Manualshelf

Release Notes

ManualsBrandsDell ManualsActive System ManagerOpenManage Server Administrator Version 8.3
11121314151617181920
Port 1311 is the default port for Server Administrator. It is a registered port number of Server Administrator. If another
application is configured to run on port 1311 before Server Administrator is installed, the DSM SA Connection Service does not
start after installation. Before you install Server Administrator, make sure that the port 1311 is not in use.
Before starting Server Administrator, you must enable the client-side scripting in Internet Explorer.
To do so, perform the following:
a. In Internet Explorer, navigate to the Tools menu.
b. Click Internet Options.
c. Click the Security tab.
d. Select the security zone to which the system running Server Administrator belongs.
NOTE: This option should be set to Trusted sites.
e. Click the Custom Level button.
f. For Windows 2003, perform the following:
1. In Miscellaneous, select the Allow META REFRESH radio button.
2. In Active Scripting, select the Enable radio button.
3. Under Active scripting, select the Allow scripting of Microsoft web browser controls radio button.
g. Click OK and restart your browser.
To allow Single Sign-on for Server Administrator, perform the following steps:
a. In Internet Explorer, navigate to Tools.
b. Click Internet Options.
c. Click the Security tab.
d. Select Trusted sites.
e. Click the Custom Level button.
f. Under User Authentication, select the Automatic Logon with current username and passwordradio button. Click OK to
exit the Custom Level window.
g. Select the Advanced tab and in HTTP 1.1 settings, make sure Use HTTP 1.1 is checked.
h. Select Trusted sites. Click Sites. Add the server to the website.
i. Click Close.
j. Click OK and restart your browser.
If you run a security scanner tool such as Nessus, against the Server Administrator Web server, security warnings may be
displayed against port 1311, the port running the Server Administrator Web server. The warnings have been investigated by
engineering and are determined to be "false positives" (invalid security warnings) that you can ignore. The following are the
warnings:
The Web server on 1311 allows scripts to read the sensitive configuration and/or XML files.
The Web server on 1311 allows to delete "/" which implies that the web server will allow a remote user to delete the files in
root on the server."
The web server on 1311 may be susceptible to a 'www Infinite Request' attack.
It is possible to make the remote thttpd server execute arbitrary code by sending a request like: GET If-Modified-
Since:AAA[...]AAAA
Solution: If you are using thttpd, upgrade to version 2.0. Else, contact the vendor for a patch or change the web server. CVE on
this one is CAN-2000-0359".
Enabling Integrated Windows Authentication in Internet Explorer is not required to activate the Single Sign-On feature.
18