Dell OpenManage Server Administrator Version 7.4 User's Guide March 2014 Rev.
Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your computer. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. NOTE: A WARNING indicates a potential for property damage, personal injury, or death. Copyright © 2014 Dell Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws.
1 Introduction Server Administrator provides a comprehensive, one-to-one systems management solution in two ways: from an integrated, web browser-based graphical user interface (GUI) and from a command line interface (CLI) through the operating system. Server Administrator enables system administrators to manage systems locally and remotely on a network. It enables system administrators to focus on managing their entire network by providing comprehensive one-to-one systems management.
NOTE: For more information about obtaining and using the Server Update Utility (SUU), to update your Dell Systems or to view the updates available for any systems listed in the Repository, see the Dell Server Update Utility User's Guide at dell.com/openmanagemanuals. Storage Management Service The Storage Management Service provides storage management information in an integrated graphical view.
○ Emulex OCm14104-UX-D Quad Port 10Gb DA/SFP+ Rack NDC ● Support for displaying and setting the JRE version. See Secure Port System. ● Support for displaying Node Id in System/Server Module Summary information. See Server Administrator Command Line Interface Guide or online help. ● Support for new values for form factor aligning to iDRAC values. See Server Administrator Command Line Interface Guide or online help.
HTTPS is supported on all operating systems. Support for CIM and SNMP is operating system dependent and, in some cases, operating system-version dependent. NOTE: For information on SNMP security concerns, see the Server Administrator readme file (packaged with the Server Administrator application) or at dell.com/openmanagemanuals. You must apply updates from your operating system's master SNMP agents to ensure that Dell's SNMP subagents are secure.
● The Dell OpenManage Server Administrator CIM Reference Guide documents the Common Information Model (CIM) provider, an extension of the standard management object format (MOF) file. ● The Messages Reference Guide lists the messages that are displayed in your Server Administrator home page Alert log or on your operating system’s event viewer. ● TheServer Administrator Command Line Interface Guide documents the complete command line interface for Server Administrator.
○ In the Choose your Dell Software section, click the required link from the following: ■ Client System Management ■ Enterprise System Management ■ Remote Enterprise System Management ■ Serviceability Tools ○ To view the document, click the required product version. ● Using search engines as follows: ○ Type the name and version of the document in the Search box.
2 Setup And Administration Server Administrator provides security through role- based access control (RBAC), authentication, and encryption for both the Web-based and command line interfaces. Topics: • • • • Role-Based Access Control Authentication Encryption Assigning User Privileges Role-Based Access Control RBAC manages security by determining the operations that can be executed by persons in particular roles.
Table 3.
Encryption Server Administrator is accessed over a secure HTTPS connection using secure socket layer (SSL) technology to ensure and protect the identity of the system being managed. Java Secure Socket Extension (JSSE) is used by supported Microsoft Windows, Red Hat Enterprise Linux, and SUSE Linux Enterprise Server operating systems to protect the user credentials and other sensitive data that is transmitted over the socket connection when a user accesses the Server Administrator home page.
NOTE: You must have the useradd utility installed on your system to perform the following procedures. Creating Users NOTE: For information about creating users and user groups, see your operating system documentation. Creating Users With User Privileges 1. Run the following command from the command line: useradd -d -g where is not root. NOTE: If does not exist, create it by using the groupadd command. 2. Type passwd and press . 3.
Table 5. Examples for adding the role definition in Server Administrator Bob Ahost Poweruser + root Bhost Administrator + root Chost Administrator Bob *.aus.amer.com Poweruser Mike 192.168.2.3 Poweruser 3. Save and close the file. Best Practices While Using The Omarolemap File The following are the best practices to be considered while working with the omarolemap file : ● Do not delete the following default entries in the omarolemap file.
2. In the console tree, expand Local Users and Groups and click Users. 3. Double-click Guest or IUSR_system name user account to see the Properties for those users, or right-click the Guest or IUSR_system name user account and then select Properties. 4. Select Account is disabled and click OK. A red circle with an X appears over the user name to indicate that the account is disabled.
5. Click the Security tab. 6. Select Accept SNMP packets from any host, or add the remote host to the Accept SNMP packets from these hosts list. Changing The SNMP Community Name Configuring the SNMP community names determines which systems are able to manage your system through SNMP.
Configuring The SNMP Agent On Systems Running Supported Red Hat Enterprise Linux Server Administrator uses the SNMP services provided by the net-snmp SNMP agent. You can configure the SNMP agent to change the community name, enable Set operations, and send traps to a management station. To configure your SNMP agent for proper interaction with management applications such as IT Assistant, perform the procedures described in the following sections.
4. To enable SNMP configuration changes, restart the SNMP agent by typing: service snmpd restart. Configuring Your System To Send Traps To A Management Station Server Administrator generates SNMP traps in response to changes in the status of sensors and other monitored parameters. One or more trap destinations must be configured on the system running Server Administrator for SNMP traps to be sent to a management station.
6. To enable SNMP configuration changes, restart the SNMP agent by typing: /etc/init.d/snmpd restart. Changing The SNMP Community Name Configuring the SNMP community name determines which management stations are able to manage your system through SNMP. The SNMP community name used by management applications must match the SNMP community name configured on the system running Server Administrator,, so the management applications can retrieve the management information from Server Administrator.
2. Stop the SNMP service if it is already running on your system by entering the following command: service snmpd stop 3. Add the following line at the end of the /etc/snmp/snmpd.conf file: proxy -v 1 -c public udp:127.0.0.1:X .1.3.6.1.4.1.6876 Where X represents the unused port specified above, while configuring SNMP. 4. Configure the trap destination using the following command: The trapsink specification is required to send traps defined in the proprietary MIBs.
information from Server Administrator, the SNMP port on at least one external network interface must be open. If Server Administrator detects that the SNMP port is not open in the firewall for any external network interface, Server Administrator displays a warning message and logs a message to the system log. You can open the SNMP port by disabling the firewall, opening an entire external network interface in the firewall, or opening the SNMP port for at least one external network interface in the firewall.
3 Using Server Administrator To start a Server Administrator session, double-click the Server Administrator icon on your desktop. The Server Administrator Log in screen is displayed. The default port for Server Administrator is 1311. You can change the port, if required. For instructions on setting up your system preferences, see Dell Systems Management Server Administration. NOTE: Servers running on XenServer 6.
2. Type the managed system's IP Address or system name or Fully Qualified Domain Name (FQDN). NOTE: If you have provided the system name or FQDN, the Server Administrator Web Server host converts the system name or FQDN to the IP address of the managed system. You can also connect by providing the port number of the managed system in the following format: Hostname:Port number, or IP address:Port number.
file. For information about accessing this .exe file, see your operating system documentation. On supported Windows operating systems, you can also use the certificates snap in option to import certificates. Using The Active Directory Login You should select Active Directory Login to log in using the Dell Extended Schema Solution in Active Directory.
3. In the Add this website to the zone field, paste the Web address used to access the remote managed system. 4. Click Add . 5. Copy the Web address used to access the remote managed system from the browser’s address bar and paste it onto the Add this Web Site to the Zone field. 6. Under Security level for this zone, click Custom level For Windows Server 2003: a. Under Miscellaneous, select Allow Meta Refresh. b. Under Active Scripting, select Enable. c.
The following table lists the GUI field names and the applicable system, when Server Administrator is installed on the system. Table 6.
of functionality. Clicking an underlined item creates a new data area in the action window that contains a greater level of detail. For example, clicking Main System Chassis/Main System under the Health subcategory of the Properties action tab lists the health status of all the components contained in the Main System Chassis/Main System object that are monitored for health status.
Global Navigation Bar The global navigation bar and its links are available to all user levels in the program. ● Click Preferences to open the Preferences home page. See Using the Preferences Home Page. ● Click Support to connect to the Dell Support website. ● Click About to display Server Administrator version and copyright information. ● Click Log Out to end the current Server Administrator program session.
Task Buttons Most windows opened from the Server Administrator home page contain at least five task buttons: Print, Export, Email, Help and Refresh. Other task buttons are included on specific Server Administrator windows. The Log window, for example, also contain Save As and Clear Log task buttons. ● Clicking Print ( ) prints a copy of the open window to your default printer. ● Clicking Export ( ) generates a text file that lists the values for each data field on the open window.
Using The Preferences Home Page The left-hand pane of the Preferences home page (where the system tree is displayed on the Server Administrator home page) displays all available configuration options in the system tree window. The available Preferences home page configuration options are: ● General Settings ● Server Administrator You can view the Preferences tab after you log in to manage a remote system.
1. Click Preferences on the global navigation bar. The Preferences home page appears. 2. Click General Settings. 3. To add a preselected e-mail recipient, type the e-mail address of your designated service contact in the Mail To : field, and click Apply. NOTE: Click E-mail ( ) in any window to send an e-mail message with an attached HTML file of the window to the designated e-mail address.
SSL_RSA_WITH_RC4_128_MD5 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA ● ● ● ● NOTE: The 128-bit or Higher option does not allow connections from browsers with lower SSL encryption strength, such as 40 bit and 56 bit. Key Signing Algorithm (For Self Signed Certificate) — Allows you to select a supported signing algorithm.
Server Administrator Web Server Action Tabs The following are the action tabs that are displayed when you log in to manage the Server Administrator web server: ● ● ● ● ● Properties Shutdown Logs Alert Management Session Management Using The Server Administrator Command Line Interface The Server Administrator command line interface (CLI) allows users to perform essential systems management tasks from the operating system command prompt of a monitored system.
4 Server Administrator Services Server Administrator Instrumentation Service monitors the health of a system and provides rapid access to detailed fault and performance information gathered by industry-standard systems management agents. The reporting and viewing features allow retrieval of the overall health status for each chassis that comprises your system. At the subsystem level, you can view information about the voltages, temperatures, fan rpm, and memory function at key points in the system.
are categorized by component type. When you expand the main object — Modular Enclosure — System/Server Module — the major categories of system components that may appear are, Main System Chassis/Main System, Software, and Storage. If Storage Management Service is installed, depending on the controller and storage attached to the system, the Storage tree object expands to display various objects.
System/Server Module Properties The System/Server Module object contains three main system component groups: Main System Chassis/Main System , Software , and Storage . The Server Administrator home page defaults to the System object of the system tree view. Most administrative functions can be managed from the System/Server Module object action window.
Logs Subtabs: Hardware | Alert | Command Under the Logs tab, you can: ● View the Embedded System Management (ESM) log or the System Event Log (SEL) for a list of all events related to your system's hardware components. The status indicator icon next to the log name changes from normal status ( noncritical status ( ) to ) when the log file reaches 80 percent capacity.
• Batteries • BIOS • Fans • Firmware • Hardware Performance • Intrusion • Memory • Network • Ports • Power Management • Power Supplies • Processors • Remote Access • Removable Flash Media • Slots • Temperatures • Voltages NOTE: Hardware performance is supported only on Dell PowerEdge 10G and later systems. The Power Supplies option is not available on Dell PowerEdge 1900. Power management is supported on limited Dell PowerEdge 10G and later systems.
NOTE: Batteries are supported only on Dell PowerEdge 9G and Dell PowerEdge 10G systems. The Power supplies is not available on Dell PowerEdge 1900. Power management is supported on limited Dell PowerEdge 10G systems. Power Supply Monitoring and Power Monitoring features are available only for systems that have two or more redundant, hot-swappable power supplies installed. These features are unavailable for permanently installed, non-redundant power supplies that lack power management circuitry.
Depending on your specific system configuration, additional setup items may be displayed. However, some BIOS setup options may be shown on the BIOS Setup screen that are not accessible in Server Administrator. For 12G systems, the configurable BIOS features are grouped as specific categories. The categories include System Information, Memory Settings, System Profile Settings, Unified Extensible Firmware Interface (UEFI) Boot Settings, Network Interface Controller cards, One-Time Boot, and Slot Disablement.
Hardware Performance Click the Hardware Performance object to view the status and cause for the system’s performance degradation. The Hardware Performance object action window can have the following tab, depending on the user's group privileges: Properties. The following table lists the possible values for status and cause of a probe: Table 9.
NOTE: If a system with spare bank memory enabled enters a redundancy lost state, it may not be apparent which memory module is the cause. If you cannot determine which DIMM to replace, see the switch to spare memory bank detected log entry in the ESM system log to find which memory module failed.
Power Management NOTE: Power Supply Monitoring and Power Monitoring features are available only for systems that have two or more redundant, hot-swappable power supplies installed. These features are unavailable for permanently installed, non-redundant power supplies that lack power management circuitry. Monitoring Subtabs: Consumption | Statistics Under the Consumption tab you can view and manage your system’s Power Consumption information in Watts and BTU/hr. BTU/hr = Watt X 3.
● Configure Platform Event Alert destinations for IPv6 addresses. ● View current SNMP trap alert thresholds and set the alert threshold levels for system power watts. The selected traps are triggered if the system generates a corresponding event at the selected severity level. NOTE: The System Peak Power trap generates events only for informational severity. Processors Click the Processors object to manage your system's microprocessor(s).
Under the Additional Configuration tab you can either enable or disable IPv4/IPv6 properties. NOTE: Enabling/disabling IPv4/IPv6 is possible only in a dual stack environment (where both the IPv4 and IPv6 stacks are loaded). Users Subtab: Users Under the Users tab, you can modify the remote access user configuration. You can add, configure, and view information about Remote Access Controller users. NOTE: On Dell PowerEdge 9G systems: - Ten user IDs are displayed.
NOTE: Some temperature probe fields differ according to the type of firmware your system has such as BMC or ESM. Some threshold values are not editable on BMC-based systems. When assigning probe threshold values, Server Administrator sometimes rounds the minimum or maximum values you enter to the closest assignable value.
Under the Properties tab, you can view basic information about your operating system. Storage Server Administrator provides the Storage Management Service: The Storage Management Service provides features for configuring storage devices. In most cases, the Storage Management Service is installed using Typical Setup. The Storage Management Service is available on Microsoft Windows, Red Hat Enterprise Linux, and SUSE Linux Enterprise Server operating systems.
Server Administrator Click the Server Administrator object to enable or disable access to users with User or Power User privileges. The Server Administrator object action window can have the following tab, depending on the user's group privileges: Preferences. Subtabs: Access Configuration Preferences Under the Preferences tab, you can enable or disable access to users with User or Power User privileges.
5 Working With Remote Access Controller The Dell systems baseboard management controller (BMC)/Integrated Dell Remote Access Controller (iDRAC) monitors the system for critical events by communicating with various sensors on the system board and sends alerts and log events when certain parameters exceed their preset thresholds. The BMC/iDRAC supports the industry-standard Intelligent Platform Management Interface (IPMI) specification, enabling you to configure, monitor, and recover systems remotely.
You can perform the following tasks: ● Viewing Basic Information ● Configuring The Remote Access Device To Use A LAN Connection ● Configuring The Remote Access Device To Use A Serial Over LAN Connection ● Configuring The Remote Access Device To Use A Serial Port Connection ● Additional Configuration For iDRAC ● Configuring Remote Access Device Users ● Setting Platform Event Filter Alerts You can view BMC/iDRAC or DRAC information based on which hardware is providing the remote access capabilities for the sy
● ● ● ● ● IPv6 Address 2 Link Local Address DNS Address Source Preferred DNS Server Alternate DNS Server NOTE: You can view IPv4 and IPv6 address details only if you enable the IPv4 and IPv6 address properties under Additional Configuration in the Remote Access tab. Configuring The Remote Access Device To Use A LAN Connection To configure the remote access device for communication over a LAN connection: 1.
● Enable VLAN ID ● VLAN ID ● Priority 6. Configure the following IPv4 Properties: ● ● ● ● IP Address Source IP Address Subnet Mask Gateway Address 7. Configure the following IPv6 Properties: ● ● ● ● ● ● ● IP Address Source IP Address Prefix Length Default Gateway DNS Address Source Preferred DNS Server Alternate DNS Server NOTE: You can configure the IPv4 and IPv6 address details only if you enable the IPv4 and IPv6 properties under Additional Configuration. 8. Click Apply Changes.
Configuring The Remote Access Device To Use A Serial Over LAN Connection To configure the BMC/iDRAC for communication over a serial over LAN (SOL) connection: 1. Click the Modular Enclosure > System/Server Module > Main System Chassis/Main System > Remote Access object. 2. Click the Configuration tab. 3. Click Serial Over LAN . The Serial Over LAN Configuration window appears. 4. Configure the following details: ● Enable Serial Over LAN ● Baud Rate ● Minimum Privilege Required 5. Click Apply Changes. 6.
● Re-enter the new password in the Confirm New Password field. 5. Specify the following user privileges: ● Select the maximum LAN user privilege level limit. ● Select the maximum serial port user privilege granted. ● On Dell PowerEdge 9G systems, select Enable Serial Over LAN to enable Serial Over LAN. 6. Specify the User group for DRAC/iDRAC user privileges. 7. Click Apply Changes to save changes. 8. Click Back to Remote Access User Window to go back to the Remote Access Users window.
CAUTION: If you select a Platform Event shutdown action other than None or Power Reduction, your system shuts down forcefully when the specified event occurs. This shutdown is initiated by firmware and is done without first shutting down the operating system or any running applications. NOTE: Power reduction is not supported on all systems. Power Supply Monitoring and Power Monitoring features are available only for systems that have two or more redundant, hot-swappable power supplies installed.
6 Server Administrator Logs Server Administrator allows you to view and manage hardware, alert, and command logs. All users can access logs and print reports from either the Server Administrator home page or from its command line interface. Users must be logged in with Administrator privileges to clear logs or must be logged in with Administrator or Power User privileges to e-mail logs to their designated service contact.
Hardware Log On Dell PowerEdge 9G and 11G systems, use the hardware log to look for potential problems with your system's hardware components. the hardware log status indicator changes to critical status ( ) when the log file reaches 100 percent capacity. There are two available hardware logs, depending on your system: the Embedded System Management (ESM) log and the System Event Log (SEL).
NOTE: OMSA may send duplicate SNMP traps or log duplicate events in the Alert Log page or in the operating system log file. The duplicate traps and events are logged either when OMSA services are manually restarted or when the device sensor still indicates a non-normal state when OMSA services starts after an operating system reboot. For detailed information about alert messages, see the Server Administrator Messages Reference Guide at dell.com/ openmanagemanuals.
7 Setting Alert Actions Topics: • • • • Setting Alert Actions For Systems Running Supported Red Hat Enterprise Linux And SUSE Linux Enterprise Server Operating Systems Setting Alert Actions In Microsoft Windows Server 2003 And Windows Server 2008 Setting Alert Action Execute Application In Windows Server 2008 BMC/iDRAC Platform Events Filter Alert Messages Setting Alert Actions For Systems Running Supported Red Hat Enterprise Linux And SUSE Linux Enterprise Server Operating Systems When you set alert acti
Setting Alert Actions In Microsoft Windows Server 2003 And Windows Server 2008 When specifying alert actions, Visual Basic scripts are not automatically interpreted by the Execute Application feature, although you can run a .cmd, .com, .bat, or .exe file by only specifying the file as the alert action. To resolve this issue, first call the command processor cmd.exe to start your script. For example, the alert action value to execute an application can be set as follows: c:\winnt\system32\cmd.exe /c d:\examp
BMC/iDRAC Platform Events Filter Alert Messages The following table lists all possible Platform Event Filter (PEF) messages along with a description of each event. Table 13. PEF Alert Events Event Description Fan Probe Failure The fan is running too slow or not at all. Voltage Probe Failure The voltage is too low for proper operation. Battery Probe Warning The battery is operating below the recommended charge level. Battery Probe Failure The battery has failed.
8 Troubleshooting Connection Service Failure On Red Hat Enterprise Linux, when SELinux is set to enforced mode, the Dell Systems Management Server Administrator (SM SA) Connection service fails to start. Perform one of the following steps and start this service: ● Set SELinux to Disabled mode or to Permissivemode. ● Change the SELinux allow_execstack property to ON state. Run the following command: setsebool allow_execstack on ● Change the security context for the SM SA connection service.
To force a reinstall: 1. Check the version of Server Administrator that was previously installed. 2. Download the installation package for that version from support.dell.com. 3. Locate SysMgmt.msi in the srvadmin\windows\SystemsManagement directory. 4. Type the following command at the command prompt to force a reinstall msiexec /i SysMgmt.msi REINSTALL=ALL REINSTALLMODE=vamus 5. Select Custom Setup and choose all the features that were originally installed.
Table 14. Server Administrator Services (continued) Service Name Description Impact of Failure Recovery Mechanism Severity runs on the managed system.) remote administration of monitored systems, including shutdown, startup, and security. SM SA Event Manager (Windows) Linux: dsm_sa_eventmgrd (hosted under dataeng service) (This service runs on the managed system. Provides operating system and file event logging service for systems management and is also used by event log analyzers.
9 Frequently Asked Questions This section lists the frequently asked questions about Server Administrator. NOTE: The following questions are not specific to this release of Server Administrator. 1. Why does ESXi 4.x (4.0 U3) and ESXi 5.x host rebooting functionality fail from Server Administrator? This issue is due to VMware stand-alone license (SAL) key. For more information, see the knowledge base article at kb.vmware.com/kb/kb1026060. 2. What are the tasks to be performed after adding a VMware ESX 4.
Software updates are done through an SSH session and secure FTP and root level permissions/credentials are required for this discrete action and asked for when the action is set up or requested. Credentials from the discovery range are not assumed. ITA communicating with Windows systems: For servers (systems running Windows Server operating systems), the system may be configured with either or both of SNMP and CIM for discovery by ITA. Inventory requires CIM.