Home » Dell Manuals » Servers » Dell PowerEdge MX7000 » Manual Viewer

Dell PowerEdge MX7000 EMC OpenManage Enterprise-Modular Edition Version 1.20.1 - Page 53

Configuring login IP range, Configuring login lockout policy, Enabling FIPS mode

View all Dell PowerEdge MX7000 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 53 highlights

Configuring login IP range 1. Click Application Settings > Security > Login IP Range. 2. Select Enable IP Range. 3. Enter the IP range in the CIDR format. For IPv4, enter the IP address in the format-192.168.100.14/24. For IPv6, enter the IP address in the format- 2001:db8::/24. Configuring login lockout policy 1. Click Application Settings > Security > Login Lockout Policy. 2. Select By User Name to enable user account-based lockout. Select By IP Address to enable IP address-based lockout. 3. Enter the lockout details: a. Lockout Fail Count: The number of failed login attempts. Valid values are between 2 and 16. b. Lockout Fail Window: The time within which subsequent failed logins are registered. Valid time is between 2 seconds and 65,535 seconds. c. Lockout Penalty Time: Time for which the logins are restricted. Valid time is between 2 seconds and 65,535 seconds. If the IP is still unavailable, ensure that: ● The network cable is connected. ● If DHCP is configured, ensure that the cable is connected to a ToR switch that has connectivity to the DHCP server. Enabling FIPS mode The United States government agencies and contractors use the FIPS standards. FIPS Mode is intended to meet the requirements of FIPS 140-2 level 1. To enable FIPS mode, click Application Settings > Security > Federal Information Processing Standards (FIPS) NOTE: After enabling the FIPS mode or reset configuration operation, wait for sometime for the application to become stable. Managing certificates You can view details of the SSL certificates on the Certificates page. The information includes the details of: ● The organization the certificate is issued to ● The issuing authority of the certificate ● The validity of the certificate If you have the security setup privilege, you can perform the following tasks: ● View the SSL certificate that is deployed. ● Generate a new certificate signing request (CSR) ● Upload the server certificate, based on the CSR generated, to replace the default or currently deployed certificate. Uploading certificates To upload the certificate: 1. Click Application Settings > Security > Certificates. 2. Click Upload to browse and upload the certificate. Generating certificate signing request 1. Click Application Settings > Security > Certificates. 2. At the bottom-right of the page, click Generate Certificate Signing Request. 3. Enter the required details and click Generate. Logging in to OME-Modular 53

Section	Page
Dell EMC OpenManage Enterprise-Modular Edition Version 1.20.10 for PowerEdge MX7000 Chassis User's Guide	3
Overview	8
Key features	8
New in this release	9
Supported platforms	9
Supported web browsers	9
Other documents you may need	9
Accessing documents from Dell support site	10
Positioning OME-Modular with other Dell EMC applications	11
Updating firmware for PowerEdge MX solution	12
Updating MX7000 components using OME-Modular 1.20.10	12
Component update order	14
OME-M firmware update matrix	14
Updating the firmware using catalog-based compliance method	14
Updating iDRAC with Lifecycle Controller using OME-Modular	15
	15
Updating PowerEdge MX740c BIOS and PowerEdge MX840c Server BIOS	15
Updating adapters	15
Updating OME-Modular to 1.20.10	15
Updating management module firmware	16
Recovering failed Management Module firmware update process	16
Updating IOMs using OME-Modular	16
OS10 firmware update matrix	16
Upgrading ethernet switch using DUP	17
Prerequisites for upgrading from 10.5.0.7	17
Logging in to OME-Modular	18
Logging in to OME–Modular as local, Active Directory, or LDAP user	18
Integrating directory services in OME-Modular	19
Adding Active Directory service	19
Adding LDAP service	20
Logging in to OME–Modular using the directory user credentials	21
Importing active directory and LDAP user groups	21
OME-Modular home page	22
Search feature in OME-Modular	23
Viewing alerts	24
Viewing jobs and activities	24
Multi-chassis management dashboard	25
Viewing device health	25
Setting up chassis	26
Initial configuration	26
Configuring chassis settings	27
Configure chassis power	27
Configure chassis management network	28
Configure chassis network services	30
Configure local access	30
Chassis Direct	31
Configure chassis location	32
Configure Quick Deploy settings	33
Managing chassis	34
Creating chassis filters	34
Viewing chassis overview	34
Wiring chassis	35
Chassis groups	36
Prerequisites for creating a wired group	37
Creating chassis groups	38
Adding member chassis to groups	39
Adding member chassis from lead chassis	39
Adding individual chassis to chassis groups	39
Assigning backup lead	39
Promoting backup chassis as lead	40
Retiring lead chassis	40
MCM dashboard	41
Controlling chassis power	41
Backing up chassis	41
Restoring chassis	42
Exporting chassis profiles	42
Managing chassis failover	43
Troubleshooting in chassis	43
Blinking LEDs	43
Interfaces to access OME-Modular	43
Viewing chassis hardware	45
Chassis slot details	45
Viewing chassis alerts	45
Viewing chassis hardware logs	46
Configuring OME–Modular	46
Viewing current configuration	46
Configuring OME–Modular IP address	46
Configuring OME–Modular web server	47
Configuring session inactivity timeout	47
Configuring OME–Modular date and time settings	47
Configuring OME–Modular proxy settings	48
Configuring IOM synchronization	48
Changing device naming and preference	48
Ports and protocols supported in OME-Modular	48
Configuring users and user settings	50
Viewing and editing user accounts	50
Adding users	50
Enabling, disabling, and deleting users	51
Recovering passwords	51
Recovering passwords in single OME-Modular controller	51
Recovering passwords in dual OME-Modular controllers	51
User roles and privileges	51
Managing user sessions	52
Viewing user sessions	52
Terminating user sessions	52
Configuring login security settings	52
Configuring login IP range	53
Configuring login lockout policy	53
Enabling FIPS mode	53
Managing certificates	53
Uploading certificates	53
Generating certificate signing request	53
Configuring alerts	54
Configuring email alerts	54
Configuring SNMP alerts	54
Configuring sys log alerts	55
Managing compute sleds	56
Viewing compute overview	56
Configuring compute settings	58
Configuring compute network settings	58
Configuring compute management settings	59
Replacing compute sleds	59
Viewing compute hardware	60
Viewing compute firmware	60
Viewing compute hardware logs	60
Viewing compute alerts	60
Managing storage	62
Storage overview	62
Viewing hardware details	63
Assigning drives to a compute sled	64
Assigning storage enclosure to a compute sled	64
Replacing storage sleds	65
Updating enclosure firmware	65
Updating the firmware using DUP	65
Updating the firmware using catalog-based compliance	65
Downgrading storage enclosure firmware	66
Managing SAS IOMs	66
SAS IOM Overview	66
Force active	67
Clearing configuration	67
Extracting IOM logs	67
Managing templates	68
Viewing template details	68
Creating templates	69
Importing templates	69
Deploying templates	69
Deploying templates from Template Details page	70
Editing templates	70
Editing template networks	70
Cloning templates	71
Exporting templates	71
Deleting templates	71
Managing identity pools	72
Creating identity pools	72
Editing identity pools	74
Exporting identity pools	74
Deleting identity pools	74
Ethernet IO Modules	75
Viewing hardware details	76
Configuring IOM settings	76
Configuring IOM network settings	76
Configuring IOM management settings	77
Configuring IOM monitoring settings	77
Configuring OS10 administrator password	78
Configuring SNMP settings	78
Configuring advanced settings	78
Configuring ports	78
Configuring admin status	79
Configuring Maximum Transmission Unit	79
Configuring auto negotiation	79
Configuring Forward Error Correction	79
MX Scalable Fabric architecture	81
Recommended physical topology	82
Restrictions and guidelines	83
Recommended connection order	83
SmartFabric Services	84
Guidelines for operating in SmartFabric mode	85
SmartFabric network topologies	85
Switch to switch cabling	86
Upstream network switch requirements	87
NIC teaming restrictions	88
OS10 CLI commands available in SmartFabric mode	88
Viewing fabric details	88
Adding SmartFabric	88
Adding uplinks	89
Adding network	90
Editing uplink	90
Viewing topology details	90
Editing fabric details	91
Deleting uplinks	91
Deleting fabric	91
VLANs for SmartFabric and FCoE	91
Defining VLANs for FCoE	91
Editing VLANs	92
VLAN scaling guidelines	92
Managing networks	94
SmartFabric VLAN management and automated QoS	94
Defining networks	95
Editing VLANs	95
Exporting VLANs	95
Importing VLANs	96
Deleting VLANs	96
Managing Fibre Channel IOMs	97
Managing firmware	98
Managing catalogs	99
Viewing catalogs	99
Adding catalogs	99
Editing catalogs	100
Checking for catalog updates	100
Deleting catalogs	101
Creating baselines	101
Editing baselines	101
Checking compliance	101
Updating firmware	102
Rolling back firmware	102
Deleting firmware	103
Monitoring alerts and logs	104
Alert log	104
Filtering alert logs	104
Acknowledging alert logs	105
Unacknowledging alert logs	105
Ignoring alert logs	105
Exporting alert logs	105
Deleting alert logs	105
Alert policies	105
Creating alert policies	106
Enabling alert policies	106
Editing alert policies	107
Disabling alert policies	107
Deleting alert policies	107
Alert definitions	107
Filtering alert definitions	107
Monitoring audit logs	109
Filtering audit logs	109
Exporting audit logs	109
Monitoring jobs	110
Filtering jobs	110
Viewing job details	111
Exporting job execution details	112
Running jobs	112
Stopping jobs	112
Enabling jobs	112
Disabling jobs	112
Deleting jobs	112
Use case scenarios	113
Assigning backup to the MCM Lead	113
Creating chassis group with backup lead	113
Monitoring the MCM group	114
Scenarios when backup lead can take over as lead chassis	115
Disaster recovery of lead chassis	115
Retiring lead chassis	117
Troubleshooting	118
Storage	118
Firmware update is failing	118
Storage assignment is failing	118
SAS IOM status is downgraded	118
SAS IOM health is downgraded	118
Drives on compute sled are not visible	119
Storage configuration cannot be applied to SAS IOMs	119
Drives in OpenManage are not visible	119
iDRAC and OpenManage drive information do not match	119
The assignment mode of storage sled is unknown	119
Unable to access OME-Modular using Chassis Direct	119
Troubleshooting lead chassis failure	119
Recommended slot configurations for IOMs	121
Supported slot configurations for IOMs	121
Upgrading networking switch using different DUP versions	123
Upgrading networking switch to 10.5.0.7 using DUP	123
Prerequisites for upgrading from 10.5.0.5	123
Prerequisites for upgrading from versions earlier than 10.5.0.5	123

Match case Limit results 1 per page

Configuring login IP range

Click

Application Settings

Security

Select

Enable IP Range

Enter the IP range in the CIDR format.

For IPv4, enter the IP address in the format—192.168.100.14/24. For IPv6, enter the IP address in the format—

2001:db8::/24.

Configuring login lockout policy

Click

Application Settings

Security

Select

By User Name

to enable user account-based lockout. Select

By IP Address

to enable IP address-based lockout.

Enter the lockout details:

Lockout Fail Count: The number of failed login attempts. Valid values are between 2 and 16.

Lockout Fail Window: The time within which subsequent failed logins are registered. Valid time is between 2 seconds and

65,535 seconds.

Lockout Penalty Time: Time for which the logins are restricted. Valid time is between 2 seconds and 65,535 seconds.

If the IP is still unavailable, ensure that:

●

The network cable is connected.

●

If DHCP is configured, ensure that the cable is connected to a ToR switch that has connectivity to the DHCP server.

Enabling FIPS mode

The United States government agencies and contractors use the FIPS standards. FIPS Mode is intended to meet the

requirements of FIPS 140-2 level 1.

To enable FIPS mode, click

Application Settings

Security

Federal Information Processing Standards (FIPS)

NOTE:

After enabling the FIPS mode or reset configuration operation, wait for sometime for the application to become

stable.

Managing certificates

You can view details of the SSL certificates on the

Certificates

page. The information includes the details of:

●

The organization the certificate is issued to

●

The issuing authority of the certificate

●

The validity of the certificate

If you have the security setup privilege, you can perform the following tasks:

●

View the SSL certificate that is deployed.

●

Generate a new certificate signing request (CSR)

●

Upload the server certificate, based on the CSR generated, to replace the default or currently deployed certificate.

Uploading certificates

To upload the certificate:

Click

Application Settings

Security

Certificates

Click

Upload

to browse and upload the certificate.

Generating certificate signing request

Click

Application Settings

Security

Certificates

At the bottom-right of the page, click

Generate Certificate Signing Request

Enter the required details and click

Generate

Logging in to OME-Modular