Cisco Systems OL-25712-04 Configuring Authentication

CHAPTER 8

Configuring Authentication

Thischapter includes the followingsections:

•AuthenticationServices, page 131

•Guidelinesand Recommendationsfor Remote AuthenticationProviders, page 131

•UserAttributes inRemote Authentication Providers, page 132

•LDAPGroup Rule, page 134

•ConfiguringLDAP Providers, page 134

•ConfiguringRADIUS Providers, page 142

•ConfiguringTACACS+ Providers, page 144

•ConfiguringMultiple Authentication Systems, page 146

•Selectinga PrimaryAuthentication Service, page 151

Authentication Services

CiscoUCS supportstwo methodsto authenticateuser logins:

• Through user accounts local to Cisco UCS Manager

• Remotely through one of the following protocols:

◦ LDAP

◦ RADIUS

◦ TACACS+

Guidelines and Recommendations for Remote Authentication Providers

Ifa system is configured for one of the supported remote authentication services, you must create a provider

forthat service to ensure that Cisco UCS Manager can communicate with it. In addition, you need to be aware

ofthe followingguidelines that impactuser authorization:

Cisco UCS Manager GUI Configuration Guide, Release 2.0

OL-25712-04 131

Contents

Main Cisco UCS Manager GUI Configuration Guide, Release 2.0 Americas Headquarters www.cisco.com/go/trademarks CONTENTS Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Preface Audience Conventions Page Related Cisco UCS Documentation Documentation Feedback Obtaining Documentation and Submitting a Service Request Page Page Page CHAPTER 1 New and Changed Information New and Changed Information for this Release Page Page Page Page Page CHAPTER 2 Overview of Cisco Unified Computing System About Cisco Unified Computing System Unified Fabric Fibre Channel over Ethernet Link-Level Flow Control Priority Flow Control Server Architecture and Connectivity Overview of Service Profiles Network Connectivity through Service Profiles Configuration through Service Profiles Service Profiles that Override Server Identity Service Profiles that Inherit Server Identity Service Profile Templates Policies Configuration Policies Boot Policy Chassis Discovery Policy Page Page Dynamic vNIC Connection Policy Ethernet and Fibre Channel Adapter Policies Global Cap Policy Host Firmware Package IPMI Access Profile Local Disk Configuration Policy Management Firmware Package Management Interfaces Monitoring Policy Network Control Policy Power Control Policy Power Policy Quality of Service Policy Rack Server Discovery Policy Server Autoconfiguration Policy Server Discovery Policy Server Inheritance Policy Server Pool Policy Server Pool Policy Qualifications vHBA Template VM Lifecycle Policy vNIC Template vNIC/vHBA Placement Policies Operational Policies Fault Collection Policy Flow Control Policy Maintenance Policy Scrub Policy Serial over LAN Policy Statistics Collection Policy Statistics Threshold Policy Pools Server Pools MAC Pools UUID Suffix Pools WWN Pools Management IP Pool Traffic Management Oversubscription Oversubscription Considerations Guidelines for Estimating Oversubscription Pinning Pinning Server Traffic to Server Ports Guidelines for Pinning Quality of Service System Classes Quality of Service Policy Flow Control Policy Opt-In Features Stateless Computing Multi-Tenancy Virtualization in Cisco UCS Overview of Virtualization Overview of Cisco Virtual Machine Fabric Extender Virtualization with Network Interface Cards and Converged Network Adapters Virtualization with a Virtual Interface Card Adapter Page CHAPTER 3 Overview of Cisco UCS Manager About Cisco UCS Manager Tasks You Can Perform in Cisco UCS Manager Page Tasks You Cannot Perform in Cisco UCS Manager Cisco UCS Manager in a High Availability Environment CHAPTER 4 Overview of Cisco UCS Manager GUI Overview of Cisco UCS Manager GUI Fault Summary Area Navigation Pane Page Toolbar Work Pane Status Bar Table Customization LAN Uplinks Manager Internal Fabric Manager Hybrid Display Logging in to Cisco UCS Manager GUI through HTTPS Logging in to Cisco UCS Manager GUI through HTTP Logging Off Cisco UCS Manager GUI Web Session Limits Setting the Web Session Limit for Cisco UCS Manager Pre-Login Banner Creating the Pre-Login Banner Modifying the Pre-Login Banner Deleting the Pre-Login Banner Cisco UCS Manager GUI Properties Configuring the Cisco UCS Manager GUI Session and Log Properties Configuring Properties for Confirmation Messages Configuring Properties for External Applications Customizing the Appearance of Cisco UCS Manager GUI Determining the Acceptable Range of Values for a Field Determining Where a Policy Is Used Determining Where a Pool Is Used Copying the XML Page PART II System Configuration Page CHAPTER 5 Configuring the Fabric Interconnects Initial System Setup Setup Mode System Configuration Type Management Port IP Address Performing an Initial System Setup for a Standalone Configuration Page Initial System Setup for a Cluster Configuration Performing an Initial System Setup on the First Fabric Interconnect Page Performing an Initial System Setup on the Second Fabric Interconnect Enabling a Standalone Fabric Interconnect for Cluster Configuration Ethernet Switching Mode Configuring Ethernet Switching Mode Fibre Channel Switching Mode Configuring Fibre Channel Switching Mode Changing the Properties of the Fabric Interconnects Determining the Leadership Role of a Fabric Interconnect CHAPTER 6 Configuring Ports and Port Channels Server and Uplink Ports on the 6100 Series Fabric Interconnect Unified Ports on the 6200 Series Fabric Interconnect Port Modes Port Types Beacon LEDs for Unified Ports Guidelines for Configuring Unified Ports Effect of Port Mode Changes on Data Traffic Configuring Port Modes for a 6248 Fabric Interconnect Configuring Port Modes for a 6296 Fabric Interconnect Configuring the Beacon LEDs for Unified Ports Server Ports Configuring Server Ports Uplink Ethernet Ports Configuring Uplink Ethernet Ports Changing the Properties of an Uplink Ethernet Port Reconfiguring a Port on a Fabric Interconnect Enabling a Port on a Fabric Interconnect Disabling a Port on a Fabric Interconnect Unconfiguring a Port on a Fabric Interconnect Appliance Ports Configuring an Appliance Port Page Page Modifying the Properties of an Appliance Port Page FCoE and Fibre Channel Storage Ports Configuring an FCoE Storage Port Configuring a Fibre Channel Storage Port Restoring an Uplink Fibre Channel Port Default Zoning Enabling Default Zoning Disabling Default Zoning Uplink Ethernet Port Channels Creating an Uplink Ethernet Port Channel Enabling an Uplink Ethernet Port Channel Disabling an Uplink Ethernet Port Channel Adding Ports to and Removing Ports from an Uplink Ethernet Port Channel Deleting an Uplink Ethernet Port Channel Appliance Port Channels Creating an Appliance Port Channel Page Page Enabling an Appliance Port Channel Disabling an Appliance Port Channel Adding Ports to and Removing Ports from an Appliance Port Channel Deleting an Appliance Port Channel Fibre Channel Port Channels Creating a Fibre Channel Port Channel Enabling a Fibre Channel Port Channel Disabling a Fibre Channel Port Channel Adding Ports to and Removing Ports from a Fibre Channel Port Channel Modifying the Properties of a Fibre Channel Port Channel Deleting a Fibre Channel Port Channel Adapter Port Channels Viewing Adapter Port Channels Fabric Port Channels Cabling Considerations for Fabric Port Channels Configuring a Fabric Port Channel Viewing Fabric Port Channels Enabling or Disabling a Fabric Port Channel Member Port Configuring Server Ports with the Internal Fabric Manager Internal Fabric Manager Launching the Internal Fabric Manager Configuring a Server Port with the Internal Fabric Manager Unconfiguring a Server Port with the Internal Fabric Manager Enabling a Server Port with the Internal Fabric Manager Disabling a Server Port with the Internal Fabric Manager CHAPTER 7 Configuring Communication Services Communication Services Configuring CIM-XML Configuring HTTP Configuring HTTPS Certificates, Key Rings, and Trusted Points Creating a Key Ring Creating a Certificate Request for a Key Ring Creating a Trusted Point Importing a Certificate into a Key Ring Configuring HTTPS Page Deleting a Key Ring Deleting a Trusted Point Configuring SNMP Information about SNMP SNMP Functional Overview SNMP Notifications SNMP Security Levels and Privileges Supported Combinations of SNMP Security Models and Levels SNMPv3 Security Features SNMP Support in Cisco UCS Enabling SNMP and Configuring SNMP Properties Creating an SNMP Trap Deleting an SNMP Trap Creating an SNMPv3 user Deleting an SNMPv3 User Enabling Telnet Disabling Communication Services Page CHAPTER 8 Configuring Authentication Authentication Services Guidelines and Recommendations for Remote Authentication Providers User Attributes in Remote Authentication Providers Page LDAP Group Rule Configuring LDAP Providers Configuring Properties for LDAP Providers Creating an LDAP Provider Page Page Page Changing the LDAP Group Rule for an LDAP Provider Deleting an LDAP Provider LDAP Group Mapping Creating an LDAP Group Map Deleting an LDAP Group Map Configuring RADIUS Providers Configuring Properties for RADIUS Providers Creating a RADIUS Provider Page Deleting a RADIUS Provider Configuring TACACS+ Providers Configuring Properties for TACACS+ Providers Creating a TACACS+ Provider Deleting a TACACS+ Provider Configuring Multiple Authentication Systems Multiple Authentication Systems Provider Groups Creating an LDAP Provider Group Deleting an LDAP Provider Group Creating a RADIUS Provider Group Deleting a RADIUS Provider Group Creating a TACACS+ Provider Group Deleting a TACACS+ Provider Group Authentication Domains Creating an Authentication Domain Selecting a Primary Authentication Service Selecting the Console Authentication Service Selecting the Default Authentication Service Role Policy for Remote Users Configuring the Role Policy for Remote Users CHAPTER 9 Configuring Organizations Organizations in a Multi-Tenancy Environment Hierarchical Name Resolution in a Multi-Tenancy Environment Creating an Organization under the Root Organization Creating an Organization under a Sub-Organization Deleting an Organization CHAPTER 10 Configuring Role-Based Access Control Role-Based Access Control User Accounts for Cisco UCS Manager Guidelines for Cisco UCS Manager Usernames Reserved Words: Locally Authenticated User Accounts Guidelines for Cisco UCS Manager Passwords Web Session Limits for User Accounts User Roles Default User Roles Reserved Words: User Roles Privileges Page User Locales Configuring User Roles Creating a User Role Adding Privileges to a User Role Removing Privileges from a User Role Deleting a User Role Configuring Locales Creating a Locale Assigning an Organization to a Locale Deleting an Organization from a Locale Deleting a Locale Configuring Locally Authenticated User Accounts Creating a User Account Page Page Enabling the Password Strength Check for Locally Authenticated Users Setting the Web Session Limits for Cisco UCS Manager GUI Users Changing the Locales Assigned to a Locally Authenticated User Account Changing the Roles Assigned to a Locally Authenticated User Account Enabling a User Account Disabling a User Account Clearing the Password History for a Locally Authenticated User Deleting a Locally Authenticated User Account Password Profile for Locally Authenticated Users Page Configuring the Maximum Number of Password Changes for a Change Interval Configuring a No Change Interval for Passwords Configuring the Password History Count Monitoring User Sessions Page Page CHAPTER 11 Managing Firmware Overview of Firmware Firmware Image Management Firmware Image Headers Firmware Image Catalog Firmware Versions Firmware Upgrades Cautions, Guidelines, and Best Practices for Firmware Upgrades Configuration Changes and Settings that Can Impact Upgrades Hardware-Related Guidelines and Best Practices for Firmware Upgrades Firmware- and Software-Related Best Practices for Upgrades Page Required Order of Components for Firmware Activation Required Order for Adding Support for Previously Unsupported Servers Direct Firmware Upgrade at Endpoints Stages of a Direct Firmware Upgrade Outage Impacts of Direct Firmware Upgrades Firmware Upgrades through Service Profiles Host Firmware Package Management Firmware Package Stages of a Firmware Upgrade through Service Profiles Firmware Downgrades Completing the Prerequisites for Upgrading the Firmware Prerequisites for Upgrading and Downgrading Firmware Creating an All Configuration Backup File Page Verifying the Overall Status of the Fabric Interconnects Verifying the High Availability Status and Roles of a Cluster Configuration Verifying the Status of I/O Modules Verifying the Status of Servers Verifying the Status of Adapters on Servers in a Chassis Downloading and Managing Firmware Packages Obtaining Software Bundles from Cisco Page Downloading Firmware Images to the Fabric Interconnect from a Remote Location Downloading Firmware Images to the Fabric Interconnect from the Local File System Canceling an Image Download Determining the Contents of a Firmware Package Checking the Available Space on a Fabric Interconnect Deleting Firmware Packages from a Fabric Interconnect Deleting Firmware Images from a Fabric Interconnect Directly Upgrading Firmware at Endpoints Updating the Firmware on Multiple Endpoints Page Updating the Firmware on an Adapter Activating the Firmware on an Adapter Updating the BIOS Firmware on a Server Activating the BIOS Firmware on a Server Updating the CIMC Firmware on a Server Activating the CIMC Firmware on a Server Updating the Firmware on an IOM Activating the Firmware on an IOM Activating the Board Controller Firmware on a Server Activating the Cisco UCS Manager Software Activating the Firmware on a Subordinate Fabric Interconnect Activating the Firmware on a Primary Fabric Interconnect Activating the Firmware on a Standalone Fabric Interconnect Upgrading Firmware through Service Profiles Host Firmware Package Management Firmware Package Effect of Updates to Host Firmware Packages and Management Firmware Packages Page Page Creating a Host Firmware Package Updating a Host Firmware Package Creating a Management Firmware Package Updating a Management Firmware Package Adding Firmware Packages to an Existing Service Profile Verifying Firmware Versions on Components Managing the Capability Catalog Capability Catalog Contents of the Capability Catalog Updates to the Capability Catalog Activating a Capability Catalog Update Verifying that the Capability Catalog Is Current Viewing a Capability Catalog Provider Downloading Individual Capability Catalog Updates Obtaining Capability Catalog Updates from Cisco Updating the Capability Catalog from a Remote Location Updating the Capability Catalog from the Local File System Updating Management Extensions Management Extensions Activating a Management Extension CHAPTER 12 Configuring DNS Servers DNS Servers in Cisco UCS Adding a DNS Server Deleting a DNS Server CHAPTER 13 Configuring System-Related Policies Configuring the Chassis Discovery Policy Chassis Discovery Policy Page Page Configuring the Chassis Discovery Policy Configuring the Chassis Connectivity Policy Chassis Connectivity Policy Configuring a Chassis Connectivity Policy Configuring the Rack Server Discovery Policy Rack Server Discovery Policy Configuring the Rack Server Discovery Policy Configuring the Aging Time for the MAC Address Table Aging Time for the MAC Address Table Configuring the Aging Time for the MAC Address Table Page CHAPTER 14 Managing Licenses Licenses Obtaining the Host ID for a Fabric Interconnect Obtaining a License Downloading Licenses to the Fabric Interconnect from the Local File System Downloading Licenses to the Fabric Interconnect from a Remote Location Installing a License Viewing the Licenses Installed on a Fabric Interconnect Page Determining the Grace Period Available for a Port or Feature Determining the Expiry Date of a License Uninstalling a License Page Page CHAPTER 15 Managing Virtual Interfaces Virtual Interfaces Virtual Interface Subscription Management and Error Handling Page PART III Network Configuration Page CHAPTER 16 Using the LAN Uplinks Manager LAN Uplinks Manager Launching the LAN Uplinks Manager Changing the Ethernet Switching Mode with the LAN Uplinks Manager Configuring a Port with the LAN Uplinks Manager Configuring Server Ports Enabling a Server Port with the LAN Uplinks Manager Disabling a Server Port with the LAN Uplinks Manager Unconfiguring a Server Port with the LAN Uplinks Manager Configuring Uplink Ethernet Ports Enabling an Uplink Ethernet Port with the LAN Uplinks Manager Disabling an Uplink Ethernet Port with the LAN Uplinks Manager Unconfiguring an Uplink Ethernet Port with the LAN Uplinks Manager Configuring Uplink Ethernet Port Channels Creating a Port Channel with the LAN Uplinks Manager Enabling a Port Channel with the LAN Uplinks Manager Disabling a Port Channel with the LAN Uplinks Manager Adding Ports to a Port Channel with the LAN Uplinks Manager Removing Ports from a Port Channel with the LAN Uplinks Manager Deleting a Port Channel with the LAN Uplinks Manager Configuring LAN Pin Groups Creating a Pin Group with the LAN Uplinks Manager Deleting a Pin Group with the LAN Uplinks Manager Configuring Named VLANs Creating a Named VLAN with the LAN Uplinks Manager Page Page Deleting a Named VLAN with the LAN Uplinks Manager Configuring QoS System Classes with the LAN Uplinks Manager Page Page CHAPTER 17 Configuring VLANs Named VLANs Private VLANs VLAN Port Limitations Configuring Named VLANs Creating a Named VLAN Page Page Page Deleting a Named VLAN Configuring Private VLANs Creating a Primary VLAN for a Private VLAN Page Page Creating a Secondary VLAN for a Private VLAN Page Page Viewing the VLAN Port Count Page CHAPTER 18 Configuring LAN Pin Groups LAN Pin Groups Creating a LAN Pin Group Deleting a LAN Pin Group CHAPTER 19 Configuring MAC Pools MAC Pools Creating a MAC Pool Deleting a MAC Pool CHAPTER 20 Configuring Quality of Service Quality of Service Configuring System Classes System Classes Configuring QoS System Classes Page Enabling a QoS System Class Disabling a QoS System Class Configuring Quality of Service Policies Quality of Service Policy Creating a QoS Policy Page Deleting a QoS Policy Configuring Flow Control Policies Flow Control Policy Creating a Flow Control Policy Deleting a Flow Control Policy Page CHAPTER 21 Configuring Network-Related Policies Configuring vNIC Templates vNIC Template Creating a vNIC Template Page Page Page Deleting a vNIC Template Binding a vNIC to a vNIC Template Unbinding a vNIC from a vNIC Template Configuring Ethernet Adapter Policies Ethernet and Fibre Channel Adapter Policies Creating an Ethernet Adapter Policy Page Page Page Deleting an Ethernet Adapter Policy Configuring Network Control Policies Network Control Policy Creating a Network Control Policy Page Deleting a Network Control Policy CHAPTER 22 Configuring Upstream Disjoint Layer-2 Networks Upstream Disjoint Layer-2 Networks Guidelines for Configuring Upstream Disjoint L2 Networks Pinning Considerations for Upstream Disjoint L2 Networks Configuring Cisco UCS for Upstream Disjoint L2 Networks Creating a VLAN for an Upstream Disjoint L2 Network Page Assigning Ports and Port Channels to VLANs Removing Ports and Port Channels from VLANs Viewing Ports and Port Channels Assigned to VLANs Page Page Page CHAPTER 23 Configuring Named VSANs Named VSANs Fibre Channel Uplink Trunking for Named VSANs Guidelines and Recommendations for VSANs Creating a Named VSAN Page Creating a Storage VSAN Page Deleting a VSAN Changing the VLAN ID for the FCoE VLAN for a Storage VSAN Enabling Fibre Channel Uplink Trunking Disabling Fibre Channel Uplink Trunking Page CHAPTER 24 Configuring SAN Pin Groups SAN Pin Groups Creating a SAN Pin Group Deleting a SAN Pin Group CHAPTER 25 Configuring WWN Pools WWN Pools Configuring WWNN Pools Creating a WWNN Pool Adding a WWN Block to a WWNN Pool Deleting a WWN Block from a WWNN Pool Adding a WWNN Initiator to a WWNN Pool Deleting a WWNN Initiator from a WWNN Pool Deleting a WWNN Pool Configuring WWPN Pools Creating a WWPN Pool Adding a WWN Block to a WWPN Pool Deleting a WWN Block from a WWPN Pool Adding a WWPN Initiator to a WWPN Pool Deleting a WWPN Initiator from a WWPN Pool Deleting a WWPN Pool Page CHAPTER 26 Configuring Storage-Related Policies Configuring vHBA Templates vHBA Template Creating a vHBA Template Page Deleting a vHBA Template Binding a vHBA to a vHBA Template Unbinding a vHBA from a vHBA Template Configuring Fibre Channel Adapter Policies Ethernet and Fibre Channel Adapter Policies Creating a Fibre Channel Adapter Policy Page Page Page Page Deleting a Fibre Channel Adapter Policy PART V Server Configuration Page CHAPTER 27 Configuring Server-Related Pools Configuring Server Pools Server Pools Creating a Server Pool Deleting a Server Pool Adding Servers to a Server Pool Removing Servers from a Server Pool Configuring UUID Suffix Pools UUID Suffix Pools Creating a UUID Suffix Pool Deleting a UUID Suffix Pool Page CHAPTER 28 Setting the Management IP Address Management IP Address Configuring the Management IP Address on a Blade Server Configuring a Blade Server to Use a Static IP Address Configuring a Blade Server to Use the Management IP Pool Configuring the Management IP Address on a Rack Server Configuring a Rack Server to Use a Static IP Address Configuring a Rack Server to Use the Management IP Pool Setting the Management IP Address on a Service Profile Setting the Management IP Address on a Service Profile Template Configuring the Management IP Pool Management IP Pool Creating an IP Address Block in the Management IP Pool Page Page CHAPTER 29 Configuring Server-Related Policies Configuring BIOS Settings Server BIOS Settings Main BIOS Settings Page Processor BIOS Settings Page Page Page Page Page Intel Directed I/O BIOS Settings Page RAS Memory BIOS Settings Page Serial Port BIOS Settings USB BIOS Settings PCI Configuration BIOS Settings Boot Options BIOS Settings Server Management BIOS Settings Page Page Page Page BIOS Policy Default BIOS Settings Creating a BIOS Policy Modifying the BIOS Defaults Viewing the Actual BIOS Settings for a Server Configuring IPMI Access Profiles IPMI Access Profile Creating an IPMI Access Profile Deleting an IPMI Access Profile Configuring Local Disk Configuration Policies Local Disk Configuration Policy Guidelines for all Local Disk Configuration Policies Guidelines for Local Disk Configuration Policies Configured for RAID Page Creating a Local Disk Configuration Policy Page Changing a Local Disk Configuration Policy Deleting a Local Disk Configuration Policy Configuring Scrub Policies Scrub Policy Creating a Scrub Policy Deleting a Scrub Policy Configuring Serial over LAN Policies Serial over LAN Policy Creating a Serial over LAN Policy Deleting a Serial over LAN Policy Configuring Server Autoconfiguration Policies Server Autoconfiguration Policy Creating an Autoconfiguration Policy Deleting an Autoconfiguration Policy Configuring Server Discovery Policies Server Discovery Policy Creating a Server Discovery Policy Deleting a Server Discovery Policy Configuring Server Inheritance Policies Server Inheritance Policy Creating a Server Inheritance Policy Deleting a Server Inheritance Policy Configuring Server Pool Policies Server Pool Policy Creating a Server Pool Policy Deleting a Server Pool Policy Configuring Server Pool Policy Qualifications Server Pool Policy Qualifications Creating Server Pool Policy Qualifications Page Page Page Deleting Server Pool Policy Qualifications Deleting Qualifications from Server Pool Policy Qualifications Configuring vNIC/vHBA Placement Policies vNIC/vHBA Placement Policies vCon to Adapter Placement vNIC/vHBA to vCon Assignment Page Page Creating a vNIC/vHBA Placement Policy Deleting a vNIC/vHBA Placement Policy Explicitly Assigning a vNIC to a vCon Explicitly Assigning a vHBA to a vCon Page Page Page CHAPTER 30 Configuring Server Boot Boot Policy Creating a Boot Policy SAN Boot Configuring a SAN Boot for a Boot Policy Page iSCSI Boot iSCSI Boot Process iSCSI Boot Guidelines and Prerequisites Page Enabling MPIO on Windows Configuring iSCSI Boot Creating an iSCSI Adapter Policy Page Deleting an iSCSI Adapter Policy Creating an Authentication Profile Deleting an Authentication Profile Creating an iSCSI Initiator IP Pool Deleting an iSCSI Initiator IP Pool Creating an iSCSI Boot Policy Creating an iSCSI vNIC for a Service Profile Page Deleting an iSCSI vNIC from a Service Profile Setting iSCSI Boot Parameters Page Page Page Modifying iSCSI Boot Parameters Page Page IQN Pools Creating an IQN Pool Page Adding a Block to an IQN Pool Deleting a Block from an IQN Pool Deleting an IQN Pool LAN Boot Configuring a LAN Boot for a Boot Policy Local Disk Boot Configuring a Local Disk Boot for a Boot Policy Virtual Media Boot Configuring a Virtual Media Boot for a Boot Policy Deleting a Boot Policy Page CHAPTER 31 Deferring Deployment of Service Profile Updates Deferred Deployment of Service Profiles Deferred Deployment Schedules Maintenance Policy Pending Activities Guidelines and Limitations for Deferred Deployment Configuring Schedules Creating a Schedule Page Page Page Page Creating a One Time Occurrence for a Schedule Page Creating a Recurring Occurrence for a Schedule Page Deleting a One Time Occurrence from a Schedule Deleting a Recurring Occurrence from a Schedule Deleting a Schedule Configuring Maintenance Policies Creating a Maintenance Policy Page Deleting a Maintenance Policy Managing Pending Activities Viewing Pending Activities Deploying a Service Profile Change Waiting for User Acknowledgement Deploying All Service Profile Changes Waiting for User Acknowledgement Deploying a Scheduled Service Profile Change Immediately Deploying All Scheduled Service Profile Changes Immediately CHAPTER 32 Configuring Service Profiles Service Profiles that Override Server Identity Service Profiles that Inherit Server Identity Service Profile Templates Guidelines and Recommendations for Service Profiles Creating Service Profiles Creating a Service Profile with the Expert Wizard Page 1: Identifying the Service Profile Page 2: Configuring the Storage Options Page Page Page Page Page 3: Configuring the Networking Options Page Page Page Page Page Page 4: Setting the vNIC/vHBA Placement Page Page 5: Setting the Server Boot Order Page Page Page 6: Adding the Maintenance Policy Page Page 7: Specifying the Server Assignment Page Page 8: Adding Operational Policies Page Creating a Service Profile that Inherits Server Identity Page Page Page Creating a Hardware Based Service Profile for a Blade Server Creating a Hardware Based Service Profile for a Rack-Mount Server Working with Service Profile Templates Creating a Service Profile Template Page 1: Identifying the Service Profile Template Page 2: Specifying the Storage Options Page Page Page Page 3: Specifying the Networking Options Page Page Page Page Page Page 4: Setting the vNIC/vHBA Placement Page Page 5: Setting the Server Boot Order Page Page Page 6: Adding the Maintenance Policy Page Page 7: Specifying the Server Assignment Options Page Page 8: Adding Operational Policies Page Creating One or More Service Profiles from a Service Profile Template Creating a Template Based Service Profile for a Blade Server Creating a Template Based Service Profile for a Rack-Mount Server Creating a Service Profile Template from a Service Profile Managing Service Profiles Cloning a Service Profile Associating a Service Profile with a Server or Server Pool Disassociating a Service Profile from a Server or Server Pool Associating a Service Profile Template with a Server Pool Disassociating a Service Profile Template from its Server Pool Changing the UUID in a Service Profile Changing the UUID in a Service Profile Template Resetting the UUID Assigned to a Service Profile from a Pool in a Service Profile Template Modifying the Boot Order in a Service Profile Page Page Creating a vNIC for a Service Profile Page Resetting the MAC Address Assigned to a vNIC from a Pool in a Service Profile Template Deleting a vNIC from a Service Profile Creating a vHBA for a Service Profile Page Page Changing the WWPN for a vHBA Resetting the WWPN Assigned to a vHBA from a Pool in a Service Profile Template Clearing Persistent Binding for a vHBA Deleting a vHBA from a Service Profile Binding a Service Profile to a Service Profile Template Unbinding a Service Profile from a Service Profile Template Deleting a Service Profile CHAPTER 33 Managing Power in Cisco UCS Power Management in Cisco UCS Rack Server Power Management Power Management Precautions Configuring the Power Policy Power Policy Configuring the Power Policy Configuring the Global Cap Policy Global Cap Policy Configuring Policy-Driven Chassis Group Power Capping Policy-Driven Chassis Group Power Capping Configuring Power Groups Power Groups Creating a Power Group Page Page Configuring Power Control Policies Power Control Policy Creating a Power Control Policy Deleting a Power Control Policy Configuring Manual Blade-Level Power Capping Manual Blade-Level Power Capping Setting the Blade-Level Power Cap for a Server Viewing the Blade-Level Power Cap PART VI System Management Page CHAPTER 34 Managing Time Zones Time Zones Setting the Time Zone Adding an NTP Server Deleting an NTP Server CHAPTER 35 Managing the Chassis Chassis Management in Cisco UCS Manager GUI Guidelines for Removing and Decommissioning Chassis Acknowledging a Chassis Decommissioning a Chassis Removing a Chassis Recommissioning a Single Chassis Recommissioning Multiple Chassis Renumbering a Chassis Toggling the Locator LED Turning on the Locator LED for a Chassis Turning off the Locator LED for a Chassis Viewing the POST Results for a Chassis Page Page CHAPTER 36 Managing Blade Servers Blade Server Management Guidelines for Removing and Decommissioning Blade Servers Booting Blade Servers Booting a Blade Server Booting a Server from the Service Profile Determining the Boot Order of a Blade Server Shutting Down Blade Servers Shutting Down a Blade Server Shutting Down a Server from the Service Profile Resetting a Blade Server Avoiding Unexpected Server Power Changes Reacknowledging a Blade Server Removing a Server from a Chassis Decommissioning a Blade Server Recommissioning a Blade Server Reacknowledging a Server Slot in a Chassis Removing a Non-Existent Blade Server from the Configuration Database Turning the Locator LED for a Blade Server On and Off Resetting the CMOS for a Blade Server Resetting the CIMC for a Blade Server Recovering the Corrupt BIOS on a Blade Server Viewing the POST Results for a Blade Server Issuing an NMI from a Blade Server Page CHAPTER 37 Managing Rack-Mount Servers Rack-Mount Server Management Guidelines for Removing and Decommissioning Rack-Mount Servers Booting Rack-Mount Servers Booting a Rack-Mount Server Booting a Server from the Service Profile Determining the Boot Order of a Rack-Mount Server Shutting Down Rack-Mount Servers Shutting Down a Rack-Mount Server Shutting Down a Server from the Service Profile Resetting a Rack-Mount Server Avoiding Unexpected Server Power Changes Reacknowledging a Rack-Mount Server Decommissioning a Rack-Mount Server Recommissioning a Rack-Mount Server Renumbering a Rack-Mount Server Removing a Non-Existent Rack-Mount Server from the Configuration Database Turning the Locator LED for a Rack-Mount Server On and Off Resetting the CMOS for a Rack-Mount Server Resetting the CIMC for a Rack-Mount Server Recovering the Corrupt BIOS on a Rack-Mount Server Viewing the POST Results for a Rack-Mount Server Issuing an NMI from a Rack-Mount Server CHAPTER 38 Starting the KVM Console KVM Console Virtual KVM Console Page Page Starting the KVM Console from a Server Starting the KVM Console from a Service Profile Starting the KVM Console from the KVM Launch Manager Page CHAPTER 39 Managing the I/O Modules I/O Module Management in Cisco UCS Manager GUI Resetting an I/O Module Viewing the POST Results for an I/O Module Page CHAPTER 40 Backing Up and Restoring the Configuration Backup and Export Configuration Backup Types Considerations and Recommendations for Backup Operations Import Configuration Import Methods System Restore Required User Role for Backup and Import Operations Backup Operations Creating a Backup Operation Page Page Running a Backup Operation Modifying a Backup Operation Deleting One or More Backup Operations Import Operations Creating an Import Operation Page Page Running an Import Operation Modifying an Import Operation Deleting One or More Import Operations Restoring the Configuration for a Fabric Interconnect Page CHAPTER 41 Recovering a Lost Password Recovering a Lost Password Password Recovery for the Admin Account Determining the Leadership Role of a Fabric Interconnect Verifying the Firmware Versions on a Fabric Interconnect Recovering the Admin Account Password in a Standalone Configuration Page Recovering the Admin Account Password in a Cluster Configuration Page Page Page Page CHAPTER 42 Monitoring Traffic Traffic Monitoring Guidelines and Recommendations for Traffic Monitoring Creating an Ethernet Traffic Monitoring Session Creating a Fibre Channel Traffic Monitoring Session Adding Traffic Sources to a Monitoring Session Activating a Traffic Monitoring Session Deleting a Traffic Monitoring Session CHAPTER 43 Monitoring Hardware Monitoring a Fabric Interconnect Monitoring a Chassis Page Monitoring a Blade Server Page Monitoring a Rack-Mount Server Page Monitoring an I/O Module Monitoring Management Interfaces Management Interfaces Monitoring Policy Configuring the Management Interfaces Monitoring Policy Page Server Disk Drive Monitoring Support for Disk Drive Monitoring Prerequisites for Disk Drive Monitoring Viewing the Status of a Disk Drive Interpreting the Status of a Monitored Disk Drive Page Page CHAPTER 44 Configuring Statistics-Related Policies Configuring Statistics Collection Policies Statistics Collection Policy Modifying a Statistics Collection Policy Page Configuring Statistics Threshold Policies Statistics Threshold Policy Creating a Server and Server Component Threshold Policy Page Adding a Threshold Class to an Existing Server and Server Component Threshold Policy Deleting a Server and Server Component Threshold Policy Adding a Threshold Class to the Uplink Ethernet Port Threshold Policy Page Adding a Threshold Class to the Fibre Channel Port Threshold Policy Page Page CHAPTER 45 Configuring Call Home Call Home Page Page Cisco UCS Faults and Call Home Severity Levels Cisco Smart Call Home Configuring Call Home Page Page Disabling Call Home Enabling Call Home Configuring System Inventory Messages Configuring System Inventory Messages Sending a System Inventory Message Configuring Call Home Profiles Call Home Profiles Creating a Call Home Profile Page Deleting a Call Home Profile Configuring Call Home Policies Call Home Policies Configuring a Call Home Policy Disabling a Call Home Policy Enabling a Call Home Policy Deleting a Call Home Policy Example: Configuring Call Home for Smart Call Home Configuring Smart Call Home Page Configuring the Default Cisco TAC-1 Profile Configuring System Inventory Messages for Smart Call Home Registering Smart Call Home CHAPTER 46 Managing the System Event Log System Event Log Viewing the System Event Log for an Individual Server Viewing the System Event Log for the Servers in a Chassis Configuring the SEL Policy Page Managing the System Event Log for a Server Copying One or More Entries in the System Event Log Printing the System Event Log Refreshing the System Event Log Manually Backing Up the System Event Log Manually Clearing the System Event Log Page CHAPTER 47 Configuring Settings for Faults, Events, and Logs Configuring Settings for the Fault Collection Policy Fault Collection Policy Configuring the Fault Collection Policy Configuring Settings for the Core File Exporter Core File Exporter Configuring the Core File Exporter Disabling the Core File Exporter Configuring the Syslog Page Page Page Page INDEX A B C D E F G H I K L Page M N O P Page Page Q R S Page Page Page T U V W X Z