Reference Guide
Table Of Contents
- OpenManage Integration for Microsoft System Center Version 7.3 for Microsoft Endpoint Configuration Manager and System Center Virtual Machine Manager Security Configuration Guide
- Contents
- Tables
- PREFACE
- Security Quick Reference
- Product and Subsystem Security
- Miscellaneous Configuration and Management
Launch OMIMSSC console extension for Microsoft System Center Consoles
Microsoft System Center Console user must have the Microsoft System Center access and privilege to launch the OMIMSSC
Console Extension. OMIMSSC console extensions in case of MECM and Add-in plugin in case of SCVMM create appropriate
folders on the host.
For more information about launching console extension, seethe OpenManage Integration for Microsoft System Center Version
7.3 for Microsoft Endpoint Configuration Manager and System Center Virtual Machine Manager 7.3 User`s Guide available at
https://www.dell.com/support.
Access OMIMSSC appliance from enrolled Microsoft console
Security roles and permissions
The OpenManage Integration for Microsoft System Center Version 7.3 for System Center Configuration Manager and System
Center Virtual Machine Manager stores admin account credentials in an encrypted format. It does not provide these credentials
to client applications to avoid any improper requests. The backup database is fully encrypted by using custom security phrases,
and hence data cannot be misused.
The backup database is fully encrypted by using Gnu Privacy Guard (GPG). The backup data stored in CIFS. CIFS share
provided by authorized user. CIFS share accessed using credential by authorized users. Backup operation expect user provided
password for additional protection. The backup password provided by user do not stored in the appliance hence user have to
remember it and provide the same during restore operation.
For Microsoft System Center User account, user with full administrator role in the Microsoft Active Directory administrators
group have all the privileges in OMIMSSC. This user can use all the functions of the OpenManage Integration for Microsoft
System Center Version 7.3 for System Center Configuration Manager and System Center Virtual Machine Manager within
Microsoft System Center Console Plugins.
Data integrity
The communication between the OMIMSSC appliance and Microsoft Endpoint Configuration Manager (MECM) and System
Center Virtual Machine Manager (SCVMM) is accomplished by PowerShell Remoting.
A secure PowerShell remote session will be created post user authentication and the applicable PowerShell scripts will be
executed using this remote session. For more information see, Windows PowerShell Remoting.
The communication between the Microsoft System Center Consoles and OMIMSSC appliance is over HTTPS. The OMIMSSC
appliance generates a certificate that is used for trusted communication between MECM/SCVMM and the appliance.
Access control authentication, authorization, and roles
To perform operations on managed nodes by Microsoft System Center Consoles, OMIMSSC uses the current user session and
authorization available in Microsoft System Center console.
OpenManage Integration for Microsoft System Center Version 7.3 for Microsoft Endpoint Configuration Manager and System
Center Virtual Machine Manager uses the Microsoft Active Directory (MS AD) built-in roles and privileges model to authorize
user actions for managed server (hosts and clusters).
Windows PowerShell Remoting
Using the WS-Management protocol, Windows PowerShell Remoting lets you run any Windows PowerShell command on one
or more remote computers. You can establish persistent connections, start interactive sessions, and run scripts on remote
computers.
To use Windows PowerShell Remoting, the remote computer must be configured for remote management. For more
information, including instructions, see About Remote Requirements.
To enable PowerShell Remoting, see PowerShell Permissions
14
Product and Subsystem Security