Users Guide
Table Of Contents
- Dell EMC OpenManage Server Administrator Version 9.1 User's Guide
- Introduction
- Installation
- What is new in this release
- Updating individual system components
- Storage Management Service
- Instrumentation Service
- Remote Access Controller
- Logs
- Systems management standards availability
- Server Administrator Home Page
- Other Documents You May Need
- Obtaining Technical Assistance
- Contacting Dell EMC
- Setup And Administration
- Role-Based Access Control
- Authentication
- Encryption
- Assigning User Privileges
- Adding users to a domain on Windows operating systems
- Creating Server Administrator users for supported Red Hat Enterprise Linux and SUSE Linux Enterprise Server operating systems
- Disabling Guest And Anonymous Accounts In Supported Windows Operating Systems
- Configuring The SNMP Agent
- Configuring the SNMP agent on systems running supported Windows operating systems
- Changing the SNMP community name
- Configuring Your System To Send SNMP Traps To A Management Station
- Configuring The SNMP Agent On Systems Running Supported Red Hat Enterprise Linux
- SNMP Agent Access Control Configuration
- Server Administrator SNMP Agent Install Actions
- Changing The SNMP Community Name
- Configuring Your System To Send Traps To A Management Station
- Configuring the SNMP agent on systems running supported SUSE Linux enterprise server
- Sever Administrator SNMP Install Actions
- Enabling SNMP Access From Remote Hosts
- Changing The SNMP Community Name
- Configuring the SNMP agent on systems running supported Ubuntu server
- Configuring the SNMP agent on systems running supported VMware ESXi 6.X operating systems
- Configuring Your System To Send Traps To A Management Station
- Firewall Configuration On Systems Running Supported Red Hat Enterprise Linux Operating Systems And SUSE Linux Enterprise Server
- Using Server Administrator
- Logging In And Out
- Server Administrator Local System Login
- Server Administrator Managed System Login — Using the Desktop Icon
- Server Administrator Managed System Login — Using The Web Browser
- Central web server login
- Using The Active Directory Login
- Single Sign-On
- Configuring Security Settings On Systems Running A Supported Microsoft Windows Operating System
- The Server Administrator home page
- Using The Online Help
- Using The Preferences Home Page
- Using The Server Administrator Command Line Interface
- Logging In And Out
- Server Administrator services
- Managing your system
- Managing system or server module tree objects
- Server Administrator Home Page System Tree Objects
- Managing Preferences Home Page Configuration Options
- Server Administrator logs
- Working with remote access controller
- Viewing Basic Information
- Configuring The Remote Access Device To Use A LAN Connection
- Configuring The Remote Access Device To Use A Serial Port Connection
- Configuring The Remote Access Device To Use A Serial Over LAN Connection
- Additional Configuration For iDRAC
- Configuring Remote Access Device Users
- Setting Platform Event Filter Alerts
- Setting Alert Actions
- Troubleshooting
- Frequently Asked Questions
● You generate a new X.509 certificate, reuse an existing X.509 certificate or import a certificate chain from a Certification
Authority (CA).
● All systems that have Server Administrator installed have unique host names.
To manage X.509 certificates through the Preferences home page, click General Settings, click the Web Server tab, and
click X.509 Certificate.
The following are the available options:
● Generate a new certificate — Generates a new self-signed certificate used for SSL communication between the server
running Server Administrator and the browser.
NOTE: When using a self-signed certificate, most web browsers display an untrusted warning as the self-signed
certificate is not signed by a Certificate Authority (CA) trusted by the operating system. Some secure browser settings
can also block the self-signed SSL certificates. The Server Administrator web GUI requires a CA-signed certificate for
such secure browsers.
● Certificate Maintenance — Allows you to generate a Certificate Signing Request (CSR) containing all the certificate
information about the host required by the CA to automate the creation of a trusted SSL web certificate. You can retrieve
the necessary CSR file either from the instructions on the Certificate Signing Request (CSR) page or by copying the entire
text in the text box on the CSR page and pasting it in the CA submit form. The text must be in the Base64–encoded format.
NOTE: You also have an option to view the certificate information and export the certificate that is being used in the
Base64–encoded format, which can be imported by other web services.
● Import certificate chain — Allows you to import the certificate chain (in PKCS#7 format) signed by a trusted CA. The
certificate can be in DER or Base64-encoded format.
● Import a PKCS12 Keystore — Allows you to import a PKCS#12 keystore that replaces the private key and certificate
used in Server Administrator web server. PKCS#12 is public keystore that contains a private key and the certificate for a
web server. Server Administrator uses the Java KeyStore (JKS) format to store the SSL certificates and its private key.
Importing a PKCS#12 keystore to Server Administrator deletes the keystore entries, and imports a private key and certificate
entries to the Server Administrator JKS.
NOTE: An error message is displayed if you either select an invalid PKCS file or when you type an incorrect password.
SSL Server Certificates
Server Administrator Web server is configured to use the industry-standard SSL security protocol to transfer encrypted
data over a network. Built on an asymmetric encryption technology, SSL is widely accepted for providing authenticated and
encrypted communication between clients and servers to prevent eavesdropping across a network.
An SSL-enabled system can perform the following tasks:
● Authenticate itself to an SSL-enabled client
● Allow the two systems to establish an encrypted connection
The encryption process provides a high level of data protection. Server Administrator uses the most secure form of encryption
generally available for Internet browsers in North America.
Server Administrator Web server has a self-signed unique SSL digital certificate by default. You can replace the default SSL
certificate with a certificate signed by a well-known Certificate Authority (CA). A Certificate Authority is a business entity that
is recognized in the Information Technology industry for meeting high standards of reliable screening, identification, and other
important security criteria. Examples of CAs include Thawte and VeriSign. To initiate the process of obtaining a CA-signed
certificate, use the Server Administrator Web interface to generate a Certificate Signing Request (CSR) with your company’s
information. Then, submit the generated CSR to a CA such as VeriSign or Thawte. The CA can be a root CA or an intermediate
CA. After you receive the CA-signed SSL certificate, upload the certificate to Server Administrator.
For each Server Administrator to be trusted by the management station, the SSL certificate of that Server Administrator must
be placed in the certificate store of the management station. After the SSL certificate is installed on the management stations,
supported browsers can access Server Administrator without certificate warnings.
Server Administrator Web Server Action Tabs
The following are the action tabs that are displayed when you log in to manage the Server Administrator web server:
● Properties
● Shutdown
● Logs
● Alert Management
Using Server Administrator
35