Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerOpenManage IT Assistant Version 7.2 (Dell OpenManage 4.5.1)
81828384858687888990
Ensuring a Secure Dell OpenManage IT Assistant Installation 89
Securing Ports for IT Assistant and Other Supported
Dell OpenManage Applications
Securing port 2607 of the IT Assistant Services Tier and ports 1311, 161, and 162 of the managed system
can be done using IP Security (IPSec). To list ports that are currently running on your server, you can use
the command netstat -an from a command prompt to show the status of all ports on your system. The
results of this command should indicate that the IT Assistant management station should only accept a
connection on port 2607 from the server hosting the IT Assistant UI (which would be connected through
Terminal Services). Similarly, the managed systems should be configured to accept connections through
ports 1311, 161, and 162 from the management station.
Single Sign-On
The Single Sign-On option on Windows systems enables all logged-in users to bypass the login page and
access IT Assistant by clicking the IT Assistant icon on the desktop. The desktop icon queries the
registry to see if the Automatic Logon with current username and password option is enabled in Internet
Explorer. If this option is enabled, then Single Sign-On is executed; otherwise, the normal logon page will
be displayed. NT LAN Manager (NTLM) authentication must not be disabled on the Windows network.
To enable the Automatic Logon with current username and password option, perform the following
steps in Internet Explorer:
1
Click
Internet Options
on the
Tools
menu.
2
Click the
Security
tab
3
Select the security zone that the IT Assistant system falls within, that is,
Trusted sites
and click
Custom Level
.
4
In the
Security Setting
dialog-box, under
User Authentication
, select the
Automatic Logon with
current username and password
.
5
Click
OK
twice, and restart Internet Explorer.
For local system access, you must have an account on the system with the correct privileges (User, Power
User, or Administrator). Other users are authenticated against Microsoft Active Directory.
To launch IT Assistant using Single Sign-on authentication against Microsoft Active Directory, the
following parameters must be set:
authType=ntlm&application=[ita]
For example:
https://localhost:2607/?authType=ntlm&application=ita