Manualshelf

Install Guide

ManualsBrandsDell ManualsActive System ManagerOpenManage Server Administrator Version 8.4
11121314151617181920
Reusing An Existing Certificate
If you have a self-signed or CA-signed certificate, you can use the same certificate for the openwsman server by updating the
ssl_cert_file and ssl_key_file values, grouped under [server] tag, in /etc/openwsman/openwsman.conf with the
existing certificate values.
Configuring CRL For The openwsman Client
You need to configure the Certificate Revocation List (CRL) used by Server Administrator Web Server. To do this:
1. Mention a valid CRL file in /etc/openwsman/openwsman_client.conf.
2. If left blank, the CRL check is ignored.
NOTE: CRL support is only present on SUSE Linux Enterprise Server version 11 and Red Hat Enterprise Linux Server
version 5 update 5. For other operating systems, contact the operating system vendor to provide the required
CURL library with CRL support.
Running sfcb And openwsman
Run sfcb and openwsman:
/etc/init.d/sfcb start
/etc/init.d/openwsmand start
NOTE: On Red Hat Enterprise Linux 6, replace sfcb with sblim-sfcb.
On Red Hat Enterprise Linux 6, for the sblim-sfcb and openwsman to start automatically after a reboot you need to change the
run-levels using the chkconfig utility. For example, if you want to run sblim-sfcb in run-levels 3 and 5, use the following
command:
#chkconfig sblim-sfcb on --level 35
NOTE: For more information on chkconfig and its usage, see the operating system documentation.
The managed system is configured and is ready to be used by the Server Administrator Web Server.
Winbind Configuration For openwsman And sfcb For Red Hat
Enterprise Linux Operating Systems
Follow the instructions mentioned below to configure openwsman and sfcb on 32-bit OMI installation. In case of a 64-bit installation,
replace with .lib lib64
1. Back up these files:
/etc/pam.d/openwsman
/etc/pam.d/sfcb
/etc/pam.d/system-auth
2. Replace the content of /etc/pam.d/openwsman and /etc/pam.d/sfcb with
auth required pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
account required pam_stack.so service=system-auth
3. Replace the content of /etc/pam.d/system-auth with
%PAM-1.0
This file is auto-generated.
User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_krb5.so use_first_pass
auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass
13