SHIFT

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools


bladecenterconfig
Differences

This shows you the differences between two versions of the page.

Link to this comparison view

bladecenterconfig [2013/04/21 20:11] (current)
sjoerd created
Line 1: Line 1:
 += Bladecenter Configuration =
  
 += General Settings =
 +Go to MM Control -> General Settings
 +
 +MM Information:​ \\
 +Name: bladecenter \\
 +Contact: GetShifting - <​phone>​ \\
 +Location: Delft, The Netherlands \\
 +
 += Network Protocols =
 +Go to MM Control -> Network Protocols
 +
 +== SNMP ==
 +Disable all three SNMP levels and agents.
 +
 +== DNS ==
 +Set the primary DNS Server to 10.10.10.53
 +
 +== SMTP ==
 +Set the smtp server to 10.10.10.25 (you have to use the IP-address) \\
 +Set the SMTP email domain name to company.local (only available since AMM Firmware version bpet54p, see [[ibmfirmware]] for more information on how to update firmware.
 +
 +== LDAP
 +Set the "Use LDAP Servers for Authentication Only (with local authorization)"​ option. \\
 +Set the "Use Pre-Configured Server"​ option \\
 +Set the LDAP server to 10.10.10.89 \\
 +Set the root DN to: "​ou=users,​dc=ad,​dc=company,​dc=local"​ \\
 +Set the binding method to: "w/ Configured Credentials"​ \\
 +Set the Client DN to: sa_ldap@ad.company.local \\
 +Set the password \\
 +Set the UID search attribute: sAMAccountName \\
 +
 +== Web Access ==
 +Enable the Web Access
 +
 +== Telnet ==
 +Enable telnet access
 +
 +== SLP ==
 +Disable SLP
 +
 +== FTP ==
 +Disable FTP
 +
 +== TFTP ==
 +Disable TFTP
 +
 +== Remote Control ==
 +Enable all Remote Control Options:
 +* Remote Control
 +* Remote Disk
 +* Remote disk on Card
 +* Remote Video (KVM)
 +
 +== Syslog ==
 +Set the syslog server to "​syslog.company.local",​ port 514
 +
 += Authentication
 +Go to MM Control -> Login Profiles
 +
 +== Local profile ==
 +Set an local profile with the name "​it"​ and the T-password as local fallback supervisor account, and remove all other local accounts.
 +
 +== LDAP Groups ==
 +> Note: You should already have created global security groups with the exact same name as you define here.
 +
 +Under Group profiles, click "Add a group"​. \\
 +As the Group ID, enter the exact name of the AD global security group, and define the role:
 +^ Group Name ^ Role |
 +|BladeCenterAdministrators | Supervisor |
 +|BladeCenterReadOnly | Operator |
 +
 +Now you can logon with a user account which is member of one of the two defined groups.
 +
 +== Account Security Management ==
 +Set the User Authentication method to LDAP first, then Local.
 +
 += Alerts =
 +Go to MM Control -> Alerts
 +
 +Add a user to receive warnings:
 +^ Status ^ Name ^ Notification Method ^ E-mail address ^ Receives critical alerts only |
 +|Enabled |ICT Management |E-mail over LAN |sjoerd_getshifting_com | no |
 +
 +This functionality will not work until this fix is released: \\
 +http://​www-947.ibm.com/​support/​entry/​portal/​docdisplay?​brand=5000020&​lndocid=MIGR-5083886 \\
 +Which is done by now, so download the release [[http://​www-933.ibm.com/​support/​fixcentral/​systemx/​groupView?​query.productGroup=ibm%2FBladeCenter|here]].
 +
 += Configuration Management =
 +Go to MM Control -> Configuration Mgmt
 +
 +Go to the section "Save Configuration to Chassis"​ and click "​Save"​.
 +
 +{{tag>​hardware security syslog ldap}}
bladecenterconfig.txt ยท Last modified: 2013/04/21 20:11 by sjoerd