Release Notes
NOTE: This option should be set to Trusted sites.
5. Click the Custom Level button.
6. For Windows 2003, perform the following:
a. In Miscellaneous, select the Allow META REFRESH radio button.
b. In Active Scripting, select the Enable radio button.
c. Under Active scripting, select the Allow scripting of Microsoft web browser controls radio button.
7. Click OK and restart your browser.
• To allow Single Sign-on for Server Administrator, perform the following steps:
1. In Internet Explorer, navigate to Tools.
2. Click Internet Options.
3. Click the Security tab.
4. Select Trusted sites.
5. Click the Custom Level button.
6. Under User Authentication, select the Automatic Logon with current username and passwordradio button. Click OK to exit the
Custom Level window.
7. Select the Advanced tab and in HTTP 1.1 settings, make sure Use HTTP 1.1 is checked.
8. Select Trusted sites. Click Sites. Add the server to the website.
9. Click Close.
10. Click OK and restart your browser.
• If you run a security scanner tool such as Nessus, against the Server Administrator Web server, security warnings may be displayed
against port 1311, the port running the Server Administrator Web server. The warnings have been investigated by engineering and are
determined to be "false positives" (invalid security warnings) that you can ignore. The following are the warnings:
• The Web server on 1311 allows scripts to read the sensitive configuration and/or XML files.
• The Web server on 1311 allows to delete "/" which implies that the web server will allow a remote user to delete the files in root on
the server."
• The web server on 1311 may be susceptible to a 'www Infinite Request' attack.
• It is possible to make the remote thttpd server execute arbitrary code by sending a request like: GET If-Modified-Since:AAA[...]AAAA
Solution: If you are using thttpd, upgrade to version 2.0. Else, contact the vendor for a patch or change the web server. CVE on this
one is CAN-2000-0359".
• Enabling Integrated Windows Authentication in Internet Explorer is not required to activate the Single Sign-On feature.
• The Server Administrator security settings are not applicable for Active Directory users. Active Directory users with read-only login can
access Server Administrator, even if the access is blocked in the Server Administrator Preferences page.
• Dell SNMP MIB Files for Dell Systems:
• Dell SNMP MIB files for Dell systems allow you to obtain and verify information provided by supported software agents. The current
MIB files supported by PowerEdge software agents are located at \support\mib on the Systems Management Tools and
Documentation DVD.
NOTE:
A MIB-II-compliant, SNMP-supported network management station is required to compile and browse MIB files.
OpenManage support for Encrypting File System (EFS)
• To improve security, Microsoft allows encrypting files using EFS. Note that SERVER ADMINISTRATOR will not function if its
dependent files are encrypted.
• Server Administrator GUI and CLI Response Time
• On PowerEdge 10th generation of PowerEdge servers or later, the response time for some components of the Server Administrator
GUI and CLI has increased to several seconds as Server Administrator does not cache some of the DRAC/iDRAC data. The data is
retrieved from the DRAC/iDRAC when you request for it.
Following are the Server Administrator GUI pages for which the response time may have increased:
• Server Administrator home page on log in
• Remote Access > Users
• Alert Management > Platform Events
• Following are the Server Administrator CLI commands for which the response time may have increased:
• omreport chassis remoteaccess config=user
• omreport system platformevents
• omreport system pedestinations
Dell EMC OpenManage Release Notes Version 9.3.2
19