Home » Dell Manuals » Servers » Dell PowerEdge MX7000 » Manual Viewer

Dell PowerEdge MX7000 EMC OpenManage Enterprise-Modular Edition Version 1.20.0 - Page 51

Enabling FIPS mode, Managing certificates, Generating certificate signing request, Configuring alerts

View all Dell PowerEdge MX7000 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 51 highlights

Enabling FIPS mode The United States government agencies and contractors use the FIPS standards. FIPS Mode is intended to meet the requirements of FIPS 140-2 level 1. To enable FIPS mode, click Application Settings > Security > Federal Information Processing Standards (FIPS) NOTE: After enabling the FIPS mode or reset configuration operation, wait for sometime for the application to become stable. Managing certificates You can view details of the SSL certificates on the Certificates page. The information includes the details of: ● The organization the certificate is issued to ● The issuing authority of the certificate ● The validity of the certificate If you have the security setup privilege, you can perform the following tasks: ● View the SSL certificate that is deployed. ● Generate a new certificate signing request (CSR) ● Upload the server certificate, based on the CSR generated, to replace the default or currently deployed certificate. Uploading certificates To upload the certificate: 1. Click Application Settings > Security > Certificates. 2. Click Upload to browse and upload the certificate. Generating certificate signing request 1. Click Application Settings > Security > Certificates. 2. At the bottom-right of the page, click Generate Certificate Signing Request. 3. Enter the required details and click Generate. ● OME-Modular does not create an SSL certificate on time change or on every boot or time change and boot simultaneously. ● OME-Modular generates a new SSL certificate with validity from build_time till (build_time +10 years) only during first boot scenarios such as firmware update, racresetcfg, and FIPS mode changes. NOTE: Only the users with the chassis administrator privileges can generate certificate signing requests. Configuring alerts This section allows you to configure the email, SNMP, and the syslog settings to trigger alerts. Configuring email alerts 1. Click Application Settings > Alerts. 2. Click Email Configuration 3. Enter the SMTP Server Network Address. NOTE: The SMTP server network address can have a maximum length of 255 characters. 4. If the server requires authentication, select Enable Authentication. Logging in to OME-Modular 51

Section	Page
Dell EMC OpenManage Enterprise-Modular Edition Version 1.20.00 for PowerEdge MX7000 Chassis User's Guide	3
Overview	8
Key features	8
New in this release	9
Supported platforms	9
Supported web browsers	9
Other documents you may need	10
Accessing documents from Dell support site	10
Positioning OME-Modular with other Dell EMC applications	11
Updating the management module firmware	12
Updating the firmware using catalog-based compliance method	12
Updating MX7000 components using OME-Modular 1.20.00	13
Component update order	13
Updating iDRAC with Lifecycle Controller using OME-Modular	14
Updating PowerEdge MX740c BIOS and PowerEdge MX840c Server BIOS	14
Updating adapters	14
Updating OME-Modular to 1.20.00	15
Recovering failed Management Module firmware update process	15
Updating IOMs using OME-Modular	15
Upgrading networking switch using DUP	15
Upgrading from 10.5.0.5	16
Upgrading from versions earlier than 10.5.0.5	16
Logging in to OME-Modular	17
Logging in to OME–Modular as local, Active Directory, or LDAP user	17
Logging in to OME-Modular as Active Directory or LDAP user	18
Importing directory group	18
Logging in to OME–Modular using the directory user credentials	18
OME-Modular home page	18
Search feature in OME-Modular	19
Viewing alerts	21
Viewing jobs and activities	21
Multi-chassis management dashboard	21
Viewing device health	22
Setting up chassis	22
Initial configuration	22
Configuring chassis settings	23
Configure chassis power	24
Configure chassis management network	24
Configure chassis network services	26
Configure local access	27
Chassis Direct	28
Configure chassis location	29
Configure Quick Deploy settings	29
Managing chassis	30
Creating chassis filters	31
Viewing chassis overview	31
Wiring chassis	32
Chassis groups	33
Prerequisites for creating a wired group	33
Creating chassis groups	34
Adding member chassis to groups	35
Adding member chassis from lead chassis	35
Adding individual chassis to chassis groups	35
Assigning backup lead	36
Promoting backup chassis as lead	36
Retiring lead chassis	37
MCM dashboard	37
Controlling chassis power	37
Backing up chassis	38
Restoring chassis	38
Exporting chassis profiles	39
Managing chassis failover	39
Troubleshooting in chassis	39
Blinking LEDs	39
Interfaces to access OME-Modular	40
Viewing chassis hardware	41
Chassis slot details	41
Viewing chassis alerts	42
Viewing chassis hardware logs	42
Configuring OME–Modular	42
Viewing current configuration	42
Configuring OME–Modular IP address	42
Configuring OME–Modular web server	43
Configuring session inactivity timeout	43
Configuring OME–Modular date and time settings	44
Configuring OME–Modular proxy settings	44
Configuring IOM synchronization	44
Changing device naming and preference	44
Ports and protocols supported in OME-Modular	44
Configuring users and user settings	46
Viewing and editing user accounts	46
Adding users	46
Enabling, disabling, and deleting users	47
Recovering passwords	47
Recovering passwords in single OME-Modular controller	47
Recovering passwords in dual OME-Modular controllers	47
User roles and privileges	48
Managing user sessions	48
Viewing user sessions	48
Terminating user sessions	49
Importing Directory Group	49
Adding directory services	49
Deleting directory services	50
Configuring login security settings	50
Configuring login IP range	50
Configuring login lockout policy	50
Enabling FIPS mode	51
Managing certificates	51
Uploading certificates	51
Generating certificate signing request	51
Configuring alerts	51
Configuring email alerts	51
Configuring SNMP alerts	52
Configuring sys log alerts	52
Managing compute sleds	53
Viewing compute overview	53
Configuring compute settings	55
Configuring compute network settings	55
Configuring compute management settings	56
Replacing compute sleds	56
Viewing compute hardware	57
Viewing compute firmware	57
Viewing compute hardware logs	57
Viewing compute alerts	57
Managing storage	59
Storage overview	59
Viewing hardware details	60
Assigning drives to a compute sled	61
Assigning storage enclosure to a compute sled	61
Replacing storage sleds	62
Updating enclosure firmware	62
Updating the firmware using DUP	62
Updating the firmware using catalog-based compliance	62
Downgrading storage enclosure firmware	63
Managing SAS IOMs	63
SAS IOM Overview	63
Force active	64
Clearing configuration	64
Extracting IOM logs	64
Managing templates	65
Viewing template details	65
Creating templates	66
Importing templates	66
Deploying templates	66
Deploying templates from Template Details page	67
Editing templates	67
Editing template networks	67
Cloning templates	68
Exporting templates	68
Deleting templates	68
Managing identity pools	69
Creating identity pools	69
Editing identity pools	71
Exporting identity pools	71
Deleting identity pools	71
Ethernet IO Modules	72
Viewing hardware details	73
Configuring IOM settings	73
Configuring IOM network settings	73
Configuring IOM management settings	74
Configuring IOM monitoring settings	74
Configuring OS10 administrator password	75
Configuring SNMP settings	75
Configuring advanced settings	75
Configuring ports	75
Configuring admin status	75
Configuring Maximum Transmission Unit	76
Configuring auto negotiation	76
Configuring Forward Error Correction	76
MX Scalable Fabric architecture	77
Recommended physical topology	77
Restrictions and guidelines	78
Recommended connection order	79
SmartFabric Services	80
Guidelines for operating in SmartFabric mode	81
SmartFabric network topologies	81
Switch to switch cabling	82
Upstream network switch requirements	83
NIC teaming restrictions	83
OS10 CLI commands available in SmartFabric mode	84
Viewing fabric details	84
Adding SmartFabric	84
Adding uplinks	85
Adding network	85
Editing uplink	86
Viewing topology details	86
Editing fabric details	86
Deleting uplinks	86
Deleting fabric	87
VLANs for SmartFabric and FCoE	87
Defining VLANs for FCoE	87
Editing VLANs	87
VLAN scaling guidelines	88
Managing networks	89
SmartFabric VLAN management and automated QoS	89
Defining networks	90
Editing VLANs	90
Exporting VLANs	90
Importing VLANs	91
Deleting VLANs	91
Managing Fibre Channel IOMs	92
Managing firmware	93
Creating baselines	93
Checking compliance	94
Editing baselines	94
Managing catalogs	94
Viewing catalogs	95
Adding catalogs	95
Editing catalogs	96
Checking for catalog updates	96
Deleting catalogs	96
Updating firmware	96
Rolling back firmware	97
Deleting firmware	97
Monitoring alerts and logs	98
Alert log	98
Filtering alert logs	98
Acknowledging alert logs	99
Unacknowledging alert logs	99
Ignoring alert logs	99
Exporting alert logs	99
Deleting alert logs	99
Alert policies	99
Creating alert policies	100
Enabling alert policies	100
Editing alert policies	101
Disabling alert policies	101
Deleting alert policies	101
Alert definitions	101
Filtering alert definitions	101
Monitoring audit logs	103
Filtering audit logs	103
Exporting audit logs	103
Monitoring jobs	104
Filtering jobs	104
Viewing job details	105
Exporting job execution details	106
Running jobs	106
Stopping jobs	106
Enabling jobs	106
Disabling jobs	106
Deleting jobs	106
Use case scenarios	107
Assigning backup to the MCM Lead	107
Creating chassis group with backup lead	107
Monitoring the MCM group	108
Scenarios when backup lead can take over as lead chassis	109
Disaster recovery of lead chassis	109
Retiring lead chassis	111
Troubleshooting	112
Storage	112
Firmware update is failing	112
Storage assignment is failing	112
SAS IOM status is downgraded	112
SAS IOM health is downgraded	112
Drives on compute sled are not visible	113
Storage configuration cannot be applied to SAS IOMs	113
Drives in OpenManage are not visible	113
iDRAC and OpenManage drive information do not match	113
The assignment mode of storage sled is unknown	113
Unable to access OME-Modular using Chassis Direct	113
Troubleshooting lead chassis failure	113
Recommended slot configurations for IOMs	115
Supported slot configurations for IOMs	115
Updating OME-Modular to 1.10.10	117
Updating OME-Modular to 1.10.20	118
Updating Fabric Switching Engine and Ethernet Switch	119

Match case Limit results 1 per page

Enabling FIPS mode

The United States government agencies and contractors use the FIPS standards. FIPS Mode is intended to meet the

requirements of FIPS 140-2 level 1.

To enable FIPS mode, click

Application Settings

Security

Federal Information Processing Standards (FIPS)

NOTE:

After enabling the FIPS mode or reset configuration operation, wait for sometime for the application to become

stable.

Managing certificates

You can view details of the SSL certificates on the

Certificates

page. The information includes the details of:

●

The organization the certificate is issued to

●

The issuing authority of the certificate

●

The validity of the certificate

If you have the security setup privilege, you can perform the following tasks:

●

View the SSL certificate that is deployed.

●

Generate a new certificate signing request (CSR)

●

Upload the server certificate, based on the CSR generated, to replace the default or currently deployed certificate.

Uploading certificates

To upload the certificate:

Click

Application Settings

Security

Certificates

Click

Upload

to browse and upload the certificate.

Generating certificate signing request

Click

Application Settings

Security

Certificates

At the bottom-right of the page, click

Generate Certificate Signing Request

Enter the required details and click

Generate

●

OME–Modular does not create an SSL certificate on time change or on every boot or time change and boot

simultaneously.

●

OME–Modular generates a new SSL certificate with validity from build_time till (build_time +10 years) only during first

boot scenarios such as firmware update,

racresetcfg

, and FIPS mode changes.

NOTE:

Only the users with the chassis administrator privileges can generate certificate signing requests.

Configuring alerts

This section allows you to configure the email, SNMP, and the syslog settings to trigger alerts.

Configuring email alerts

Click

Application Settings

Alerts

Click

Email Configuration

Enter the

SMTP Server Network Address

NOTE:

The SMTP server network address can have a maximum length of 255 characters.

If the server requires authentication, select

Enable Authentication

Logging in to OME-Modular