To start a Server Administrator session in a local system, click the Dell OpenManage™ icon on your desktop.
To start a Server Administrator session on a remote system, open your Web browser and type one of the following in the address field and press <Enter>:
https://hostname:1311
where hostname is the assigned name for the managed node system and 1311 is the default port
or
https://IP address:1311
where IP address is the IP address for the managed system and 1311 is the default port
The Dell OpenManage Log in window appears.
NOTE: You must type https:// (not http://) in the address field to receive a valid response in your browser.
NOTE: The default port for Dell OpenManage is 1311. You can change the port, if necessary. See "Secure Port Server and Security Setup" for instructions on setting up your system preferences.
NOTE: Before remotely logging into Server Administrator on a system running a supported Novell® NetWare® operating system, Users and Power Users must first authenticate their user rights by logging into the managed NetWare system.
Logging In and Out
To log into Server Administrator, type your preassigned Username and Password in the appropriate fields on the Systems Management Log in window. See "Single Sign-On" for information on how you can bypass the login page and access the Server Administrator web application by clicking on the Dell OpenManage icon on your desktop.
NOTE: You must have preassigned user rights to log into Server Administrator. See "Setup and Administration" for instructions on setting up new users.
NOTE: When logging into Server Administrator from a system running a supported Microsoft® WindowsServer™ 2003 operating system, you cannot use a blank password due to operating system constraints.
NOTE: When logging into Server Administrator from a remote system running a supported Microsoft Windows Server™ 2003 operating system, you cannot use a blank password due to operating system constraints.
If you are accessing Server Administrator from a defined domain, you will also need to specify the correct Domain name.
NOTE: The Application drop-down menu will appear as a nonselectable field for systems that can only access one Dell OpenManage component. The drop-down menu is only functional when two or more Dell OpenManage components are available on the managed system.
Click the Active Directory Login check box to log in using Microsoft Active Directory.
To end your Server Administrator session, click Log Out on the Global Navigation Bar. The Log Out button is located in the upper-right corner of each Server Administrator home page.
Single Sign-On
The Single Sign-On option in Windows enables all logged-in users to bypass the login page and access the Server Administrator web application by clicking the Dell OpenManage icon on your desktop.
For local machine access, you must have an account on the machine with the correct privileges (user, power user, or administrator). Other users are authenticated against Microsoft Active Directory.
To launch Server Administrator using Single Sign-On authentication against Microsoft Active Directory, the following parameters must also be passed in:
To launch Server Administrator using Single Sign-On authentication against the local machine user accounts, the addition of the following parameters must be passed in:
Server Administrator has also been extended to allow other products (such as Dell OpenManage IT Assistant) to directly access Server Administrator web pages without going through the logon page (if you are currently logged on and have the requisite privileges).
Systems Running a Supported Microsoft Windows Server 2003 Operating System
You must configure the security settings for your browser to log into Server Administrator from a remote management system that is running a supported Microsoft Windows Server 2003 operating system.
The security settings for your browser might prevent the execution of client-side scripts that are used by Server Administrator. To enable the use of client-side scripting, perform the following steps on the remote management system.
NOTE: If you have not configured your browser to enable the use of client-side scripting, you might receive a blank screen when logging into Server Administrator. In this case, an error message will appear instructing you to configure your browser settings.
Internet Explorer
Start your browser.
Click Tools®Internet Options®Security.
Click the Trusted Sites icon.
Click Sites.
Copy the Web address used to access the remote managed system from the browser's address
bar and paste it onto the Add this Web Site to the Zone field.
Click Custom Level.
For Windows 2000:
Under Miscellaneous, select the Allow Meta Refresh radio button.
Under Active Scripting, select the Enable radio button.
For Windows 2003:
Under Miscellaneous, select the Allow Meta Refresh radio button.
Under Active Scripting, select the Enable radio button.
Under Active Scripting, select the Allow scripting of Internet Explorer web browser controls radio button.
Click OK to save the new settings.
Close the browser.
Log into Server Administrator.
To allow Single Sign-On for Server Administrator without prompts for user credentials, perform the following steps:
Start your browser.
Click Tools®Internet Options®Security.
Click the Trusted Sites icon.
Click Sites.
Copy the Web address used to access the remote managed system from the browser's address
bar and paste it onto the Add this Web Site to the Zone field.
Click Custom Level.
Under User Authentication, select the Automatic Logon with current username and
password radio button.
Click OK to save the new settings.
Close the browser.
Log into Server Administrator.
Mozilla
Start your browser.
Click Edit®Preferences.
Click Advanced®Scripts and Plugins.
Ensure that the Navigator check box is checked under Enable JavaScript for.
Click OK to save the new settings.
Close the browser.
Log into Server Administrator.
The Server Administrator Home Page
NOTE: Do not use your Web browser toolbar buttons (such as Back and Refresh) while using Server Administrator. Use only the Server Administrator navigation tools.
With only a few exceptions, the Server Administrator home page has three main areas:
The System Tree displays all visible system objects based on the user's access privileges.
The Action Window displays the available management actions for the selected system tree object based on the user's access privileges. The action window contains three functional areas:
The action tabs display the primary actions or categories of actions that are available for the selected object based on the user's access privileges.
The action tabs are divided into subcategories of all available secondary options for the action tabs based on the user's access privileges.
The Data Area displays information for the selected system tree object, action tab, and subcategory based on the user's access privileges.
Additionally, when logged into the Server Administrator home page, the system model, the assigned name of the system, and the current user's user name and User Privileges are displayed in the top-right corner of the window.
Figure 5-1 shows a sample Server Administrator home page layout for a user logged in with administrator privileges.
Figure 5-1. Sample Server Administrator Home Page
Clicking an object in the system tree opens a corresponding action window for that object. You can navigate in the action window by clicking action tabs to select major categories and clicking the action tab subcategories to access more detailed information or more focused actions. The information displayed in the data area of the action window can range from system logs to status indicators to system probe gauges. Underlined items in the data area of the action window indicate a further level of functionality. Clicking an underlined item creates a new data area in the action window that contains a greater level of detail. For example, clicking Main System Chassis under the Health subcategory of the Properties action tab lists the health status of all the components contained in the Main System Chassis object that are monitored for health status.
NOTE: Many of the system tree objects, system components, action tabs, or data area features are not available to users logged in with only User privileges. Admin or Power User privileges are required to view many of the system tree objects, system components, action tabs, and data area features that are configurable. Additionally, only users logged in with Admin privileges have access to the shutdown functionality included under the Shutdown tab.
Global Navigation Bar
The global navigation bar and its links are available to all user levels regardless of where you are in the program.
Clicking Support connects you to the Dell Support website.
Clicking Helpopens the context-sensitive online help window. See "Using the Online Help."
Clicking About displays Server Administrator version and copyright information.
Clicking Log Out ends your current Server Administrator program session.
System Tree
The system tree appears on the left side of the Server Administrator home page and lists the components of your system that are viewable. The system components are categorized by component type. When you expand the main object known as System, the major categories of system components that may appear are Main System Chassis, Software, and Storage.
To expand a branch of the tree, click the plus sign (
) to the left of an object, or double-click the object. A minus sign (
) indicates an expanded entry that cannot be expanded further.
Action Window
When you click an item on the system tree, details about the component or object appear in the data area of the action window. Clicking an action tab displays all available user options as a list of subcategories.
Clicking an object on the system tree opens that component's action window, displaying the available action tabs. The data area defaults to a preselected subcategory of the first action tab for the selected object. The preselected subcategory is usually the first option. For example, clicking the Main System Chassis object opens an action window in which the Properties action tab and Health subcategory is displayed in the window's data area.
Data Area
The data area is located below the action tabs on the right side of the home page. The data area is where you perform tasks or view details about system components. The content of the window depends on the system tree object and action tab that are currently selected. For example, when you select BIOS from the system tree, the Properties tab is selected by default and the version information for the system BIOS appears in the data area. The data area of the action window contains many common features, including status indicators, task buttons, underlined items, and gauge indicators.
System Component Status Indicators
The icons that appear next to component names show the status of that component (as of the latest page refresh).
A green check mark indicates that a component is healthy (normal).
A yellow triangle containing an exclamation point indicates that a component has a warning (noncritical) condition. A warning condition occurs when a probe or other monitoring tool detects a reading for a component that falls within certain minimum and maximum values. A warning condition requires prompt attention.
A red X indicates that a component has a critical (failure) condition. A critical condition occurs when a probe or other monitoring tool detects a reading for a component that falls within certain minimum and maximum values. A critical condition requires immediate attention.
A blank space indicates that a component's health status is unknown.
Task Buttons
Most windows opened from the Server Administrator home page contain at least four task buttons: Print, Export, Email, and Refresh. Other task buttons are included on specific Server Administrator windows. Log windows, for example, also contain Save As and Clear Log task buttons. For specific information about individual task buttons, click Help on any Server Administrator home page window to view detailed information about the specific window you are viewing.
Clicking Print prints a copy of the open window to your default printer.
Clicking Export generates a text file that lists the values for each data field on the open window. The export file is saved to a location you specify. See "Setting User and System Preferences" for instructions on customizing the delimiter separating the data field values.
Clicking Email creates an e-mail message addressed to your designated e-mail recipient. See "Setting User and System Preferences" for instructions on setting up your e-mail server and default e-mail recipient.
Clicking Refresh reloads the system component status information in the action window data area.
Clicking Save As saves an HTML file of the action window in a .zip file.
Clicking Clear Log erases all events from the log displayed in the action window data area.
NOTE: The Export, Email, Save As, and Clear Log buttons are only visible for users logged in with Power User or Admin privileges.
Underlined Items
Clicking an underlined item in the action window data area displays additional details about that item.
Gauge Indicators
Temperature probes, fan probes, and voltage probes are each represented by a gauge indicator. For example, Figure 5-2 shows readings from a system's CPU fan probe.
Figure 5-2. Gauge Indicator
Using the Online Help
Context-sensitive online help is available for every window of the Server Administrator home page. Clicking Help on the global navigation bar opens an independent help window that contains detailed information about the specific window you are viewing. The online help is designed to help guide you through the specific actions required to perform all aspects of the Server Administrator services. Online help is available for all windows you can view, based on the software and hardware groups that Server Administrator discovers on your system and your user privilege level.
Using the Preferences Home Page
The Preferences home page defaults to the Access Configuration window under the Preferences tab.
From the Preferences home page you can restrict access to users with User and Power User privileges, set the SNMP password, and configure user settings and secure port system settings.
Like the Server Administrator home page, the Preferences home page has three main areas:
The global navigation bar provides links to general services.
Clicking Back to Server Administrator returns you to the Server Administrator home page.
The left pane of the Preferences home page (where the system tree is displayed on the Server Administrator home page) displays the preference categories for the managed system.
The action window displays the available settings and preferences for the managed system.
Figure 5-3 shows a sample Preferences home page layout.
Figure 5-3. Sample Preferences Home Page
Using the Server Administrator Command Line Interface
The Server Administrator command line interface (CLI) allows users to perform essential systems management tasks from the operating system command prompt of a monitored system.
In many cases, the CLI allows a user with a very well-defined task in mind to rapidly retrieve information about the system. Using CLI commands, for example, administrators can write batch programs or scripts to execute at specific times. When these programs execute, they can capture reports on components of interest, such as fan RPMs. With additional scripting, the CLI can be used to capture data during periods of high system usage to compare with the same measurements at times of low system usage. Command results can be routed to a file for later analysis. The reports can help administrators to gain information that can be used to adjust usage patterns, to justify purchasing new system resources, or to focus on the health of a problem component.
For complete instructions on the functionality and use of the CLI, see the Server Administrator Command Line Interface User's Guide.
You set user and secure port system preferences from the Preferences home page.
NOTE: You must be logged in with Admin privileges to set or reset user or system preferences.
Perform the following steps to set up your user preferences:
Click Preferences on the global navigation bar.
The Preferences home page appears.
Click General Settings.
To add a preselected e-mail recipient, type the e-mail address of your designated service
contact in the Mail To: field, and click Apply Changes.
NOTE: Clicking Email in any window sends an e-mail message with an attached HTML file of the window to the designated e-mail address.
To change the home page appearance, select an alternative value in the skin or scheme fields
and click Apply Changes.
Perform the following steps to set up your secure port system preferences:
Click Preferences on the global navigation bar.
The Preferences home page appears.
Click General Settings, and the Web Server tab.
In the Server Preferenceswindow, set options as necessary.
The Session Timeout feature can set a limit on the amount of time that a Server Administrator session can remain active. Select the Enable radio button to allow Server Administrator to time out if there is no user interaction for a specified number of minutes. Users whose session times out must log in again to continue. Select the Disable radio button to disable the Server Administrator session timeout feature.
The HTTPS Port field specifies the secure port for Server Administrator. The default secure port for Server Administrator is 1311.
NOTE: Changing the port number to an invalid or in-use port number might prevent other applications or browsers from accessing Server Administrator on the managed system. See the The Dell OpenManage Installation and Security User's Guide for the list of default ports.
The IP Address to Bind to field specifies the IP address(es) for the managed system that Server Administrator binds to when starting a session. Select the All radio button to bind to all IP addresses applicable for your system. Select the Specific radio button to bind to a specific IP address.
NOTE: Changing the IP Address to Bind to value to a value other than All may prevent other applications or browsers from accessing Server Administrator on the managed system.
The SMTP Server name and DNS Suffix for SMTP Server fields specify your company or organization's Simple Mail Transfer Protocol (SMTP) and domain name server (DNS) suffix. To enable Server Administrator to send e-mails, you must type the IP address and DNS suffix for the SMTP Server for your company or organization in the appropriate fields.
NOTE: For security reasons, your company or organization might not allow e-mails to be sent through the SMTP server to outside accounts.
The Command Log Size field specifies the largest file size in MB for the command log file.
The Support Link field specifies the URL for the business entity that provides support for your managed system.
The Custom Delimiter field specifies the character used to separate the data fields in the files created using the
Export button. The ; character is the default delimiter. Other options are
!, @, #, $, %, ^, *, ~,
?, :,|, and ,.
When you finish setting options in the Server Preferences window, click
Apply Changes.
X.509 Certificate Management
Web certificates are necessary to ensure the identity of a remote system and ensure that information exchanged with the remote system cannot be viewed or changed by others. To ensure system security, it is strongly recommended that you either generate a new X.509 certificate, reuse an existing X.509 certificate, or import a root certificate or certificate chain from a Certification Authority (CA).
NOTE: You must be logged in with Admin privileges to perform certificate management.
To manage X.509 certificates through the Preferences home page, click General Settings, click the Web Server tab, and click X.509 Certificate.
Use the X.509 certificate tool to either generate a new X.509 certificate, reuse an existing X.509 certificate, or import a root certificate or certificate chain from a CA. Authorized CAs include Verisign, Entrust, and Thawte.
NOTE: Systemsrunning supported Novell NetWare operating systems must have Novell Java virtual machine (JVM) for NetWare version 1.2 or later to perform certificate management through the Preferences home page. Novell JVM for NetWare version 1.2 or later is installed as part of the NetWare 6.5 or later operating system installation. See the Novell website at www.novell.com for information about upgrading to Novell JVM for NetWare version 1.2 or later.
Exceptions for Systems Running Supported Novell NetWare Operating Systems
You must perform certificate management with the Novell Certificate Server using ConsoleOne running on a NetWare client system if your managed system uses a version of Novell JVM for NetWare that is earlier than 1.2. By default, ConsoleOne is located in the mapped public directory of a NetWare client system.
NOTE: Novell Certificate Server cannot be managed using ConsoleOne running on a Novell NetWare server console.
Creating a New Server Certificate
Using ConsoleOne, you can create or recreate a server certificate if yours becomes corrupted.
NOTE: Back up your critical server certificate information before beginning the following procedures.
To create a new server certificate signed by the NDS Organizational CA, perform the following steps:
Log in with Admin privileges to a NetWare client system and map a drive to the sys:\public
directory on the managed system.
Double-click ConsoleOne.
Right-click the container object that contains the system to be managed, select New, and click
Object.
The New Object window appears.
Select NDSPKI: Key Material and click OK.
The Create Server Certificate (KeyMaterial) window appears. The Standard creation method is selected by default.
Type the Certificate name, and click Next.
Click Finish.
Edit the sys:\system\dell\omanage\IWS\config\server_properties.ini and
sys:\system\dell\omanage\IWS\config\client_properties.ini files by editing the following line:
nssl.keystore =certificate name - hostname
where certificate name is the name of the certificate you just created and hostname is the name of the managed system running NetWare.
Log into Server Administrator on the managed system. See "Logging In and Out."
The Security Alert window appears.
Click View Certificate.
The Certificate window appears. A white cross in a red circle appears over the certificate icon at the top of the window. This icon indicates that the certificate cannot be verified to a trusted certificate authority.
Click the Certification Path tab.
Select Organizational CA and click View Certificate.
Information about the organizational CA is displayed.
Click Install Certificate.
The Certificate Manager Import Wizard appears.
Click Next.
Automatically select the certificate store based on the type of certificate is selected by default.
Click Next.
Click Finish to complete the Certificate Manager Import Wizard.
The Root Certificate Store window appears.
Click Yes.
A window informs you that the import was successful.
Click OK.
The Java plug-in will now recognize the certificate as valid.
The Systems Management Log in window appears with a yellow lock (in the locked position) at the bottom corner of the window.
To create a new server certificate signed by an external Organizational Authority, perform the following steps:
Log in with administrator privileges to a client system and map a drive to the sys:\public
directory on the managed system.
Double-click ConsoleOne.
Right-click the container object that contains the system to be managed with Server
Administrator, select New, and click Object.
The New Object window appears.
Select NDSPKI: Key Material and click OK.
The Create Server Certificate window appears. The Standard creation method is selected by default.
Select the Custom creation method, type the Certificate name, and click Next.
Click External Certificate Authority, and click Next.
Select the RSA key size, and click Next.
Type the Subject Name, choose the signature algorithm, and click Next (by default, the
signature algorithm is set to RSA Encryption with SHA-1 hash).
ConsoleOne generates a Certificate Signing Request (CSR).
Click Finish.
The Save Certificate Signing Requestwindow appears.
Save the CSR.
Send the CSR to a trusted CA such as Verisign, Thawte, or Entrust.
The CA returns two files: one is the root certificate and the other is a response in a Public Key Cryptography Standard #7 (PKCS#7) format.
Right-click the certificate you named in step 5 and click Properties.
Click Import.
Paste the trusted root certificate in the edit box and click Next.
Paste the response in the edit box and click Next.
Edit the sys:\system\dell\omanage\IWS\config\server_properties.ini and the
sys:\system\dell\omanage\IWS\config\client_properties.ini files by editing the following line:
nssl.keystore =certificate name - hostname
where certificate name is the name of the certificate you just created and hostname is the name of the managed system running Novell NetWare.
The next time you log into Server Administrator, the Java plug-in recognizes the certificate as signed by an external trusted certificate authority.
Controlling Server Administrator
Server Administrator automatically starts each time you reboot the managed system. To manually start, stop, or restart Server Administrator, use the following instructions.
NOTE: To control Server Administrator, you must be logged in with administrator privileges (logged in as root for supported Red Hat® Enterprise Linux operating systems).
Starting Server Administrator
Supported Microsoft Windows Operating Systems
To start Server Administrator on systems running a supported Microsoft Windows operating system, perform the following steps:
Click the Start button and point to Settings®Control Panel®Administrative Tools®Services.
The Services window appears.
Right-click the Secure Port Server icon.
Click Start.
Supported Red Hat Enterprise Linux Operating Systems
To start Server Administrator on systems running a supported Red Hat Enterprise Linux operating system, run the following command from the command line:
omawsd start
Supported Novell NetWare Operating Systems
To start Server Administrator on systems running a supported Novell NetWare operating system, run the following command from the command line:
Dell/omanage/IWS/bin/netware/omastart
Stopping Server Administrator
Supported Microsoft Windows Operating Systems
To stop Server Administrator, perform the following steps:
Click the Start button and point to Settings®Control Panel®Administrative Tools®Services.
The Services window appears.
Right-click the Secure Port Server icon.
Click Stop.
Supported Red Hat Enterprise Linux Operating Systems
To stop Server Administrator on systems running a supported Red Hat Enterprise Linux operating system, run the following command from the command line:
omawsd stop
Supported Novell NetWare Operating Systems
To stop Server Administrator on systems running a supported Novell NetWare operating system, run the following command from the command line:
Dell/omanage/IWS/bin/netware/omastop
Restarting Server Administrator
Supported Microsoft Windows Operating Systems
To restart Server Administrator, perform the following steps:
Click the Start button and point to Settings®Control Panel®Administrative Tools®Services.
The Services window appears.
Right-click the Secure Port Server icon.
Click Restart.
Supported Red Hat Enterprise Linux Operating Systems
To restart Server Administrator on systems running a supported Red Hat Enterprise Linux operating system, run the following command from the command line:
omawsd restart
Supported Novell NetWare Operating Systems
To restart Server Administrator on systems running a supported Novell NetWare operating system, run the following command from the command line:
) to the left of an object, or double-click the object. A minus sign (
) indicates an expanded entry that cannot be expanded further.
