HP Systems Insight Manager 5.2 Update 2 Technical Reference Guide
NOTE: Browsing locally from the CMS itself does not perform automatic sign-in; you must enter your
credentials on the sign-in page.
• There must be no proxy servers between the browser and the CMS. Use the proxy bypass list in the
browser, or use no proxy at all.
• The browser must be configured to support automatic sign-in. In Internet Explorer, enable Integrated
Windows Authentication under Tools→Internet Options→Advanced tab. The CMS must be in
the Local Intranet or Trusted Sites zone, which can be configured under the Tools→Internet
Options→Security tab. If the CMS is in the Internet Explorer Local Intranet zone, select Automatic
Logon only in Intranet zone. If the CMS is in the Internet Explorer Trusted Sites zone, select Automatic
logon with current user name and password.
Firefox must be configured with a list of sites (for example, the CMS) where automatic sign-in can be
performed, and should be restricted to local intranet sites. This list can be configured by entering
about:config in the Firefox address bar. From the list of Preference Names, select
network.negotiate-auth.trusted-uris and either double-click or right-click and select Modify. Here,
you can specify a comma-separated list of URLs or domains, enter the list of URLs used to access HP
SIM. For example:https://cms_fqdn, where
cms_fqdn
is the FQDN of the CMS.
When automatic sign-in occurs, an intermediate sign-in page is displayed that indicates automatic sign-in
is occurring. If you click Cancel from this page, the manual sign-in page appears. You might want to cancel
automatic sign-in if any unexpected network or domain errors occur. If any browser configuration errors are
detected, automatic sign-in is cancelled and the manual sign-in page is displayed along with the configuration
error.
Failures encountered during automatic sign-in are logged as normal sign-in failures in both the audit log and
the event log. If automatic sign-in is not attempted, either because it's not enabled by HP SIM or the browser,
no failure is detected or logged by HP SIM.
If automatic sign-in is configured, you can still manually sign-in to HP SIM.
• If automatic sign-in fails, the manual sign-in page is displayed This might occur if you are logged in
to the operating system using an account that is not an HP SIM account.
• If automatic sign-in is not attempted This might occur if the browser is not properly configured for
automatic sign-in, or the feature is disabled in HP SIM.
• If you click Sign Out from HP SIM This enables you to specify another user account to use if you are
signed-in to the operating system with a different account.
Signing in using Secure Sockets Layer
CAUTION: If you are not certain that the HP SIM system to which you are browsing to is actually the HP
SIM system you think it is, do not select either of the last two
Secure Sockets Layer (SSL)
options. You could
be giving your sign-in credentials to a rogue system disguised as your HP SIM system, or you could be
importing a certificate from a rogue system disguised as your HP SIM system, or importing a certificate from
a rouge system disguised as your HP SIM system, giving your sign-in credentials to that rogue system.
If your browser is not configured with the SSL system
certificate
of the HP SIM system, a security alert regarding
a certificate of untrusted origin might appear when first browsing to HP SIM using SSL. If a security alert
appears, perform one of the following procedures:
• Use the browser to import the certificate into your browser. View the certificate by double-clicking the
lock icon ( ), and then installing the certificate. See “Importing a server certificate” for more
information.
• Export the HP SIM system certificate to a file by first browsing from a local browser on the HP SIM
system, and then manually importing it into the remote browser. See “Exporting a server certificate”
for more information.
• Sign-in to the HP SIM system this time without a trusted certificate, but be sure to import the certificate
later. Your data is still encrypted.
46 Getting started