Home » Dell Manuals » Servers » Dell PowerEdge MX7000 » Manual Viewer

Dell PowerEdge MX7000 EMC OpenManage Enterprise-Modular Edition Version 1.20.0 - Page 50

Deleting directory services, Configuring login security settings, Configuring login IP range

View all Dell PowerEdge MX7000 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 50 highlights

a. If you have selected the directory type as AD, enter the following details: ● Server Port number-The server port number can be between 1 and 65535 ● Network Timeout and Search Timeout in seconds ● Select the Certificate Validation checkbox ● Click Select a file to browse and upload a certificate b. If you have selected the directory type as LDAP, enter the following details: ● Server Port number-The server port number can be between 1 and 65535 ● Base Distinguished Name to Search ● Attribute of User Login, Attribute of Group Membership, and Search Filter ● Network Timeout and Search Timeout in seconds ● Select the Certificate Validation checkbox ● Click Select a file to browse and upload a certificate NOTE: If the Certificate Validation check box is selected, enter the FQDN of the domain controller in the Method field. The certificate validation is successful only if the details of the Issuing Authority in the certificate and the FQDN match. Deleting directory services To delete directory services: 1. From the main menu, click Application Settings > Users > Directory Services. 2. Select the directory service that you want to delete and click Delete. Configuring login security settings OME-Modular supports IP range-based access restriction. You can restrict access to only a specified range of IP addresses. You can also configure lockout policies that enforce delays after certain number of failed login attempts. Configuring login IP range 1. Click Application Settings > Security > Login IP Range. 2. Select Enable IP Range. 3. Enter the IP range in the CIDR format. For IPv4, enter the IP address in the format-192.168.100.14/24. For IPv6, enter the IP address in the format- 2001:db8::/24. Configuring login lockout policy 1. Click Application Settings > Security > Login Lockout Policy. 2. Select By User Name to enable user account-based lockout. Select By IP Address to enable IP address-based lockout. 3. Enter the lockout details: a. Lockout Fail Count: The number of failed login attempts. Valid values are between 2 and 16. b. Lockout Fail Window: The time within which subsequent failed logins are registered. Valid time is between 2 seconds and 65,535 seconds. c. Lockout Penalty Time: Time for which the logins are restricted. Valid time is between 2 seconds and 65,535 seconds. If the IP is still unavailable, ensure that: ● The network cable is connected. ● If DHCP is configured, ensure that the cable is connected to a ToR switch that has connectivity to the DHCP server. 50 Logging in to OME-Modular

Section	Page
Dell EMC OpenManage Enterprise-Modular Edition Version 1.20.00 for PowerEdge MX7000 Chassis User's Guide	3
Overview	8
Key features	8
New in this release	9
Supported platforms	9
Supported web browsers	9
Other documents you may need	10
Accessing documents from Dell support site	10
Positioning OME-Modular with other Dell EMC applications	11
Updating the management module firmware	12
Updating the firmware using catalog-based compliance method	12
Updating MX7000 components using OME-Modular 1.20.00	13
Component update order	13
Updating iDRAC with Lifecycle Controller using OME-Modular	14
Updating PowerEdge MX740c BIOS and PowerEdge MX840c Server BIOS	14
Updating adapters	14
Updating OME-Modular to 1.20.00	15
Recovering failed Management Module firmware update process	15
Updating IOMs using OME-Modular	15
Upgrading networking switch using DUP	15
Upgrading from 10.5.0.5	16
Upgrading from versions earlier than 10.5.0.5	16
Logging in to OME-Modular	17
Logging in to OME–Modular as local, Active Directory, or LDAP user	17
Logging in to OME-Modular as Active Directory or LDAP user	18
Importing directory group	18
Logging in to OME–Modular using the directory user credentials	18
OME-Modular home page	18
Search feature in OME-Modular	19
Viewing alerts	21
Viewing jobs and activities	21
Multi-chassis management dashboard	21
Viewing device health	22
Setting up chassis	22
Initial configuration	22
Configuring chassis settings	23
Configure chassis power	24
Configure chassis management network	24
Configure chassis network services	26
Configure local access	27
Chassis Direct	28
Configure chassis location	29
Configure Quick Deploy settings	29
Managing chassis	30
Creating chassis filters	31
Viewing chassis overview	31
Wiring chassis	32
Chassis groups	33
Prerequisites for creating a wired group	33
Creating chassis groups	34
Adding member chassis to groups	35
Adding member chassis from lead chassis	35
Adding individual chassis to chassis groups	35
Assigning backup lead	36
Promoting backup chassis as lead	36
Retiring lead chassis	37
MCM dashboard	37
Controlling chassis power	37
Backing up chassis	38
Restoring chassis	38
Exporting chassis profiles	39
Managing chassis failover	39
Troubleshooting in chassis	39
Blinking LEDs	39
Interfaces to access OME-Modular	40
Viewing chassis hardware	41
Chassis slot details	41
Viewing chassis alerts	42
Viewing chassis hardware logs	42
Configuring OME–Modular	42
Viewing current configuration	42
Configuring OME–Modular IP address	42
Configuring OME–Modular web server	43
Configuring session inactivity timeout	43
Configuring OME–Modular date and time settings	44
Configuring OME–Modular proxy settings	44
Configuring IOM synchronization	44
Changing device naming and preference	44
Ports and protocols supported in OME-Modular	44
Configuring users and user settings	46
Viewing and editing user accounts	46
Adding users	46
Enabling, disabling, and deleting users	47
Recovering passwords	47
Recovering passwords in single OME-Modular controller	47
Recovering passwords in dual OME-Modular controllers	47
User roles and privileges	48
Managing user sessions	48
Viewing user sessions	48
Terminating user sessions	49
Importing Directory Group	49
Adding directory services	49
Deleting directory services	50
Configuring login security settings	50
Configuring login IP range	50
Configuring login lockout policy	50
Enabling FIPS mode	51
Managing certificates	51
Uploading certificates	51
Generating certificate signing request	51
Configuring alerts	51
Configuring email alerts	51
Configuring SNMP alerts	52
Configuring sys log alerts	52
Managing compute sleds	53
Viewing compute overview	53
Configuring compute settings	55
Configuring compute network settings	55
Configuring compute management settings	56
Replacing compute sleds	56
Viewing compute hardware	57
Viewing compute firmware	57
Viewing compute hardware logs	57
Viewing compute alerts	57
Managing storage	59
Storage overview	59
Viewing hardware details	60
Assigning drives to a compute sled	61
Assigning storage enclosure to a compute sled	61
Replacing storage sleds	62
Updating enclosure firmware	62
Updating the firmware using DUP	62
Updating the firmware using catalog-based compliance	62
Downgrading storage enclosure firmware	63
Managing SAS IOMs	63
SAS IOM Overview	63
Force active	64
Clearing configuration	64
Extracting IOM logs	64
Managing templates	65
Viewing template details	65
Creating templates	66
Importing templates	66
Deploying templates	66
Deploying templates from Template Details page	67
Editing templates	67
Editing template networks	67
Cloning templates	68
Exporting templates	68
Deleting templates	68
Managing identity pools	69
Creating identity pools	69
Editing identity pools	71
Exporting identity pools	71
Deleting identity pools	71
Ethernet IO Modules	72
Viewing hardware details	73
Configuring IOM settings	73
Configuring IOM network settings	73
Configuring IOM management settings	74
Configuring IOM monitoring settings	74
Configuring OS10 administrator password	75
Configuring SNMP settings	75
Configuring advanced settings	75
Configuring ports	75
Configuring admin status	75
Configuring Maximum Transmission Unit	76
Configuring auto negotiation	76
Configuring Forward Error Correction	76
MX Scalable Fabric architecture	77
Recommended physical topology	77
Restrictions and guidelines	78
Recommended connection order	79
SmartFabric Services	80
Guidelines for operating in SmartFabric mode	81
SmartFabric network topologies	81
Switch to switch cabling	82
Upstream network switch requirements	83
NIC teaming restrictions	83
OS10 CLI commands available in SmartFabric mode	84
Viewing fabric details	84
Adding SmartFabric	84
Adding uplinks	85
Adding network	85
Editing uplink	86
Viewing topology details	86
Editing fabric details	86
Deleting uplinks	86
Deleting fabric	87
VLANs for SmartFabric and FCoE	87
Defining VLANs for FCoE	87
Editing VLANs	87
VLAN scaling guidelines	88
Managing networks	89
SmartFabric VLAN management and automated QoS	89
Defining networks	90
Editing VLANs	90
Exporting VLANs	90
Importing VLANs	91
Deleting VLANs	91
Managing Fibre Channel IOMs	92
Managing firmware	93
Creating baselines	93
Checking compliance	94
Editing baselines	94
Managing catalogs	94
Viewing catalogs	95
Adding catalogs	95
Editing catalogs	96
Checking for catalog updates	96
Deleting catalogs	96
Updating firmware	96
Rolling back firmware	97
Deleting firmware	97
Monitoring alerts and logs	98
Alert log	98
Filtering alert logs	98
Acknowledging alert logs	99
Unacknowledging alert logs	99
Ignoring alert logs	99
Exporting alert logs	99
Deleting alert logs	99
Alert policies	99
Creating alert policies	100
Enabling alert policies	100
Editing alert policies	101
Disabling alert policies	101
Deleting alert policies	101
Alert definitions	101
Filtering alert definitions	101
Monitoring audit logs	103
Filtering audit logs	103
Exporting audit logs	103
Monitoring jobs	104
Filtering jobs	104
Viewing job details	105
Exporting job execution details	106
Running jobs	106
Stopping jobs	106
Enabling jobs	106
Disabling jobs	106
Deleting jobs	106
Use case scenarios	107
Assigning backup to the MCM Lead	107
Creating chassis group with backup lead	107
Monitoring the MCM group	108
Scenarios when backup lead can take over as lead chassis	109
Disaster recovery of lead chassis	109
Retiring lead chassis	111
Troubleshooting	112
Storage	112
Firmware update is failing	112
Storage assignment is failing	112
SAS IOM status is downgraded	112
SAS IOM health is downgraded	112
Drives on compute sled are not visible	113
Storage configuration cannot be applied to SAS IOMs	113
Drives in OpenManage are not visible	113
iDRAC and OpenManage drive information do not match	113
The assignment mode of storage sled is unknown	113
Unable to access OME-Modular using Chassis Direct	113
Troubleshooting lead chassis failure	113
Recommended slot configurations for IOMs	115
Supported slot configurations for IOMs	115
Updating OME-Modular to 1.10.10	117
Updating OME-Modular to 1.10.20	118
Updating Fabric Switching Engine and Ethernet Switch	119

Match case Limit results 1 per page

If you have selected the directory type as AD, enter the following details:

●

Server Port

number—The server port number can be between 1 and 65535

●

Network Timeout

and

Search Timeout

in seconds

●

Select the

Certificate Validation

checkbox

●

Click

Select a file

to browse and upload a certificate

If you have selected the directory type as LDAP, enter the following details:

●

Server Port

number—The server port number can be between 1 and 65535

●

Base Distinguished Name to Search

●

Attribute of User Login

Attribute of Group Membership

, and

Search Filter

●

Network Timeout

and

Search Timeout

in seconds

●

Select the

Certificate Validation

checkbox

●

Click

Select a file

to browse and upload a certificate

NOTE:

If the

Certificate Validation

check box is selected, enter the FQDN of the domain controller in the

Method

field. The certificate validation is successful only if the details of the Issuing Authority in the certificate and the

FQDN match.

Deleting directory services

To delete directory services:

From the main menu, click

Application Settings

Users

Directory Services

Select the directory service that you want to delete and click

Delete

Configuring login security settings

OME–Modular supports IP range-based access restriction. You can restrict access to only a specified range of IP addresses.

You can also configure lockout policies that enforce delays after certain number of failed login attempts.

Configuring login IP range

Click

Application Settings

Security

Select

Enable IP Range

Enter the IP range in the CIDR format.

For IPv4, enter the IP address in the format—192.168.100.14/24. For IPv6, enter the IP address in the format—

2001:db8::/24.

Configuring login lockout policy

Click

Application Settings

Security

Select

By User Name

to enable user account-based lockout. Select

By IP Address

to enable IP address-based lockout.

Enter the lockout details:

Lockout Fail Count: The number of failed login attempts. Valid values are between 2 and 16.

Lockout Fail Window: The time within which subsequent failed logins are registered. Valid time is between 2 seconds and

65,535 seconds.

Lockout Penalty Time: Time for which the logins are restricted. Valid time is between 2 seconds and 65,535 seconds.

If the IP is still unavailable, ensure that:

●

The network cable is connected.

●

If DHCP is configured, ensure that the cable is connected to a ToR switch that has connectivity to the DHCP server.

Logging in to OME-Modular