Configure RPM Hub and Spoke server 26
Rack Power Manager Explorer Windows 27
Using the Side Navigation Bar 28
Using Windows 29
Sorting information in a window 29
Filtering information in a window 29
Using the Customize link in windows 30
Displaying pages 32
Printing a window 32
Refreshing a window 32
Using keyboard commands 33
Basic Operations 35
Rack Power Manager Help 35
Configuring the Rack Power Manager help location 35
Installing Rack Power Manager help on a local server 36
Global System Properties 36
Legal Notice 37
PCI Compliance Configuration 37
Power Settings 38
Profiles 39
Changing user options 39
Changing the color scheme 40
Changing your password 40
Choosing the serial session application 41
Specifying a user certificate 41
Specifying an SSH key 42
Enabling user credential caching 43
Built-in User Groups 43
Table of Contentsiii
Internet Explorer Considerations 45
Managing ActiveX® controls 45
Security zones 46
Advanced Internet options 48
Certificates 49
System certificate policy and trust store 50
Integrated Windows Authentication 52
Firewalls 53
VPNs 54
NAT Devices 56
Licenses 58
Adding a new license key 60
System Information 60
Rack Power Manager Servers 61
Server Properties 61
Server certificates 63
Server trap destinations 68
Client session information 69
Email 70
Unit status polling 70
Backing up and Restoring Hub Servers Manually 71
Spoke Servers 74
Replication 78
Authentication Services 81
Supported Authentication Services 81
Rack Power Manager software internal authentication service 82
Active Directory external authentication service 84
Windows NT external authentication service 91
LDAP external authentication service 93
RADIUS external authentication service 99
iv Rack Power Manager Installer/User Guide
TACACS+ external authentication service 101
RSA SecurID external authentication service 105
User Authentication Services Window 107
Units View Windows 109
Types of Units View windows 109
Topology view 110
Accessing Units View windows 111
Showing and hiding units 112
Units View windows fields 113
Multiple unit operations from a Units View window 115
Unit Overview Windows 116
Unit Status Window 117
Adding and Deleting Units 119
Adding Units 119
Wizards that add units 120
Adding a single managed appliance 120
Adding managed appliances from a range or list of IP addresses 122
Adding a generic appliance 123
Deleting Units 124
Automatically deleting attached units 124
Synchronizing the Rack Power Manager Software Database 125
Name Synchronization 125
Automatic name push 125
Automatic name pull 126
Manual name push 128
Manual name pull 128
Topology Synchronization 129
Automatic topology synchronization 129
Topology synchronization options in the Add Unit Wizard 130
Topology synchronization options in the Resync Wizard 130
Table of Contentsv
Automatic Inheritance for Group Memberships and Properties 131
Managing Units 133
Appliance Configuration Templates 133
Saving appliance configuration templates 133
Modifying appliance configuration template properties 134
Applying appliance configuration templates 135
Unit Properties 136
Unit Overview Settings 140
About Access Rights 143
How access rights can be assigned 144
Unit Access Rights 144
Managed Appliance Settings 145
Managed Appliance SNMP Settings 147
Bulk Configuration of Individual settings 148
Infrastructure View 149
Asset and Usage Reports 150
Unit Reports 151
Asset 152
Usage 152
Scheduled Reports 153
Segregated Temperature Readings 154
Tiered Energy Cost Setting 155
Power Devices and Power Device Sockets 157
Power Devices 157
Power Device Input Feed 159
Power Device Sockets 160
Power Control of Devices Attached to Power Devices 162
Power Operations 163
Unit Sessions and Connections 165
Managed Appliance Session Settings 165
vi Rack Power Manager Installer/User Guide
Customizing the Appliance Sessions window 165
Connections to Units 166
SSH Passthrough Sessions 167
Configuring SSH Passthrough 167
Enabling SSH Passthrough 167
SSH port sharing 168
SSH Passthrough Sessions 169
Establishing an SSH Passthrough connection to a unit 170
Escape key sequence 172
Break sequences 173
Transferring read/write access 174
Disconnecting a session 175
Displaying session output 175
Grouping Units 177
Site, Department and Location Groups 177
Custom Fields 180
Unit Groups 183
Unit group hierarchy 185
Adding or deleting a unit group 188
Changing the unit group properties 189
Custom Groups 192
Adding or deleting a custom group query 192
Changing the custom group properties 193
Changing the custom group rights 193
Custom Group Reports and Scheduled Tasks 194
DS Zones 197
Managing and Accessing Zones 197
Enabling DS Zones 197
Creating zones 197
Accessing zones 198
Table of Contentsvii
Transferring units to a zone 199
Managing zone properties 200
Using Zones 202
Units actions in a zone 202
Managing User Accounts 209
User Accounts Windows 209
Adding User Accounts 211
Deleting User Accounts 214
Unlocking User Accounts 214
Resetting a User Account Password 214
Changing User Account Properties 215
Username 215
User certificates 216
User SSH key 216
User password 217
User account restrictions and expiration settings 217
User group membership 218
Address 219
Phone contact 219
Email contact 219
User notes 220
Custom field properties 220
User Access Rights 220
User Groups 223
Adding User-defined User Groups 224
Deleting User-defined User Groups 227
User Group Properties 227
Changing User Group Members 228
User Group Access Rights 229
Using the Telnet Viewer 231
viii Rack Power Manager Installer/User Guide
About the Telnet Viewer 231
Telnet Viewer Window Features 232
Telnet Viewer window toolbar 233
Security Property 234
Opening a Session 235
Customizing the Telnet Viewer 235
Customizing Session Properties 236
Login scripts 239
Reviewing Session Data 240
Macros 241
Macro groups 243
Logging 245
Copying, Pasting and Printing Session Data 248
Power Control of Devices Attached to Power Devices 249
Closing a Telnet Viewer Session 250
Using Tools 251
Using Unit Tools 251
Exporting units 251
Exporting access rights 253
Importing data 254
Using the Managed Appliance Tools 255
Rebooting 255
Upgrading firmware 256
Resynchronizing units 257
Saving a managed appliance configuration 258
Restoring a managed appliance configuration 259
Saving a managed appliance user database 259
Restoring a managed appliance user database 260
Using Tasks 261
Using the Tasks Window 261
Table of Contentsix
Adding tasks 262
Specifying when to run tasks 262
Adding Tasks Using the Add Task Wizard 265
Task: Backup Rack Power Manager software database and system files 265
Task: Configure SNMP trap settings on a managed appliance 266
Task: Exporting an event log .csv file 267
Task: Exporting an Asset Report to a .csv file 269
Task: Exporting a Usage Report to a .csv file 270
Task: Updating the firmware of an appliance type 271
Task: Validating user accounts on an external authentication server 272
Task: Pull names from selected units 272
Task: Update topology for selected units 273
Running tasks manually 274
Displaying task results 275
Deleting tasks 275
Changing tasks 276
Firmware Management 276
Events and Event Logs 279
Event Severity and Categories 279
Event severity 279
Event categories 280
Email Notifications 280
Enabling and Disabling Event Logging 283
Displaying the Event Log 284
Event states 286
Using the date filter 287
Changing the Event Log Retention Period 287
Creating an Event Log .csv File 288
Plug-ins 291
Recommended Sequence for Adding/Upgrading Plug-ins 291
x Rack Power Manager Installer/User Guide
Adding Plug-ins 292
Displaying Plug-in Information 293
Managing Plug-ins 295
Upgrading a plug-in 295
Disabling and activating a plug-in 295
Appendix A: Technical Support 297
Appendix B: Terminal Emulation 298
Appendix C: Regaining Access to the Rack Power Manager Software 316
Product Overview
1
Rack Power Manager software is a stand-alone web browser-based, centralized Rack PDU
Management solution. It provides all centralized management capabilities related to Rack PDU
devices, ability to perform power control actions as well as run power consumption reports for
outlets, PDU's, racks, rows etc. as well as for all custom groups of equipment.
NOTE: Unless otherwise specified, all refer ences to DSView™ software refer to DSView software version 4 or
higher.
System Components
The Rack Power Manager software system contains the following components.
1
Rack Power Manager management software
The Rack Power Manager software resides on the Rack Power Manager server (host or hub
computer) and provides a web gateway and services for managing rack PDUs using a web
browser.
Users may connect to the Rack Power Manager server from Rack Power Manager software clients
and use the Rack Power Manager Explorer windows to communicate with the system.
Rack Power Manager server
The Rack Power Manager server contains the Rack Power Manager management software. The
server provides a centralized database for storing configuration, user, unit and system information.
It also provides services for authentication, access control, logging events, monitoring and license
management.
You may configure one or more spoke (backup) servers in addition to the hub server. The hub
server is responsible for maintaining the master copy of the database in a Rack Power Manager
software system. Only one server in a Rack Power Manager software system may be configured as
the hub server.
2Rack Power Manager Installer/User Guide
Spoke servers are primarily used for redundancy of all PDU management and to have improved
scalability. They perform database replication with the hub server. The hub server acts as the
coordinator for database replication between itself and all of the other spoke servers in a Rack
Power Manager software system. A hub server and a spoke server both offer the same Rack
Power Manager software functionality to a user. The distinction of hub or spoke refers only to
the database replication role that the server plays and not with the functionality that the server
provides. Adding one or more spoke servers to a Rack Power Manager software system provides
redundancy and the ability to distribute Rack Power Manager software functionality across
multiple sites. Power consumption data is not replicated to all spokes, however, when a report
is created it spans across all servers to gather the data.
After the hub server and optional spoke server(s) are configured, you may create and configure
the type of access levels for users within your network environment. You may also set up event
logs to record full details of user access and other events.
Rack Power Manager software client
A Rack Power Manager software client is a computer with a web browser that can access the
Rack Power Manager management software installed on the Rack Power Manager server.
Third party products
Third party products are not a part of the Rack Power Manager software, but are supported for
use with it.
• External authentication servers - An external authentication server enables the Rack Power
Manager server to broker authentication requests from users requesting access to the Rack
Power Manager software system.
• SNMP managers - The SNMP (Simple Network Management Protocol) manager monitors
the managed appliances and receives SNMP traps from the Rack Power Manager software
on the server. An example of an SNMP manager is the HP OpenView product.
• Third party Telnet viewers - A third party Telnet viewer may be used for serial sessions
instead of the Rack Power Manager software Telnet Viewer.
Supported Units
For management functions, the Rack Power Manager software client uses HTTPS (Hypertext
Transfer Protocol with SSL encryption) to send a request to the Rack Power Manager server,
which then sends a command to the managed appliance. The appliance then performs the
requested function.
The Rack Power Manager software supports the managed appliances listed in this section.
Other appliances may be supported by plug-ins; see the Avocent web site, www.avocent.com,
for a list of plug-ins that may currently ship with the Rack Power Manager software and/or that
can be added to the Rack Power Manager software. See Plug-ins on page 291 for information
about adding and managing plug-ins in the Rack Power Manager software system.
Power devices
The Rack Power Manager software supports the following power devices:
• Avocent SPC power control devices
• Server Technologies Sentry Switched CDU CW-8H1, CW-8H2, CW-16V1, CW-16V2,
CW-24V2, CW-24V3, CW-32VD1 and CW-32VD2 (supported models may change;
contact Avocent Technical Support for current information)
• Cyclades™Intelligent Power Distribution Unit (AlterPath™manager)
• Avocent Power Management Distribution Unit (PM PDU) PM 1000/2000/3000 PDUs
• Liebert MPH/MPX units
• APC 78xx/79xx PDUs
All of the above power devices are supported on DSR™ KVM over IP switches that contain
one or more SPC ports. Server Technologies power devices are also supported when connected
through Avocent appliances.
Chapter 1: Product Overview 3
Avocent models are supported when connected serially or through an Avocent appliance or
directly over the network. Liebert and APC models are supported only when connected directly
through the network.
4Rack Power Manager Installer/User Guide
Installation
2
This chapter describes the installation sequence for the Rack Power Manager software:
• What you should do before installing the software
• How to install the software
• Configuring the software, plus considerations when upgrading
• Starting a client session
Final sections describe how to change your password, uninstall the software, end a Rack Power
Manager software session and install Java.
5
About Installation
When the Rack Power Manager software is installed, the RPM software database is installed on
the dedicated server.
Rebooting the dedicated server is not required prior to using the Rack Power Manager software.
Once the Rack Power Manager software is installed and you have configured the hub server,
users may log in as a Rack Power Manager software client, using a supported web browser.
You may also install the Rack Power Manager software on additional computers and configure
them as spoke servers. See Spoke Servers on page 74
NOTE: A license key permitsthe oper ation of the RackPower Manager software on the dedicated server. The
license key also specifiesthe number ofclients that may use the software.
Minimum requirements for the Rack Power Manager software
Visit http://www.avocent.com/software-requirements for the minimum requirements for installing
the Rack Power Manager software on a dedicated hub or spoke server.
NOTE: Rack Power Manager
6Rack Power Manager Installer/User Guide
Before installing and configuring the Rack Power Manager software
Before installing the Rack Power Manager software, install the managed appliance hardware.
If the computer will be a hub server, you will need the license key obtained from Emerson and
provide a username and password to use for initial log in.
If the computer will be a spoke server, you will need to identify the associated hub server and
provide the name/password of the hub server’s Rack Power Manager software administrator.
Installing the Rack Power Manager Software
The Rack Power Manager software can be installed on a physical server or VM and the
installation instructions described in this section apply to both scenarios. The Rack Power
Manager management software may be installed using the Rack Power Manager software DVD
or by downloading the software in a self-extracting .zip file from the Avocent web site.
To install the Rack Power Manager software:
1. Log on to the dedicated server as Administrator or root.
2. To install from a DVD:
a. Insert the Rack Power Manager software DVD. An autorun file opens a menu of
installation options.
b. Click Install Rack Power Manager Software.
-or-
For Windows, if autorun is not enabled, type <drive:>\RPM\win32\setup.exe,
where <drive:> is the letter of your DVD drive.
A dialog box will indicate that the server will be verified to ensure it meets
the minimum requirements for installing the Rack Power Manager software.
For Linux, issue the following command to mount the DVD volume: mount
<device> <mount point>, where <device> and <mount point> are the names
of your server’s DVD Linux device and mount point directory, respectively.
For example, to mount the first IDE cdrom on /media/cdrom, enter the
command: mount /dev/cdrom /media/cdrom
3. To install from a downloaded file:
a. Using your web browser, download the Rack Power Manager software from the
Avocent web site. Go to www.avocent.com and click the Support link. On the
Technical Support page, click the Product Upgrades link, then select RPM Software
Upgrades.
Chapter 2: Installation 7
b. Double-click on the downloaded installation package (setup.exe). A dialog box will
indicate that the server will be verified to ensure it meets the minimum requirements
for installing the Rack Power Manager software.
c. For Linux, enter the following command to access the readme file: less /<mount
point>/RPM/readme. For example, the following command accesses the readme file on
the /media/cdrom mount point.
less /media/cdrom/Rack Power Manager/readme
4. If the current version of the Rack Power Manager software is already installed, the Installed
Product Found: Same Version message box will appear. Click OK to reinstall the Rack
Power Manager software or Cancel to exit setup.
5. The Check for an UPDATED version window will open. (If the Rack Power Manager
software is already installed on the dedicated server, a message box will display. Click OK
to close the box.)
a. Click Next to reinstall the software, or click Cancel to stop the reinstallation.
b. Click Check for UPDATES and then click Next to check the Avocent web site for the
most recent Rack Power Manager software installation package. Go to step 5.
-or-
Click Next to install the DVD or downloaded version of the Rack Power
Manager software. Go to step 6.
6. If a newer version of the Rack Power Manager software is found, an Update Available
message appears.
a. Click OK to download the latest Rack Power Manager software installation package.
The installation will be cancelled and the server’s default web browser will launch and
open in the Product Upgrades and Options page of the Avocent web site.
-or-
Click Cancel to resume installation of the older version of the Rack Power
Manager software. Go to step 6.
b. Type your email address and password, and then click Submit to log in to the web site.
c. Download the Rack Power Manager software installation package, log out and close
the web browser. Return to step 2.
7. The Introduction window will open. Follow the on screen instructions.
8. For a new database installation, click Next to install a new PostgreSQL database.
a. Choose a location to install the database.
8Rack Power Manager Installer/User Guide
b. Enter the port number.
c. Enter the password.
d. Click Install.
9. For an existing database installation, click the checkbox to Use Existing Database.
10. Click Next.
a. Entert the database IP address, listening port number and the database username and
password.
b. On the Installation Settings Confirmation screen, click Install.
11. The Installation Complete window will open.
• To begin configuration of the Rack Power Manager software, click Done; see
Configuring the Rack Power Manager Software on page 8. A Security Alert dialog
box will appear containing certificate information and a warning that the generator of
the certificate is not trusted. This occurs because the Rack Power Manager server
certificate created when the server is installed is a self-signed certificate. You may
either import the certificate into the Rack Power Manager software client web browser
(choosing to trust the certificate) or obtain a server certificate from a Certificate
Authority (CA) trusted by the web browser.
• To configure the Rack Power Manager software at a later time, click X (Cancel) in the
top right corner of the window.
Configuring the Rack Power Manager Software
After the Rack Power Manager software has been installed, it must be configured using a web
browser.
During configuration, you specify whether the computer will be a hub server or a spoke server.
If this is your first Rack Power Manager server installation, hub should be selected in the Select
RPM Server Role window. The hub server should be installed before any spoke servers are
added.
To configure the Rack Power Manager software:
1. If you are configuring the Rack Power Manager software during the installation process,
you have already clicked Done in the Launch Default Browser window.
If you quit after installing the Rack Power Manager software installation process (by
closing the window), select Start - Programs - Emerson Rack Power Manager - RPM
Software.
Chapter 2: Installation 9
2. A security alert box will appear containing certificate information. See Certificates on page
49.
3. The Select RPM Server Role window opens.
• Click Hub to assign the dedicated server as the hub server, then click Next. Go to step
4.
• Click Spoke to assign the dedicated server as a spoke server, then click Next. Go to
step 8.
4. Follow the on screen instructions.
5. Click Finish.
6. The User Login window will open in the Rack Power Manager Explorer.
You may now log in using the username and password specified during configuration.
If you chose to configure the server as a spoke server in the Select RPM Server Role
window or if you entered a duplicate software license key in the Type in Master
License Key window, continue with the following steps.
7. The Type in Hub Server Address and Port window will open. Type the address of the Rack
Power Manager software hub server using standard dot notation (xxx.xxx.xxx.xxx) or type
the DNS name in the Address field. Click Next.
8. The Accept Rack Power Manager Server Certificate window will open. Click Next to
accept the certificate.
9. The Type in Hub Administrator Credentials window will open. Type a valid username and
password for a user with Rack Power Manager software administrator privileges on the
Rack Power Manager software hub server. Click Next.
10. The Registering Spoke Server window will open with the message Request In Progress
Please Wait The configuration of the spoke server will be saved to the database of the hub
server and the spoke server’s certificates will be installed on the hub server.
11. The Completed Successful window will open when the spoke server has been added. Click
Finish.
Running the Rack Power Manager Software
Rack Power Manager software clients access the Rack Power Manager software host using a
supported web browser. Any software required by the client, such as applets and the Java
Runtime Environment (JRE), will be automatically installed by the Rack Power Manager server
host.
10Rack Power Manager Installer/User Guide
The Rack Power Manager software uses Secure Sockets Layers (SSL) encryption to send data
between the Rack Power Manager software host and the web browser on the client to ensure
data integrity and privacy. When a user attempts to log in to a Rack Power Manager software
client session, the authentication service configured in the Rack Power Manager software by
the Rack Power Manager software administrator verifies the credentials of the user. Security
alerts related to the certificates on the Rack Power Manager software host may appear. See
Certificates on page 49.
Minimum client requirements
Visit http://www.avocent.com/software-requirements for minimum client requirements.
Opening a client session
Before opening a client session
• Enable cookies and JavaScript on the client’s web browser.
• Configure the web browser. If you are using Internet Explorer, see Internet Explorer
Considerations on page 45.
To open a client session:
NOTE: If Rack Power Manager Software Client Certificate Authentication or Rack Power Manager Software Client
Integrated Windows Authentication is being used, the user willnot be required to log in. See Certificates on page 49.
1. From the Rack Power Manager software client web browser, enter the URL of the server
host in the address bar in the format:
https://<servername>/RPM
In this case, <servername> is the DNS name of the host system, or the IP address in
standard dot notation (xxx.xxx.xxx.xxx).
NOTE: To avoid multiple security warnings, enter the DNS name.
-or-
If you are opening the session on the Rack Power Manager server, you may select Start
- Programs - Emerson Rack Power Manager - RPM Software.
2. Accept all security alerts that may appear as the client computer connects to the Rack
Power Manager server. The Rack Power Manager Explorer User Login window will open.
If an RSA SecurID external authentication service has been added to the Rack Power
Manager software, see RSA SecurID login on page 11 below for the login procedure.
3. Type a valid username and password in the fields provided.
Chapter 2: Installation 11
Depending on the settings specified by the administrator, you may be required to
change your password before being allowed to complete the login process. See Adding
User Accounts on page 211.
4. Click Login. The window that appears depends on the rights assigned to the Rack Power
Manager user that is logging in.
If the client machine uses an onboard video controller and experiences video problems, be sure
the BIOS is updated to the latest version.
RSA SecurID login
When an RSA SecurID external authentication service has been added to the Rack Power
Manager software, the login credentials include a username and a passcode. The passcode
includes a PIN and an RSA SecurID tokencode. The login request is sent to the RSA
Authentication Manager. Depending on the user configuration and state on the RSA
Authentication Manager, the user may be prompted for a second successive tokencode.
The user configuration also specifies how the four to six digit PIN will be generated:
• User defined - the user must enter a PIN
• System generated - the user cannot enter a PIN; it must be generated by the RSA server
• User selectable - the user may choose to enter a PIN or allow the RSA server to generate it
If a PIN has not yet been assigned to the user or if security policy requires a PIN change, the
user will be prompted accordingly. If the RSA server generates the PIN, the user will be given a
brief interval to memorize it.
Uninstalling the Rack Power Manager Software
To uninstall the Rack Power Manager software on a supported Windows system:
1. Select Start - Settings - Control Panel. The Control Panel will appear.
2. From the Control Panel, click Add/Remove Programs. The Add/Remove Programs dialog
box will appear.
3. Select Emerson Rack Power Manager and then click Change/Remove. The Uninstall
Avocent RPM window will open.
4. Click Uninstall.
To uninstall the Rack Power Manager software on a supported Linux system:
1. Log in to the server as root.
12Rack Power Manager Installer/User Guide
2. Insert the Rack Power Manager software DVD into your DVD drive. If AutoMount is
supported and enabled, open a command window and continue with step 3.
-or-
If your system does not support AutoMount, issue the following command to mount
the DVD volume: mount <device> <mount point>, where <device> and <mount
point> are the names of your server’s DVD Linux device and mount point directory,
respectively.
For example, to mount a DVD which is the second IDE unit on /media/cdrom, enter the
command:
mount /dev/cdrom /media/cdrom
3. Enter the following command to access the readme file.
less /media/cdrom/RPM/readme
Follow the instructions in the readme file.
To close a Rack Power Manager software session:
From the Rack Power Manager Explorer, click LOGOUT or the logout icon.
Java Installation
On non-Windows clients, Telnet requires Java version 1.5. The Telnet/SSH applet may work
with other versions.
On Windows clients, Java is required to run the Emerson Telnet/SSH Viewer. If the Win32
PuTTY Telnet/SSH Viewer is selected in the user’s profile, then Java is not required on the
client. On a Windows client, it is recommended that the JRE (Java Runtime Environment) be
installed in the C:\Program Files\ location.
To configure Java to find the JRE:
1. Access the Java Control Panel.
2. Select the Java tab.
3. In the Java Application Runtime Settings panel, click View.
4. Change the path to the installed JRE.
5. Click OK.
For Windows and Linux operating systems, the Rack Power Manager software client
automatically downloads and installs the JRE the first time it is needed. For Macintosh
Chapter 2: Installation 13
operating systems, you must update Java and install the JRE using the Macintosh software
updates. Refer to the Macintosh operating system documentation for more information.
To install the JRE on a Windows client:
1. In a Rack Power Manager software Units View window (see Accessing Units View
windows on page 111), click an Action link.
2. A window will open, containing a link for downloading the JRE installer. Download the
JRE installer, then close all browser windows.
3. Click on the JRE icon to launch the installer.
4. Restart the browser, and click an Action link.
To install the JRE on a Linux client:
NOTE: Only one version of the JRE can be installed in the browser for RackPower Manager software support.
Depending on your system’sconfiguration, you may have to log in as the root user to install the JRE. Contact your
system administrator if you need help with installing software as the root user.
1. In a Rack Power Manager software Units View window (see Accessing Units View
windows on page 111), click an Action link.
2. A window will open, containing a link for downloading the JRE installer. Download the
JRE installer, then close all browser windows.
3. Run the installer.
4. Restart the browser, and click an Action link.
14Rack Power Manager Installer/User Guide
Transition
3
This chapter describes the steps for transitioning to Rack Power Manager software.
• Transitioning from DSView 3 management software and DSView 3 Power Manager Plug-in
to Rack Power Manager software
• Transitioning from DSView software version 4 or higher to the Rack Power Manager
software
DSView™ 3 Software and Power Manager Plug-in to RPM software
15
NOTE: In thisdocument, DSView 3 software refers to DSView software versions 3.7.2.x or 3.7.3.x.
NOTE: In order to safely upgrade to the RPM software, and to provide a roll-back path in case of upgrade failures,
perform each of the following steps. If your DSView 3 configuration doesnot include spoke servers, skip the stepsthat
refer to spoke servers.
Before you begin, ensure that you budget sufficient time to transition the hub and spoke servers
concurrently.
Data Replication
Perform a replication of all DSView 3 software spoke servers. In order to ensure that the entire
system has fully replicated, run the replication task twice to ensure that all spokes are in sync
with the hub server.
To initiate an immediate replication on a spoke server:
1. On the spoke server, click the System tab.
2. Click Tasks in the top navigation bar. The Tasks window will open.
3. Check the checkbox to the left of the Database Replication task and then click Run Now.
16Rack Power Manager Installer/User Guide
Back up the DSView 3 Software
Using the DSView 3 software backup and restore utility or the command line, back up the hub
and each spoke server. The backup includes the database, plug-ins, firmware, appliance
templates and system properties. You may manually create a backup of your hub server. Two
methods are available:
• From a command line in an MS-DOS window. This method may be used for DSView 3
software hub servers on supported Windows® systems.
• Use the Backup and Restore system task located in the DSView 3 software WebUI. The
backup is saved as a .zip file containing the files needed to restore the DSView 3
management software. This method may be used for DSView 3 software hub servers on
supported Windows® systems only.
Client sessions will be temporarily disconnected during a manual backup. The sessions will be
automatically reconnected when the backup is completed.
Manual backup and restore procedures require DSView 3 software administrator privileges.
To manually back up a hub server using a command line on a supported Windows
system:
1. In the Start menu on your desktop, select Start - Programs - Accessories - Command
Prompt. A command prompt window will open.
2. Change directories to the directory in which the DSView 3 software is installed (typically
C:\Program Files\Avocent DSView 3\bin).
3. Enter DSViewBackupRestore to display the DSView 3 Backup and Restore Utility dialog
box.
4. To back up the DSView 3 software hub server, enter DSViewBackupRestore -backup -
archive “<archive name>” -passwd <password>.
For example, entering the following in a command prompt window will create a backup named
db.zip with the password test.
DSViewBackupRestore.exe -backup -archive “db.zip” -passwd test
To manually back up a hub server using a command line on a supported Linux
system:
1. Access the command prompt on your system.
2. Change directories to the directory where the DSView 3 software is installed, which is
typically /usr/local/dsviewserver/bin.
Chapter 3: Transition 17
3. To backup the DSView 3 software hub server, enter DSViewBackupRestore.sh -backup -
archive <archive name> -passwd <password> -overwrite.
For example, entering the following in a command prompt window will create a backup named
dbasebackup.zip with the password test1.
DSViewBackupRestore.sh backup -archive dbasebackup.zip -passwd test1
To manually back up a hub server using the Backup and Restore Utility dialog box
on a supported Windows system:
1. In the Start menu on your desktop, select Start - Programs - Avocent DSView 3- Backup
and Restore Utility. The DSView 3 Backup/Restore Utility dialog box will appear.
2. Click Backup Database to a file.
3. To password-protect the backup file, click Enabled and type a password in the Password
field.
4. Click Browse and use the Save As dialog box to specify a directory and name for the
backup file. Click Save when you are finished.
5. Click Backup. The DSView 3software system backup files are saved.
6. Click Close to close the DSView 3 Backup/Restore Utility dialog box.
Backup the Power Management database
This task creates a folder containing a backup of the Power Manager database. The backup
folder is named dsviewPluginBackup;<SYSTEM NAME> by default, but you may also append
the date and time to the end of the backup folder. Run this task on each of the hub and spoke
servers.
To configure the PMP backup:
1. Click the System tab.
2. Click Tasks in the top navigation bar. The Tasks window will open.
3. Click Add. The Add Task Wizard will appear.
4. Select Backup Power Manager database from the drop-down menu. Type a 1-64 character
name for the task.
5. Select a time to run the task, then click Next.
6. The Specify Power Manager Database Backup Properties window will open.
a. Type the directory location in which to create the backup file, which may be a
physical local drive on the DSView 3 server or a shared network location specified by
18Rack Power Manager Installer/User Guide
a UNC (Universal Naming Convention) path. The Location field cannot be set to a
mapped network drive. The directory name must be entered in case sensitive text if
your operating system supports case sensitive filenames.
b. If the specified directory location is a network path that requires a login, enable the
Login required to access shared drive location checkbox. Then type the username and
password and confirm the password of a user account that has read/write access to the
network share location.
c. To append the date and time (in military time) to the end of the system backup folder,
enable the Use date and time for folder naming checkbox. For example, if you are
creating the backup folder on October 1, 2005 at 10:04 pm, the folder created will be
named dsviewBackup1001052204;<Machine Name>.
If a backup folder already exists in the specified directory and the Use date
and time for folder naming option is not enabled, the existing backup folder
will be overwritten when the new backup folder is created.
7. Click Finish.
8. Navigate to the etc folder of this backup folder. Compress the etc folder into a zip file
manually. Use the zip of etc folder in all subsequent steps that require the backup of a
Power Management database.
Install Rack Power Manager Hub Server
To Install RPM Software:
1. Download the latest version of RPM software to the server.
2. Run the installation file.
3. Click Next to continue with the installation.
4. Accept the terms of the License Agreement, click Next.
5. Click Next on the Installation Settings screen.
6. Choose the RPM software installation location and click Next.
7. Review the default RPM software TCP Port Settings tab, make any changes needed and
click Next.
8. On the PostgreSQL Installation screen, check the box to Use Existing Database if
connecting to an existing and click Next.
-or-
Click Next to install a new instance.
9. For an existing PostgreSQL server, enter the IP address, port, username and password and
click Next.
-or-
For a new instance, enter the install folder, port, and password and click Next. Click
Install on the confirmation screen.
10. Click Ok on the Service Startup message.
11. Click Done.
Migration Utility
Exporting the Data
The DSView data migration utility was installed with the RPM software. It will allow you to
convert from the embedded DSView PMP database to PostgreSQL data format.
To export the DSView 3 backup data into PostgreSQL format from a Windows
operating system:
1. To launch the migration utility, from the Windows server, click Start - All Programs Emerson - RPM1.0 - DSViewDataMigrationUtility.
2. On the Export tab, select the Server Type from the drop-down menu.
Chapter 3: Transition 19
a. Choose Hub, if you are exporting data from the hub.
b. Choose Spoke if you are exporting data from the spoke.
3. Select DSView for the Database Type from the drop-down menu when you are specifying a
DSView Software backup.
-or-
Select PMP for the Database Type from the drop-down menu when you are specifying
backup of the Power Management database. If you have both DSView Software
backup and Power Management database backup, you will have to run the utility
twice to select both the options.
4. In the field Data Backup File Path, enter the path or browse to the location of the DSView
Software backup or PMP database backup file. If using a PMP database backup file, this is
the zip file of the etc folder that was created previously.
5. In the Migration File Path field, enter or browse to the location that you will save the
exported file.
6. Click on Export.
20Rack Power Manager Installer/User Guide
To export the DSView 3 software data from a Linux® operating system:
1. Navigate to the DSViewDataMigrationUtility folder, By default this folder is located at
/usr/local/Emerson/RackPowerManager/DSViewDataMigrationUtility. To launch the
migration utility, enter ./DataMig.sh from the command line.
2. Choose option number two to export the data.
3. From the menu, enter the server type.
a. Choose Hub, if you are exporting data from the hub.
b. Choose Spoke if you are exporting data from the spoke.
4. Select DSView for the Database Type when you are specifying a DSView software backup.
-or-
Select PMP for the Database Type when you are specifying backup of the Power
Management database. If you have both DSView software backup and Power
Management database backup, you will have to run the utility twice to select both the
options.
5. Input the location of the DSView Software backup or PMP database backup file. If using a
PMP database backup file, this is the zip file of the etc folder that was created previously.
6. Input the location to save the Migration File.
7. Verify the settings and enter Y to continue with the export.
Importing the Data
The RPM data migration utility migrates the exported data you get from the previous steps into
the RPM database.
To Import DSView or DSView + PMP database from a Windows Operating System:
1. To launch the migration utility, from the Windows server, click Start - All Programs Emerson - RPM1.0 - RPMDataMigrationUtility.
2. Click Next to continue.
3. Select DSView3+PMP to RPM 1.0 and click Next.
4. Enter the server IP address of the RPM software hub server.
5. Enter the listening port for your hub database server in the DB Server Port field.
6. Enter the database username in the Username field.
7. Enter the password for the database in the Password field.
Chapter 3: Transition 21
8. Enter the database name in the DB Name field.
9. Click Next.
10. In the DSView Hub Database field, enter or browse to the location that you saved the
DSView 3 software export file.
11. In the PMP Database field, enter the path or browse to the location of the exported PMP
database file.
12. Click Next.
13. Assign the data from servers on your DSView System to your RPM System and click Next.
14. Confirm the server assignments and click Next.
15. In case you have assigned data to RPM spoke server, you will be prompted for the DB
server port, user name and password of the spoke DB server. Enter these details and click
Next.
16. Click Finish.
To Import PMP Database from a Linux Operating System:
1. Navigate to the RPMDataMigrationUtility folder. By default this folder is located at
/usr/local/Emerson/RackPowerManager/RPMDataMigrationUtility. To launch the migration
utility, enter ./DBMigration.sh from the command line.
2. Click Next to continue.
3. Select DSView3+PMP to RPM 1.0 and click Next.
4. Enter the server IP address of the RPM software hub server.
5. Enter the listening port for your hub database server in the DB Server Port field.
6. Enter the database username in the Username field.
7. Enter the password for the database in the Password field.
8. Enter the database name in the DB Name field.
9. Click Next.
10. In the DSView Hub Database field, enter or browse to the location that you saved the
DSView 3 software export file.
11. In the PMP Database field, enter the path or browse to the location of the exported PMP
database file.
12. Click Next.
22Rack Power Manager Installer/User Guide
13. Assign the data from servers on your DSView System to your RPM System and click Next.
14. Confirm the server assignments and click Next.
15. In case you have assigned data to RPM spoke server, you will be prompted for the DB
server port, user name and password of the spoke DB server. Enter these details and click
Next.
16. Click Finish.
Configure RPM Hub and Spoke servers
To configure the hub server:
1. Stop the RPM service on the hub server.
2. Copy the backed up firmware, appliance templates and system properties over to the
corresponding folders on the hub server.
3. Restart the hub server.
To configure the spoke server(s):
1. Stop the RPM service on the spoke service.
2. Copy the backed up firmware, appliance templates and system properties over to the
corresponding folders on the spoke server.
3. Restart the spoke server.
4. Run data replication on each spoke server.
DSView software to RPM software
The section describes how to transition to RPM software from DSView software version 4 or
higher. Before you begin, ensure that you budget sufficient time to transition the hub and spoke
servers concurrently.
Data Replication
Perform a replication of all DSView software spoke servers. In order to ensure that the entire
system has fully replicated, run the replication task twice to ensure that all spokes are in sync
with the hub server.
To initiate an immediate replication on a spoke server:
1. On the spoke server, click the System tab.
2. Click Tasks in the top navigation bar. The Tasks window will open.
3. Check the checkbox to the left of the Database Replication task and then click Run Now.
Back up the DSView Software
Using the DSView software backup and restore utility or the command line, back up the hub
and each spoke server. The backup includes the database, plug-ins, appliance templates and
system properties. You may manually create a backup of your hub server. Two methods are
available:
• From a command line in an MS-DOS window. This method may be used for DSView
software hub servers on supported Windows® systems.
• Use the Backup and Restore system task located in the DSView software WebUI. The
backup is saved as a .zip file containing the files needed to restore the DSView software.
This method may be used for DSView software hub servers on supported Windows®
systems only.
Client sessions will be temporarily disconnected during a manual backup. The sessions will be
automatically reconnected when the backup is completed.
Manual backup and restore procedures require DSView software administrator privileges.
To manually back up a hub server using a command line on a supported Linux
system:
Chapter 3: Transition 23
1. Access the command prompt on your system.
2. Change directories to the directory where the DSView software is installed, which is
typically /usr/local/dsviewserver/bin.
3. To backup the DSView software hub server, enter DSViewBackupRestore.sh -backup -
archive <archive name> -passwd <password> -overwrite.
For example, entering the following in a command prompt window will create a backup named
dbasebackup.zip with the password test1.
DSViewBackupRestore.sh backup -archive dbasebackup.zip -passwd test1
To manually back up a hub server using the Backup and Restore Utility dialog box
on a supported Windows system:
1. In the Start menu on your desktop, select Start - Programs - Avocent DSView - Backup and
Restore Utility. The DSView Backup/Restore Utility dialog box will appear.
2. Click Backup Database to a file.
3. To password-protect the backup file, click Enabled and type a password in the Password
field.
24Rack Power Manager Installer/User Guide
4. Click Browse and use the Save As dialog box to specify a directory and name for the
backup file. Click Save when you are finished.
5. Click Backup. The DSView software system backup files are saved.
6. Click Close to close the DSView Backup/Restore Utility dialog box.
Extract the PostgreSQL data file
To extract PostgreSQL data file:
1. Decompress the backup file previously generated.
2. Navigate to the bin folder and copy the postgresbackup.tar file to another location. This
file will have to be used as input to import the data to the Rack Power Manager software.
Install Rack Power Manager Hub Server
To Install RPM Software:
1. Download the latest version of RPM software to the server.
2. Run the installation file.
3. Click Next to continue with the installation.
4. Accept the terms of the License Agreement, click Next.
5. Click Next on the Installation Settings screen.
6. Choose the RPM software installation location and click Next.
7. Review the default RPM software TCP Port Settings tab, make any changes needed and
click Next.
8. On the PostgreSQL Installation screen, check the box to Use Existing Database if
connecting to an existing and click Next.
-or-
Click Next to install a new instance.
9. For an existing PostgreSQL server, enter the IP address, port, username and password and
click Next.
-or-
For a new instance, enter the install folder, port, and password and click Next. Click
Install on the confirmation screen.
10. Click Ok on the Service Startup message.
11. Click Done.
Importing the Data
To Import DSView database from a Windows Operating System:
1. To launch the migration utility, from the Windows server, click Start - All Programs Emerson - RPM1.0 - RPMDataMigrationUtility.
2. Click Next to continue.
3. Select DSView4 to RPM 1.0 and click Next.
4. Enter the server IP address of the RPM software hub server.
5. Enter the listening port for your hub server in the DB Server Port field.
6. Enter the database name in the DB Name field.
7. Enter the database username in the Username field.
8. Enter the password for the database in the Password field.
9. Browse or enter the location of the DSView4 Database in the DSView4 DB field. This is
the postgresbackup.tar file that was extracted from the DSView4 backup
10. Click Next.
11. Assign the servers for migration and click Next.
Chapter 3: Transition 25
12. Confirm the server assignments and click Next.
13. Click Finish.
To Import DSView Database from a Linux Operating System:
1. Navigate to the RPMDataMigrationUtility folder. By default, this folder is located at
/usr/local/Emerson/RackPowerManager/RPMDataMigrationUtility. To launch the migration
utility, enter ./DBMigration.sh from the command line.
2. Click Next to continue.
3. Select DSView4 to RPM 1.0 and click Next.
4. Enter the server IP address of the RPM software hub server.
5. Enter the listening port for your hub server in the DB Server Port field.
6. Enter the database name in the DB Name field.
7. Enter the database username in the Username field.
8. Enter the password for the database in the Password field.
26Rack Power Manager Installer/User Guide
9. Browse or enter the location of the DSView4 Database in the DSView4 DB field. This is
the postgresbackup.tar file that was extracted from the DSView4 backup
10. Click Next.
11. Assign the servers for migration and click Next.
12. Confirm the server assignments and click Next.
13. Click Finish.
Configure RPM Hub and Spoke server
To configure the hub server:
1. Stop the RPM service on the hub server.
2. Copy the backed up firmware, appliance templates and system properties over to the
corresponding folders on the hub server.
3. Restart the hub server.
To configure the spoke server(s):
1. Stop the RPM service on the spoke service.
2. Copy the backed up firmware, appliance templates and system properties over to the
corresponding folders on the spoke server.
3. Restart the spoke server.
4. Run data replication on each spoke server.
Rack Power Manager Explorer
27
4
When a user is logged in and authenticated, the Emerson Rack Power Manager Explorer window
opens. From the Rack Power Manager Explorer window, you may view, access and manage units.
Windows
Figure 4.1: Example EmersonRack Power Manager Explo rer Window Areas
Table 4.1: Rack Power Manager Explo rer Window Area Descriptions
28Rack Power Manager Installer/User Guide
Number Description
Top option bar - Use the top option bar to bookmark a Rack Power Manager software window,
1
refresh a window display, print a page, log out of a software session or access online help. The
name of the logged inuser appears on the left side of the top option bar.
2
3
4
5
Tab bar - Use the tab bar to displayand manage units, user accounts, reports, system settings and
session profiles.
Top navigation bar - The selections in the top navigation bar vary, depending on the active tab in the
tab bar. Topicsrelevant to each selection displayin the side navigation bar.
Side navigation bar - Use the side navigation bar to select system information to displayor editin the
content ar ea. The side navigation bar contains arr ows that affect its display.
Content area - The information specified by the tab bar, top navigation bar and side navigation bar
selections is displayed and changed in the content area.
Using the Side Navigation Bar
The side navigation bar is used to display windows that specify settings or perform operations.
The contents of the side navigation bar varies, depending on the tab and top navigation bar
selections and the window that is displayed.
Figure 4.2: Example Side Navigation Bar
Table 4.2: Side Navigation Bar Descriptio ns
Chapter 4: Rack Power Manager Explorer Windows 29
Number
1
2
3 Collapse Node - Click this arrow to collapse an opened tree br anch and itslinks.
4 Expand Node - Clickthisarrow to expand a closed tree branch and displayitslinks.
Description
Expand All Nodes - Click this arrow in the upper right corner to expand allnodes and
display additional links.
Collapse All Nodes - Click this arrow in the upper right corner to collapse all nodes and
their links.
You may choose whether an expanded node will collapse when another Expand Node arrow is
selected. See Changing user options on page 39.
Using Windows
Sorting information in a window
The order of rows in a list may be changed by clicking the heading of one of the displayed
columns. When you click a column heading, the order of the list rows will change to
alphabetically ascending, based on that column. If you click the column heading a second time,
the order will change to an alphabetically descending order.
If you are using the topology feature in a Units View window, see Topology view on page 110
for sorting criteria.
Filtering information in a window
Some Rack Power Manager software windows allow you to filter list information by providing
a text string that will be used to retrieve matching items.
When filtering, you may use an asterisk (*) before and/or after text strings as a wildcard. For
example, typing emailserver* and clicking Filter will display items with emailserver at the
beginning (such as emailserver, emailserverbackup). Typing *emailserver* and clicking Filter
will display items containing emailserver in any part of the name (such as emailserver,
emailserverstore, tdemailserver, tdemailserver1).
Table 4.3 lists the ways you may specify text strings for filtering.
Table 4.3: Filter Text Strings
30Rack Power Manager Installer/User Guide
Typed in the Filter Field Results
Entering a string displaysa filtered list of items that contain the ‘word’ (that is, it
willfind matching strings that are followed by anything other than a letter or num-
ber). For example, typing email will list any items that contain the string email, fol-
<String>
"<String>"
<String1> AND <String2>
<String1> OR <String2>
(<String>)
lowed bya space or punctuation mark. If you enter multiple words separated by
spacesbut without logical operators, OR isassumed, and each word is treated
separately. For example, typing email server willdisplay items containing
email or server.
Surrounding the string with quotation marks displays a filtered list of items containing the exact string, including spacing and punctuation. For example, typing
"email server” will displayitems that contain emailserver. The RackPower
Manager software willprovide a closing quotation mark if it is omitted.
Using the AND logicaloperator displays the itemsthat contain both strings. For
example, typing email and server will displayitems named email-server- 3,
email-server-2, server emailand so on.
Using the OR logicaloperator displays the items that contain at least one of the
strings. For example, typing email or server will find anyitems that contain
the string emailor the string server.
Parentheses maybe used to override the default (left to right) order of precedence during evaluation of a filter string. For example, searching for email
and server or service would be the equivalent of ((email and server) or ser-
vice), which may not be the intended search. The user may choose instead to
change the order of precedence by grouping the search terms with par-
entheses, such as (email) and (server or service).
Preceding the string with NOT displaysall items that do not containthe string.
NOT <String>
For example, typing not email will displayall items except those containing
email (email, email server, email-server-1 and so on will not display).
Using the Customize link in windows
Windows that contain a Customize or Customize Fields and Filter link allow you to change
the following information:
• The number of items displayed per page in the window
• Which columns of information are displayed in Units View windows
• Which columns are included in a filter from a Units View window (available from the
Customize Fields and Filter link only)
Chapter 4: Rack Power Manager Explorer Windows 31
By clicking the Customize link, you can also show units that have been hidden in a Units
View window.
NOTE: If you are in a UnitsView window, the link is displayed as “Custom Fieldsand Filter” and thiswindow
contains additional filtering options. On any other window, the linkisdisplayed as “Customize”. The term “Customize
link” isused throughout this document to refer to both links.
The items available for customizing and methods for changing them will vary, depending on
the window being customized. Although the items that appear in windows may vary, the items
that do appear are modified identically regardless of the window in which you clicked the
Customize link.
To customize a window using the Customize link:
1. In a window containing a Customize link in the upper right corner, click the link. A View
Customization window will open.
2. Add, remove or move fields in the window display:
• To add one or more fields to the window display, select the fields in the Available
Fields list, then click Add. The fields will be moved to the Fields to Show list.
• To remove one or more fields from the window display, select the fields in the Fields
to Show list, then click Remove. The fields will be moved to the Available Fields list.
• To change the order that fields display from left to right in the window, select one or
more fields in the Fields to Show list. Use the up or down arrow to change its order in
the list.
3. To specify the number of items that appear in a window, use the arrow keys in the Items
per Page field to select a number or type a number (1-2000). In Units View windows that
have the topology view enabled, the number of items per page includes children, even if
the display is collapsed and the children are not visible.
4. To show hidden items in a Units View window (see Showing and hiding units on page
112).
a. Check the Show hidden items checkbox.
b. Select Visibility from the Available Fields column, and then click Add. Visibility will
move to the Fields to Show list.
5. To show group descendants in windows that display unit groups (see Unit group hierarchy
on page 185), click the Show group descendants checkbox.
6. To expand a topology view automatically in a Units View window (see Topology view on
page 110), click the Expand view automatically checkbox.
32Rack Power Manager Installer/User Guide
7. (Units View windows only) To specify which fields are included in a filter, select the field
(s) from the Available Fields list and click the Add button. To remove fields from a filter,
select the fields from the Filter on these fields list and click Remove.
8. To set the Fields to Show and List Items as the default, click Set as Default. This button
will appear only if you are a Rack Power Manager software administrator. You will be
prompted to confirm setting these values as the default. Confirm or cancel.
9. Click Save and then click Finish. The window being customized will open with the
changes.
Displaying pages
Multiple page windows contain navigation buttons which may be used to quickly move among
pages.
Table 4.4: Rack Power Manager Explo rer Page Navigation But tons
Button Description
|< First Page - Navigatesto the beginning of a list displayed in a window.
<< Previous Page - Navigates to the pr eviouspage of a list displayed in a window.
>> Next Page - Navigates to the next page of a list displayed in a window.
>| Last Page - Navigates to the end of a list displayed in awindow.
Printing a window
All windows contain a print icon and text in the top option bar. When you print a window, all
the information on the page is printed, not just the visible portion.
To print a window:
1. In the top option bar, click PRINT or the print icon. The Print dialog box will appear.
2. Specify options to use, then click Print to print the window and close the Print dialog box.
Refreshing a window
A window may be refreshed at any time by clicking REFRESH or the refresh icon in the top
option bar.
By default, status information automatically refreshes every 30 seconds. This interval may be
changed or disabled. See Changing user options on page 39.
Using keyboard commands
In addition to using a mouse, certain keyboard commands may be used to select and change
items in windows.
Table 4.5: General Keyboard Commands
Key Description
Tab Transfers focus to the next control in the window, including the calendar
Shift-Tab Transfers focus to the pr eviousHTML control
Table 4.6 lists the keyboard commands that may be used when a calendar is enabled and has
focus.
Table 4.6: Calend ar Keyboard Commands
Key Description
Enter or Space Displays or closesthe calendar.
Esc Closes the calendar.
Chapter 4: Rack Power Manager Explorer Windows 33
Page Up Decrements the month by one month and selects the first day of the month.
Page Down Increases the month byone month and selectsthe first day of the month.
Right Arrow
Left Arrow
Up Arrow
Down Arrow
Increments the day by one day. If the last day of the month is selected and the Right
Arrow key is pressed, the month isincremented to the next month.
Decrements the day byone day. If the first day of the month is selected and the Left
Arrow key is pressed, the month isdecremented to the previousmonth.
Decrements the weekdayby one week. If the first weekdaytype of the month is selected
and the Up Arrow key is pressed, the month is decremented to the previousmonth.
Increments the weekday byone week. If the last weekday type of the month is selected
and the Down Arrow key is pressed, the month isincremented to the next month.
Table 4.7 lists the keyboard commands that may be used when a spinner is enabled and has
focus.
Table 4.7: Spinner Keyboard Commands
34Rack Power Manager Installer/User Guide
Key Description
Up Arrow Increments the spinner number byone
Down Arrow Decrements the spinner number byone
Basic Operations
5
This chapter describes basic operations and settings, including global system properties, profiles,
built-in user groups and preemption levels.
Rack Power Manager Help
The Rack Power Manager help is hosted on the Avocent web site. If you do not have continuous
access to the Internet, you may wish to install the help on the local Rack Power Manager server.
NOTE: Help for RackPower Manager software plug-insisautomatically installed on your local server and is not
available from the Avocent web site.
Configuring the Rack Power Manager help location
35
Rack Power Manager administrators can change the Rack Power Manager help location at any
time. Help is configured independently for each Rack Power Manager hub and spoke server.
To configure the Rack Power Manager help location:
1. Click the System tab, then click Rack Power Manager Server.
2. Click Properties - Help Configuration in the side navigation bar.
3. Specify the location of the help that will be accessed each time Help - Rack Power Manager
Management Software Help is clicked.
Select View help from the Avocent web site to access the latest help for your Rack Power
Manager software version from the Avocent web site (Internet connection required).
-or-
Select View help from this Rack Power Manager server help location to access the
downloaded help from your local server. Complete the following procedure for Installing
Rack Power Manager help on a local server on page 36.
4. Click Save.
36Rack Power Manager Installer/User Guide
NOTE: If your RackPower Manager software version is several versions prior to the current version, the help may
not be available on the Avocent web site. In thiscase, when you accessthe help from the web, you are prompted to
save a .zip file of the help to the local device.
Installing Rack Power Manager help on a local server
You can automatically download the help from the Avocent web site using the Rack Power
Manager software, or you can visit www.avocent.com/rpmhelp to browse for the appropriate
version and save a .zip file of the help to local media.
To download or update Rack Power Manager help on the local server:
1. Click the System tab, then click Rack Power Manager Server.
2. Click Properties - Help Configuration in the side navigation bar.
3. Click the Download Latest Help button. The Rack Power Manager Help Download Wizard
opens.
4. Select From the Avocent web site to download the latest help for your Rack Power
Manager software version from the Avocent web site.
-or-
Select From a local device to retrieve the help from local media. To specify the
location, click Browse or type the path in the field.
5. Click Next.
6. The Completed Successful window opens. Click Finish.
NOTE: If you reinstall or upgrade the RackPower Manager software, the Rack Power Manager help location is
reset to From the Avocent web site.
Global System Properties
Global system properties affect all Rack Power Manager servers in the system. That is, when
global system properties are changed on a Rack Power Manager server, the next replication
operation will apply those changes to all other Rack Power Manager servers in the system; see
Replication on page 78.
Global system properties include:
• User credential properties - see Specifying a user certificate on page 41 and Specifying an
SSH key on page 42
• Legal notice - see Legal Notice on page 37
• PCI Compliance - PCI Compliance Configuration on page 37
• Power settings - see Power Settings on page 38
• Automatic inheritance - see Automatic Inheritance for Group Memberships and Properties
on page 131
Legal Notice
Administrators may enable or disable the display of a legal caption and disclaimer prior to users
logging in to the Rack Power Manager software. When enabled, the legal disclaimer is
displayed every time a user logs in.
The legal notice feature affects all Rack Power Manager servers in the system after replication;
see Replication on page 78.
To enable or disable and configure the legal notice:
1. Click the System tab.
2. Click Global Properties in the top navigation bar.
3. Click Legal Notice in the side navigation bar. The Rack Power Manager System Logon
Legal Notice window will open.
4. To enable the legal notice display:
a. Check the Enable Legal Notice checkbox.
Chapter 5: Basic Operations 37
b. Enter up to 80 characters in the Caption field. This is a required field.
c. Enter up to 512 characters in the Text field. Carriage returns may be used to separate
lines. This is a required field.
d. Click Save.
5. To disable the legal notice display, uncheck the Enable Legal Notice checkbox and then
click Save.
PCI Compliance Configuration
The Rack Power Manager software may be configured as Payment Card Industry (PCI)
compliant. When PCI compliance is enabled, three settings are affected:
• Browser caching of secure web pages is disabled. This setting prevents the potential loss of
confidential client data; however, this setting may not work effectively if older browsers
are used.
• The browser prompt to save passwords is disabled. This setting prevents the potential loss
of confidential client data.
38Rack Power Manager Installer/User Guide
• Weak SSL ciphers are disabled. This setting prevents the potential loss of data integrity.
NOTE: When PCI compliance is enabled, the exporting of the Rack Power Manager server CSR files, PEM
certificatesand SSH keysdoes not submit the request to the client's browser; instead the filesare saved in the Rack
Power Manager server user's home directory. The CSR filename isthe name of the Rack Power Manager server
with extension .p10, the PEM certificate filename is RackPower Manager System Certificate.pem, and the SSH key
filename is Rack Power Manager System Certificate.pub. For example, if the server isrunning on Windows XP and
the name of the server isWinXPServer, the files are saved to [rootdrive]\Documents and Settings\[username]\ and
the namesare:
- CSR file =WinXPServer.p10
- PEM certificate = RackPower Manager System Certificate.pem
- SSH key = RackPower Manager System Certificate.pub
To enable PCI compliance:
1. Click the System tab.
2. Click Global Properties in the top navigation bar.
3. Click PCI Compliance in the side navigation bar. The PCI Compliance Properties window
will open.
4. To enable PCI compliance, select Make Rack Power Manager Server PCI Compliant. Click
Save.
5. Restart the Rack Power Manager server.
6. Run the MSI installer to push the Video Viewer files to the Internet Explorer clients
accessing the Rack Power Manager software; follow the procedure in Managing ActiveX®
controls on page 45.
NOTE: The PCI compliance setting is not replicated to other RackPower Manager servers. You must configure
PCI compliance settings individuallyfor each server that you wish to be PCI compliant.
Power Settings
Configure the global power settings properties to specify how long the Rack Power Manager
server will wait to receive a power operations response from a unit.
To configure power settings:
1. Click the System tab.
2. Click Global Properties in the top navigation bar.
3. Click Power Settings in the side navigation bar. The Power Settings Properties window
will open.
4. Enter a number of seconds between 0 and 60 to specify the amount of time for the Rack
Power Manager server to wait for power operations to complete. The preset value is 60
seconds.
5. Click Save.
Profiles
Profile information contains features and tasks that may affect actions when using the Rack
Power Manager software. These include:
• User options
• Color scheme
• Changing a password
• Choice of serial session application
• Specifying a user certificate
• Specifying a user SSH key
Changing user options
To change user options:
Chapter 5: Basic Operations 39
1. Click the Profile tab. The Options window will open.
2. In the Navigation Tree Behavior area, select one option:
• If you select Automatically collapse navigation tree nodes, a currently-expanded tree
node will be collapsed when you select another tree node.
• If you select Preserve navigation tree state, a currently-expanded tree node will remain
expanded when you select another tree node.
• If you select Automatically fully expand navigation tree nodes, all tree nodes will be
expanded. This is equivalent to clicking the Expand All Nodes arrow in the side
navigation bar; see Using the Side Navigation Bar on page 28.
3. Enable or disable prompts when leaving pages with unsaved changes:
• Check Skip prompt when leaving pages with unsaved changes, if you do not want a
message box to prompt you to save modified information when you leave a window.
• Uncheck Skip prompt when leaving pages with unsaved changes if you want a
message box to prompt you to save modified information when you leave a window.
40Rack Power Manager Installer/User Guide
4. Select a refresh rate or Never. By default, windows automatically refresh every 30 seconds.
If you select Never, windows will only be refreshed when you click the REFRESH icon or
text in the top option bar.
5. Click Save.
Changing the color scheme
When the color scheme is changed, it is changed only for the logged in user.
To change the color scheme:
1. Click the Profile tab.
2. Click Preferences in the top navigation bar.
3. Click Color Scheme in the side navigation bar. The Color Scheme window will open.
4. Click a color scheme to use. If the System Colors scheme is selected, the Rack Power
Manager Explorer window will match the user’s desktop color scheme.
5. Click Save. The color scheme will be applied to the Rack Power Manager Explorer
window.
Changing your password
When the Rack Power Manager software internal authentication service is used, user accounts
will indicate if users are allowed to change their password; see User account restrictions and
expiration settings on page 217.
By default, passwords must contain at least three characters and will never expire. A different
minimum character length and an expiration date may be configured; see Rack Power Manager
software internal authentication service on page 82.
To change your password:
1. Click the Profile tab.
2. Click Preferences in the top navigation bar.
3. Click Change Password in the side navigation bar. The Change Password window will
open.
4. Type your current password.
5. Type and confirm the new password.
6. Click Save.
Choosing the serial session application
You may specify the application to be used for serial sessions to Rack PDUs.
• Rack Power Manager software Telnet Viewer (Emerson Session Viewer)
• Win32 PuTTY Telnet/SSH application
• Third party application
NOTE: If you use a third party Telnet application, the first time you attempt to launch a session, you will be prompted
to confirm the use of that application.
NOTE: Only the RackPower Manager software Telnet Viewer is supported on Macintosh system clients.
To specify the serial session application:
1. Click the Profile tab.
2. Click Applications in the side navigation bar.
3. Check the checkbox for the application you want to use for serial sessions.
4. If you check 3rd Party Application, enter the path and executable name of the application
(maximum 256 characters) in the Serial Application field.
Specify any of the following parameters (up to 128 characters) in the Command Line
Arguments field. When the serial session is launched, the actual values will be
substituted.
%ADDRESS% - The IP address will be substituted.
%PORT% - The port number will be substituted.
%TNAME% - The target name will be substituted.
If the third party application does not automatically launch a command window, check
the Launch in Command Window checkbox.
Chapter 5: Basic Operations 41
5. Click Save.
Specifying a user certificate
This property may be changed only for internal authentication users. See Rack Power Manager
software internal authentication service on page 82.
A user may specify a certificate if the administrator has allowed it; see the procedure below. If
the system certificate policy is enabled for user certificates (see System certificate policy and
trust store on page 50), the user certificate used at login must meet the policy requirements.
As an alternative, the administrator may specify the certificate in the user account properties.
See User certificates on page 216.
42Rack Power Manager Installer/User Guide
To enable user settable certificates:
NOTE: Only Rack Power Manager software administrators may access this procedure.
1. Check the Allow user to set own certificate checkbox.
2. Click Save.
To specify a user certificate:
NOTE: A user may accessthis procedure only if a Rack Power Manager software administrator has allowed it.
1. Click the Profile tab. Preferences will automatically be selected in the top navigation bar.
2. Click Credentials in the side navigation bar, then click Certificate.
3. Type the path and name of the certificate or browse to the certificate location.
4. Click Save. An updated Certificate window will open.
Specifying an SSH key
A user may specify an SSH key if the administrator has allowed it.
As an alternative to this method, the administrator may specify the SSH key in the user account
properties. See User SSH key on page 216.
To enable user settable SSH keys:
NOTE: Only Rack Power Manager software administrators may access this procedure.
1. Click the System tab.
2. Click Global Properties.
3. Click User Credential Properties in the side navigation bar.
4. Check the Allow user to set own SSH key checkbox.
5. Click Save.
To specify an SSH key:
NOTE: A user may accessthis procedure only if a Rack Power Manager software administrator has enabled it.
1. Click the Profile tab. Preferences will automatically be selected in the top navigation bar.
2. Click Credentials in the side navigation bar, then select SSH Key.
3. Type the 1-256 character name of the file containing the public SSH key that was
generated by a third party key generator or browse to the file location.
4. Click Save. An updated SSH Key window will open. The SSH key file will be uploaded to
the Rack Power Manager server for use in authenticating the user.
Enabling user credential caching
User credential caching provides a single sign-on method for accessing units supported by
certain plug-ins. If enabled, the credentials used to log in to the Rack Power Manager software
are maintained in a secure internal cache. A supported plug-in, such as the Virtualization plugin, can retrieve these credentials to log in to connected units.
To enable user credential caching:
NOTE: Only Rack Power Manager software administrators may access this procedure.
1. Click the System tab.
2. Click User Credential Properties in the side navigation bar.
3. Check the Enable credential caching checkbox.
4. Click Save.
Any currently logged in users must log out and log in again for their credentials to be cached.
Built-in User Groups
Chapter 5: Basic Operations 43
When a user account is added to the Rack Power Manager software system, the user may be
assigned to any of the following built-in user groups:
• Rack Power Manager software administrators
• Appliance administrators
• User administrators
• Auditors
• Users
Table 5.1 lists the operations allowed for the built-in user groups.
Table 5.1: Built-In User Group Allowed Operations
44Rack Power Manager Installer/User Guide
Built -In User Group
Operation
Configure Rack Power
Manager software system-level settings
Add, change, import and
delete RackPower Manager software
Backup and restore the
Rack Power Manager software database
Register a spoke server Yes No No No No
Add, change and delete
units
Add, change and delete
unit groups
Configure access rights Yes Yes Yes No No
Add, change and delete
sites, departments and locations
Soft ware
Administrator
Yes No No No No
Yes Yes No No No
Yes No No No No
Yes No Yes No No
Yes Yes Yes No No
Yes No Yes No No
User Administrator
App liance
Administrator
Aud itors Users
Add, change and delete
external authentication
services
Add, change, delete user
accounts and userdefined user groups
Allevent-related operation
Change your own password
Yes Yes No No No
Yes Yes No No No
Yes No No Yes No
Yes Yes Yes Yes Yes
In addition to the built-in user groups, the Rack Power Manager software supports user-defined
user groups; see Grouping Units on page 177.
Internet Explorer Considerations
When the Internet Explorer web browser is used, specific settings are required to enable the
Rack Power Manager software to operate correctly.
• SSL (Secure Sockets Layer) certificates - Used for secure authentication between the Rack
Power Manager software client and Rack Power Manager software hub server; see
Certificates on page 49.
• ActiveX controls - Used to display Telnet application and serial sessions.
• Security Zones - Used to control the actions that may be performed within Internet
Explorer. For example, the operation of JavaScript, which is used by the Rack Power
Manager software, is dependent on security zone settings.
• Advanced Internet options - Used for miscellaneous settings that enhance the use of the
Rack Power Manager software.
Managing ActiveX®controls
The Rack Power Manager software uses ActiveX controls to provide interactive content for
viewers. (The Emerson Telnet Viewer uses Java; see Java Installation on page 12 for
information.)
Chapter 5: Basic Operations 45
The functionality of the ActiveX controls is determined by the settings for the security zone
being used by the Rack Power Manager software. See Security zones on page 46.
Administrators may prevent users from installing software on their computers. In this case, the
Windows domain administrators may choose to “push” an MSI installer using a Group Policy.
This will silently install the Avocent Session Viewers without requiring the user to install the
software themselves. This will install only the viewers for Internet Explorer. The MSI file is
located on the Rack Power Manager software DVD and in the webapp/applets directory on the
Rack Power Manager server.
To download an ActiveX control on a Rack Power Manager software hub server using
Windows (all operating systems except Windows XP with Service Pack 2):
1. In a Units View window that contains target devices (see Accessing Units View windows
on page 111), click the link in the Action field or select an alternate action, if available.
You can also access a Unit Overview window for a target device and click the icon or
link for the session type.
If this is the first time the ActiveX control has been requested by the Rack Power
Manager software, an Avocent Session Viewer message box will appear, followed by a
Security Warning dialog box.
46Rack Power Manager Installer/User Guide
2. Select Always trust content from Avocent Huntsville Corporation.
3. Click Yes to download the ActiveX control. When the control has been downloaded, a
serial session will start in a Telnet Viewer window.
To download an ActiveX control on a Rack Power Manager software hub server using
Windows XP with Service Pack 2:
1. In a Units View window that contains target devices (see Accessing Units View windows
on page 111), click the link in the Action field or select an alternate action, if available.
You can also access a Unit Overview window for a target device and click the icon or
link for the session type (see Unit Overview Windows on page 116).
If this is the first time the ActiveX control has been requested by the Rack Power
Manager software, an Avocent Session Viewer message box will appear.
2. Click in the top yellow bar. A pop-up menu will appear. Click Install. A Security Warning
dialog box will appear.
3. Click Install to install the ActiveX control.
Security zones
Internet Explorer restricts actions performed by the web browser, based on the security zone
membership of the web site being accessed. Each security zone typically has its own security
restrictions. The following four security zones are available in Internet Explorer:
• Trusted Sites - Web sites contained in the list of trusted sites.
• Restricted Sites - Web sites contained in the list of restricted sites.
• Local Intranet - Web sites accessed using a host name (for example, https://sun-e2-callisto).
• Internet - All other web sites, including those accessed using standard dot notation (for
example, https://10.0.0.1).
By default, the Rack Power Manager software operates correctly in the Internet, Local Intranet
and Trusted Sites security zones when accessing a hub server.
NOTE: A RackPower Manager software hub server installed on a PC running the Windows 2003 Server will not
operate correctly in the Internet securityzone.
The current security zone appears in the lower right corner of the Rack Power Manager
Explorer window.
Chapter 5: Basic Operations 47
To ensure that the Rack Power Manager software works correctly in security zones:
Specify settings for the Local Intranet and Internet security zones. When a Rack Power Manager
software client accesses a hub server using a host name (for example, https://avocent), the Local
Intranet security zone will be used. When a client accesses a hub server using a web address
with periods (for example, https://www.avocent.com), the Internet security zone will be used.
-or-
Add the Rack Power Manager software hub server to the Trusted Sites list. The Rack Power
Manager software client will always connect to the hub server using the Trusted Sites security
zone. The Trusted Sites zone contains very low security settings and ensures successful
communication between the client and the hub server.
To display or change the restrictions of a security zone:
1. In Internet Explorer, select Tools - Internet Options. The Internet Options dialog box
appears.
2. Click the Security tab.
3. Select the security zone you wish to view.
4. Click Custom Level. The Security Settings dialog box appears.
5. Ensure that the following security settings are set to Enabled or Prompt. The Active
Scripting setting should be set to Enabled.
• Download Signed ActiveX Controls
• Run ActiveX Controls and Plug-Ins
• Launching Programs and Files in an IFRAME
• Active Scripting
6. Click OK to save the settings and close the Security Settings dialog box.
7. Click OK to close the Internet Options dialog box.
To add a hub server to the Trusted Sites list:
NOTE: If Trusted Sites security zone settings have been modified from their defaults, ensure that the correct
settingsrequired for the Rack Power Manager software are specified, as indicated above.
1. In Internet Explorer, select Tools - Internet Options. The Internet Options dialog box
appears.
2. Click the Security tab.
3. Click Trusted Sites, then click Sites. The Trusted Sites dialog box appears.
48Rack Power Manager Installer/User Guide
4. Type the web site address, in standard dot notation (xxx.xxx.xxx.xxx), for the Rack Power
Manager software hub server (for example, https://10.0.0.1).
5. Click Add. The web site address will appear in the web sites list box.
6. Ensure that Require server verification (https:) for all sites in this zone is selected.
7. Click OK to save the settings and close the Trusted Sites dialog box.
8. Click OK to close the Internet Options dialog box.
Advanced Internet options
Internet Explorer contains advanced settings that may be specified to enhance use of the Rack
Power Manager software. Changing these settings is not required, but is recommended for
optimum results.
To specify advanced Internet options for the Rack Power Manager software:
1. In Internet Explorer, select Tools - Internet Options. The Internet Options dialog box
appears.
2. Click the Advanced tab.
3. Select the following settings:
• Always send URLs as UTF-8
• Disable script debugging
• Play animations in web pages
• Show pictures
• Print background colors and images
• Use SSL 2.0
• Use SSL 3.0
4. Select Enable Integrated Windows Authentication if the Rack Power Manager software is
using Integrated Windows Authentication. See Integrated Windows Authentication on page
52.
5. Uncheck the following settings:
• Always expand ALT text for images
• Display a notification about every script error
6. Click OK to save the settings and close the dialog box.
Certificates
The Rack Power Manager software system uses certificates to provide secure transactions
between components and to uniquely identify components in the system.
System certificate and SSH key
The Rack Power Manager software system generates and manages a system certificate and SSH
key. The system certificate or SSH key may be exported to a local directory - the certificate’s
public key may then be used to validate the signature of data log files.
To view or export the system certificate or SSH key:
1. Click the System tab.
2. Click Global Properties in the top navigation bar.
3. In the side navigation bar, click X.509 Certificates, and then click System Certificate. The
System Certificate window will open.
4. To export the system certificate in PEM format to a local directory, click Export
Certificate. A pop-up window will open. The content of this window is browserdependent, but it will usually prompt you to confirm the export operation. Confirm or
cancel.
Chapter 5: Basic Operations 49
-or-
To export the SSH key in PUB format to a local directory, click Export SSH Key. A
pop-up window will open. The content of this window is browser-dependent, but it
will usually prompt you to confirm the export operation. Confirm or cancel.
Server certificates
A Rack Power Manager server certificate:
• Uniquely identifies the Rack Power Manager server to Rack Power Manager software
clients connecting to the server using web browsers
• Uniquely identifies the Rack Power Manager server to other Rack Power Manager servers
in the system and provides for secure transactions between them
• Provides for secure transactions between Rack Power Manager software clients and the
Rack Power Manager software server
A Security Alert dialog box may appear if there are server certificate issues. See Server
certificates on page 63 for information about certificate alerts and updating server certificates.
50Rack Power Manager Installer/User Guide
Client certificates
Rack Power Manager software client certificates (also known as user certificates) are used to
authenticate client users during login when the Rack Power Manager software internal
authentication service is configured in their user accounts. See Adding User Accounts on page
211.
To use Rack Power Manager software client certificates for authentication, a Rack Power
Manager software administrator must first enable certificate authentication; see Client session
information on page 69. Once this is enabled, the Rack Power Manager server will prompt the
client web browser to send its user certificates.
The Rack Power Manager software client certificate must first be loaded into the client web
browser and be associated with a user account. There are two ways to do this:
• The certificate location can be specified in a user account - see User certificates on page
216
• The Rack Power Manager software administrator may enable user-settable certificates, then
the user may specify the certificate location - see Specifying a user certificate on page 41
If the system certificate policy (see below) is enabled for user certificates, the certificate used at
login must meet the policy requirements.
Managed appliance certificates
Certificates are also used for authenticating and authorizing managed appliance sessions when a
managed appliance is added in secure mode. See Adding Units on page 119.
System certificate policy and trust store
Rack Power Manager software administrators may configure the certificate policy by
enabling/disabling settings. The trust store contains a list of all trusted certificate authorities
known to the Rack Power Manager software. You may add, remove or modify the location of
trust store entries.
To configure certificate policy settings:
1. Click the System tab.
2. Click Global Properties in the top navigation bar.
3. Click X.509 Certificates in the side navigation bar. The System Certificate Policy window
will open.
4. Enable/disable checkboxes or select values as indicated for each setting.
Table 5.2: System Certificate Policy
Feature Value when enabled
Chain Building
Chapter 5: Basic Operations 51
Authority Info Access (AIA)
Max chain length
Chain Validation
Partial chains
Usage flags
Validity period
Verify signatures The signatures within the certificate chain are checked for validity.
Certificate Revocation Lists (CRL)
CRL checks
Distribution points CRLs may be located using the distribution point certificate extension.
Reject on error
Permits the Rack Power Manager software to use the AIA certificate
extension to locate a certificate’s issuer.
Maximum allowable number of certificates (inclusive) between the leaf
certificate and a trusted certificate. Valid range is 1-16.
Allowspartial chains. (If disabled, partial chainswillbe considered
invalid, even ifthe chain contains a trusted certificate.
A certificate may be used only for the reasons dictated in the certificate.
For example, a certificate must be flagged asCA (Certificate Authority)
to be considered a valid certificate issuer.
The current date and time on the server must be within the window on
each certificate in the chain.
If CRLs are available, they are checked to determine a certificate’s
revocation status.
The Rack Power Manager software willreject a certificate chain if a
CRL isspecified (either in the certificate or the RackPower Manager
trust store) and it cannot be read or isinvalid.
Secure Sockets Layer (SSL)
Name verification Outbound SSL connections will verify server names.
Subject alternative names
User Certificates
Verify using trust store
The server names may match the certificate common name or one of
the subject alternative names.
User certificates presented to the Rack Power Manager software are
verified using the System Trust Store.
5. Click Save.
52Rack Power Manager Installer/User Guide
To display and manage the trust store:
1. Click the System tab.
2. Click Global Properties in the top navigation bar.
3. In the side navigation bar, click X.509 Certificates, and then click Trust Store. The System
Trust Store window will open, listing all trusted certificate authorities known to the Rack
Power Manager software. By default, the list contains the standard CAs from Java.
4. To view or change information about a certificate, click on its name. The System Trust
Store Entry window will open. You may change the CRL Location, which indicates where
the CRL should be obtained for that CA. If you change the location, click Save. Then click
Close.
5. To delete one or more certificates:
a. Click the checkbox to the left of the certificate name. To delete all certificates on the
page, click the checkbox to the left of Name at the top of the list.
b. Click Delete.
c. You are prompted to confirm the deletion. Confirm or cancel the deletion.
6. To add a certificate:
a. Click Add. The New System Trust Store Entry window will open.
b. In the Certificate File field, enter the name of the file containing the X.509 certificate
to upload into the trust store. The file may be binary or Base64 encoded.
c. In the CRL Location field, you may enter the location of the CRL for the uploaded
certificate (maximum 256 characters). The supported protocols are http://and ldap://.
d. Click Add.
Integrated Windows Authentication
The Rack Power Manager management software allows Rack Power Manager software clients
to authenticate against Microsoft Windows NT domain and Microsoft Active Directory external
authentication servers using Integrated Windows Authentication. This feature allows Single
Sign-On (SSO) and is disabled by default. When running Windows Server 2003 or 2008 with
Kerberos and NTLM authentication protocols, SSO is supported but it must first be configured
in the web browser and AD server; see the documentation included with your browser and AD
server or contact an Avocent technical support representative for assistance.
NOTE: When accessing the RackPower Manager client using Integrated Windows Authentication, the browser
URL must include the RackPower Manager intranet name.
To use Integrated Windows Authentication for authentication, a Rack Power Manager software
administrator must first enable it. See Client session information on page 69.
Firewalls
In a typical network configuration, as shown in Figure 5.1, the Rack Power Manager software
client is located outside of the firewall and the Rack Power Manager server and managed
appliances reside inside the firewall. In this case, the firewall must be configured to allow two
TCP/IP ports inside the firewall.
One TCP port (default=443) is used for the HTTPS web browser connection between the Rack
Power Manager software client and the Rack Power Manager server. The other TCP port
(default=1078) is used for the Emerson Proxy Protocol to tunnel video and Telnet traffic. Both
ports are configurable.
If you are using the Rack Power Manager management software through a firewall, we
recommend the following:
• Place the Rack Power Manager server and all managed appliances within the same firewall
Demilitarized Zone (DMZ). If the managed appliances are not in the same DMZ with the
Rack Power Manager server, you must configure the firewall so all data may pass between
the zones using TCP/IP ports 22 (SSH), 3211, 2068, 8192 and 3871. You must also
configure the User Datagram Protocol (UDP) port 3211 so it may pass through the firewall
for initial network discovery of appliances that do not have an IP address.
Chapter 5: Basic Operations 53
54Rack Power Manager Installer/User Guide
Figure 5.1: Typical Rack Power Manag er Software System F irewall Co nfiguration
Table 5.3: Typical Rack Power Manager Software System Firewall Configu ration Descriptions
VPNs
Number Description Number Description
1 Rack Power Manager Software Client 5 Rack Power Manager Server
2 HTT PS 6 Proxy
3 Proxy 7 KVM Switch or Serial Console Appliance
4 Firewall 8 Target Devices
A Virtual Private Network (VPN) is a secure network that uses public infrastructure and
typically includes several Wide Area Network (WAN) components that may impact
performance of the VPN.
Typically, two sites are connected in a VPN network using WANs and a router. This setup
provides a secure network between the two sites, but processing is slow.
Chapter 5: Basic Operations 55
Several factors related to the network setup, including the Rack Power Manager software
database replication schedule and methods of device access, can affect the speed of a multi-site
VPN network. The trade-off must be made based on the network setup.
Frequent replication of the Rack Power Manager software database will increase WAN/VPN
traffic but provide steady data reception at the local sites. Infrequent database replication made
at the various sites decreases the WAN/VPN traffic but delays the reception of changes at the
local site.
In addition, the methods used to access devices affects network speed. VPN access of a
managed appliance is always slower than local access.
The Rack Power Manager management software supports VPNs that provide full transparency
for IP addresses, as well as ports between sites and many VPNs that perform network address
translation (NAT) between sites. For example, the VPN in Figure 5.2 could use NAT if Site A
and Site B are separate companies that merged but have not resolved their IP addresses. See
NAT Devices on page 56.
Figure 5.2: Rack Power Manager Software Syst em on a VPN
Table 5.4: Typical Rack Power Manager Software System Firewall Configu ration Descriptions
Number Description Number Description
1 Rack Power Manager Software Client 7 Replication
2 Firewall 8 VPN
56Rack Power Manager Installer/User Guide
Number Description Number Description
3 Site A 9 Rack Power Manager Software Client
4 Target Devices 10 Site B
5 Hub Server 11 Target Devices
6 Spoke Server
NAT Devices
NAT devices enable a company to use more internal IP addresses than they have assigned to
managed appliances. The IP addresses are not exposed outside of the NAT device.
NAT devices are typically used with a DSL broadband router. A Rack Power Manager software
client is connected to the NAT device, as shown in Figure 1.6, which then connects to the
corporate network using a VPN.
Figure 5.3: Single NAT Configuration (Clien t Only)
Table 5.5: Single NAT Con figuration (Client Only) Descriptio ns
Number Description Number Description
1 Rack Power Manager Software Client 7 Firewall
2 Private 8 Private
3 NAT Device 9 Rack Power Manager Server
Chapter 5: Basic Operations 57
Number Description Number Description
4 Client 10 Managed Appliance
5 Public 11 Corporate
6 VPN
Another scenario, shown in Figure 5.4, is when the corporate site also uses a NAT device to
save IP addresses (double-NAT). Since the Rack Power Manager software client is trying to
access a private resource inside the corporate site, the TCP/IP ports used for HTTPS and the
proxy server must be configured to be exposed on the corporate NAT device.
Figure 5.4: Double-NAT Co nfiguration (Client an d Corporate)
Table 5.6: Double-NAT Config uration (Client and Corporate) Descriptions
Number Description Number Description
1 Rack Power Manager Software Client 5 Rack Power Manager Server
2 Public 6 NAT Device
3 Private 7 Managed Appliance
4 Firewall 8 Corporate
58Rack Power Manager Installer/User Guide
NOTE: NAT devicesmay not be connected between the Rack Power Manager server and any managed
appliances.
Licenses
License keys permit the operation of the Rack Power Manager software on the hub server. They
also specify the number of managed devices that may be controlled by the software and spoke
servers allowed on a system. If a managed device is available through multiple connection
methods, the managed device requires only one license as long as it is merged into a single
connection in the Rack Power Manager software.
Licenses may also be required to enable additional features. See Table 5.7 for more information.
A demonstration (demo) license key may also be used for a trial period. When the trial elapses,
login attempts will fail. A demo license key may be replaced with another demo license key or
a permanent license. If additional license keys are added during the trial and the demo key
expires, the add-on keys will have to be re-entered when a new license key is installed.
To display license information:
1. Click the System tab.
2. Click Licenses in the top navigation bar.
3. Click Summary in the side navigation bar. The License Summary window will open. Table
5.7 describes the window fields.
Table 5.7: License Summary Fields
Section Field Description
Installation Key or
Demo InstallKey
Client Server
Data Logging Sessions
Plug-ins
Serial Number
Curr ently in
Use
Licensed Total number of licensesfor data logging.
Curr ently in
Use
Licensed Total number of license IDs for plug-ins.
Curr ently In
Use
Serial number encoded in the license key for the RackPower Manager software hub.
The total number of licensesfor client servers that can be added to
and managed by the Rack Power Manager system.
Number of licenses for data logging currently in use.
Number of license IDs for plug-ins currently in use.
Section Field Description
Chapter 5: Basic Operations 59
Licensed
Auditor Appliances
Curr ently in
Use
Web Services API Licensed
DS Zones Licensed Total number of DS zones that can be created.
PDU Count Licensed Total number of PDUs that can be added.
Total number of Auditor appliances licensed to be added as managed appliances.
Number of Auditor appliance licenses currently enabled.
Status of the Web Services API licensing; maybe enabled or disabled. For more information, see the RackPower Manager SDK
GUI Access API and Web Services API Installer/User Guide.
To display license keys:
1. Click the System tab.
2. Click Licenses in the top navigation bar.
3. Click License Keys in the side navigation bar. The License Keys window will open and list
each installed license key and a description of the key. One of the following descriptions
will display beside each key:
• Adds <number> Backup Server(s) - Adds <N> backup (spoke) Rack Power Manager
servers.
• Adds <number> Backup Server(s) and Unlimited Client Sessions - Combines the keys
for Adds <N> Backup Server(s) and Client Session Site License.
• Installation Key - Enables first use of the Rack Power Manager software and sets the
initial number of backup Rack Power Manager servers.
• Demo License Key - Enables first use of the Rack Power Manager software for a
certain period of time.
• Add <number> Managed Devices - Increases the number of licensed managed devices.
• Add <number> Power Strips - Increases the number of power strip devices.
• Add <number> Auditor Appliance - Increases the number of auditor appliances that
can be added.
60Rack Power Manager Installer/User Guide
Adding a new license key
To add a new license key:
1. Click the System tab.
2. Click Licenses in the top navigation bar.
3. Click License Keys in the side navigation bar. The License Keys window will open.
4. Click Add. The Add License Key window will open.
5. Type a valid new add-on license key in the License Key field.
6. Click Save. The License Keys window opens, containing a new row with the new license
key.
System Information
The System Information window displays the total number of client sessions in use and the
Rack Power Manager software version currently installed.
To view system information:
1. Click the System tab.
2. Click Global Properties in the top navigation bar.
3. Click System Information in the side navigation bar. The System Information window
opens.
Rack Power Manager Servers
6
This chapter describes how to configure Rack Power Manager server properties, backup and
restore hub servers and manage spoke servers.
Server Properties
Table 6.1 lists the Rack Power Manager server properties.
Table 6.1: Server Properties
Property Description
Identity Name of the Rack Power Manager server and the server’s role (hub or spoke).
61
Network
IP addr ess (*) and port used byclients to access the server using the HTTPS (SSL) protocol.
You may change the port number used for the HTTPS connection.
NOTE: When the RackPower Manager server is running on a Linux system, the IP
address field maycontain the loopback address. If this is not desired, edit the /etc/hosts file
on the Linux system. Add a new line above the line that definesthe loopback address.The
new line should contain the IP address, followed bythe host name. For example, the following new line adds the IP addr ess 172.30.20.206 for the host name sun-jcv-fc3.avocent.com, above the existing line that definesthe loopback address(127.0.0.1) .
- 172.30.20.206 sun-jcv-fc3.avocent.com
- 127.0.0.1 localhost.localdomain sun-jcv-fc3.avocent.com localhost sun-jcv-fc3
Rack Power Manager server certificate presented to Rack Power Manager software client
web browsers.
62Rack Power Manager Installer/User Guide
Property Description
When the Avocent proxyserver is used, RackPower Manager software client KVM and
serial session requests are sent through the Rack Power Manager server rather than dir-
Proxy Server
SSH Server Enables/disables the SSH server and specifiesthe port it uses.
Trap Destinations
ectlyto the KVM switch or serial console appliance, which prevents the exposure of the
internal address of the managed appliance. You may change the proxy server configuration.
EVR1500 environmentalmonitor, DSI5100 IPMI and genericappliancesessions are not
sent through the Rack Power Manager server, even when the pr oxy is enabled.
The Rack Power Manager server polls KVM switches or serial console appliances to determine if theyare responding. If the managed appliance does not respond, the RackPower Manager server sends an SNMP LossOf Communication (LCM) trap or alert to the external
SNMP manager. When the RackPower Manager server detects that the appliance is once
again communicating, a Regained Communication (RCM) trap issent from the Rack Power
Manager software server. When a response change occurs during communication between
the RackPower Manager server and amanaged appliance, the Rack Power Manager software writes the event to the event log and sendsan SNMP trap to the configured trap destinations. Trap destinations may also be specified by clicking on a managed appliance and
changing the SNMP appliance settings.
Rack Power Manager Client Sessions
Rack Power Manager Modem Session
Email
Unit Status
Polling
Spoke Servers Enables you to manage the Rack Power Manager software spoke servers in your system.
Data Logging Settings for data log file location, ar chiving and Syslog server.
Settings for inactivitytime-out, authentication policy, Single Sign-On (SSO) for the session or
restrictions to use specificIP addresses to start the sessions. Also displayed the number of client sessions curr ently in use.
Settings for dial-up sessions, including inactivity time-out, time to wait for a connection and
dial-back number.
IP addr ess of the SMTP (Simple Mail Transfer Protocol) server that is used bythe Rack
Power Manager software to send emailnotifications.
Enables/disables unit status polling for the RackPower Manager server, and specifies the
delay between polling cycles and the number of managed appliances that willbe concurrently polled.
To display server properties:
Click the System tab. Rack Power Manager Server will automatically be selected in the top
navigation bar and Identity will automatically be selected in the side navigation bar. The Rack
Power Manager Server Identity Properties window will open. The top of the side navigation bar
will indicate the name of the Rack Power Manager software server.
Chapter 6: Rack Power Manager Servers 63
To change server network properties:
1. Click the System tab.
2. Click Network in the side navigation bar. The Rack Power Manager Server Network
Properties window will open.
3. Type a new Rack Power Manager server port number in the HTTPS Port field.
If the default value (443) is modified, the port number in the URL must be specified
when accessing the Rack Power Manager software. For example, if the IP address of
the hub server is 10.0.0.1 and the port number is changed to 444,
https://10.0.0.1:444/Rack Power Manager must be typed in the Address field of the
web browser to access the Rack Power Manager software.
The selected port must be available on the Rack Power Manager server. If Rack Power
Manager software clients are located on an external connection, the specified port must
be open on the firewall.
4. Click Save. A confirmation dialog box will appear.
A web browser error message will appear when Save is clicked. This error message is a
normal occurrence. To reestablish connection to the Rack Power Manager software,
you must reconnect to the hub server by typing the URL with the new port number.
For example, if you changed the port number to 334 for a hub server with an IP
address of 10.0.0.1, type https://10.0.0.1:334/Rack Power Manager to access the Rack
Power Manager management software.
5. Confirm or cancel the change.
Server certificates
Rack Power Manager software administrators manage server certificates. See Certificates on
page 49 for a description of certificate types and procedures to manage certificate policy and
the system trust store.
Security alerts
The Rack Power Manager software uses SSL (Secure Sockets Layer) to securely communicate
between the Rack Power Manager software hub server and Rack Power Manager software
clients. SSL provides secure authentication using certificates, which is data that identifies the
PC with which communication will occur. A certificate is typically verified by another
certificate from a trusted certificate authority.
When the Rack Power Manager software is initially installed, it generates a self-signed
certificate for use with Rack Power Manager software clients. To replace this, a Rack Power
64Rack Power Manager Installer/User Guide
Manager software administrator may create a Certificate Signing Request (CSR) to submit to a
trusted third party Certificate Authority (CA) for signature. The administrator may then replace
the generated certificate with the new one. If the generated certificate is not replaced, the web
browser will prompt a user whether to trust the generated certificate when a Rack Power
Manager software client session is started.
Three tests are performed on a certificate each time a Rack Power Manager software client
connects to the Rack Power Manager software hub server:
• Does the client web browser trust the certificate issuer?
• Has the certificate expired?
• Does the name on the Rack Power Manager server certificate match the name the Rack
Power Manager software client used to access the Rack Power Manager server?
A Security Alert dialog box will appear if the answer to any of the three questions is No. To
prevent the Security Alert message box from appearing when you connect to a the Rack Power
Manager software hub server, all three questions must be answered Yes. When a Security Alert
dialog box appears, you have the following choices:
• If you click Yes, a connection will be made with the Rack Power Manager software hub
server and the Rack Power Manager software login window will appear, but the Security
Alert dialog box will continue to appear each time you connect to the hub server.
• If you click No, a connection will not be made with the Rack Power Manager software hub
server.
• If you click View Certificate, you may install the certificate; see below.
To correct certificate security alerts for client and hub server connections:
1. From the Rack Power Manager software client, open a client session; see Opening a client
session on page 10. The Security Alert dialog box will appear.
2. Click View Certificate. The Certificate dialog box will appear.
3. Click Install Certificate. See the Internet Explorer documentation for more information.
4. Once the certificate is installed, ensure that the time setting on the Rack Power Manager
software client PC is within the Valid from...to dates and that the Issued to and Issued by
fields exactly match.
Invalid to...from dates typically occur when the Rack Power Manager software is
installed on a server that is set to an invalid time. When a Rack Power Manager
software client that is set to a valid time connects to the Rack Power Manager server
Chapter 6: Rack Power Manager Servers 65
that is set to an invalid time, the following warning will appear in the Security Alert
dialog box: “The security certificate date is invalid.”
Serial session security alerts
The Serial Session Viewer, which is used during a serial session, is a Java-based applet. Three
certificate tests are performed by Java when the Rack Power Manager software connects to a
serial device:
• Does the serial device trust the certificate issuer?
• Has the certificate expired?
• Does the name on the serial device certificate match the name of the Rack Power Manager
software hub server certificate?
A warning dialog box will appear if the answer to all three questions is No. To prevent this
warning dialog box from appearing when you connect to a serial device, all three questions
must be answered Yes.
To correct certificate security alerts when connecting to a serial session:
1. In a Units View window that contains serial console appliance target devices (see
Accessing Units View windows on page 111), click the Serial Session link in the Action
field.
You can also access a Unit Overview window for a target device and click the Serial
Session icon or link for the session type (see Unit Overview Windows on page 116).
2. If the certificate is trusted and has not expired, but there is a mismatch of the name on the
Rack Power Manager software client certificate and the name on the Rack Power Manager
software hub server certificate, a Warning - HTTPS dialog box will appear. Contact the
issuer of your certificate.
3. When a Warning - Security dialog box appears, you have the following choices:
• If you click Yes, a connection will be made with the appliance and the viewer will
open, but the warning dialog box will continue to appear each time you connect to the
serial console appliance.
• If you click No, a connection will not be made with the serial console appliance.
• If you click Always, the certificate will be added to the Java certificate store.
To create a CSR:
1. Click the System tab.
66Rack Power Manager Installer/User Guide
2. Click Certificate in the side navigation bar. The RPM Server Certificate Properties window
will open.
3. Click Get CSR. A File Download dialog box will appear.
4. Click Open. The CSR is downloaded and displays in the configured text editor.
-or-
Click Save. The Save As dialog box will appear. Select a directory and filename and
click Save to save the CSR.
5. Submit the CSR generated request to a CA to obtain a signed server certificate.
6. Update the Rack Power Manager server to use the certificate created by the CA.
To update certificate information on the Rack Power Manager server:
NOTE: You may also update a spoke server certificate on a hub server and update a hub server certificate on a
spoke server; see Managing hub and spoke server certificates on page 67.
1. Click the System tab.
2. Click Certificate in the side navigation bar. The RPM Server Certificate Properties window
will appear.
3. Click Update. The Update RPM Server Certificate Wizard will appear.
4. The Select Operation to Perform window will open.
• Select Create a new self-signed SSL server certificate to create a minimal security SSL
certificate without incurring the costs and overhead involved with a Certificate
Authority (CA). Click Next, then go to step 5.
• Select Import a signed SSL server certificate to import a more secure SSL certificate
that has been approved (perhaps by a CA). The public key of the imported certificate
must match the public key in the certificate that the Rack Power Manager server is
currently using. This requires that both certificates be made on the same Rack Power
Manager server. Click Next, then go to step 6.
5. The Type in Certificate Information window will open.
a. Type the name of the computer that will serve as the Rack Power Manager server on
your intranet in the Common Name field. If the Rack Power Manager server is outside
the intranet, type the server’s full domain name in dot notation format
(xxx.xxx.xxx.xxx).
b. Type the name of the organization (or country).
Chapter 6: Rack Power Manager Servers 67
c. Type the name of the organizational division or name under which the organization is
doing business.
d. Type the complete city or location name. The City or Location field is required for
organizations registered only at the local level.
e. Type the complete name of the state or province where the organization is located.
f. Type the two-character ISO country code for the country where the organization is
located.
g. Click Next. Go to step 7.
6. The Select Certificate to Import window will open.
Type the full directory and filename for the SSL certificate file you wish to import to
the Rack Power Manager server or browse to the file location.
The name of the SSL certificate file must be entered in case sensitive text if your
operating system supports case sensitive filenames.
Imported certificates must have been generated from a CSR created on the same Rack
Power Manager server to which you are importing the certificate.
h. Click Next.
7. The Completed Successful window will open.
8. Click Finish. The RPM Server Certificate Properties window will open, containing updated
certificate information.
Managing hub and spoke server certificates
When a spoke server is registered with a hub server, a certificate trust relationship is established
between the two servers. Certificate information must match on the hub server and the spoke
servers for communication to take place between the servers. If the spoke server certificate is
subsequently changed, a certificate mismatch will occur.
To update the certificate of a spoke server on the hub server:
NOTE: Cer tificates may only be viewed byRack Power Manager software administrator s and user administrators.
1. On the hub server, click the System tab. RPM Server will automatically be selected in the
top navigation bar and the name of the Rack Power Manager software hub server will
appear at the top of the side navigation bar.
2. Click Spoke Servers in the side navigation bar. The Spoke Servers window will open.
68Rack Power Manager Installer/User Guide
3. In the Spoke Servers window, click Certificate. The Spoke Server Certificate window will
open including information about the spoke server certificate (Actual Certificate) and the
certificate registered for this spoke server on the hub server (Registered Certificate).
4. The window displays the certificate on the spoke server and the certificate registered on the
hub server.
If the Rack Power Manager management software cannot obtain the certificate
information from the spoke server, a message will appear at the bottom of the RPM
Server Certificate - Spoke Server window. The message states: Remote server is not
responding. Information displayed may not match remote side.
• If the certificate information does not match, go to step 5.
• If the certificate information matches, go to step 6.
5. Click Update. The spoke server certificate information will be updated on the hub server.
6. Click Close. The Spoke Servers window will open.
To update the certificate of a hub server on a spoke server:
1. On the spoke server, click the System tab. RPM Server will automatically be selected in the
top navigation bar and the name of the spoke server will appear at the top of the side
navigation bar.
2. Click Hub Server in the side navigation bar. The Hub Server window will open.
3. In the Hub Server window, click Certificate. The Hub Server Certificate window will open
including information about the spoke server certificate (Actual Certificate) and the
certificate registered for this spoke server on the hub server (Registered Certificate).
If the Rack Power Manager software cannot obtain the certificate information from the
hub server, a message will appear at the bottom of the RPM Server Certificate - Hub
Server window. The message states: Remote server is not responding. Information
displayed may not match remote side.
If the certificate information does not match, go to step 4.
4. Click Update. The hub server certificate information will be updated on the spoke server.
Server trap destinations
To specify trap destinations:
1. Click the System tab.
2. Click Trap Destinations in the side navigation bar. The RPM Server Trap Destinations
window will open.
3. In each address field, type the IP addresses in standard dot notation (xxx.xxx.xxx.xxx) or
the domain name for the computer that handles traps. Up to four computers may be
specified.
4. Click Save to store the trap information in the Rack Power Manager software database on
the host.
Client session information
To specify client session information:
1. Click the System tab.
2. Click RPM Client Sessions in the side navigation bar. The RPM Server Client Session
Properties window opens. The number of client sessions currently in use is displayed.
3. Use the arrows to specify a time-out value (from 5-60 minutes) for inactivity of a Rack
Power Manager user client session. The default is 15 minutes. When the time-out value has
been exceeded, the session will end and the user must log in again.
4. Check the Enable certificate authentication checkbox to allow the Rack Power Manager
software to automatically log in internal users if the user certificate (X.509 digital ID)
installed in the Rack Power Manager software client web browser matches the certificate
configured for the user. Certificates for users may be modified. See User certificates on
page 216.
Chapter 6: Rack Power Manager Servers 69
Web browser settings may need to be modified to allow users to automatically log in
using certificates; see your web browser documentation.
-or-
Check the Enable Integrated Windows®Authentication checkbox to automatically log
a user into the Rack Power Manager software using the Windows user’s computer
credentials.
Web browser settings may need to be modified to allow users to automatically log in
using Integrated Windows Authentication; see your web browser documentation.
5. To enable only Rack Power Manager software clients with IP addresses entered in the
Address List to communicate with managed appliances, check the Restrict by address
range checkbox. To disable address restrictions for logging into the Rack Power Manager
software, uncheck this checkbox.
6. Enable or disable Allow login when user is a member of more than one authentication
service as desired. The preset value is disabled. When enabled, if a user belongs to multiple
authentication services, the Rack Power Manager server uses the first authentication service
70Rack Power Manager Installer/User Guide
found to log the user in. When disabled, if a user belongs to multiple authentication
services, the attempt to log in to the Rack Power Manager software fails.
When enabled, if a user has different access rights within each authentication service
he belongs to, the user is granted access rights based on the first authentication service
found by the Rack Power Manager server. In this case, a user may be granted different
access rights at different login times.
NOTE: The Allow login when user is a member of more than one authentication service setting doesnot replicate to
spoke servers. It is recommended that you uniformly enable or disable this setting on each Rack Power Manager
hub and spoke server.
7. Click Save to store client session information in the Rack Power Manager software
database on the host.
To specify email properties:
1. Click the System tab.
2. Click Email in the side navigation bar. The RPM Server Email Server Properties window
will open.
3. Type a new address for the SMTP server that sends email notifications as a domain name or
an IP address in standard dot notation (xxx.xxx.xxx.xxx).
4. If your SMTP server requires login credentials, select Login required to access SMTP server
and type a username and password, then confirm the password.
5. Click Save to store Rack Power Manager software email property information in the Rack
Power Manager software database on the host.
Unit status polling
To use unit status polling:
1. Click the System tab.
2. Click Unit Status Polling in the side navigation bar. The RPM Server Unit Status Polling
Properties window will open.
3. Select Enable unit status polling.
4. Type the number of seconds to wait between polling cycles (from 30-999 seconds). The
default is 900 seconds (15 minutes). A smaller value results in greater accuracy.
5. Type the number of managed appliances that may simultaneously be polled to obtain status
information (from 1-25 units). The default is 5. A larger number results in faster speed.
Chapter 6: Rack Power Manager Servers 71
6. Click Save to store unit status information in the Rack Power Manager software database
on the host.
Backing up and Restoring Hub Servers Manually
You may manually create a backup of your hub server. Two methods are available:
• From a command line in an MS-DOS window. This method may be used for Rack Power
Manager software hub servers on supported Windows or Linux systems.
• Using the Backup and Restore Utility delivered with the Rack Power Manager software.
The backup is saved as a .zip file containing the files needed to restore the Rack Power
Manager management software. This method may be used for Rack Power Manager
software hub servers on supported Windows systems only.
Client sessions will be temporarily disconnected during a manual backup. The sessions will be
automatically reconnected when the backup is completed.
Hub server backups may also be automatically created as a task within the Rack Power
Manager software. If you use the Backup RPM database and system files task, client sessions
will not be temporarily disconnected. See Task: Backup Rack Power Manager software
database and system files on page 265.
Manual backup and restore procedures require Rack Power Manager software administrator
privileges.
To manually backup or restore a hub server using a command line on a supported
Windows system:
1. In the Start menu on your desktop, select Start - Programs - Accessories - Command
Prompt. A command prompt window will open.
2. Change directories to the directory in which the Rack Power Manager software is installed
(typically C:\Program Files\Emerson\RPM1.0\bin).
3. Enter RPMBackupRestore to display the Rack Power Manager Backup/Restore Utility
dialog box. Follow the directions in To manually back up a hub server using the Backup
and Restore Utility dialog box to back up the hub server using the dialog box or To
manually restore a hub server using the Backup and Restore Utility dialog box to restore
the hub server using the dialog box. (These procedures are described later in this section.)
-or-
To backup the Rack Power Manager software hub server, enter RPMBackupRestore -
backup -archive “<archive name>” -passwd <password>.
-or-
72Rack Power Manager Installer/User Guide
To restore the Rack Power Manager software hub server, enter RPMBackupRestore -
restore -archive “<archive name>” -passwd <password>.
“<archive name>” - Name of the archive, which must be enclosed by
quotation marks (for example, “myarchive”). The -archive option and an
archive name are required.
<password> - A password that encrypts the archive. The password is optional
when creating a backup. If a password is specified when creating the backup,
it will be required when restoring the backup.
To display help information, type RPMBackupRestore -horRPMBackupRestore -help.
For example, entering the following in a command prompt window will create a backup named
db.zip with the password test.
RPMBackupRestore.exe -backup -archive “db.zip” -passwd test
Entering the following in a command prompt window will restore a backup named db.zip with
the password test.
RPMBackupRestore.exe -restore -archive “db.zip” -passwd test
To manually backup or restore a hub server using a command line on a supported
Linux system:
1. Access the command prompt on your system.
2. Change directories to the directory where the Rack Power Manager software is installed,
which is typically /usr/local/RPMserver/bin.
3. To backup the Rack Power Manager software hub server, enter RPMBackupRestore.sh -
backup -archive <archive name> -passwd <password> -overwrite.
4. To restore the Rack Power Manager software hub server, enter RPMBackupRestore.sh -
restore -archive <archive name> -passwd <password>.
<archive name> - Name of the archive. The -archive option and an archive
name are required.
<password> - A password that encrypts the archive. The password is optional
when creating a backup. If a password is specified when creating the backup,
it will be required when restoring the backup.
-overwrite - Enables overwriting of an existing archive during backup. If this
parameter is omitted, no overwriting will occur.
To display help information, type RPMBackupRestore.sh -help.
Chapter 6: Rack Power Manager Servers 73
For example, entering the following in a command prompt window will create a backup named
dbasebackup.zip with the password test1.
RPMBackupRestore.sh backup -archive dbasebackup.zip -passwd test1
Entering the following in a command prompt window will restore a backup named
dbasebackup.zip with the password test1.
RPMBackupRestore.sh restore -archive dbasebackup.zip -passwd test1
To manually back up a hub server using the Backup and Restore Utility dialog box
on a supported Windows system:
1. In the Start menu on your desktop, select Start - Programs - Emerson Rack Power Manager
- Backup and Restore Utility. The Rack Power Manager Backup/Restore Utility dialog box
will appear.
2. Click Backup Database to a file.
3. To password-protect the backup file, click Enabled and type a password in the Password
field.
4. Click Browse and use the Save As dialog box to specify a directory and name for the
backup file. Click Save when you are finished.
5. Click Backup. The Rack Power Manager software system backup files are saved.
6. Click Close to close the Rack Power Manager Backup/Restore Utility dialog box.
To manually restore a hub server using the Backup and Restore Utility on a
supported Windows system:
1. In the Start menu on your desktop, select Start - Programs - Emerson Rack Power Manager
- Backup and Restore Utility. The Rack Power Manager Backup/Restore Utility dialog box
will appear.
2. From the Rack Power Manager Backup/Restore Utility dialog box, click Restore the
database from a file.
3. If the backup file is password-protected, click Enabled and type its password in the
Password field.
4. Click Browse and use the Save As dialog box to find the backup file.
5. Click Restore. The Rack Power Manager software system is restored from the backup files.
6. Click Close to close the Rack Power Manager Backup/Restore Utility dialog box.
74Rack Power Manager Installer/User Guide
Spoke Servers
Information on the hub server is replicated on one or more spoke servers. Information about
each spoke server, such as IP address, port number and certificate, is stored in the hub server’s
database.
You may specify up to 15 computers as spoke servers. Contact Avocent for information about
spoke server licenses. To install licenses, see Licenses on page 58.
A spoke server may be created by:
• Specifying a spoke server when installing the Rack Power Manager software.
• Converting a hub server to a spoke server by registering it as a spoke to another Rack
Power Manager software hub server. The Rack Power Manager software system data on the
hub server being converted will be lost and the converted hub server will replicate the data
of the new specified hub server.
You may also change the properties of a spoke server or remove spoke servers from your
system.
To display a list of spoke servers:
NOTE: The Spoke Servers window isonly available on the hub server.
1. Click the System tab.
2. Click RPM Server in the top navigation bar. The side navigation bar will include the name
of the server to which you are logged in.
3. Click Properties in the side navigation bar, and then click Spoke Servers. The Spoke
Servers window will open.
You may change the fields that display by using the Customize link. See Using the
Customize link in windows on page 30.
Each spoke server in the list includes status.
Table 6.2: Rack Power Manager Software Spoke Server Status
Statu s Cause
Responding
Normal operation. The hub and spoke servers are communicating with each other using
HTT PS.
Statu s Cause
The hub and spoke servers cannot communicate with each other using HTTPS. Thistyp-
Not responding
ically indicatesa network communication error. Ensure that network connectivityisoccurring between the two servers.
Chapter 6: Rack Power Manager Servers 75
Hub/Spoke Versions
Not Compatible
Certificates Do Not
Match
InvalidServer or VersionsNot Compatible
The versionsof RackPower Manager software on the hub and spoke servers are not
compatible.
Certificates on the hub server and spoke servers do not match. See Managing hub and
spoke server certificates on page 67 for information about updating the server certificates so that they will match.
A server responded, but it is not compatible with the RackPower Manager software.
This typically occurs when communication is attempted with a server that does not contain the software, or if either server contains an older version of the software. Ensure
that both servers are running the same Rack Power Manager software version.
To add a spoke server:
1. Install the Rack Power Manager software on the computer that will be used as a spoke
server. See Installing the Rack Power Manager Software on page 6.
2. Configure the computer as a spoke server. See Configuring the Rack Power Manager
Software on page 8.
To register a hub server as a spoke server:
Only Rack Power Manager software administrators may access this procedure.
NOTE: When registering a hub server as a spokeserver on another Rack Power Manager software system, the
information on the hub server being registered willbe lost. Itsdatabase will be updated to match the new hub server
to which it is being registered.
1. Click the System tab.
2. Click RPM Server in the top navigation bar. The side navigation bar will include the name
of the server to which you are logged in.
3. Select Tools in the side navigation bar. The RPM Server Tools window will open.
4. Click the Register as Spoke Server icon or text. The Register Spoke Server Wizard will
appear.
5. The Type in Hub RPM Server Address window will open.
a. Type the IP address of the hub server in standard dot notation (xxx.xxx.xxx.xxx) or the
domain name of the hub server.
76Rack Power Manager Installer/User Guide
b. Type the port number for the hub server.
If the default hub server port value (443) is modified, you must specify it
when registering a spoke server so that register requests will be sent to the
correct port on the hub server. For example, if the IP address of the hub server
is 10.0.0.1 and the port number is changed to 444, type
https://10.0.0.1:444/RPM in the Address field of the Register Spoke Server
Wizard.
c. Click Next.
6. The Operation in Progress window will open briefly, followed by the Accept Hub RPM
Server Certificate window. Click Next.
7. The Type in Hub RPM Server Administrator Credentials window will open. Click Next.
8. Type the name of a user with Rack Power Manager software administrator privileges on the
hub server. Type a password for the user. Click Next.
9. The Operation In Progress window will open. The configuration of the spoke server will be
saved to the database of the hub server and the spoke server’s certificates will be installed
on the hub server.
10. The Completed Successful window will open when the spoke server has been added.
11. Click Finish.
To change spoke server network properties:
NOTE: Spoke server network settings may need to be changed by Rack Power Manager software administrators
when network settings are changed and the hub server did not automatically detect the changes. When changing
the network settings, ensure that a port mismatch does not occur between the hub server and the spoke server.
1. On the hub server, click the System tab.
2. Click RPM Server in the top navigation bar. The side navigation bar will include the name
of the server to which you are logged in.
3. Click Properties in the side navigation bar, and then click Spoke Servers. The Spoke
Servers window will open.
4. Click on the name of the spoke server whose network properties you wish to change. The
Spoke Server Network Properties window will open.
5. Change any of the following network settings:
• Type a new computer name to use as the spoke server.
• Type a new address in standard dot notation (xxx.xxx.xxx.xxx) for the spoke server.
Chapter 6: Rack Power Manager Servers 77
• Type a new port number for the spoke server.
6. Click Save and then click Close. The Spoke Servers window will open.
To delete a spoke server:
1. On the hub server, click the System tab.
2. Click RPM Server in the top navigation bar. The side navigation bar will include the name
of the server to which you are logged in.
3. Click Properties in the side navigation bar, and then click Spoke Servers. The Spoke
Servers window will open.
4. Click the checkbox to the left of the spoke servers you wish to delete. To delete all spoke
servers, click the checkbox to the left of Name at the top of the list.
5. Click Delete. A confirmation dialog box will appear.
6. Confirm or cancel the deletion.
NOTE: When a spoke server is deleted, it is no longer allowed to communicate with the hub server. Only spoke
servers that are no longer active should be deleted. If a spoke server isstill active, it may be re-registered using the
Register Spoke Server wizard.
Promoting spoke servers
Promoting a spoke server to be a hub server is usually done only if the current hub server is no
longer operational and will not be brought back into service. (For less severe problems with a
hub server, the backup and restore operations can be used.)
If a spoke server must be promoted, be sure to run the replication task, if possible (see
Replication on page 78) on all other spoke servers, then on the spoke server being promoted,
immediately before the promotion. This will prevent loss of data from the other spoke servers.
(After the promotion of a spoke server to a hub, if the server that was originally the hub
becomes operational again, it will have to register as a spoke server, since a system can have
only one hub server.)
To promote a spoke server to be a hub server:
1. On the spoke server, click the System tab.
2. Click Tools in the side navigation bar.
3. Click Promote to hub server. The Promote Hub Server Wizard will appear.
78Rack Power Manager Installer/User Guide
4. Follow the prompts and heed the cautionary warnings in the wizard. The spoke server on
which the wizard is running will become the hub server, and the other spoke servers will
be advised of the changed configuration.
Replication
Replication is a task that synchronizes the hub and spoke server databases. By default,
replication runs every 12 hours on each spoke server. A spoke server’s first replication occurs
automatically when the spoke server is added to the Rack Power Manager software system. You
may change the interval that the replication task runs on each spoke server, or you may initiate
an immediate replication.
During replication, the spoke server sends all of its database changes since the last replication
to the hub server. The hub server then incorporates those changes and sends all of its database
changes since the last replication to the spoke server (excluding the changes that spoke server
just sent to the hub server).
If an item is added on a spoke server, and another item with the same name (but perhaps with
different configuration parameters) is added on the hub server, then after replication, both items
will appear on both the hub and spoke servers, with a tilde (~) and a number added to one of
the names. The administrator should handle the issue appropriately - in some cases, the
duplicate item may need to be renamed; in others, the duplicate item should be deleted.
When different changes are made to one existing item, two outcomes are possible. For example,
assume an item is added and configured on the hub server and is then replicated to the spoke
server. Later, an administrator changes something about the item on the spoke server. Another
administrator then changes something about the item on the hub server. When the replication
task runs, two things may happen.
In a few instances where no conflict occurs, both changes will be incorporated and replicated.
For example, if the hub server’s administrator adds username JaneDoe to the existing userdefined user group Accounting and the spoke server’s administrator adds username JohnDoe to
the Accounting user group, both names will be added and replicated.
In most other instances where the changes are mutually exclusive or some other conflict occurs,
the most recent change will be the only change accepted and replicated. For example, if the
hub server’s administrator associates a unit with the Miami site, and the spoke server’s
administrator associates the same unit with the Chicago site, the change that was made closest
to the time of replication (that is, the most recent change) will be accepted and replicated.
This emphasizes the importance of ensuring the hub and spoke servers’ clocks are synchronized.
Chapter 6: Rack Power Manager Servers 79
The exception to the last-change rule is when one of the actions deletes an item - in that case,
the deletion is accepted and replicated, regardless of timing. For example, if a unit was deleted
on the hub server, and then the contact information for the same unit was changed on the spoke
server a minute later, the unit will be deleted when the replication task is run.
On a spoke server, you may enable a replication task property that forces the spoke server to
retrieve a snapshot of the hub database rather than synchronizing changes back and forth. The
snapshot is a copy of the hub at the time of the operation. This feature is not normally used; it
is intended to help recover a system when replication has failed.
To display replication results and/or change the replication schedule for a spoke
server:
1. On the spoke server, click the System tab.
2. Click Tasks in the top navigation bar. The Tasks window will open.
3. Select the Database Replication task. The Task Results - Database Replication window
will open. This window contains the results of the most recent replication.
4. To display or change the replication schedule, click Schedule in the side navigation bar.
The Task Schedule - Database Replication window will open.
By default, the replication task runs every 12 hours. You may change the schedule
type, start time, date and interval.
5. To force the spoke server to retrieve a snapshot of the hub database rather than
synchronizing changes, click Properties in the side navigation bar and then click the
Perform a hub database snapshot the next time this task executes checkbox. This setting
will be reset to unchecked after the operation completes.
6. If you made any changes, click Save and then Close.
You may also display the replication schedule from the hub server, but you cannot change it.
To initiate an immediate replication on a spoke server:
1. On the spoke server, click the System tab.
2. Click Tasks in the top navigation bar. The Tasks window will open.
3. Check the checkbox to the left of the Database Replication task and then click Run Now.
To display the replication schedule for a spoke server from the hub server:
1. On the hub server, click the System tab.
2. Click Tasks in the top navigation bar.
80Rack Power Manager Installer/User Guide
3. Select the Database Replication task for the spoke server you wish to view. The Task
Schedule - Database Replication window will open.
Authentication Services
7
Users must be authenticated before they may access or perform any tasks in the Rack Power
Manager management software system.
When users log in, they will be prompted for a username and password. The Rack Power
Manager software will look up the login, determine the authentication service to use and forward
the login credentials to the appropriate authentication service for verification. All authentication
is performed over an HTTPS (SSL) encrypted link.
Some web browsers may store password information; see your web browser documentation.
Supported Authentication Services
81
The Rack Power Manager software is delivered with the RPM internal authentication service,
which verifies a log in and password against user account information stored in the database on
the Rack Power Manager software server.
The Rack Power Manager software also supports the following external authentication services:
• Microsoft Active Directory®*
• Novell®LDAP Services *
• Sun Solaris R9 LDAP Directory Server *
• Sun ONE™ LDAP Directory Server *
• Microsoft Windows®NT domain
• Cisco®Secure ACS 3.3 for Windows 2000/2003 server
• Microsoft IAS for Windows®2000/2003 server
• FreeRADIUS for Red Hat RHL3
• Cisco®Secure ACS 3.3 for Windows 2000/2003 server
• RSA SecurID
®
82Rack Power Manager Installer/User Guide
* Uses LDAP V3
If the Rack Power Manager server is configured for external authentication, login requests are
re-directed to the configured external authentication server.
The Rack Power Manager software obtains external group membership and external user
information when a user logs in. If a user’s group membership changes or the user is deleted
externally, the Rack Power Manager software will not see these changes until the next time the
user logs in.
You may schedule a task that will automatically verify LDAP, Active Directory and NT
external authentication servers to ensure that accounts are still valid; see Task: Validating user
accounts on an external authentication server on page 272.
Authentication services may be managed only by Rack Power Manager software administrators
and user administrators.
To display configured authentication services:
1. Click the Users tab.
2. Click Authentication Services in the top navigation bar. The User Authentication Services
window will open.
The User Authentication Services window may be customized by using the Customize link. See
Using the Customize link in windows on page 30.
To remove authentication services:
NOTE: The internal authentication service cannot be removed.
1. Click the Users tab.
2. Click Authentication Services in the top navigation bar. The User Authentication Services
window will open.
3. Check the checkbox to the left of the authentication service(s) to delete. To delete all
external authentication services on the page, check the checkbox to the left of Name at the
top of the list.
4. Click Delete. A confirmation dialog box will appear.
5. Confirm or cancel the deletion.
Rack Power Manager software internal authentication service
To change the Rack Power Manager internal authentication service account policies:
1. Click the Users tab.
Chapter 7: Authentication Services 83
2. Click Authentication Services in the top navigation bar. The User Authentication Services
window will open.
3. Click RPM Internal. The side navigation bar will change to include RPM Internal at the
top and, below the name, the information you may define.
4. Click Account Policies. The Authentication Service User Account Policies - RPM Internal
window will open.
5. Specify the password policies for the authentication service:
a. Type a number (from 1-64) in the Minimum Password Length field, or click the arrows
to select a number.
b. Check the Passwords Expire checkbox to require a user to change the password after a
certain number of days. Specify a number (from 1-365) in the Maximum Expiration
(days) field, or select a number.
c. Select Passwords must contain both alpha and numeric characters if new passwords
must contain at least one letter and one number.
d. Select Passwords must contain both lower and upper case characters if new
passwords must contain at least one uppercase and one lowercase letter.
6. Specify the lockout policy for the authentication service:
To assign a specific number of user login attempts, check the Lockout users after
invalid login attempts checkbox, then continue with step a.
If you leave this checkbox unchecked, unlimited user login attempts will be allowed.
Skip to the last step.
a. Type the number of allowable user login failures (from 1-25) in the Maximum Login
Failures field, or select it from the menu.
b. To permit user logins after a certain period of time, check the Automatically unlock
users after the lockout period checkbox. Specify the lockout period (in minutes) by
typing a number from 1-1,440 in the Maximum Lockout Period (minutes) field, or
choose a value from the menu (1,440 minutes is equivalent to 24 hours).
If you leave this checkbox unchecked, locked user accounts must be manually
unlocked by a Rack Power Manager software administrator or user
administrator.
See Unlocking User Accounts on page 214.
7. Click Save and then click Close. The User Authentication Services window will open.
84Rack Power Manager Installer/User Guide
To change custom field labels for user accounts that use internal authentication:
1. Click the Users tab.
2. Click Authentication Services in the top navigation bar. The User Authentication Services
window will open.
3. Click RPM Internal. The side navigation bar will change to include RPM Internal at the
top and, below the name, information you may define.
4. Click Custom Field Labels in the side navigation bar. The Authentication Service User
Account Custom Field Labels - RPM Internal window will open.
5. Type the text that you wish to appear in each of the six custom field labels.
6. Click Save and then click Close. The User Authentication Services window will open.
By default, the custom field labels do not display in the User Accounts - All window, but they
may be added to the display (or added to the default display by an administrator), using the
Customize link. See Using the Customize link in windows on page 30.
Active Directory external authentication service
NOTE: When adding an Active Directory external authentication service, you can allow trusted foreststo be
discovered. A forest isa group of domains, and a forest may have a trusted relationship with other forests. In some
configurations, a user may belong to one forest but be assigned to groups in another forest. The RackPower
Manager server needs accessto both forests to authenticate and authorize this user.
To add an Active Directory external authentication service:
1. Click the Users tab.
2. Click Authentication Services in the top navigation bar. The User Authentication Services
window will open.
3. Click Add. The Add Authentication Service Wizard will appear.
4. The Provide Authentication Service Name and Type window will open.
a. Type a name for the external authentication service.
b. Select Active Directory from the menu.
c. Click Next.
5. The Specify Active Directory Connection Settings window will open.
a. Type the Active Directory domain name for the domain you wish to add in the AD
Domain Name field.
Chapter 7: Authentication Services 85
b. In the User Container field, specify the name of the container to search for user
accounts. This will limit the search scope to that container. The name may be entered
in several forms, optionally including a sub-domain. Valid forms are explained below
by example.
Assume an Active Directory domain name of “sunrise.mycompany.com” with
users in subfolder “sun/myusers.” The User Container field may be entered as:
Example 1 (no sub-domain): “sun.myusers”
Example 2 (no sub-domain): “ou=myusers,ou=sun”
If users are contained in a sub-domain such as
“mktg.sunrise.mycompany.com”, valid forms are:
Example 1 (with sub-domain): “mktg.sunrise.mycompany.com/sun/myusers”
Example 2 (with sub-domain and no container specified):
“mktg.sunrise.mycompany.com/”
Example 3 (with sub-domain):
“ou=myusers,ou=sun,dc=mktg,dc=sunrise,dc=mycompany,dc=com”
c. In the Group Container field, specify the name of the container to search for user
groups. This will limit the search scope to that container. The name may be entered in
several forms, optionally including a sub-domain. Valid forms are explained in step 5b
above.
d. In the Username Type menu, select the type of username. Each choice in the menu
contains an example.
A Full Windows 2000 username is specified as username@domain.
A Partial Windows 2000 username is specified as username.
A Full Pre-Windows 2000 username is specified as domain\username.
A Partial Pre-Windows 2000 username is specified as username.
This option may only be configured for new authentication servers; it cannot
be modified. Existing authentication servers are set to the Partial Windows
2000 Username type for compatibility.
e. Specify a Secure Socket Layer (SSL) encryption mode:
• Click Do Not Use SSL to have authentication performed using unencrypted clear
text instead of SSL encryption. This method is the least secure.
• Click Use SSL in Trust All Mode to use SSL encryption for data transmission. All
server certificates will be trusted and automatically accepted by the Rack Power
86Rack Power Manager Installer/User Guide
Manager software for transmitting data. This SSL method provides medium
security.
This encryption mode is not recommended for wide area networks (WANs).
• Click Use SSL in Certificate-based Trust Mode to use SSL encryption for data
transmission. The Rack Power Manager management software will approve the
server and then the certificate before transmitting data. This SSL method provides
maximum security.
f. Click Use Kerberos for User Authentication to use the Kerberos protocol for
authentication requests, including the browsing. If enabled, you must use DES
encryption types for this account. If an account was created prior to Active Directory,
the user’s password must be changed after this setting is changed. In addition, the
Active Directory server addresses must be resolvable to their host names via DNS.
When this is not checked, the LDAP protocol will be used.
g. Click Enable Chasing of Referrals to allow the Active Directory server to refer Rack
Power Manager software clients to additional directory servers.
h. Specify the search mode:
Enable Use Recursion to search groups if you wish to have the AD service
access the domain controller for the specified domain name. This search
includes the "Member" attribute of ObjectClass=group. This search is recursive
and finds nested groups. This search may be slow, depending on the number
of groups and levels of nesting.
-or-
Enable Use an Active Directory Global Catalog to have the AD service
access the global catalog for the specified domain name. The search includes
the "TokenGroups" attribute of the ObjectClass=user. This search is faster but
only retrieves the nested groups SIDs; subsequent calls must be made to find
the group name and specific SIDs.
-or-
Enable Use Windows 2003 Universal Group Caching if you wish to have the
AD service access the domain controller for the specified domain name. The
search includes the "TokenGroups" attribute of the ObjectClass=user. This
search is faster but only retrieves the nested groups SIDs; subsequent calls
must be made to find the group name and specific SIDs. The Windows 2003
Universal Group Caching feature must be enabled in the Windows 2003 AD
server.
Loading...