Dell EMC OpenManage Server Administrator Version 9.0.
Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your product. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. Copyright © 2017 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries.
Contents 1 Introduction..................................................................................................................... 6 Installation.......................................................................................................................................................................... 6 Updating individual system components.............................................................................................................................
The Server Administrator home page............................................................................................................................... 24 Server Administrator user interface differences across modular and non-modular systems........................................25 Global Navigation Bar................................................................................................................................................. 26 System Tree.....................................
7 Setting Alert Actions..................................................................................................... 58 Setting Alert Actions For Systems Running Supported Red Hat Enterprise Linux And SUSE Linux Enterprise Server Operating Systems...........................................................................................................................................................58 Setting Alert actions in Windows Server to Execute Applications....................................
1 Introduction Server Administrator provides a comprehensive, one-to-one systems management solution in two ways: from an integrated, web browser-based graphical user interface (GUI) and from a command line interface (CLI) through the operating system. Server Administrator enables system administrators to manage systems locally and remotely on a network. It enables system administrators to focus on managing their entire network by providing comprehensive one-to-one systems management.
Instrumentation Service The Instrumentation Service provides rapid access to detailed fault and performance information gathered by industry-standard systems management agents and allows remote administration of monitored systems, including shutdown, startup, and security. Remote Access Controller The Remote Access Controller provides a complete remote system management solution for systems equipped with the Baseboard Management Controller (BMC)/Integrated Dell Remote Access Controller (iDRAC) solution.
HTTPS is supported on all operating systems. Support for CIM and SNMP is operating system dependent and, sometimes, operating system-version dependent. NOTE: For information on SNMP security concerns, see the Server Administrator release notes file (packaged with the Server Administrator application) or at dell.com/openmanagemanuals. Apply updates from your operating system's master SNMP agents to ensure the SNMP subagents are secure.
• The Dell Remote Access Controller User's Guide provides comprehensive information about using the RACADM command line utility to configure a DRAC. • The Dell Chassis Management Controller User’s Guide provides comprehensive information about using the controller that manages all modules in the chassis containing your system.
– Remote Enterprise Systems Management – Serviceability Tools – Dell Client Command Suite – Connections Client Systems Management d. • To view a document, click the required product version. Using search engines: – Type the name and version of the document in the search box. Obtaining Technical Assistance If at any time you do not understand a procedure described in this guide or if your product does not perform as expected, help tools are available to assist you.
2 Setup And Administration Server Administrator provides security through role- based access control (RBAC), authentication, and encryption for both the Webbased and command line interfaces. Role-Based Access Control RBAC manages security by determining the operations that can be executed by persons in particular roles. Each user is assigned one or more roles, and each role is assigned one or more privileges that are permitted to users in that role.
Storage Management User, Power User, Administrator, Elevated Administrator Administrator, Elevated Administrator Authentication The Server Administrator authentication scheme ensures that the correct access types are assigned to the correct user privileges. Additionally, when the command line interface (CLI) is invoked, the Server Administrator authentication scheme validates the context within which the current process is running.
Adding users to a domain on Windows operating systems NOTE: You must have Microsoft Active Directory installed on your system to perform the following procedures. See Using the Active Directory Login for more information about using Active Directory. 1. Navigate to Control Panel → Administrative Tools → Active Directory Users and Computers. 2. In the console tree, right-click Users or right-click the container in which you want to add the new user, and then point to New → User. 3.
The new user can now log in to Server Administrator with Power User group privileges. Editing Server Administrator user privileges on Linux operating systems NOTE: You must be logged in as root or an equivalent user. 1. 2. Open the omarolemap file at /opt/dell/srvadmin/etc/omarolemap. Add the following in the file: [Tab][Tab] The following table lists the legend for adding the role definition to the omarolemap. Table 4.
Creating Server Administrator Users For VMware ESXi 6.X To add a user to the Users table: 1. Log in to the host using the vSphere Client. 2. Click the Users & Groups tab and click Users. 3. Right-click anywhere in the Users table and click Add to open the Add New User dialog box. 4. Enter login, user name, a numeric user ID (UID), and password; specifying that the user name and UID are optional. If you do not specify the UID, the vSphere Client assigns the next available UID. 5.
NOTE: For additional details on SNMP configuration, see the operating system documentation. Changing the SNMP community name NOTE: You cannot set the SNMP community name from Server Administrator. Set the community name using operating system SNMP tools. Configuring the SNMP community names determines which systems are able to manage your system through SNMP.
NOTE: For additional details on SNMP configuration, see the operating system documentation. SNMP Agent Access Control Configuration The management information base (MIB) branch implemented by Server Administrator is identified by the Object Identifier (OID) 1.3.6.1.4.1.674. Management applications must have access to this branch of the MIB tree to manage systems running Server Administrator.
Configuring the SNMP agent on systems running supported SUSE Linux enterprise server Server Administrator uses the SNMP services provided by the net-snmp agent. You can configure the SNMP agent to enable SNMP access from remote hosts, change the community name, enable Set operations, and send traps to a management station. To configure your SNMP agent for proper interaction with management applications such as IT Assistant, perform the procedures described in the following sections.
Configuring the SNMP agent on systems running supported VMware ESXi 6.X operating systems Server Administrator supports SNMP traps on VMware ESXi 6.X. If a stand-alone license is only present, SNMP configuration fails on VMware ESXi operating systems. Server Administrator does not support SNMP Get and Set operations on VMware ESXi 6.X as the required SNMP support is unavailable. The VMware vSphere Command-Line Interface (CLI) is used to configure systems running VMware ESXi 6.
b. To open an entire network interface or the SNMP port, select High, Medium, or Enabled and proceed to step 4. 4. Press to go to Customize and press . The Firewall Configuration-Customize screen appears. 5. Select whether to open an entire network interface or just the SNMP port on all network interfaces. a. To open an entire network interface, press to go to one of the Trusted Devices and press the spacebar.
3 Using Server Administrator To start a Server Administrator session, double-click the Server Administrator icon on your desktop. The Server Administrator Log in screen is displayed. The default port for Server Administrator is 1311. You can change the port, if required. For instructions on setting up your system preferences, see Systems Management Server Administration Connection Service and Security Setup.
5. Click Submit. Server Administrator Managed System Login — Using The Web Browser NOTE: You must have preassigned user rights to log in to Server Administrator. See Setup and Administration for instructions on setting up new users. 1. Open the Web browser. 2. In the address field, type one of the following: • https://hostname:1311, where hostname is the assigned name for the managed system and 1311 is the default port number.
Single Sign-On The Single Sign-On option in Windows operating systems enables all logged in users to bypass the login page and access the Server Administrator web application by clicking the Server Administrator icon on your desktop. NOTE: For more information about Single Sign-On, see the Knowledge Base article at support.microsoft.com/ default.aspx?scid=kb;en-us;Q258063. For local machine access, you must have an account on the machine with the appropriate privileges (User, Power User, or Administrator).
Enabling Single Sign-On For Server Administrator On Internet Explorer To allow Single Sign-On for Server Administrator without prompts for user credentials: 1. In your Web browser, click Tools → Internet Options → Security 2. Under Select a zone to view or change security settings, click Trusted Sites, and then click Sites. 3. In the Add this website to the zone field, paste the Web address used to access the remote managed system. 4. Click Add. 5. Click Custom Level . 6.
The following figure shows a sample Server Administrator home page layout for a user logged in with administrator privileges on a non-modular system. Figure 1. Sample Server Administrator home page — Non-Modular System The following figure shows a sample Server Administrator home page layout for a user logged in with administrator privileges on a modular system. Figure 2.
Table 8. Server Administrator User Interface Differences Across Modular and Non- Modular Systems Features Modular System Non-Modular System Batteries Power Supplies Fans Hardware Performance Intrusion Memory Network Ports Power Management Processors Remote Access Removable Flash Media Slots Temperatures Voltages Modular Enclosure (Chassis Information and CMC Information) Global Navigation Bar The global navigation bar and its links are available to all user levels in the program.
To expand a branch of the tree, click the plus sign ( ) to the left of an object, or double-click the object. A minus sign ( indicates an expanded entry that cannot be expanded further. ) Action Window When you click an item on the system tree, details about the component or object appear in the data area of the action window. Clicking an action tab displays all available user options as a list of subcategories.
• Clicking Save As saves an HTML file of the action window in a .zip file. • Clicking Clear Log erases all events from the log displayed in the action window data area. • Clicking Help ( ) provides detailed information about the specific window or task button you are viewing. NOTE: The Export, E-mail, and Save As buttons are only visible for users logged in with Power User or Administrator privileges. The Clear Log button is visible only for users with Administrator privileges.
• The action window displays the available settings and preferences for the managed system or the Server Administrator Web Server. Managed system preferences When you log in to a remote system, the preferences home page defaults to the Node Configuration window under the Preferences tab. Click the Server Administrator object to enable or disable access to users with User or Power User privileges.
Set up your user preferences: 1. Click Preferences on the global navigation bar. The Preferences home page is displayed. 2. Click General Settings. 3. To add a preselected email recipient, type the email address of your designated service contact in the Mail To: field, and click Apply. NOTE: Click E-mail ( ) in any window to send an e-mail message with an attached HTML file of the window to the designated email address.
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHANOTE NOTE: If an incorrect cipher value is set and the connection service fails to start, use the CLI command prompt or manually set the valid ciphers and restart the connection service. • The SSL Protocols field allows you to set from the web server listed SSL protocols to establish an HTTPS connection. The possible values are: TLSv1 , TLSv1.1 , TLSv1.2 , (TLSv1, TLSv1.1) , (TLSv1.1, TLSv1.2) and (TLSv1, TLSv1.
NOTE: You also have an option to view the certificate information and export the certificate that is being used in the Base64–encoded format, which can be imported by other web services. • Import certificate chain — Allows you to import the certificate chain (in PKCS#7 format) signed by a trusted CA. The certificate can be in DER or Base64-encoded format.
You can download the required version of Tomcat web server package and run the utility from a command prompt. Download the Tomcat web server core distribution package from tomcat.apache.org. The distribution package must be a .zip or .tar.gz file; Windows installer wrapper packages are not supported. To update web server, browse to the wsupdate folder and then run the following command: • On Windows: omwsupdate.bat [SysMgt folder path] [apache-tomcat.zip/.tar.gz file path] • On Linux: omwsupdate.
4 Server Administrator services Server Administrator Instrumentation Service monitors the health of a system and provides rapid access to detailed fault and performance information gathered by industry-standard systems management agents. The reporting and viewing features allow retrieval of the overall health status for each chassis that includes your system. At the subsystem level, you can view information about the voltages, temperatures, fan rpm, and memory function at key points in the system.
For detailed information on the Storage Management Service component, see the Storage Management User's Guide at dell.com/ openmanagemanuals. Server Administrator Home Page System Tree Objects This section provides information about the objects in the System tree on the Server Administrator's home page. Due to the limitations of the ESXi operating systems, some features available in earlier versions of Server Administrator are not available in this release.
Licensing Subtabs: Information | Licensing Under the Licensing sub tab, you can: • • Set preferences to use Integrated Dell Remote Access Controller (iDRAC) to import, export, delete, or replace the digital license of the hardware. View details of the device used. The details include status of the license, description of the license, entitlement ID and date of expiry of the license. NOTE: Server Administrator supports the licensing feature on the12th generation PowerEdge system onwards.
• • NOTE: Enabling the feature Automatic Backup and Clear ESM Log Entries allows you to create an automatic backup of ESM Logs. This feature is available only on 10th generation and 11th generation of PowerEdge servers. The iDRAC provides automatic backup and SEL log clearing capabilities starting from the 12th generation PowerEdge systems and later. Only latest version of the backup XML file is available in the mentioned locations.
• Firmware • Hardware Performance • Intrusion • Memory • Network • Ports • Power Management • Power Supplies • Processors • Remote Access • Removable Flash Media • Slots • Temperatures • Voltages NOTE: The Power Supplies option is not available in PowerEdge 1900. Power Supply Monitoring and Power Monitoring features are available only for systems that have two or more redundant, hot-swappable power supplies installed.
• • • View information about the main system chassis attributes such as the host name, iDRAC version, Lifecycle Controller version, Chassis Model, Chassis Lock, Chassis Service Tag, Express Service Code, and Chassis Asset Tag. The Express Service Code (ESC) attribute is an 11-digit numeric-only conversion of the system Service Tag. When calling Dell EMC Technical Support, you can key in the ESC for auto call routing.
NOTE: One-Time Boot category is not supported on the 13th generation of PowerEdge systems. The configurable BIOS features are grouped as specific categories. The categories include Debug Menu, System Information, Memory Settings, Processor Settings, SATA Settings, Boot Settings, Boot Option Settings, Network Settings, Integrated Devices, Slot Disablement, Serial Communication, System Profile Settings, System Security, and Miscellaneous Settings.
Under the Properties tab, you can: • View the current readings for your system's fan probes and configure minimum and maximum values for fan probe warning threshold. NOTE: Some fan probe fields differ according to the type of firmware your system has, such as BMC or ESM. Some threshold values are not editable on BMC-based systems. • Select fan control options.
• View the current SNMP trap alert thresholds and set the alert threshold levels for the intrusion sensor. The selected traps are triggered if the system generates a corresponding event at the selected severity level. Memory Click the Memory object to manage your system's memory devices. Server Administrator monitors the memory device status for each memory module present in the monitored system. Memory device prefailure sensors monitor memory modules by counting the number of ECC memory corrections.
NOTE: On systems running Linux operating systems with kernel versions earlier than 3.10, Team Interface speed is not displayed. Ports Click the Ports object to manage your system's external ports. Server Administrator monitors the status of each external port present in your system. NOTE: CMC USB ports attached with blade servers are not enumerated by Server Administrator. The Ports object action window can have the following tab, depending on the user's group privileges: Properties.
• Check the status of individual power supply elements, including the Firmware Version of the power supply, and Maximum Output Wattage. • Check the status of individual power supply elements, including the Firmware Version of the power supply, Rated Input Wattage, and Maximum Output Wattage. The Rated Input Wattage attribute is displayed only on PMBus systems starting 11G.
NOTE: The Additional configuration tab is available only on systems with iDRAC. Under the Configuration tab, when DRAC is configured, you can configure network properties. Under the Additional Configuration tab you can either enable or disable IPv4/IPv6 properties. NOTE: Enabling/disabling IPv4/IPv6 is possible only in a dual stack environment (where both the IPv4 and IPv6 stacks are loaded). Users Subtab: Users Under the Users tab, you can modify the remote access user configuration.
• View the current SNMP trap alert thresholds and set the alert threshold levels for temperature probes. The selected traps are triggered if the system generates a corresponding event at the selected severity level. NOTE: You can set minimum and maximum temperature probe threshold values for an external chassis to whole numbers only.
Under the Properties tab, you can view the health or status of attached storage components and sensors such as array subsystems and operating system disks. Managing Preferences: Home Page Configuration Options The left pane of the Preferences home page (where the system tree is displayed on the Server Administrator home page) displays all available configuration options in the system tree window. The options displayed are based on the systems management software installed on the managed system.
5 Working with remote access controller The systems baseboard management controller (BMC)/Integrated Dell Remote Access Controller (iDRAC) monitors the system for critical events by communicating with various sensors on the system board and sends alerts and log events when certain parameters exceed their preset thresholds. The BMC/iDRAC supports the industry-standard Intelligent Platform Management Interface (IPMI) specification, enabling you to configure, monitor, and recover systems remotely.
• Viewing Basic Information • Configuring The Remote Access Device To Use A LAN Connection • Configuring The Remote Access Device To Use A Serial Over LAN Connection • Configuring The Remote Access Device To Use A Serial Port Connection • Additional Configuration For iDRAC • Configuring Remote Access Device Users • Setting Platform Event Filter Alerts You can view BMC/iDRAC or DRAC information based on which hardware is providing the remote access capabilities for the system.
NOTE: You can view IPv4 and IPv6 address details only if you enable the IPv4 and IPv6 address properties under Additional Configuration in the Remote Access tab. Configuring The Remote Access Device To Use A LAN Connection To configure the remote access device for communication over a LAN connection: 1. Click the Modular Enclosure → System/Server Module → Main System Chassis/Main System → Remote Access object. 2. Click the Configuration tab. 3. Click LAN. The LAN Configuration window appears.
7. • IP Address Source • IP Address • Subnet Mask • Gateway Address Configure the following IPv6 Properties: • IP Address Source • IP Address • Prefix Length • Default Gateway • DNS Address Source • Preferred DNS Server • Alternate DNS Server NOTE: You can configure the IPv4 and IPv6 address details only if you enable the IPv4 and IPv6 properties under Additional Configuration. 8. Click Apply Changes.
Configuring The Remote Access Device To Use A Serial Over LAN Connection To configure the BMC/iDRAC for communication over a serial over LAN (SOL) connection: 1. Click the Modular Enclosure → System/Server Module → Main System Chassis/Main System → Remote Access object. 2. Click the Configuration tab. 3. Click Serial Over LAN . The Serial Over LAN Configuration window appears. 4. Configure the following details: • Enable Serial Over LAN • Baud Rate 5.
5. Specify the following user privileges: • Select the maximum LAN user privilege level limit. 6. • Select the maximum serial port user privilege granted. Specify the User group for DRAC/iDRAC user privileges. 7. Click Apply Changes to save changes. 8. Click Back to Remote Access User Window to go back to the Remote Access Users window. NOTE: Six additional user entries are configurable when DRAC is installed. This results in a total of 16 users.
6. Select the Generate Alert check box for the alerts to be sent. NOTE: To generate an alert, you must select both Generate Alert and the Enable Platform Events Alerts settings. 7. Click Apply. 8. Click Apply to Platform Events Page to go back to the Platform Event Filters window. Setting Platform Event Alert Destinations You can also use the Platform Event Filters window to select a destination where an alert for a platform event is to be sent.
6 Server Administrator logs Server Administrator allows you to view and manage hardware, alert, and command logs. All users can access logs and print reports from either the Server Administrator home page or from its command line interface. Users must be logged in with Administrator privileges to clear logs or must be logged in with Administrator or Power User privileges to email logs to their designated service contact.
Hardware log On the 11th generation PowerEdge systems, use the hardware log to look for potential problems with your system's hardware components. The hardware log status indicator changes to critical status ( ) when the log file reaches 100 percent capacity. There are two available hardware logs, depending on your system: the Embedded System Management (ESM) log and the System Event Log (SEL).
NOTE: The log history may be required for future troubleshooting and diagnostic purposes. Therefore, it is recommended that you save the log files. NOTE: OMSA may send duplicate SNMP traps or log duplicate events in the Alert Log page or in the operating system log file. The duplicate traps and events are logged either when OMSA services are manually restarted or when the device sensor still indicates a non-normal state when OMSA services starts after an operating system reboot.
7 Setting Alert Actions Setting Alert Actions For Systems Running Supported Red Hat Enterprise Linux And SUSE Linux Enterprise Server Operating Systems When you set alert actions for an event, you can specify the action to display an alert on the server. To perform this action, Server Administrator sends a message to /dev/console. If the Server Administrator system is running an X Window System, the messsage is not displayed.
6. To add the user to a group, select the group name from the Group drop-down menu and click Add. 7. Click OK. 2. Enabling the Interactive Service Detection 8. Open Services.msc. 9. Navigate to Interactive Service Detection. 10. Right-click Interactive Service Detection and then click Properties. 11. In the General tab, change the Startup Type to Automatic and click Apply. 12. In Service Status click Start. 3. Allowing the service to interact 13.
Event Description System Power Probe Failure The power consumption has crossed the highest acceptable limit and has resulted in a failure. Removable Flash Media Absent The removable flash media is removed. Removable Flash Media Failure The removable flash media is pending a failure condition. Removable Flash Media Warning The removable flash media pending a failure condition. Internal Dual SD Module Card Critical The internal dual SD module card has failed.
8 Troubleshooting Connection Service Failure On Red Hat Enterprise Linux, when SELinux is set to enforced mode, the Systems Management Server Administrator (SM SA) Connection service fails to start. Perform one of the following steps and start this service: • Set SELinux to Disabled mode or to Permissivemode. • Change the SELinux allow_execstack property to ON state. Run the following command: setsebool allow_execstack on • Change the security context for the SM SA connection service.
To force a reinstall: 1. Check the version of Server Administrator that was previously installed. 2. Download the installation package for that version from support.dell.com. 3. Locate SysMgmt.msi in the srvadmin\windows\SystemsManagement directory. 4. Type the following command at the command prompt to force a reinstall msiexec /i SysMgmt.msi REINSTALL=ALL REINSTALLMODE=vamus 5. Select Custom Setup and choose all the features that were originally installed.
Service Name Description Impact of Failure service) (This service runs on the managed system.) and allows remote administration of monitored systems, including shutdown, startup, and security. GUI/CLI without these services running. SM SA Event Manager (Windows) Linux: dsm_sa_eventmgrd (hosted under dataeng service) (This service runs on the managed system.
9 Frequently Asked Questions This section lists the frequently asked questions about Server Administrator. NOTE: The following questions are not specific to this release of Server Administrator. 1. What is the minimum permission level required to install Server Administrator? To install Server Administrator, you must have Administrator level privileges. Power Users and Users do not have permission to install Server Administrator. 2.
8. Are there any plans for SNMP v3 support? No, there are no plans for SNMP v3 support. 9. Does an Underscore character in the domain name cause Server Admin login issues? Yes, an underscore character in the domain name is invalid. All other special characters (except the hyphen) are invalid too. Use case-sensitive alphabets and numerals only. 10.
