Service location protocol (slp), Configuring security – Lenovo ThinkServer TD200 User Manual
Page 44
v
Ability to Clear Event Logs (bit position 9):
If this bit is set, the user
can clear the event logs. All users can view the event logs, but this
particular permission is required to clear the logs.
v
Advanced Adapter Configuration (bit position 10):
If this bit is set, the
user has no restrictions when configuring the IMM. In addition, the user
is said to have administrative access to the IMM, meaning that the user
can also perform the following advanced functions: firmware upgrades,
PXE network boot, restoring IMM factory defaults, modifying and
restoring IMM configuration from a configuration file, and restarting and
resetting the IMM.
v
Reserved (bit position 11):
This bit is reserved for future use.
If none of the bits are set, the user has read-only authority.
Priority is given to login permissions that are retrieved directly from the
user record. If the login permission attribute is not in the user’s record, an
attempt is made to retrieve the permissions from the groups to which the
user belongs. This is done as part of the group authentication phase. The
user is assigned the inclusive OR of all the bits for all of the groups. The
Read Only bit is set only if all the other bits are zero. If the Deny Always
bit is set for any of the groups, the user is refused access. The Deny
Always bit always has precedence over every other bit.
Important:
If you give a user the ability to modify basic, networking, and
security-related IMM configuration parameters, consider giving
this same user the ability to restart the IMM (bit position 10).
Otherwise, a user might be able to change parameters (for
example, the IP address of the IMM) but cannot make them
take effect.
Service Location Protocol (SLP)
To view the SLP setting, complete the following steps:
1.
In the navigation pane, click Network protocols.
2.
Scroll down to the Service Location Protocol (SLP) area. The multicast address,
which is the IP address that the IMM SLP server listens on, is displayed.
Configuring security
Use the general procedure in this section to configure security for the IMM Web
server, for the connection between the IMM and an LDAP server. If you are not
familiar with the use of SSL certificates, read the information in “SSL certificate
overview” on page 39.
Use the following general tasks list to configure the security for the IMM:
1.
Configure the Secure Web server:
a.
Disable the SSL server. Use the HTTPS Server Configuration for Web
Server
area on the Security page.
b.
Generate or import a certificate. Use the HTTPS Server Certificate
Management
area on the Security page (see “SSL server certificate
c.
Enable the SSL server. Use the HTTPS Server Configuration for Web
Server
area on the Security page (see “Enabling SSL for the secure Web
2.
Configure SSL security for LDAP connections:
38
Integrated Management Module: User Guide
|
|
|
|