Manuals

Manuals
Setup and Administration: Dell OpenManage Server Administrator User's Guide Version 1.3

Back to Contents Page

Setup and Administration 

Dell OpenManage™ Server Administrator User's Guide Version 1.3

  Security Management

  Assigning User Privileges

  Disabling Guest and Anonymous Accounts in Supported Windows Operating Systems

  Configuring the SNMP Agent

  X.509 Certificate Management Prerequisites

  Firewall Configuration on Systems Running Supported Red Hat Linux Operating Systems

Security Management

Server Administrator provides security through role-based access control (RBAC), authentication, and encryption for both the Web-based and command line interfaces.

Role-Based Access Control

RBAC manages security by determining the operations that can be executed by persons in particular roles. Each user is assigned one or more roles, and each role is assigned one or more user privileges that are permitted to users in that role. With RBAC, security administration corresponds closely to an organization's structure. 

User Privileges

Server Administrator grants different access rights based on the user's assigned group privileges. The three user levels are: User, Power User, and Administrator.

Users can view most information.

Power Users can set warning threshold values, run diagnostic tests, and configure which alert actions are to be taken when a warning or failure event occurs.

Administrators can configure and perform shutdown actions, configure Auto Recovery actions in case a system has a hung operating system, and clear hardware, event, and command logs. Administrators can also send e-mail.

Server Administrator grants read-only access to users logged in with User privileges, read and write access to users logged in with Power User privileges, and read, write, and admin access to users logged in with Admin privileges.

 

Access Type

User Privileges

Admin

Write

Read

User

 

 

X

Power User

 

X

X

Admin

X

X

X

Read access allows viewing of data reported by Server Administrator. Read access does not allow changing or setting values on the managed system.

Write access allows values to be changed or set on the managed system.

Admin access allows shutdown of the managed system.

Privilege Levels to Access Server Administrator Services

The following table summarizes which user levels have privileges to access and manage Server Administrator Services.

Service

User Privilege Level Required

 

View

Manage 

Instrumentation

U, P, A

P, A

Remote Access

A

A

Diagnostics

P, A

P, A
Update U, P, A A
Storage Management  U, P, A NA
Legend for Server Administrator User Privilege Levels
U User
P Power User
A Administrator
NA Not Applicable

Authentication

The Server Administrator authentication scheme ensures that the correct access types are assigned to the correct user privileges. Additionally, when the command line interface (CLI) is invoked, the Server Administrator authentication scheme validates the context within which the current process is running. This authentication scheme ensures that all Server Administrator functions, whether accessed through the Server Administrator home page or CLI, are properly authenticated.

Microsoft® Windows® Authentication

For supported Microsoft Windows operating systems, Server Administrator authentication is based on the operating system's user authentication system using Windows NT® LAN Manager (NTLM) modules to authenticate. This underlying authentication system allows Server Administrator security to be incorporated in an overall security scheme for your network. 

Red Hat Linux Authentication

For supported Red Hat Linux operating systems, Server Administrator authentication is based on the Red Hat Linux Pluggable Authentication Modules (PAM) library. This documented library of functions allows an administrator to determine how individual applications authenticate users.

Novell® NetWare® Authentication

For supported Novell NetWare operating systems, Server Administrator authentication is based on the Novell Directory Service (NDS) library. This documented library of functions allows an administrator to determine how individual applications authenticate users.

Encryption

Server Administrator is accessed over a secure HTTPS connection using secure socket layer (SSL) technology to ensure and protect the identity of the system being managed. Java Secure Socket Extension (JSSE) is used by supported Microsoft Windows, Red Hat Linux, and certain Novell NetWare operating systems to protect the user credentials and other sensitive data that is transmitted over the socket connection when a user accesses the Server Administrator home page. Supported Novell NetWare operating systems use operating system native Java SSL and Secure Authentication Services (SAS)-NetWare International Cryptographic Infrastructure (NICI).

Assigning User Privileges

You must properly assign user privileges to all Server Administrator users before installing Server Administrator in order to ensure critical system component security. 

note.gif NOTICE: You must assign a password to every user account that can access Server Administrator in order to protect access to your critical system components. 
note.gif NOTICE: You should disable guest accounts for supported Microsoft Windows operating systems in order to protect access to your critical system components. See "Disabling Guest and Anonymous Accounts" for instructions.

Creating Server Administrator Users for Supported Windows Operating Systems

note.gif NOTE: You must be logged in with Admin privileges to perform these procedures.

Creating Users and Assigning User Privileges in Supported Windows 2000 Operating Systems 

note.gif NOTE: For questions about creating users and assigning user group privileges or for more detailed instructions, see your operating system documentation.

  1. Right-click My Computer and point to Manage

  2. In the console tree, expand Local Users and Groups and click Users

  3. Click Action, and then click New User

  4. Type the appropriate information in the dialog box, select or clear the appropriate check boxes, and click Create

note.gif NOTICE: You must assign a password to every user account that can access Server Administrator in order to protect access to your critical system components. 

  1. In the console tree, under Local Users and Groups, click Groups

  2. Click the group to which you want to add the new user: Users, Power Users, or Administrators

  3. Click Action, and then click Properties

  4. Click Add

  5. Click the name of the user you want to add and click Add

  6. Click Check Names to validate the user name that you are adding.

  7. Click OK.

    8. New users can log into Server Administrator with the user privileges for their assigned group.

Adding Users to a Domain in Supported Windows 2000 Operating Systems 

note.gif NOTE: For questions about creating users and assigning user group privileges or for more detailed instructions, see your operating system documentation.
note.gif NOTE: You must have Active Directory installed on your system to perform the following procedures.

  1. Click the Start button and point to Programs—> Administrative Tools—> Active Directory Users and Computers

  2. In the console tree, right-click Users or right-click the container in which you want to add the new user and point to New—> User

  3. Type the appropriate user name information in the dialog box and click Next

  4. Type the appropriate password information in the dialog box and click Next

note.gif NOTICE: You must assign a password to every user account that can access Server Administrator in order to protect access to your critical system components. 

  1. Click Next, and then click Finish.

  2. Double-click the icon representing the user you just created.

  3. Click the Member of tab.

  4. Click Add.

  5. Select the appropriate group and click Add.

  6. Click OK, and then click OK again.

    7. New users can log into Server Administrator with the user privileges for their assigned group and domain.

Creating Users and Assigning User Privileges in Supported Windows NT Operating Systems 

note.gif NOTE: For questions about creating users and assigning user group privileges or for more detailed instructions, see your operating system documentation.

  1. Click the Start button and point to Programs—> Administrative Tools—> User Manager

  2. Click User, and then click New User

  3. Type the appropriate information in the dialog box, select or clear the appropriate check boxes, and click Add

note.gif NOTICE: You must assign a password to every user account that can access Server Administrator in order to protect access to your critical system components. 

  1. In the console tree under Local Users and Groups, click Groups

  2. Click the group to which you want to add the new user: Users, Power Users, or Administrators

  3. Click OK

  4. Click Add

    5. New users can log into Server Administrator with the user privileges for their assigned group.

Adding Users to a Domain in Supported Windows NT Operating Systems 

note.gif NOTE: For questions about creating users and assigning user group privileges or for more detailed instructions, see your operating system documentation.

  1. Click the Start button and point to Programs—> Administrative Tools—> User Manager for Domains

  2. Click User, and then click New User

  3. Type the appropriate information in the dialog box, select or clear the appropriate check boxes, and click Add

note.gif NOTICE: You must assign a password to every user account that can access Server Administrator in order to protect access to your critical system components. 

  1. In the console tree, under Local Users and Groups, click Groups

  2. Click the group to which you want to add the new user: Users, Power Users, or Administrators

  3. Click OK

  4. Click Add

    5. New users can log into Server Administrator with the user privileges for their assigned group and domain.

Creating Server Administrator Users for Supported Red Hat Linux Operating Systems

Admin access privileges are assigned to the user logged in as root. To create users with User and Power User privileges, perform the following steps.

note.gif NOTE: You must be logged in as root to perform these procedures.

Creating Users in Red Had Linux Advanced Server 2.1 and Red Hat Linux Version 8.0

note.gif NOTE: For questions about creating users and assigning user group privileges or for more detailed instructions, see your operating system documentation.
Creating Users With User Privileges
note.gif NOTE: You must have the adduser utility installed on your system to perform this procedure.

  1. Run the following command from the command line:

    2. adduser -d <home-directory> -g <group> <username>

    where <group> is not root.

  2. Type passwd <username> and press <Enter>.

  3. When prompted, enter a password for the new user.

note.gif NOTICE: You must assign a password to every user account that can access Server Administrator in order to protect access to your critical system components. 

The new user can now log in to Server Administrator with User group privileges.

Creating Users With Power User Privileges
note.gif NOTE: You must have the adduser utility installed on your system to perform this procedure.

  1. Run the following command from the command line:

    2. adduser -d <home-directory> -g root <username>

    note.gif NOTE: You must set root as the primary group.

  2. Type passwd <username> and press <Enter>.

  3. When prompted, enter a password for the new user.

note.gif NOTICE: You must assign a password to every user account that can access Server Administrator in order to protect access to your critical system components. 

The new user can now log in to Server Administrator with Power User group privileges.

Creating Users in Red Hat Linux Version 7.3 with the Red Hat User Manager

note.gif NOTE: For questions about creating users and assigning user group privileges or for more detailed instructions, see your operating system documentation.
Creating Users With User Privileges

  1. Start a system running X Windows.

  2. To start the Red Hat User Manager, use one of the following methods: 

    • On the GNOME desktop, click Main Menu Button—> Programs—> System—> User Manager

    • On the KDE desktop, click Main Menu Button—> System—> redhat-config-users

    • Type redhat-config-users at a shell prompt (for example, in an XTerm or a GNOME terminal).

    The User Manager window appears.

  3. Click New User.

    4. The Create New User window appears.

  4. Complete the required fields for the new user and click OK.

note.gif NOTICE: You must assign a password to every user account that can access Server Administrator in order to protect access to your critical system components. 

  1. The User Manager window appears.

  2. Under the User tab, select the user, and click Properties

    3. The User Properties window appears.

  3. Click the Groups tab, check the users group, and set the Primary Group as users.

  4. Click OK

    New users can now log into Server Administrator with User privileges.

Creating Users With Power User Privileges

  1. Start a system running X Windows.

  2. To start the Red Hat User Manager, use one of the following methods: 

    • On the GNOME desktop, click Main Menu Button—> Programs—> System—> User Manager

    • On the KDE desktop, click Main Menu Button—> System—> redhat-config-users

    • Type redhat-config-users at a shell prompt (for example, in an XTerm or a GNOME terminal).

    The User Manager window appears.

  3. Click New User.

    4. The Create New User window appears.

  4. Complete the required fields for the new user and click OK.

note.gif NOTICE: You must assign a password to every user account that can access Server Administrator in order to protect access to your critical system components. 

The User Manager window appears.

  1. Under the User tab, select the user, and click Properties

    2. The User Properties window appears.

  2. Click the Groups tab, check the root group, and set the Primary Group as root.

  3. Click OK

    New users can now log into Server Administrator with Power User privileges.

Creating Server Administrator Users for Supported NetWare Operating Systems

note.gif NOTE: For questions about creating users and assigning user group privileges or for more detailed instructions, see your operating system documentation.

Creating Users With User Privileges

  1. Log in with Admin privileges.

  2. Right-click the container in which a user account is to be created.

  3. Click NEW and select USER.

  4. Complete the required fields and click OK

note.gif NOTICE: You must assign a password to every user account that can access Server Administrator in order to protect access to your critical system components. 

    An icon labeled with the new user name appears in the current container.

  1. Right-click the icon labeled with the new user name and click Trustees of this Object.

  2. Select username.contextName and click Assigned Rights.

    3. By default there are three entries in the Assigned Rights category: Login Script, Print Job Configuration, and [All Attribute Rights].

  3. Select Login Script, and enable the Read and Add Self fields. 

  4. Select Print Job Configuration, and enable the Read and Add Self fields. 

  5. Select [All Attribute Rights], and enable the Read and Add Self fields. 

    6. New users can now log into Server Administrator with User privileges.

Creating Users With Power User Privileges

  1. Log in with Admin privileges.

  2. Right-click the container in which a user account is to be created.

  3. Click NEW and select USER.

  4. Complete the required fields and click OK

note.gif NOTICE: You must assign a password to every user account that can access Server Administrator in order to protect access to your critical system components. 

    An icon labeled with the new user name appears in the current container.

  1. Right-click the icon labeled with the new user name and click Properties.

  2. Click NDS Rights.

  3. Select username.contextName and click Assigned Rights.

  4. Click Add Property.

  5. Select ACL and click OK.

  6. Enable the Read and Write fields by putting a check mark in the check box. 

  7. Click OK.

    8. New users can now log into Server Administrator with Power User privileges.

Creating Users With Admin Privileges

  1. Log in with Admin privileges.

  2. Right-click the container in which a user account is to be created. 

  3. Click NEW and point to USER.

  4. Complete the required fields and click OK

note.gif NOTICE: You must assign a password to every user account that can access Server Administrator in order to protect access to your critical system components. 

    An icon labeled with the new user name appears in the current container.

  1. Right-click the icon labeled with the new user name and click Trustees of this Object.

  2. Select username.contextName and click Assigned Rights.

    3. By default there are three entries in the Assigned Rights category: Login Script, Print Job Configuration, and [All Attribute Rights].

  3. Select Login Script, and enable the Read, Write, Add Self, and Supervisor fields. 

  4. Select Print Job Configuration, and enable the Read, Write, Add Self, and Supervisor fields. 

  5. Select [All Attribute Rights], and enable the Read, Write, Add Self, and Supervisor fields. 

    6. New users can now log into Server Administrator with Admin privileges.

Disabling Guest and Anonymous Accounts in Supported Windows Operating Systems

note.gif NOTE: You must be logged in with Admin privileges to perform this procedure.

  1. Right-click My Computer and point to Manage

  2. In the console tree, expand Local Users and Groups and click Users

  3. Click the Guest or IUSR_system name user account. 

  4. Click Action and point to Properties

  5. Select Account is disabled and click OK

    A red circle with an X appears over the user name. The account is disabled.

Configuring the SNMP Agent

Server Administrator supports the Simple Network Management Protocol (SNMP) systems management standard on all supported operating systems. In most cases, SNMP is installed as part of your operating system installation. An installed supported systems management protocol standard, such as SNMP, is required before installing Server Administrator. See "Installation Requirements" for more information.

You can configure the SNMP agent to change the community name, enable Set operations, and send traps to a management station. To configure your SNMP agent for proper interaction with management applications such as the Dell OpenManage IT Assistant and Array Manager, perform the procedures described in the following sections.

note.gif NOTE: For IT Assistant to retrieve management information from a system running Server Administrator, the community name used by IT Assistant must match a community name on the system running Server Administrator. For IT Assistant to modify information or perform actions on a system running Server Administrator, the community name used by IT Assistant must match a community name that allows Set operations on the system running Server Administrator. For IT Assistant to receive traps (asynchronous event notifications) from a system running Server Administrator, the system running Server Administrator must be configured to send traps to the system running IT Assistant.

The following procedures provide step-by-step instructions for configuring the SNMP agent for each supported operating system:

Configuring the SNMP Agent on Systems Running Supported Microsoft Windows Operating Systems

Configuring the SNMP Agent on Systems Running Supported Red Hat Linux Operating Systems

Configuring the SNMP Agent on Systems Running Supported Novell NetWare Operating Systems

Configuring the SNMP Agent for Systems Running Supported Windows Operating Systems

Server Administrator uses the SNMP services provided by the Windows SNMP agent. You can configure the SNMP agent to change the community name, enable Set operations, and send traps to a management station. To configure your SNMP agent for proper interaction with management applications such as IT Assistant and Array Manager, perform the procedures described in the following sections.

note.gif NOTE: See your operating system documentation for additional details on SNMP configuration.

Changing the SNMP Community Name

Configuring the SNMP community names determines which systems are able to manage your system through SNMP. The SNMP community name used by management applications must match an SNMP community name configured on the Server Administrator system so that the management applications can retrieve management information from Server Administrator.

Changing the SNMP Community Name on Systems Running Supported Windows NT Operating Systems
  1. Click the Start button and point to Settings—> Control Panel.

    2. The Control Panel window appears.

  2. Double-click the Network icon for networking configuration.

    3. The Network window appears.

  3. Click the Services tab in the Network window.

  4. Click SNMP Service in the menu of services and then click Properties.

    5. The Microsoft SNMP Properties window appears.

  5. Click the Security tab to add or edit a community name.

    1. To add a community name, click Add under the Accepted Community Names list.

      2. The Service Configuration window appears.

    2. Type the community name of a system that is able to manage your system (the default is public) in the Community Names text box and click Add.

      3. The Microsoft SNMP Properties window appears.

    3. To change a community name, select a community name in the Accepted Community Names list and click Edit.

      4. The Service Configuration window appears.

    4. Make all necessary edits to the community name of the system that is able to manage your system in the Community Names text box, and click OK.

  6. Click OK in the Microsoft SNMP Properties window to save the changes.

  7. Restart the SNMP service from the services control panel to make the configuration changes active.

Changing the SNMP Community Name on Systems Running Supported Windows 2000 Operating Systems

  1. Click the Start button and point to Settings—> Control Panel.

    2. The Control Panel window appears.

  2. Double-click the Administrative Tools icon.

    3. The Administrative Tools window appears.

  3. Double-click the Computer Management icon.

    4. The Computer Management window appears.

  4. Expand the Computer Management icon in the window, if necessary.

  5. Expand the Services and Applications icon and click Services.

  6. Scroll down the list of services until you find SNMP Service, right-click SNMP Service, and click Properties.

    7. The SNMP Service Properties window appears.

  7. Click the Security tab to add or edit a community name.

    1. To add a community name, click Add under the Accepted Community Names list.

      2. The SNMP Service Configuration window appears.

    2. Type the community name of a system that is able to manage your system (the default is public) in the Community Name text box and click Add.

      3. The SNMP Service Properties window appears.

    3. To change a community name, select a community name in the Accepted Community Names list and click Edit.

      4. The SNMP Service Configuration window appears.

    4. Make all necessary edits to the community name of the system that is able to manage your system in the Community Name text box and click OK.

      5. The SNMP Service Properties window appears.

       

  8. Click OK to save the changes.

  9. Restart the SNMP service from the services control panel to make the configuration changes active.

Enabling SNMP Set Operations

SNMP Set operations must be enabled on the Server Administrator system in order to change Server Administrator attributes using IT Assistant.

Enabling Set Operations on Systems Running Supported Windows NT Operating Systems

  1. Click the Start button and point to Settings—> Control Panel.

    2. The Control Panel window appears.

  2. Double-click the Network icon for networking configuration.

    3. The Network window appears.

  3. Click the Services tab in the Network window.

  4. Click SNMP Service in the menu of services and then click Properties.

    5. The Microsoft SNMP Properties window appears.

  5. Click the Security tab to change the access rights for a community.

  6. Select a community name in the Accepted Community Names list and click Edit.

    7. The Service Configuration window appears.

  7. Set the Community Rights to READ WRITE or READ CREATE, and click OK.

    8. The Microsoft SNMP Properties window appears.

  8. Click OK to save the changes.

  9. Restart the SNMP service from the services control panel to make the configuration changes active.

Enabling Set Operations on Systems Running Supported Windows 2000 Operating Systems

  1. Click the Start button and point to Settings—> Control Panel.

    2. The Control Panel window appears.

  2. Double-click the Administrative Tools icon.

    3. The Administrative Tools window appears.

  3. Double-click the Computer Management icon.

    4. The Computer Management window appears.

  4. Expand the Computer Management icon in the window, if necessary.

  5. Expand the Services and Applications icon and click Services.

  6. Scroll down the list of services until you find SNMP Service, right-click SNMP Service, and click Properties.

    7. The SNMP Service Properties window appears.

  7. Click the Security tab to change the access rights for a community.

  8. Select a community name in the Accepted Community Names list and click Edit.

    9. The SNMP Service Configuration window appears.

  9. Set the Community Rights to READ WRITE or READ CREATE, and click OK.

    10. The SNMP Service Properties window appears.

  10. Click OK to save the changes.

  11. Restart the SNMP service from the services control panel to make the configuration changes active.

Configuring Your System to Send SNMP Traps to a Management Station

Server Administrator generates SNMP traps in response to changes in the status of sensors and other monitored parameters. You must configure one or more trap destinations on the Server Administrator system for SNMP traps to be sent to a management station.

Configuring a System Running Supported Windows NT Operating Systems to Send SNMP Traps to a Management Station

  1. Click the Start button and point to Settings—> Control Panel.

    2. The Control Panel window appears.

  2. Double-click the Network icon for networking configuration.

    3. The Network window appears.

  3. Click the Services tab in the Network window.

  4. Click SNMP Service in the menu of services and then click Properties.

    5. The Microsoft SNMP Properties window appears.

  5. Click the Traps tab to add a community for traps or to add a trap destination for a trap community.

    1. To add a community for traps, type the community name in the Community Name box and click Add located next to the Community Name box.

    2. To add a trap destination for a trap community, select the community name from the Community Name drop-down box and click Add located under the Trap Destinations box.

      3. The Service Configuration window appears.

    3. Type in the trap destination and click Add.

      4.  
    The Microsoft SNMP Properties window appears.

  6. Click OK to save the changes.

  7. Restart the SNMP service from the services control panel to make the configuration changes active.

Configuring a System Running Supported Windows 2000 Operating Systems to Send SNMP Traps to a Management Station

  1. Click the Start button and point to Settings—> Control Panel.

    2. The Control Panel window appears.

  2. Double-click the Administrative Tools icon.

    3. The Administrative Tools window appears.

  3. Double-click the Computer Management icon.

    4. The Computer Management window appears.

  4. Expand the Computer Management icon in the window, if necessary.

  5. Expand the Services and Applications icon and click Services.

  6. Scroll down the list of services until you find SNMP Service, right-click SNMP Service, and click Properties.

    7. The SNMP Service Properties window appears.

  7. Click the Traps tab to add a community for traps or to add a trap destination for a trap community.

    1. To add a community for traps, type the community name in the Community Name box and click Add to list, which is located next to the Community Name box.

    2. To add a trap destination for a trap community, select the community name from the Community Name drop-down box and click Add under the Trap Destinations box.

      3. The SNMP Service Configuration window appears.

    3.  Type in the trap destination and click Add.

      4.  
    The SNMP Service Properties window appears.

  8. Click OK to save the changes.

  9. Restart the SNMP service from the services control panel to make the configuration changes active.

Configuring the SNMP Agent on Systems Running Supported Red Hat Linux Operating Systems

Server Administrator uses the SNMP services provided by the ucd-snmp SNMP agent. You can configure the SNMP agent to change the community name, enable Set operations, and send traps to a management station. To configure your SNMP agent for proper interaction with management applications such as IT Assistant and Array Manager, perform the procedures described in the following sections.

note.gif NOTE: See your operating system documentation for additional details on SNMP configuration.

Changing the SNMP Community Name

Configuring the SNMP community names determines which systems are able to manage your system through SNMP. The SNMP community name used by management applications must match an SNMP community name configured on the Server Administrator system so that the management applications can retrieve management information from Server Administrator.

To change the SNMP community name used for retrieving management information from a system running Server Administrator, edit the SNMP agent configuration file, /etc/snmp/snmpd.conf, and perform the following steps:

  1. Find the line that reads: 

    2. com2sec publicsec default public 

    or 

    com2sec notConfigUser default public 

  2. Edit this line, replacing public with the new SNMP community name. When edited, the new line should read: 

    3. com2sec publicsec default community_name 

    or 

    com2sec notConfigUser default community_name

  3. To enable SNMP configuration changes, restart the SNMP agent by typing: 

    4. service snmpd restart

Enabling SNMP Set Operations

SNMP Set operations must be enabled on the system running Server Administrator in order to change Server Administrator attributes using IT Assistant. 

To enable SNMP Set operations on the system running Server Administrator, edit the SNMP agent configuration file, /etc/snmp/snmpd.conf, and perform the following steps:

  1. Find the line that reads: 

    2. access publicgroup "" any noauth exact all none none 

    or 

    access notConfigGroup "" any noauth exact all none none 

  2. Edit this line, replacing the first none with all. When edited, the new line should read:

    3. access publicgroup "" any noauth exact all all none 

    or 

    access notConfigGroup "" any noauth exact all all none 

  3. To enable SNMP configuration changes, restart the SNMP agent by typing: 

    4. service snmpd restart

Configuring Your System to Send Traps to a Management Station 

Server Administrator generates SNMP traps in response to changes in the status of sensors and other monitored parameters. One or more trap destinations must be configured on the system running Server Administrator for SNMP traps to be sent to a management station. 

To configure your system running Server Administrator to send traps to a management station, edit the SNMP agent configuration file, /etc/snmp/snmpd.conf, and perform the following steps:

  1. Add the following line to the file: 

    2. trapsink IP_address community_name

    where IP_address is the IP address of the management station and community_name is the SNMP community name

  2. To enable SNMP configuration changes, restart the SNMP agent by typing: 

    3. service snmpd restart

Configuring the SNMP Agent on Systems Running Supported NetWare Operating Systems

Server Administrator uses the SNMP services provided by the NetWare SNMP agent. You can configure the SNMP agent to change the community name, enable Set operations, and send traps to a management station. To configure your SNMP agent for proper interaction with management station applications such as IT Assistant and Array Manager, perform the following tasks.

note.gif NOTE: See your operating system documentation for additional details on SNMP configuration.
Changing the SNMP Community Name

The SNMP community name used by management applications must match an SNMP community name configured on the system running Server Administrator so that the management station applications can retrieve management information from Server Administrator. 

To change the SNMP community name used for retrieving management information from a Server Administrator system, perform the following steps:

  1. At the NetWare command line console, type load inetcfg and press <Enter>.

    2. The Internetworking Configuration menu appears.

  2. Select the Manage Configuration menu item.

    3. The Manage Configuration menu appears.

  3. Select the Configure SNMP Parameters menu item.

    4. The SNMP Parameters menu appears.

  4. Select the Monitor State menu item to configure monitor community handling.

    5. The Monitor Community Handling menu choices are Any Community May Read, Leave as Default Setting, No Community May Read, and Specified Community May Read.

    note.gif NOTE: Press <F1> for more information about the Monitor State menu item. Press <Esc> to clear the help window.
     
  5. Press <Esc> to exit the SNMP Parameters menu.

    6. A message box appears, prompting you to save changes.

  6. Select Yes.

    7. The Manage Configuration menu appears.

  7. Press <Esc> to exit the Manage Configuration menu.

    8. The Internetworking Configuration menu appears.

  8. Select the Reinitialize System menu item to make the configuration changes active.
Enabling SNMP Set Operations

SNMP Set operations must be enabled on the system running Server Administrator in order to change Server Administrator attributes using IT Assistant.

To enable SNMP Set operations on the system running Server Administrator, perform the following steps:

  1. At the NetWare command line console, type load inetcfg and press <Enter>.

    2. The Internetworking Configuration menu appears.

  2. Select the Manage Configuration menu item.

    3. The Manage Configuration menu appears.

  3. Select the Configure SNMP Parameters menu item.

    4. The SNMP Parameters menu appears.

  4. Select the Control State menu item to configure control community handling.

    5. The Control Community Handling menu choices are Any Community May Write, Leave as Default Setting, No Community May Write, and Specified Community May Write.

    note.gif NOTE: Press <F1> for more information about the Control State menu item. Press <Esc> to clear the help window.
     

  5. Press <Esc> to exit the SNMP Parameters menu.

    6. A message box appears, prompting you to save changes.

  6. Select Yes.

    7. The Manage Configuration menu appears.

  7. Press <Esc> to exit the Manage Configuration menu.

    8. The Internetworking Configuration menu appears.

  8. Select the Reinitialize System menu item to make the configuration changes active.

Configuring Your System to Send SNMP Traps to a Management Station

Server Administrator generates SNMP traps in response to changes in the status of sensors and other monitored parameters. One or more trap destinations must be configured on the system running Server Administrator for SNMP traps to be sent to a management station.

To configure a system running Server Administrator to send SNMP traps to a management station, perform the following steps:

  1. At the NetWare command line console, type load inetcfg and press <Enter>.

    2. The Internetworking Configuration menu appears.

  2. Select the Manage Configuration menu item.

    3. The Manage Configuration menu appears.

  3. Select the Configure SNMP Parameters menu item.

    4. The SNMP Parameters menu appears.

  4. Select the Trap State menu item to configure trap community handling.

    5. The Trap Handling menu choices are Do Not Send Traps, Leave as Default Setting, and Send Traps With Specified Community.

    note.gif NOTE: Press <F1> for more information about the Trap State menu item. Press <Esc> to clear the help window.
     

  5. Press <Esc> to exit the SNMP Parameters menu.

    6. A message box appears, prompting you to save changes.

  6. Select Yes.

    7. The Manage Configuration menu appears.

  7. Press <Esc> to exit the Manage Configuration menu.

    8. The Internetworking Configuration menu appears.

  8. Select the Protocols menu item.

    9. The Protocol Configuration menu appears.

  9. Select the TCP/IP menu item.

    10. The TCP/IP Protocol Configuration menu appears.

  10. Select the SNMP Manager Table menu item.

    11. The SNMP Manager Table menu appears.

  11. Select one of the following SNMP Manager Table menu items:

    • Press <Ins> to add SNMP trap destinations.

    • Press <Enter> to modify SNMP trap destinations.

    • Press <Del> to delete SNMP trap destinations.

      •  
    note.gif NOTE: Press <F1> for more information about the SNMP Manager Table menu item. Press <Esc> to clear the help window.
     

  12. Press <Esc> to exit the SNMP Manager Table menu.

    13. A message box appears, prompting you to update the database.

  13. Select Yes.

    14. The TCP/IP Protocol Configuration menu appears.

  14. Press <Esc> twice to exit the TCP/IP Protocol Configuration menu.

    15. The Internetworking Configuration menu appears.

  15. Restart your system to make the configuration changes active.

X.509 Certificate Management Prerequisites

Web certificates are necessary to ensure the identity of a remote system and to ensure that information exchanged with the remote system cannot be viewed or changed by others. 

This section explains the administrative prerequisites for ensuring your ability to generate a new X.509 certificate, reuse an existing X.509 certificate, or import a root certificate or certificate chain from Certification Authority (CA) on each supported operating system. 

The X.509 certificate management is provided through the Server Administrator home page for the following operating systems. The operating systems do not have any certificate management prerequisites.

  • Microsoft Windows NT Server 4.0 (Service Pack 6a or later)

  • Microsoft Windows 2000 Server Family (includes Windows 2000 Server, Windows 2000 Advanced Server, and Windows Small Business Server [SBS] 2000)

  • Red Hat Linux version 7.3 or later

  • Red Hat Linux Advanced Server version 2.1 or later

  • Novell NetWare version 6.0 or later

Prerequisites for Systems Running NetWare Version 5.1

The X.509 certificate management for systems running NetWare version 5.1 (Service Pack 3 or later) requires that the following procedures be performed before installing Server Administrator:

  1. At the NetWare command line console, type load nwconfig and press <Enter>.

  2. Select Product Options

  3. Select View/Configure/Remove Installed options

  4. Verify that PKIS (Novell Public Key Infrastructure Services) is installed. 

  5. Verify that SAS (Secure Authentication Services) is installed.

  6. Verify that NICI (NetWare International Cryptographic Infrastructure) is installed. 

note.gif NOTE: PKIS, SAS, and NICI are installed by default. If any of these products are not currently installed, you must install the product from your Novell NetWare 5.1 operating system CD. After installation, you must reapply the correct support patch.

After installing Server Administrator, go to "Web Server and Security Setup" to complete the X.509 certificate management procedures.

Firewall Configuration on Systems Running Supported Red Hat Linux Operating Systems

If you select High or Medium firewall security when installing Red Hat Linux, the SNMP port on all external network interfaces is closed by default. To enable SNMP management applications such as IT Assistant to discover and retrieve information from the Instrumentation Service, the SNMP port on at least one external network interface must be open. If the Instrumentation Service detects that the SNMP port is not open in the firewall for any external network interface, the Instrumentation Service displays a warning message and logs a message to the system log.

You can open the SNMP port by disabling the firewall, opening an entire external network interface in the firewall, or opening the SNMP port for at least one external network interface in the firewall. You can perform this action before or after the Instrumentation Service is started.

To open the SNMP port using one of the previously described methods, perform the following steps:

  1. At the Red Hat Linux command prompt, type setup and press <Enter> to start the Text Mode Setup Utility.

    2. The Choose a Tool menu appears.

  2. Select Firewall Configuration using the down arrow and press <Enter>.

    3. The Firewall Configuration screen appears.

  3. Select the Security Level by tabbing to it and pressing the spacebar. The selected Security Level is indicated by an asterisk.

    4. note.gif

    NOTE: Press <F1> for more information about the firewall security levels. The default SNMP port number is 161.

     

    1. To disable the firewall, select No firewall and go to step 7.

    2. To open an entire network interface or the SNMP port, select High or Medium and continue with step 4.

  4. Tab to Customize and press <Enter>.

    The Firewall Configuration - Customize screen appears.

  5. Select whether to open an entire network interface or just the SNMP port on all network interfaces.

    1. To open an entire network interface, tab to one of the Trusted Devices and press the spacebar. An asterisk in the box to the left of the device name indicates that the entire interface will be opened.

    2. To open the SNMP port on all network interfaces, tab to Other ports and type snmp:udp.

  6. Tab to OK and press <Enter>.

    7. The Firewall Configuration screen appears.

  7. Tab to OK and press <Enter>.

    8. The Choose a Tool menu appears.

  8. Tab to Quit and press <Enter>.

Back to Contents Page

Shop
Solutions
Services
Systems
Software & Peripherals
Support
Home Users
Small Businesses
Enterprise IT
Community
Join the Discussion
Share Your Ideas
Read our Blog
Ratings & Reviews
Community Home
Company Information
About Dell
Corporate Responsibility
Careers
Investors
Newsroom
My Account
Sign-in / Register
Order Status

Laptops | Desktops | Business Laptops | Business Desktops | Workstations | Servers | Storage | Services | Monitors | Printers | LCD TVs | Electronics
© 2012 Dell | About Dell | Terms & Conditions | Unresolved Issues | Privacy Statement | Ads and Emails | Dell Recycling | Contact | Site Map | Feedback
AT | AU | BE | BR | CA | CH | CL | CN | CO | DE | DK | ES | FR | HK | IE | IN | IT | JP | KR | ME | MX | MY | NL | NO | PA | PR | RU | SE | SG | UK | VE | ALL

Large Text
snWEB4