Release Notes

is installed, the DSM SA Connection Service does not start after installation. Before you install Server
Administrator, make sure that the port 1311 is not in use.
Before starting Server Administrator, you must enable the client-side scripting in Internet Explorer.
To do so, perform the following:
1. In Internet Explorer, navigate to the "Tools" menu.
2. Click "Internet Options".
3. Click the "Security" tab.
4. Select the security zone to which the system running Server Administrator belongs.
NOTE: This option should be set to "Trusted sites".
5. Click the "Custom Level" button.
6. For Windows 2003, perform the following:
(a) In "Miscellaneous", select the "Allow META REFRESH" radio button.
(b) In "Active Scripting", select the "Enable" radio button.
(c) Under "Active scripting", select the "Allow scripting of Microsoft web browser
controls" radio button.
7. Click "OK" and restart your browser.
To allow Single Sign-on for Server Administrator, perform the following steps:
1. In Internet Explorer, navigate to "Tools".
2. Click "Internet Options".
3. Click the "Security" tab.
4. Select "Trusted sites".
5. Click the "Custom Level" button.
6. Under "User Authentication", select the "Automatic Logon with current username and
password" radio button. Click ‘OK’ to exit the "Custom Level" window.
7. Select the "Advanced" tab and in "HTTP 1.1 settings", make sure "Use HTTP 1.1" is
checked.
8. Select "Trusted sites". Click "Sites". Add the server to the website.
9. Click "Close".
10. Click "OK" and restart your browser.
If you run a security scanner tool such as Nessus, against the Server Administrator Web server,
security warnings may be displayed against port 1311, the port running the Server Administrator
Web server. The warnings have been investigated by engineering and are determined to be "false
positives" (invalid security warnings) that you can ignore. The following are the warnings:
"The Web server on 1311 allows scripts to read the sensitive configuration and/or XML files."
"The Web server on 1311 allows to delete "/" which implies that the web server will allow a remote
user to delete the files in root on the server."
"The web server on 1311 may be susceptible to a 'www Infinite Request' attack."
"It is possible to make the remote thttpd server execute arbitrary code by sending a request like:
GET If-Modified-Since:AAA[...]AAAA
Solution: If you are using thttpd, upgrade to version 2.0. Else, contact the vendor for a patch or
change the web server. CVE on this one is CAN-2000-0359".
Enabling Integrated Windows Authentication in Internet Explorer is not required to activate the
Single Sign-On feature.
The Server Administrator security settings are not applicable for Active Directory users. Active
Directory users with read-only login can access Server Administrator, even if the access is blocked
in the Server Administrator Preferences page.
Dell SNMP MIB Files for Dell Systems: