Dell Version 7.3 manual Encryption, Assigning User Privileges

Page 14

Encryption

Server Administrator is accessed over a secure HTTPS connection using secure socket layer (SSL) technology to ensure and protect the identity of the system being managed. Java Secure Socket Extension (JSSE) is used by supported Microsoft Windows, Red Hat Enterprise Linux, and SUSE Linux Enterprise Server operating systems to protect the user credentials and other sensitive data that is transmitted over the socket connection when a user accesses the Server Administrator home page.

Assigning User Privileges

To ensure critical system component security, assign user privileges to all Dell OpenManage software users before installing Dell OpenManage software. New users can log in to Dell OpenManage software using their operating system user privileges.

CAUTION: To protect access to your critical system components, assign a password to every user account that can access Dell OpenManage software. Users without an assigned password cannot log in to Dell OpenManage software on a system running Windows Server 2003 due to the operating system design.

CAUTION: Disable guest accounts for supported Windows operating systems to protect access to your critical system components. Consider renaming the guest accounts so that remote scripts cannot enable the accounts using the default guest account names.

NOTE: For instructions on assigning user privileges for each supported operating system, see your operating system documentation.

NOTE: To add users to OpenManage software, add new users to the operating system. You do not have to create new users from within the OpenManage software.

Adding Users To A Domain On Windows Operating Systems

NOTE: You must have Microsoft Active Directory installed on your system to perform the following procedures. See Using the Active Directory Login for more information about using Active Directory.

1.Navigate to Control Panel Administrative Tools Active Directory Users and Computers.

2.In the console tree, right-click Users or right-click the container in which you want to add the new user, and then point to New User .

3.Type the appropriate user name information in the dialog box, and then click Next.

4.Click Next , and then click Finish.

5.Double-click the icon representing the user that you just created.

6.Click the Member of tab.

7.Click Add .

8.Select the appropriate group and click Add.

9.Click OK , and then click OK again.

New users can log in to Dell OpenManage software with the user privileges for their assigned group and domain.

Creating Server Administrator Users For Supported Red Hat Enterprise Linux and SUSE Linux Enterprise Server Operating Systems

Administrator access privileges are assigned to the user logged in as root. To create users with User and Power User privileges, perform the following steps.

14

Image 14
Contents Dell OpenManage Server Administrator Version 7.3 Users Guide Dell Inc Contents Server Administrator Services Working With Remote Access ControllerTroubleshooting Server Administrator LogsSetting Alert Actions Frequently Asked QuestionsInstallation Updating Individual System Components IntroductionRemote Access Controller Storage Management ServiceInstrumentation Service What Is New In This ReleaseSystems Management Standards Availability Availability On Supported Operating SystemsOperating System Server Administrator HomeOther Documents You May Need Accessing Documents From Dell Support Site OMConnectionsEnterpriseSystemsManagement Serviceability ToolsObtaining Technical Assistance Contacting Dell User Privilege Access Description Level Type View Manage Setup And AdministrationRole-Based Access Control Service User Privilege Level Required ViewVMware ESX Server 4.X Authentication AuthenticationMicrosoft Windows Authentication VMware ESXi Server 5.X AuthenticationAdding Users To a Domain On Windows Operating Systems EncryptionAssigning User Privileges UserName HostName Rights Creating Users With Power User PrivilegesCreating Users Creating Users With User Privileges Best Practices While Using The Omarolemap File Open the Computer Management window Configuring The Snmp AgentSelect Account is disabled and click OK Snmp Service Properties window appears Changing The Snmp Community NameEnabling Snmp Set Operations Snmp Agent Access Control ConfigurationSnmp Service Configuration window appears Server Administrator Snmp Agent Install Actions Sever Administrator Snmp Install Actions Enabling Snmp Access From Remote HostsTo configure the Snmp agent To enable VMWare Snmp service, run the following command Page Firewall Configuration Logging In And Out Using Server AdministratorServer Administrator Local System Login Central Web Server Login Click SubmitUsing The Active Directory Login Single Sign-OnEnabling The Use Of Client-Side Scripts On Internet Explorer Enabling The Use Of Client-Side Scripts On Mozilla FirefoxGUI Field Name Sample Server Administrator Home Page Non-Modular System Features Modular System System Tree System/Server Module Component Status IndicatorsGlobal Navigation Bar Action WindowUnderlined Items Gauge IndicatorsTask Buttons Using The Online Help Using The Preferences HomeManaged System Preferences Server Administrator Web Server PreferencesSetting User And System Preferences Click General Settings Secure Port SystemCertificate Management Click X.509 CertificateUsing The Server Administrator Command Line Interface Server Administrator Web Server Action TabsServer Administrator Services Managing Your SystemModular Enclosure Server Administrator Home Page System Tree ObjectsManaging System/Server Module Tree Objects Modular Enclosure object Tab Properties Subtab Information Accessing And Using Chassis Management ControllerSystem/Server Module Properties Licensing Subtabs Information LicensingLogs Subtabs Hardware Alert CommandShutdown Alert ManagementSubtabs Session Main System Chassis/Main SystemSession Management Main System Chassis/Main System Properties Batteries Properties and Setup Subtab InformationSetup Subtab Bios Properties Subtab InformationHardware Performance FansFirmware Properties Subtab Intrusion IntrusionMemory Properties Subtab MemoryPorts Power ManagementNetwork Subtab Information PropertiesAlert Management Properties Subtab Elements Power SuppliesManagement Subtabs Budget Profiles Alert Management Subtabs Alert Actions Remote AccessProcessors Removable Flash Media TemperaturesSubtab Temperature Probes Properties SlotsOperating System VoltagesSoftware Properties Subtab Voltage ProbesStorage Managing Preferences Home Page Configuration OptionsGeneral Settings Server Administrator Subtabs Access Configuration Snmp Configuration PreferencesWorking With Remote Access Controller Modular Enclosure Modular system Server Modules Main SystemSystem Remote Access DeviceViewing Basic Information Main System ChassisIPv4 Address IPv6 AddressVlan ID Click Apply ChangesClick Serial Port Serial Port Configuration window appears Click Apply Changes Click Terminal Mode SettingsClick Additional Configuration Additional Configuration For iDRACConfiguring Remote Access Device Users Power Off System Setting Platform Event Filter AlertsNone Reboot System Power Cycle SystemSetting Platform Event Alert Destinations Server Administrator Logs Server Administrator LogsIntegrated Features Log Window Task ButtonsMaintaining The Hardware Log Hardware LogAlert Log StatusCommand Log Setting Alert Actions Example 1 ps -ef /tmp/psout.txt 2&1Setting Alert Action Execute Application In Windows Server BMC/iDRAC Platform Events Filter Alert MessagesEvent Description Login Failure Scenarios TroubleshootingConnection Service Failure Opt/dell/srvadmin/sbin/dsmomconnsvcdSeverity OpenManage Server Administrator ServicesService Name Description Impact of Failure Dsmsadatamgr Port Frequently Asked QuestionsAre there other ports users can use apart from 1311? ITA communicating with Linux systems