Users Guide
Table Of Contents
- Dell EMC OpenManage Enterprise Version 3.5 User's Guide
- Contents
- Tables
- About Dell EMC OpenManage Enterprise
- Security features in OpenManage Enterprise
- Install OpenManage Enterprise
- Installation prerequisites and minimum requirements
- Deploy OpenManage Enterprise on VMware vSphere
- Deploy OpenManage Enterprise on Hyper-V 2012 R2 and earlier host
- Deploy OpenManage Enterprise on Hyper-V 2016 host
- Deploy OpenManage Enterprise on Hyper-V 2019 host
- Deploy OpenManage Enterprise by using Kernel-based Virtual Machine
- Deploy OpenManage Enterprise programmatically
- Get started with OpenManage Enterprise
- Log in to OpenManage Enterprise
- Configure OpenManage Enterprise by using Text User Interface
- Configure OpenManage Enterprise
- Recommended scalability and performance settings for optimal usage of OpenManage Enterprise
- Supported protocols and ports in OpenManage Enterprise
- Use case links for the supported protocols and ports in OpenManage Enterprise
- OpenManage Enterprise Graphical User Interface overview
- OpenManage Enterprise Home portal
- Managing devices
- Organize devices into groups
- Create or delete a Static device group
- Create or edit a Query device group
- Adding or editing devices in a Static child group
- Rename child groups of Static or Query Dynamic groups
- Clone a Static or Query group
- Add devices to a new group
- Add devices to existing group
- Delete devices from OpenManage Enterprise
- Exclude devices from OpenManage Enterprise
- Update the device firmware and drivers by using baselines
- Roll back an individual device's firmware version
- Refresh the device inventory
- Refresh the device status
- Export the single device inventory
- Devices list
- Performing more actions on chassis and servers
- Hardware information displayed for MX7000 chassis
- Export all or selected data
- Viewing and configuring devices
- Start Management application iDRAC of a device
- Start the Virtual Console
- Organize devices into groups
- Manage the device firmware and drivers
- Manage device deployment templates
- Create a deployment template from a reference device
- Create a deployment template by importing a template file
- View a deployment template information
- Edit a server deployment template
- Edit a chassis deployment template
- Edit IOA deployment template
- Edit network properties of a deployment template
- Deploy device deployment templates
- Deploy IOA deployment templates
- Clone deployment templates
- Auto deployment of configuration on yet-to-be-discovered servers or chassis
- Create auto deployment targets
- Delete auto deployment targets
- Export auto deployment target details to different formats
- Overview of stateless deployment
- Define networks
- Edit or delete a configured network
- Export VLAN definitions
- Import network definitions
- Manage Profiles
- Managing the device configuration compliance
- Monitoring device alerts
- Manage audit logs
- Using jobs for device control
- Discovering devices for monitoring or management
- Discover servers automatically by using the server-initiated discovery feature
- Create a device discovery job
- Protocol support matrix for discovering devices
- View device discovery job details
- Edit a device discovery job
- Run a device discovery job
- Stop a device discovery job
- Specify multiple devices by importing data from the .csv file
- Globally excluding devices
- Specify discovery mode for creating a server discovery job
- Create customized device discovery job protocol for servers –Additional settings for discovery protocols
- Specify discovery mode for creating a chassis discovery job
- Create customized device discovery job protocol for Chassis – Additional settings for discovery protocols
- Specify discovery mode for creating a Dell storage discovery job
- Specify discovery mode for creating a network switch discovery job
- Create customized device discovery job protocol HTTPS storage devices –Additional settings for discovery protocols
- Create customized device discovery job protocol for SNMP devices
- Specify discovery mode for creating a MULTIPLE protocol discovery job
- Delete a device discovery job
- Managing device inventory
- Manage the device warranty
- Reports
- Managing MIB files
- Managing OpenManage Enterprise appliance settings
- Configure OpenManage Enterprise network settings
- Manage OpenManage Enterprise users
- Ending user sessions
- Directory services integration in OpenManage Enterprise
- OpenManage Enterprise login using OpenID Connect providers
- Add an OpenID Connect provider to OpenManage Enterprise
- Configure an OpenID Connect provider policy in PingFederate for role-based access to OpenManage Enterprise
- Configure an OpenID Connect provider policy in Keycloak for role-based access to OpenManage Enterprise
- Test the registration status of OpenManage Enterprise with the OpenID Connect provider
- Edit an OpenID Connect provider details in OpenManage Enterprise
- Enable OpenID Connect providers
- Delete OpenID Connect providers
- Disable OpenID Connect providers
- Security Certificates
- Set the login security properties
- Manage Console preferences
- Customize the alert display
- Configure SMTP, SNMP, and Syslog alerts
- Manage incoming alerts
- Manage warranty settings
- Check and update the version of the OpenManage Enterprise and the available plugins
- Execute remote commands and scripts
- OpenManage Mobile settings
- Enable or disable alert notifications for OpenManage Mobile
- Enable or disable OpenManage Mobile subscribers
- Delete an OpenManage Mobile subscriber
- View the alert notification service status
- Notification service status
- View information about OpenManage Mobile subscribers
- OpenManage Mobile subscriber information
- Troubleshooting OpenManage Mobile
- Other references and field descriptions
- Schedule Reference
- Firmware baseline field definitions
- Schedule job field definitions
- Alert categories after EEMI relocation
- Token substitution in remote scripts and alert policy
- Field service debug workflow
- Unblock the FSD capability
- Install or grant a signed FSD DAT.ini file
- Invoke FSD
- Disable FSD
- Catalog Management field definitions
- Firmware/driver compliance baseline reports— devices with 'Unknown' compliance status
- Generic naming convention for Dell EMC PowerEdge servers
Directory services integration in OpenManage
Enterprise
Directory Services enables you to import directory groups from AD or LDAP for use on the console. OpenManage Enterprise
supports integration of the following directory services:
1. Windows Active Directory
2. Windows AD/LDS
3. OpenLDAP
4. PHP LDAP
Pre-requisites/supported attributes for LDAP Integration
Table 27. OpenManage Enterprise Pre-requisites/supported attributes for LDAP Integration
Attribute of User Login Attribute of Group
Membership
Certificate Requirement
AD/LDAP Cn, sAMAccountName Member
● Subject to Domain
Controller Certificate needs
to have FQDN. SAN field
can have IPv4 and/or IPv6
or FQDN.
● Only Base64 certificate
format is supported
OpenLDAP uid, sn Uniquemember Only PEM certificate format is
supported
PHP LDAP uid MemberUid
User pre-requisites for directory service integration
You must ensure that the following user pre-requisites are met before you begin with the directory service integration:
1. BindDN user and user used for 'Test connection' should be the same.
2. If Attribute of User Login is provided, only the corresponding username value assigned to the attribute is allowed for
appliance login.
3. User used for Test connection should be part of any non-default group in LDAP
4. Attribute of Group Membership should have either the 'userDN' or the short name (used for logging in) of the user.
5. When MemberUid is used as 'Attribute of Group Membership,' the username used in appliance login will be considered case
sensitive in some LDAP configurations.
6. When search filter is used in LDAP configuration, user login is not allowed for those users who is not part of the search
criteria mentioned.
7. Group search will work only if the groups have users assigned under the provided Attribute of Group Membership .
NOTE:
If the OpenManage Enterprise is hosted on an IPv6 network, the SSL authentication against domain controller using
FQDN would fail if IPv4 is set as preferred address in DNS. To avoid this failure, do one of the following:
● DNS should be set to return IPv6 as preferred address when queried with FQDN.
● DC certificate needs to have IPv6 in SAN field.
To use the Directory Services:
● Add a directory connection. See Add or edit Active Directory groups to be used with Directory Services on page 137.
● Import directory groups and map all users in the group to a specific role. See Import AD and LDAP groups on page 135.
● For DM users, edit the directory group to add the groups the DM can manage. See Add and edit OpenManage Enterprise
users on page 133.
136
Managing OpenManage Enterprise appliance settings