FUJITSU Infrastructure Manager for PRIMEFLEX

Specifications

• Product Name: Fujitsu Software Infrastructure Manager /Infrastructure for PRIMEFLEX
• Version: V2.9.0
• Manuals:
  • Fujitsu Software Infrastructure Manager / Infrastructure
  • Manager for PRIMEFLEX V2.9.0 First Step Guide
  • Fujitsu Software Infrastructure Manager / Infrastructure
  • Manager for PRIMEFLEX V2.9.0 User’s Guide
  • Fujitsu Software Infrastructure Manager / Infrastructure
  • Manager for PRIMEFLEX V2.9.0 Operating Procedures
  • Fujitsu Software Infrastructure Manager / Infrastructure
  • Manager for PRIMEFLEX V2.9.0 REST API Reference Manual
  • Fujitsu Software Infrastructure Manager / Infrastructure
  • Manager for PRIMEFLEX V2.9.0 Messages
  • Fujitsu Software Infrastructure Manager for PRIMEFLEX V2.9.0
  • Messages
  • Fujitsu Software Infrastructure Manager / Infrastructure
  • Manager for PRIMEFLEX V2.9.0 Items for Profile Settings (for
  • Profile Management)
  • Fujitsu Software Infrastructure Manager for PRIMEFLEX V2.9.0
  • Cluster Creation and Cluster Expansion Parameter List

Description

The Fujitsu Software Infrastructure Manager / Infrastructure for PRIMEFLEX is an operation and management software that allows integrated management and operation of ICT devices such as servers, storages, switches, as well as facility devices like PDUs.

First Step Guide

The First Step Guide is a manual for first-time users of the product. It provides an overview of the product system, licensing information, and summarizes the procedures for using the product.

User’s Guide

The User’s Guide provides detailed information about the functions of the Fujitsu Software Infrastructure Manager / Infrastructure for PRIMEFLEX. It includes the installation procedure and step-by-step procedures for operating the product. This guide aims to help users quickly grasp all the functions and operations of the product.

Operating Procedures

The Operating Procedures manual provides instructions on how to install and use the Fujitsu Software Infrastructure Manager / Infrastructure for PRIMEFLEX. It covers various usage scenarios and provides detailed procedures for operating the product.

REST API Reference Manual

The REST API Reference Manual is a guide that explains how to use the required APIs of the Fujitsu Software Infrastructure Manager / Infrastructure for PRIMEFLEX. It includes samples and parameter information for integrating user- created applications with the product.

ISM Message
The ISM Messages manual describes the messages that are output when using the Fujitsu Software Infrastructure Manager (ISM) or ISM for PRIMEFLEX. It also provides actions to take for these messages, helping users troubleshoot and resolve any issues.

ISM for PRIMEFLEX Messages
The ISM for PRIMEFLEX Messages manual specifically focuses on the messages that are output when using ISM for PRIMEFLEX. It provides detailed information about these messages and suggests appropriate actions to address them.

Items for Profile Settings (for Profile Management)
The Items for Profile Settings manual provides detailed information about the items that can be set when creating profiles for managed devices. It offers guidance on configuring profiles according to specific requirements.

ISM for PRIMEFLEX Parameter List

The ISM for the PRIMEFLEX Parameter List describes the Cluster Definition Parameters used for automatic settings in Cluster Creation and Cluster Expansion when using ISM for PRIMEFLEX. It provides parameter information to help users configure clusters effectively.

Product Usage Instructions

Step 1: Installation
To install the Fujitsu Software Infrastructure Manager / Infrastructure for PRIMEFLEX, follow these steps:

1. Review the First Step Guide for an overview of the installation process.
2. Refer to the User’s Guide for detailed installation instructions.

Step 2: Operation
Once the product is installed, you can start operating it using the following procedures:

1. Consult the User’s Guide for a comprehensive understanding of the product’s functions and features.
2. For specific usage scenarios, refer to the Operating Procedures manual for detailed instructions.
3. If you need to integrate user-created applications with the product, consult the REST API Reference Manual for information on using the required APIs.
4. In case of any error messages or issues, refer to the ISM Messages or ISM for PRIMEFLEX Messages manual for troubleshooting guidance.

Step 3: Profile Management
If you need to create profiles for managed devices, follow these steps:

1. Refer to the Items for Profile Settings (for Profile Management) manual for detailed information about the items that can be set in profiles.

Step 4: Cluster Configuration
If you are using ISM for PRIMEFLEX and need to configure clusters, follow these steps:

1. Consult the ISM for the PRIMEFLEX Parameter List for detailed information about the Cluster Definition Parameters used for automatic settings in Cluster Creation and Cluster Expansion.

Additional Resources
For further assistance, refer to the product manuals provided or contact our customer support.

FAQs

Q: Where can I find the installation instructions?
A: The installation instructions can be found in the User’s Guide and the First Step Guide manuals.

Q: How do I troubleshoot error messages?
A: To troubleshoot error messages, refer to the ISM Messages or ISM for PRIMEFLEX Messages manual for guidance on actions to take.

Q: What is the purpose of the REST API Reference Manual?
A: The REST API Reference Manual provides information on how to use the required APIs of the product and includes samples and parameter information for integrating user-created applications.

Q: Where can I get help with profile management?
A: The Items for Profile Settings (for Profile Management) manual provides detailed information about setting items in profiles for managed devices.

Q: How can I configure clusters when using ISM for PRIMEFLEX?
A: The ISM for PRIMEFLEX Parameter List provides information about the Cluster Definition Parameters used for automatic cluster settings in Cluster Creation and Cluster Expansion.

Fujitsu Software Infrastructure Manager / Infrastructure for PRIMEFLEX V2.9.0
Operating Procedures
CA92344-5431-03 December 2023

Preface

Purpose
This manual describes the installation procedure and operating procedures based on usage scenes of the following operation and management software. This software manages and operates ICT devices such as servers, storages, and switches, as well as facility devices such as PDUs, in an integrated way.
– Fujitsu Software Infrastructure Manager (hereafter referred to as “ISM”)
– Fujitsu Software Infrastructure Manager for PRIMEFLEX (hereafter referred to as “ISM for PRIMEFLEX”)

Product Manuals
Manual Name Fujitsu Software Infrastructure Manager / Infrastructure Manager for PRIMEFLEX V2.9.0 First Step Guide
Fujitsu Software Infrastructure Manager / Infrastructure Manager for PRIMEFLEX V2.9.0 User’s Guide
Fujitsu Software Infrastructure Manager / Infrastructure Manager for PRIMEFLEX V2.9.0 Operating Procedures Fujitsu Software Infrastructure Manager / Infrastructure Manager for PRIMEFLEX V2.9.0 REST API Reference Manual
Fujitsu Software Infrastructure Manager / Infrastructure Manager for PRIMEFLEX V2.9.0 Messages
Fujitsu Software Infrastructure Manager for PRIMEFLEX V2.9.0 Messages
Fujitsu Software Infrastructure Manager / Infrastructure Manager for PRIMEFLEX V2.9.0 Items for Profile Settings (for Profile Management)
Fujitsu Software Infrastructure Manager for PRIMEFLEX V2.9.0 Cluster Creation and Cluster Expansion Parameter List
Fujitsu Software Infrastructure Manager /

Description
This manual is for those using this product for the first time. This manual summarizes the procedures for the use of this product, the product system, and licensing.
In this manual, it is referred to as “First Step Guide.”
This manual describes the functions of this product, the installation procedure, and procedures for operation. It allows you to quickly grasp all functions and all operations of this product.
In this manual, it is referred to as “User’s Guide.”
This manual describes the installation procedure and usages for the operations of this product.
In this manual, it is referred to as “Operating Procedures.”
This manual describes how to use the required APIs and provides samples and parameter information for using user-created applications that integrate with this product.
In this manual, it is referred to as “REST API Reference Manual.”
This manual describes the messages that are output when using ISM or ISM for PRIMEFLEX and the actions to take for these messages.
In this manual, it is referred to as “ISM Messages.”
This manual describes the messages that are output when using ISM for PRIMEFLEX and the actions to take for these messages.
In this manual, it is referred to as “ISM for PRIMEFLEX Messages.”
This manual describes detailed information for the items set when creating profiles for managed devices.
In this manual, it is referred to as “Items for Profile Settings (for Profile Management).”
This manual describes Cluster Definition Parameters that are used for the automatic settings in Cluster Creation and Cluster Expansion when using ISM for PRIMEFLEX.
In this manual, it is referred to as “ISM for PRIMEFLEX Parameter List.”
This document defines the terms that you need to understand in order to use this product.
In this manual, it is referred to as “Glossary.”

– i –

Manual Name
Infrastructure Manager for PRIMEFLEX V2.9.0 Glossary
Fujitsu Software Infrastructure Manager / Infrastructure Manager for PRIMEFLEX V2.9.0 Plug-in and Management Pack Setup Guide

Description
This manual describes the procedures, from installation to operation as well as precautions and reference information, for the following features of Infrastructure Manager Plug-in.
– Infrastructure Manager Plug-in for Microsoft System Center Operations Manager
– Infrastructure Manager Plug-in for Microsoft System Center Virtual Machine Manager
– Infrastructure Manager Plug-in for VMware vCenter Server – Infrastructure Manager Plug-in for VMware vCenter Server
Appliance – Infrastructure Manager Management Pack for VMware
vRealize Operations Manager – Infrastructure Manager Plug-in for VMware vRealize
Orchestrator – Infrastructure Manager Plug-in for Microsoft Windows
Admin Center In this manual, it is referred to as “ISM Plug-in/MP Setup Guide.”

Together with the manuals mentioned above, you can also refer to the latest information about ISM by contacting your local Fujitsu customer service partner. For the information about managed hardware products, refer to the manuals of the relevant hardware. For PRIMERGY, refer to “ServerView Suite ServerBooks” or the manual pages for PRIMERGY. https://support.ts.fujitsu.com/

Intended Readers This manual is intended for readers who consider using the product for comprehensive management and operation of such ICT devices and possess basic knowledge about hardware, operating systems, and software.
Notation in this Manual Notation Keyboard Keystrokes that represent nonprintable characters are displayed as key icons such as [Enter] or [F1]. For example, [Enter] means press the key labeled “Enter.” [Ctrl]+[B] means hold down the key labeled “Ctrl” or “Control” and then press the B key. Symbols Items that require particular attention are indicated by the following symbols.

Point
Describes the content of an important point.

Note
Describes an item that requires your attention.

– ii –

Variables: Represents variables that require replacement by numerical values or text strings in accordance with your usage environment. Example: <IP address>
Abbreviation This document may use the abbreviation for OS as shown in the following examples.

Official name

Abbreviation

Microsoft(R) Windows Server(R) 2022 Datacenter

Windows Server 2022 Datacenter

Windows Server 2022 or Windows

Microsoft(R) Windows Server(R) 2022 Standard

Windows Server 2022 Standard

Microsoft(R) Windows Server(R) 2022 Essentials

Windows Server 2022 Essentials

Red Hat Enterprise Linux 9.3 (for Intel64)

RHEL 9.3

Red Hat Enterprise Linux or Linux

SUSE Linux Enterprise Server 15 SP5 (for AMD64 & Intel64)

SUSE 15 SP5(AMD64) SUSE 15 SP5(Intel64) or SLES 15 SP5(AMD64) SLES 15 SP5(Intel64)

SUSE Linux Enterprise Server or Linux

SUSE Linux Enterprise Server 15 (for AMD64 & Intel64)

SUSE 15(AMD64) SUSE 15(Intel64) or SLES 15(AMD64) SLES 15(Intel64)

VMware ESXiTM 8.0

VMware ESXi 8.0

VMware ESXi

VMware Virtual SAN

vSAN

Microsoft Storage Spaces Direct

S2D

Terms For the major terms and abbreviations used in this manual, refer to “Glossary.”
Using PDF applications (Adobe Reader, etc.) Depending on the specifications of the PDF application you are using, issues (extra spaces and line breaks, missing spaces, line breaks, and hyphens in line breaks) may occur when you perform the following operations. – Saving to a text file – Copying and pasting text

High Risk Activity
The Customer acknowledges and agrees that the Product is designed, developed and manufactured as contemplated for general use, including without limitation, general office use, personal use, household use, and ordinary industrial use, but is not designed, developed and manufactured as contemplated for use accompanying fatal risks or dangers that, unless extremely high safety is secured, could lead directly to death, personal injury, severe physical damage or other loss (hereinafter “High Safety Required Use”), including without limitation, nuclear reaction control in nuclear facility, aircraft flight control, air traffic control, mass transport control, medical life support system, missile launch control in weapon system. The Customer shall not use the Product without securing the sufficient safety required for the High Safety Required Use. In addition, Fujitsu (or other affiliate’s name) shall not be liable against the Customer and/or any third party for any claims or damages arising in connection with the High Safety Required Use of the Product.

– iii –

To Use This Product Safely This document contains important information required for using this product safely and correctly. Read this manual carefully before using the product. In addition, to use the product safely, the customer must understand the related products (hardware and software) before using the product. Be sure to use the product by following the precautions on the related products. Be sure to keep this manual in a safe and convenient location for quick reference during use of the product.
Modifications The customer may not modify this software or perform reverse engineering through decompiling or disassembly.
Disclaimers Fujitsu Limited assumes no responsibility for any claims for losses, damages or other liabilities arising from the use of this product. The contents of this document are subject to change without notice.
Trademarks Microsoft, Windows, Windows Vista, Windows Server, Hyper-V, Active Directory, and the titles or names of other Microsoft products are trademarks or registered trademarks of Microsoft Corporation in the United States and other countries. Linux is a trademark or registered trademark of Linus Torvalds in the United States and other countries. Red Hat and all trademarks and logos based on Red Hat are trademarks or registered trademarks of Red Hat, Inc. in the United States and other countries. SUSE and the SUSE logo are trademarks or registered trademarks of SUSE LLC in the United States and other countries. VMware, VMware logo, VMware ESXi, VMware SMP, and vMotion are trademarks or registered trademarks of VMware, Inc. in the United States and other countries. Intel and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. Java is a registered trademark of Oracle Corporation and its subsidiaries/affiliates in the United States and other countries. Zabbix is a trademark of Zabbix LLC that is based in Republic of Latvia. PostgreSQL is a trademark of PostgreSQL in the United States and other countries. Apache is a trademark or registered trademark of Apache Software Foundation. Cisco is a trademark of Cisco Systems, Inc. in the United States and other countries. Elasticsearch is a trademark or registered trademark of Elasticsearch BV in the United States and other countries. Xen is a trademark of XenSource, Inc. Trend Micro and Deep Security are trademarks or registered trademarks of Trend Micro Incorporated. Nutanix is a trademark of Nutanix, Inc. in the United States and other countries. All other company and product names are trademarks or registered trademarks of the respective companies. All other products are owned by their respective companies.
Copyright Copyright 2017 – 2023 Fujitsu Limited This manual shall not be reproduced or copied without the permission of Fujitsu Limited.

Modification History

Edition 01 02

Issue Date September 2023 October 2023

Modification Overview

Section

First edition

–

–

Characters that cannot be used in user 2.3.2.1 Add user groups group names

User group information

– iv –

Edition 03

Issue Date Added notes

Modification Overview

Section

December 2023
Modification for ISM 2.9.0.010 patch application

Added description on Multi-Factor Authentication for Open LDAP/ Microsoft Active Directory (LDAP) user
Added article on the Suppression of Anomaly Detection

2.3.2.1 Add user groups
4.10.6 Confirm Anomaly Detection History

Table: “User group information”
–

4.10.6.1 Confirm occurrence status of the anomalies

New addition

4.10.6.2 Suppress Anomaly New addition Detection

4.10.6.3 Cancel Suppression New addition of Anomaly Detection

Added article on the operation of changing switch generations of PRIMEFLEX and changing the switched generations to the initial state

6.15.3 Switch Generation of PRIMEFLEX
6.15.4 Initialize the Generation of PRIMEFLEX

Step 4 New addition

Added article on ISM Backup and Restore using GUI, and modified the structure and images to meet the specification

8.1 Backup/Restore ISM
8.1.2.1 Back up ISM using the GUI
8.1.3.1 Restore ISM using the GUI

New addition
New addition

December 2023 Major reorganization of the manual or modification of contents

Modified description to meet GUI specifications

3.1.1 Discover Nodes in the Network and Register Nodes

Table: “Discovery (When you select “Normal” for [Discovery method])”, “When selecting PRIMEQUEST4000 (HTTPS) in [Discovery target]”

Added article on ETERNUS DX900 2.3.4.2 Edit node groups S5

Table: “Models in which tree structures are set between nodes”

Modified description on MIB file

3.2.2 Set Trap Reception for Add MIB File SNMP

Modified article on Anomaly Detection

4.10.2 Enable the Prediction “Point” of CPU Utilization Setting

4.10.4 Confirm the Current “Point” Anomaly Detection Status

Modified article on Rolling Update

6.7 Execute Rolling Update on the PRIMEFLEX System

Operation

-Requirements

6.7.2.1 Obtain the firmware data to be applied

6.7.2.4 Import the firmware to be applied into ISM-VA

– v –

Edition

Issue Date

Modification Overview

Section

6.7.2.12 Execute the preparations required for firmware updates

New addition

6.7.2.13 Check and take

–

actions on precautions for

ESXi patch/offline bundle

application if needed

6.7.3 Execute Rolling

-Update

Changed the function name from

Chapter 1 Common Operations
This chapter describes the common operations for each screen on the ISM GUI.
Point
For information on starting the ISM GUI and ISM GUI settings, refer to “2.1.1 GUI” in “User’s Guide.”

1.1 Display the Help Screen
In ISM, there are help screens that provide a detailed description for each screen. Refer to the help screen for descriptions of the content that is displayed. There are two ways to display the help screen. Select the appropriate procedure to display it for the screen you are on.
– Select [Help] – [Help for this screen] on the upper-right of each screen while it is displayed on the ISM GUI. – For currently displayed screens other than the above (wizards and so on), select [ ] on the right side.

1.2 Refresh the Screen

Except for some screens, ISM retrieves information when the screens are displayed. The information on each screen will not be automatically refreshed while the screen is displayed. When you want to display the most recent information, refresh the screen.

When you select the [Refresh] button (), the information will be retrieved again and the screen will be refreshed.

1.3 Confirm Event Logs
If an error is displayed on the ISM “Tasks” screen, check the messages from the ISM event log. To display the event log, from the Global Navigation Menu on the ISM GUI, select [Events] – [Events].
1.4 Upload Files Used in ISM to ISM-VA
This section describes the operations to upload files to ISM-VA using the ISM GUI.

1.4.1 Upload Files to ISM-VA
1. From the Global Navigation Menu on the ISM GUI, select [Settings] – [General]. 2. From the menu on the left side of the screen, select [Upload]. 3. Select the root directory from the list. 4. From the [Actions] button, select [Upload File].
The “Upload File” screen is displayed. a. Select a file type. b. When you select “Other” for the file type, select [Upload Target Path]. If you do not select “Other” for the file type, you cannot select [Upload Target Path]. c. Select the file to upload. Drag and drop the file to upload to the ISM GUI. Or select the [Browse] button to select the files to upload. If you want to upload multiple files, select the [Add] button and repeat Step a to c.
5. Select the [Apply] button.

Delete Files Uploaded to ISM-VA
1. From the Global Navigation Menu on the ISM GUI, select [Settings] – [General]. 2. From the menu on the left side of the screen, select [Upload]. 3. Select the root directory from the list. 4. Select the link of the directory or search files to display files to delete. 5. Select the checkbox for the file to delete. 6. From the [Actions] button, select [Delete File]. 7. On the “Delete File” screen, confirm the file names to delete, and then select the [Delete] button.
– 2 –

Chapter 2 Configure the Required Settings When Installing ISM
This chapter describes operations required for ISM installation. Perform these procedures after completing all the operations in “Chapter 3 Installation” in “User’s Guide.”
2.1 Configure Settings for Managing Nodes
ISM manages nodes in four tiers: data centers, floors, racks, and nodes. This section describes how to register and remove data centers, floors, and racks.
Point
This operation can be executed only by ISM Administrators (who belong to an Administrator group and have an Administrator role).

Register/Delete Datacenters
Datacenter corresponds to the building layer. This layer supposes a datacenter model with multiple floors.

Register a Datacenter Register the “Datacenter” layer showing the facility housing the datacenter. 1. From the Global Navigation Menu on the ISM GUI, select [Management] – [Datacenters]. The “Datacenter List” screen is displayed.

2. Select the button
The “Register Datacenter/Floor/Rack” screen is displayed. 3. In [Object of Registration], select [Datacenter]. 4. Enter the setting items, and then select the [Register] button.
Refer to the help screen for descriptions on the setting items. After datacenter registration is finished, the corresponding datacenter will be displayed on the “Datacenter List” screen. This finishes the datacenter registration.

Delete a Datacenter Delete a registered datacenter. 1. On the “Datacenter List” screen, select the datacenter to be deleted. 2. From the [Actions] button, select [Delete Datacenter]. The “Delete Datacenter” screen is displayed. Refer to the help screen regarding things to be careful about when deleting a datacenter. 3. Confirm that the datacenter to be deleted is correct, and then select [Delete].

2.1.2 Register/Delete Floors
This layer supposes a floor space where multiple racks are located.

– 3 –

Point
The floor view can be displayed on the Dashboard. Also, 3D view displays 3D graphics of the floor units.

Register a floor Register the “Floor” layer that represents the machine room in the datacenter facility.

1. Select the button on the “Datacenter List” screen.

The “Register Datacenter/Floor/Rack” screen is displayed. 2. In [Object of Registration], select [Floor]. 3. Enter the setting items, and then select the [Register] button.
For the setting item, [Datacenter], specify the data center registered in the “2.1.1 Register/Delete Datacenters.” Refer to the help screen regarding other setting items. After floor registration is finished, the corresponding floor is displayed on the “Datacenter List” screen. This finishes the floor registration.

Delete a floor Delete a registered floor. 1. On “Datacenter List” screen, select the floor to be deleted. 2. From the [Actions] button, select [Delete Floor]. The “Delete Floor” screen is displayed. Refer to the help screen regarding things to be careful about when deleting a floor. 3. Confirm that the floor to be deleted is correct, and then select [Delete].

2.1.3 Register/Delete Racks
This layer supposes a server rack with multiple managed devices (nodes) mounted.

Register a rack Register the “Rack” layer that represents the server racks on the floor.

1. Select the button on the “Datacenter List” screen.

The “Register Datacenter/Floor/Rack” screen is displayed. 2. In [Object of Registration], select [Rack]. 3. Enter the setting items, and then select the [Register] button. For the setting items, [Datacenter] and [Floor], specify the data center
and the floor registered in “2.1.1 Register/Delete Datacenters” and “2.1.2 Register/Delete Floors.” Refer to the help screen regarding other setting items. After rack registration is finished, the rack will be displayed on the “Datacenter List” screen. This finishes the rack registration.

Delete a rack Delete a registered rack
From the Global Navigation Menu on the ISM GUI, select [Datacenter]. The “Datacenter List” screen is displayed.
2. Select the rack to be deleted. 3. From the [Actions] button, select [Delete Rack].
The “Delete Rack” screen is displayed. Refer to the help screen regarding things to be careful about when deleting a rack. 4. Confirm that the rack to be deleted is correct, and then select [Delete].

Locate Racks on the Floor
Locate a rack on the floor. 1. On the “Datacenter List” screen, select the floor to set the rack position. The Details of floor screen is displayed. 2. From the [Actions] button, select [Set Rack Position]. The “Set Rack Position” screen is displayed. Refer to the help screen for information on the procedure to set the rack position. 3. Select the [Add] button. The “Unallocated Racks” screen is displayed. 4. Select the rack to be added, and then select the [Add] button. 5. Set the position of the rack, and then select the [Apply] button. After locating of the rack is finished, the rack will be displayed on the Details of Floor screen. This finishes the locating of the rack.
2.2 Set an Alarm (ISM internal events)
By setting alarms, you can send notifications to ISM external devices when ISM detects errors or events. When setting an alarm, it should be assigned in the following order.
1. Action settings (notification method) (Refer to “2.2.1 Execute Action Settings (notification method).”) 2. Test of Action (notification method) (Refer to “2.2.2 Execute Test for Action (notification method).”) 3. Alarm settings (Refer to “2.2.3 Set an Alarm to the ISM Internal Event.”)

Execute Action Settings (notification method)
Set a notification method for communication with ISM externals. The following are the notification methods:
– Execute an arbitrary script deployed on the external host – Send mail – Send/Forward SNMP traps to the external SNMP manager – Forward/Send event messages to the external Syslog server
Point
– When executing an arbitrary script, you can specify an argument.
– 5 –

– When mail is sent, messages can be encrypted with S/MIME. – Refer to the help screen for descriptions on other setting items for each screen.

Preparations are required before Action settings (notification method). According to Action settings type (notification method), execute the following settings respectively.
– 2.2.1.1 Execute a script deployed on the external host – 2.2.1.2 Send mail – 2.2.1.3 Execute sending/forwarding a trap – 2.2.1.4 Execute Syslog forwarding

2.2.1.1 Execute a script deployed on the external host

Pre-settings Any script files to be executed must be deployed on the external host in advance. The OSes of the external host that can be used and executable script files are as follows.

OS Windows Azure Stack HCI Red Hat Enterprise Linux SUSE Linux Enterprise Server

Script file (file extension) Batch file (.bat)
Shell script (.sh)

1. Prepare a script file to use in the action setting. 2. Deploy the script file to an arbitrary directory on the OS of the host.
If it is a shell script, set the execution privilege to the user who specifies the settings. 3. Specify the same settings as of the monitoring target OS to the OS of the external host.
This setting is required to access to the external host from ISM and execute the script file. For information on the setting procedure, refer to “Appendix B Settings for Monitoring Target OS and Cloud Management Software” in “User’s Guide.”

Action settings 1. From the Global Navigation Menu on the ISM GUI, select [Events] – [Alarms]. 2. From the menu on the left side of the screen, select [Actions]. The “Action List” screen is displayed. 3. From the [Actions] button, select [Add]. The “Add Action” screen is displayed. 4. Select “Execute Remote Script” in [Action Type]. 5. Enter the setting items, then select the [Apply] button. Refer to the help screen for entering the setting items. After action addition is finished, the set action will be displayed on the “Action List” screen.

2.2.1.2 Send mail

– 6 –

Pre-settings 1. From the Global Navigation Menu on the ISM GUI, select [Events] – [Alarms]. 2. From the menu on the left side of the screen, select [SMTP Server]. The “SMTP Server Settings” screen is displayed. 3. From the [Actions] button, select [Edit]. The “SMTP Server Settings” screen is displayed. 4. Enter the setting items, then select the [Apply] button. When sending encrypted mail, execute the following settings as well. 5. Prepare the personal certificate. Confirm that the certificate is in PEM format and that the certification and recipient mail address is encrypted. 6. Use FTP to transfer it to ISM-VA. Access the following site with FTP to store the certificate.
ftp:////ftp/cert
7. From the Console as an administrator, log in to ISM-VA. 8. Import the certificate to the ISM-VA to execute the command.

ismadm event import -type cert When executing the command, all of the

certificates stored in the FTP by each user will be imported together.
Action settings 1. From the Global Navigation Menu on the ISM GUI, select [Events] – [Alarms]. 2. From the menu on the left side of the screen, select [Actions]. The “Action List” screen is displayed. 3. From the [Actions] button, select [Add]. The “Add Action” screen is displayed. 4. Select “Send E-Mail” in [Action Type]. 5. Enter the setting items, then select the [Apply] button. Refer to the help screen for entering the setting items. After the action is added, the set action is displayed on the “Action List” screen.

Execute sending/forwarding a trap
Pre-settings 1. From the Global Navigation Menu on the ISM GUI, select [Events] – [Alarms]. 2. From the menu on the left side of the screen, select [SNMP Manager]. The “SNMP Manager List” screen is displayed. 3. From the [Actions] button, select [Add]. The “Add SNMP Manager” screen is displayed. 4. Enter the setting items, then select the [Apply] button.
Action settings 1. From the Global Navigation Menu on the ISM GUI, select [Events] – [Alarms].
– 7 –

2. From the menu on the left side of the screen, select [Actions]. The “Action List” screen is displayed.
3. From the [Actions] button, select [Add]. The “Add Action” screen is displayed.
4. Select “Send/Forward Trap” in [Action Type]. 5. Enter the setting items, then select the [Apply] button.
Refer to the help screen for entering the setting items. After the action is added, the set action is displayed on the “Action List” screen.

Execute Syslog forwarding
You must set the external Syslog server to be able to receive Syslog forwarding from ISM.
For the supported OSes as external Syslog servers, refer to “Support Matrix. Select [Select a new Product] on the above site and enter “Infrastructure Manager” in [Product Search:]. Select [DOWNLOADS] and select the target operating system. The reference procedures are subject to change without notice.
To be able to receive Syslog, log in to the external Syslog server with root privilege and change the settings according to the following procedure. This section describes the minimum settings required for reception.
The following example shows cases where Syslog forwarding is executed using the TCP 514 port. Set the appropriate values when you use UDP or different ports.
1. Execute the following command to start editing /etc/rsyslog.conf.From the [Actions] button, select [Add]. The “Add Action” screen is displayed.
4. Select “Forward Syslog” in [Action Type]. 5. Enter the setting items, then select the [Apply] button.
Refer to the help screen for entering the setting items. After the action is added, the set action is displayed on the “Action List” screen.

Execute Test for Action (notification method)
1. From the Global Navigation Menu on the ISM GUI, select [Events] – [Alarms]. 2. From the menu on the left side of the screen, select [Actions].
The “Action List” screen is displayed. 3. From the “Action List” screen, select the action to execute a test. 4. From the [Actions] button, select [Test].
The “Action test” screen is displayed. 5. Select the [Test] button.
The test of the action is executed. Confirm that the action has been performed.
2.2.3 Set an Alarm to the ISM Internal Event
1. From the Global Navigation Menu on the ISM GUI, select [Events] – [Alarms]. 2. From the menu on the left side of the screen, select [Alarms]. 3. From the [Actions] button, select [Add].
The “Add Alarm” wizard is displayed. When setting alarms to the errors or events in ISM, select “System” in [Applicable Type] on the “2. Target” screen in the “Add Alarm” wizard. Refer to the help screen for entering other setting items. 4. Confirm the contents on the “5. Confirmation” screen, and then select the [Apply] button. After alarm addition is finished, the set alarm will be displayed on the “Alarm List” screen. This finishes the alarm setting to the ISM internal event.

Configure ISM Users
By specifying a type of user group or user role at user registration, you can specify administrator users.

Point
– For information on the types of user groups or the types of user roles and their accessible range or operation privileges, refer to “2.13.1 User Management” in “User’s Guide.”
– Users who belong to an Administrator group and have an Administrator role are special users (ISM administrator) who can perform all the operations in ISM.
– 9 –

2.3.1 Manage ISM Users
The following three types of operations to manage users are available. – 2.3.1.1 Add users – 2.3.1.2 Edit users – 2.3.1.3 Delete users
2.3.1.1 Add users
Point
This operation can be executed only by users with the Administrator role.

Add new users by the following procedure. 1. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. 2. From the menu on the left side of the screen, select [Users]. 3. From the [Actions] button, select [Add]. The information to be set when you register new users is as follows:

Table 2.1 User information Item

Setting contents

User Name

Set a unique name to all users to be registered in ISM. The following names cannot be used:

– A name starting with _ [Note]

– administrator

– anonymous [Note]

– svimcontent [Note] [Note]: This is not displayed on the “User List” screen.

Link with ISM

You can select one of the following:

– Do not set this user as a link user

– Set this user as a link user

Password

Specify a user password.

Authentication Method

You can select one of the following:

– Follow user group setting

– Infrastructure Manager (ISM)

Multi-Factor Authentication (MFA)

You can select one of the following: – Follow user group setting

– Disable

Users created before ISM 2.8.0.010 are set to “Disable.”

User Role

You can select one of the following:

– Administrator

– Operator

– Monitor

– 10 –

Item
Description Language Date Format Time Zone

Setting contents For information on user roles, refer to “2.13.1 User Management” in “User’s Guide.” Freely enter a description of the user (comment) as required. Specify either Japanese or English. If you do not specify the language, English is used. Select the format for the date. Select the time zone.

After setting the user information, select the user group the user belongs to.

2.3.1.2 Edit users

Point

For this operation, the information that can be changed differs depending on the type of user group or type of user role.

Modify the user information by the following procedure. 1. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. 2. From the menu on the left side of the screen, select [Users]. 3. Execute one of the following: – Select the checkbox for the user you want to edit, and from the [Actions] button, select [Edit]. – Select the name of the user you want to edit and when the information screen is displayed, from the [Actions] button, select [Edit]. The information that can be modified is as follows.

User information
User Name Link with ISM Password Authentication Method Multi-Factor Authentication (MFA) User Role Description Language Date Format Time Zone User Group

Y: Changeable; N: Not changeable

Note
– If your system works in link with LDAP, changing any passwords does not change the passwords on the LDAP server. – When selecting [Set this user as a link user] in link with ISM, edit the password at the same time.

– 11 –

– If you change the password, the previous session will be disconnected and you will be logged out.

2.3.1.3 Delete users
Point
This operation can be executed only by users with the Administrator role.
Delete any users as required by the following procedure. 1. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. 2. From the menu on the left side of the screen, select [Users]. 3. Execute one of the following: – Select the checkboxes for the users you want to delete, and from the [Actions] button, select [Delete]. – Select the name of the user you want to delete and when the information screen is displayed, from the [Actions] button, select [Delete].
2.3.2 Manage User Groups
The following types of user group management are available. – 2.3.2.1 Add user groups – 2.3.2.2 Edit user groups – 2.3.2.3 Delete user groups
Point
This operation can be executed only by ISM Administrators (who belong to an Administrator group and have an Administrator role).

2.3.2.1 Add user groups
ISM administrators add new user groups by the following procedure. 1. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. 2. From the menu on the left side of the screen, select [User Groups]. 3. From the [Actions] button, select [Add]. The information to be set when you newly add a user group is as follows:

Table 2.2 User group information Item

Setting contents

User Group Name

Set a unique name to all user groups to be registered in ISM.

The following names cannot be used because they are used by ISM:

– A name starting with __ (two half-width underbars)

– Administrator

– AbstractionLayer

– anonymous

– svimcontent

– 12 –

Item Authentication Method
Multi-Factor Authentication (MFA)
iRMC Login/AVR
Link with LDAP Groups Link with groups of the LDAP server
LDAP groups to link with User role of the users belong to the LDAP group Description Managed Nodes

Setting contents Note: If the user group name contains single-byte spaces and the ismadm command is executed by a user who belongs to that group, execution may fail. For Authentication Method for users who belong to the user group, specify one of the following:
– Infrastructure Manager (ISM) The password that is used when adding a user with ISM.
– Open LDAP / Microsoft Active Directory (LDAP) The password that is managed by Open LDAP or Microsoft Active Directory.
Specify one of the following: – Enable Enables Multi-Factor Authentication. In addition to the user name and password, an authorization code is required to log in to ISM. – Disable Disables Multi-Factor Authentication. You can log in to ISM with a user name and password.
you can set to Enable only when [Authentication Method] is “Infrastructure Manager (ISM).” You can enable Multi-Factor Authentication regardless of the [Authentication Method] (ISM 2.9.0.010 or later). User groups created before ISM 2.8.0.010 are set to “Disable.” Specify one of the following:
– Enable Enables iRMC Login and AVR.
– Disable Disables iRMC Login and AVR.
Specify when [Authentication Method] is “Open LDAP / Microsoft Active Directory (LDAP).” Specify when linking with users on a directory server. Specify one of the following:
– To manage user passwords created in ISM on a directory server Do not select [Link with groups of the LDAP server]. For details, refer to “2.3.3.1 Manage user passwords created in ISM on a directory server.”
– To manage users and passwords on directory servers Select [Link with groups of the LDAP server]. For details, refer to “2.3.3.2 Manage users and passwords on directory servers.”
Displayed when you select [Link with groups of the LDAP server]. When you link with users on the directory server, specify which group of which domain you will link to. Displayed when you select [Link with groups of the LDAP server]. Specify the user roles for the users to be linked.
Enter a description of the user group (comment). You can freely enter any contents as required. Create correlations between user groups and node groups as required by selecting a node group. Specify one of the following:
– Nodes in the selected node group

– 13 –

Item

Setting contents

You can specify the node group to correlate with in “Node Group Name.”

– Manage all nodes

This makes all nodes managed.

When [Nodes in the selected node group] is selected in the “Administrator” group or in [Managed Nodes], the size restriction and threshold for each usage can be specified.

Table 2.3 Setting size restriction and threshold for each usage

Utilization

Size restriction

Threshold monitoring

All user groups

Specify the total size of the files used by the user group to [Maximum size] in units of MB. The total size of the files is the total of the following files:
– Repository

Specify the threshold value exporting an alert message to the Operation Log to [Warning threshold] in units of %. A warning message is exported to the Operation Log.

– Archived Logs

– Node Logs

– Files handled with ISM-VA in FTP

If the actual utilization size exceeds the specified [Maximum size], an error message is exported to the Operation Log. Even when the [Maximum size] value is exceeded, this does not affect the operations of Repository, Archived Log, and Node Log.

Repository

Specify the total size of the files imported to Repository to You cannot specify the value. [Maximum size] in units of MB.

If the total utilization rate of the imported files exceeds the value of the specified [Maximum size], the currently executed import to the Repository results in error and an error message is exported to the Operation Log.

Archived Logs

Specify the total size of Archived Log to [Maximum size] in units of MB.
If the total size of the Archived Log exceeds the specified [Maximum size], newly created logs are not stored in Archived Log and an error message is exported to the Operation Log.

Specify the threshold value exporting an alert message to the Operation Log to [Warning threshold] in units of %.
A warning message is exported to the Operation Log.

Note that if [Maximum size] is set to the “0” default value, the occurred logs will not be archived and an error message will be exported to the Operation Log every time.

The logs stored before exceeding the [Maximum size] remains stored.

Node Logs

You can specify the total size of download data and log search data to [Maximum size] in units of MB.
The log search data can only be specified to the Administrator user group.
If either of the total size of download data or the log search data exceeds the value specified in [Maximum Size], neither download data nor log search data are exported and an error message will be exported to the Operation Log.

You can specify the threshold value that exports an alert message to the size of download data and the size of log search data, to [Warning threshold] in units of %.
A warning message is exported to the Operation Log.

– 14 –

Utilization

Size restriction
If the [Maximum size] of either download data, log search data or both is set to the default “0,” neither data will be exported nor an error message will be exported to the Operation Log.

Threshold monitoring

For information on the procedure to estimate the total size of files imported to Repository, the size of Archived Log, and the size of Node Log (data for downloads, log search data), refer to “3.2.1 Disk Resource Estimation” in “User’s Guide.”

Note
– Only one node group can be correlated with a user group. – Every user who belongs to the user group can execute operations only on the nodes belonging to the node group that is correlated with
that user group. They cannot access any nodes in node groups that are not correlated with their user group. – Soon after creating a user group, execute the operations in “3.7.2 Allocation of Virtual Disks to User Groups” in “User’s Guide.” – If you select “Manage all nodes,” the user group, as well as the Administrator groups, you can access all the node groups and user groups.
However, the repository is shared with the Administrator groups.

2 Edit user groups
ISM administrators edit the information on user groups with the following procedure. 1. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. 2. From the menu on the left side of the screen, select [User Groups]. 3. Execute one of the following: – Select the checkbox for the user group you want to edit, and from the [Actions] button, select [Edit]. – Select the name of the user group you want to edit and when the information screen is displayed, from the [Actions] button, select [Edit]. The information that can be edited is as follows:

– Only one node group can be correlated with a user group. Newly linking another node group to a user group to which a node group is already linked disables the existing correlation with the older node group.
– About the system volume warning messages – The used size of the system volume is checked every ten minutes. – If the used size of the system volume is larger than the value of the threshold, a warning message is output. – If the warning message displayed once is not resolved, the same message will be displayed every 24 hours. – If the warning message displayed once is resolved, and the threshold is exceeded again, the same message is output. – If a warning message is output, take the following countermeasures: – Delete unnecessary files in the repository. – Use the ismadm command to expand the size of the LVM volume.
2.3.2.3 Delete user groups
ISM administrators can delete any user groups with the following procedure. 1. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. 2. From the menu on the left side of the screen, select [User Groups]. 3. Execute one of the following: – Select the checkboxes for the user groups you want to delete, and from the [Actions] button, select [Delete]. – Select the name of the user group you want to delete and when the information screen is displayed, from the [Actions] button, select [Delete].
Note
– You cannot delete Administrator groups. – You cannot delete user groups that have members.
Before you delete a user group, delete all users who belong to the user group, or change the affiliations of all users to other user groups. – Even if you delete user groups that are correlated with node groups, the node groups will not be deleted. – You cannot undo deletion of a user group. – When you delete a user group, all related data (repositories) are also deleted.
2.3.3 Link with Microsoft Active Directory or LDAP
By linking ISM with directory servers, you can integrate the management of users and passwords. There are two ways to manage the users and passwords that are used by a directory server:
– Manage the passwords of users that were created in ISM on a directory server When users log in to ISM, they are authenticated using a password that is managed on the directory server. Both the ISM and directory server are operated by creating the same user name on both servers.
– Manage users and passwords on a directory server Users can log in to ISM using a user name and password that is managed on the directory server. You do not need to create a user in ISM.
– 16 -Manage user passwords created in ISM on a directory server
The procedure is as follows. 1. Register users for operation in link with the directory server on the directory server. 2. Log in to ISM as a user who belongs to an Administrator group and has an Administrator role. 3. If the settings contain no information on the directory server, set the information for the LDAP server. a. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. b. From the left side of the screen, select [LDAP Servers]. c. In [Link with Users], select “Primary” or “Secondary.” d. From the [Actions] button, select [Edit]. The “Edit LDAP Server Settings” screen is displayed. e. Set the LDAP server information. For information on the settings, check with the administrator of the directory server.

Item Host Name
Port Number Base DN
Search Attribute Bind DN
Password SSL Authentication

Setting contents Specify the name of the directory server. Specify one of the following:
– URL or IP address – ldap:// or ldap:// – ldaps:// or ldaps:// Specify the port number of the directory server. Specify the base DN for searching accounts. This information depends on the registered contents on the directory server. Example: – For LDAP: ou=Users,ou=system – For Microsoft Active Directory: DC=company,DC=com Specify the account attribute for searching accounts. Specify one of the following fixed character strings: – For LDAP: uid – For Microsoft Active Directory: sAMAccountName Specify the accounts that can be searched on the directory server. This information depends on the registered contents on the directory server. Example: – For LDAP: uid=ldap_search,ou=system – For Microsoft Active Directory: CN=ldap_search,OU=user_group,DC=company,DC=com
Or ldap_search@company.com “anonymous” is not supported. Specify the password for the account you specified under Bind DN. If you want to use SSL for the connection to the directory server, set up SSL authentication.

Set the following if you want to use SSL for the connection with the directory server. – Specify the LDAP server name following “ldaps://.” – Specify the port number for SSL communication (Example: 636).

– 17 –

– Set the SSL certificate using the following. – Set the SSL certificate after you have uploaded it to the Administrator/ftp directory. – After you have set the SSL certificate, delete it since it is no longer needed. – Specify the URL that is in the SSL certificate as the LDAP server name.
Example procedure for setting an SSL certificate for Microsoft Active Directory 1. Select [Control Panel] – [Administrative Tools] – [Certificate Authorities]. 2. Right-click the target server, and then select [Properties] – [General] – [Certification authority (CA)]. 3. Select [View Certificates] to confirm the certificate. 4. Select [Details] in the dialog, and then select [Copy to File…]. 5. In the certificate export wizard, select [Next], and then select “Base64 encoded X509(CER)(S).” Specify where to save the file, and then select [Done]. 6. Upload the file you saved to “Administrator/ftp/.” 7. Specify the file you saved above (you do not need to specify “Administrator/ftp”).
4. Prepare the user groups for which you set Microsoft Active Directory or LDAP as the authentication method for ISM. a. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. b. From the menu on the left side of the screen, select [User Groups] and add a user group.
The information to be registered is as follows.

Item User Group Name Authentication Method Link with LDAP Groups Setting contents Specify any user group name. Specify “Open LDAP / Microsoft Active Directory (LDAP).” Clear the [Link with groups of the LDAP server] checkbox. For more information, refer to “2.3.2.1 Add user groups.” 5. Add the user that you registered in the directory server in Step 1 to the ISM user group created in Step 4.
a. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. b. From the menu on the left side of the screen, select [Users] and add a user. The information to be registered is as follows.

Item User Name Link with ISM Password
Authentication Method User Role Description Language Date Format Time Zone User Group Name

Setting contents Specify the names of the users you registered in Step 1. Specify when using as a user for linking. For situations when operation in link is disabled, specify a password different from that in Step 1. Note that the password you specify here is also used when you log in with FTP. Specify “Follow user group setting.” Specify the user role in ISM. Freely specify any values as required. Specify the language that is used by the user to be added. Specify the date format that is used by the user to be added. Specify the time zone that is used by the user to be added. Specify the name of the user group you prepared in Step 4.Confirm that the users you registered in Step 5 are able to log in. Specify the following, and log in. – User Name User name registered in ISM – Password User password on the directory server

If you modified the password of a user specified with bind DN on a directory server, the modifications are not reflected in the ISM settings. Modify the password in the ISM LDAP server settings.
Procedure for disabling the settings The procedure for disabling operations in link for linked user groups and users is as follows. The user password that was set in the operation for registration or change of the user is enabled after disabling the link. – Disable link with users Execute one of the following: – Change the user group to which the relevant user belongs to a user group that is not linked. Edit the user information to make this change. a. Log in to ISM as a user who belongs to the user group that manages all nodes and has an Administrator role. b. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. c. From the left side of the screen, select [Users]. The “User List” screen is displayed. d. Select a user to disable the link with, and from the [Actions] button, select [Edit]. e. On the “Edit User Settings” screen, change the user group name to a group name it is not linked with. – Change the user authentication method to “Infrastructure Manager (ISM).” a. Log in to ISM as a user who belongs to the user group that manages all nodes and has an Administrator role. b. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. c. From the left side of the screen, select [Users]. The “User List” screen is displayed. d. Select a user to disable the link with, and from the [Actions] button, select [Edit]. e. On the “Edit User Settings” screen, select “Infrastructure Manager (ISM)” for [Authentication Method], and select the [Apply] button. – Disable link with user groups 1. Log in to ISM as a user who belongs to an Administrator group and has an Administrator role. 2. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. 3. From the left side of the screen, select [User Groups]. The “User Group List” screen is displayed. 4. Select the user group to disable the link with LDAP groups and from the [Actions] button, select [Edit]. 5. On the “Edit User Group Settings” screen, select “Infrastructure Manager (ISM)” for [Authentication Method], and select the [Apply] button.
– 19 –

2.3.3.2 Manage users and passwords on directory servers
The procedure is as follows. 1. Register groups and users for operation in link with Microsoft Active Directory on the directory server. 2. Log in to ISM as a user who belongs to an Administrator group and has an Administrator role. 3. If the settings contain no information on the directory server, set the information for the LDAP server. a. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. b. From the menu on the left side of the screen, select [LDAP Servers]. c. Select the LDAP server in [Link with Groups], and from the [Actions] button, select [Edit]. The “Edit LDAP Server Settings” screen is displayed. d. Set the information for the LDAP server. The linking of user accounts is supported only for Microsoft Active Directory. For information on the settings, check with the administrator of the directory server.

Item LDAP Server Settings Link with CAS
Host Name
Port Number Base DN
Bind DN
Password SSL Certificate Host Setting

Setting contents Specify “Enable” or “Disable” for the domain. Specify “Enable” or “Disable” for CAS.
– Enable: Use CAS – Disable: Do not use CAS Specify the name of the directory server. Specify one of the following: – URL or IP address – ldap:// or ldap:// – ldaps:// or ldaps:// Specify the port number of the directory server. Specify the base DN for searching accounts. This information depends on the registered contents on the directory server. Example: – For Microsoft Active Directory: DC=company,DC=com Specify the accounts that can be searched on the directory server. This information depends on the registered contents on the directory server. Example: – For Microsoft Active Directory: ldap_search@company.com – “anonymous” is not supported. Specify the password for the account you specified under Bind DN. Set SSL authentication for the directory server. Select the checkbox to enable the settings for the directory server.

You can specify multiple host names, port numbers, SSL certificates, and host settings. If you have specified multiple items, they are used based on the active directory server, from top to bottom. Set the following if you want to use SSL for the connection with the directory server.
– Specify the LDAP server name following “ldaps://.” – Specify the port number for SSL communication (Example: 636).

– 20 –

– Set the SSL certificate using the following. – Set the SSL certificate after you have uploaded it to the Administrator/ftp directory. – After you have set the SSL certificate, delete it since it is no longer needed. – Specify the URL that is in the SSL certificate as the LDAP server name. Example procedure for setting an SSL certificate for Microsoft Active Directory 1. Select [Control Panel] – [Administrative Tools] – [Certificate Authorities]. 2. Right-click the target server, and then select [Properties] – [General] – [Certification authority (CA)]. 3. Select [View Certificates] to confirm the certificate. 4. Select [Details] in the dialog, and then select [Copy to File…]. 5. In the certificate export wizard, select [Next], and then select “Base64 encoded X509(CER)(S).” Specify where to save the file, and then select [Done]. 6. Upload the file you saved to “Administrator/ftp/.” 7. Specify the file you saved above (you do not need to specify “Administrator/ftp”).
4. Create the ISM user group that corresponds to the group on the directory server. a. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. b. From the menu on the left side of the screen, select [User Groups], and then add a user group.
The information to be registered is as follows.

Item User Group Name Authentication Method Link with LDAP Groups

Setting contents Specify an arbitrary group name. Specify “Open LDAP / Microsoft Active Directory (LDAP).” Select the [Link with groups of the LDAP server] checkbox, and then specify the following.
– LDAP groups to link with Specify a domain name and a group name that exists in that domain.
– User role of the users belong to the LDAP group Specify a user role.

For information other than the above, refer to “2.3.2.1 Add user groups.” 5. Confirm that the users that belong to the “LDAP group to link with” registered in Step 4 are able to log in to ISM with the following:
– User Name Specify the name of the directory server in “@<Domain name>” format.
– Password User password on the directory server
The “Select Login User Group” screen is displayed when the login user belongs to multiple user groups. Specify the login user group.

Point
– A user is created in ISM when you have logged in to ISM with the user on the directory server. – Delete users that have been created in ISM when a user has been deleted from the directory server or when a user has been removed from
a group. Even if user names are the same, users with different domains are handled as separate users.

Note
– The linking of users on a directory server is supported only for Microsoft Active Directory. – You cannot use FTP and SSH when you have linked with a user on a directory server. – You cannot log in to ISM with a user on a directory server that has the same name as an existing user in ISM. Change the name of the
user, or delete the ISM user. – Users are handled as follows depending on how they are specified when they log in:
– When @Domain name is specified Link with Microsoft Active Directory Group user
– When @Domain name is not specified Users that correspond to “2.3.3.1 Manage user passwords created in ISM on a directory server.” Or, users that are not linked with Microsoft Active Directory or LDAP
Upper case and lower case are not distinguished in domain names. – The connection with the LDAP server is checked for all directory servers when you select the [Apply] or [Test] button if you have
enabled the LDAP server settings. – The connection with the LDAP server is checked for directory servers that have the checkbox selected for host settings when you select
the [Apply] or [Test] button. – If you modified the password of a user specified with bind DN on a directory server, the modifications are not reflected in the ISM
settings. Modify the password in the ISM LDAP server settings.

Procedure for disabling the settings The procedure for disabling linked user accounts on a directory server is as follows. 1. Log in to ISM as a user who belongs to an Administrator group and has an Administrator role. 2. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. 3. From the menu on the left side of the screen, select [User Groups]. The “User Group List” screen is displayed. 4. Select a user group to disable Link with LDAP Groups, and from the [Actions] button, select [Edit]. 5. On the “Edit User Group Settings” screen, from the list in [Link with LDAP Groups] – [LDAP groups to link with], select [x] next to the LDAP group name that you want to disable to delete. Select the [Apply] button. If you disable all LDAP groups to link with and the user group is not needed anymore, delete all users that belong to the user group, and then delete the user group. For details, refer to “2.3.1.3 Delete users” and “2.3.2.3 Delete user groups.”

Manage Node Groups

The following types of node group management are available. – 2.3.4.1 Add node groups – 2.3.4.2 Edit node groups – 2.3.4.3 Delete node groups
– 22 –

Point
This operation can be executed only by ISM Administrators (who belong to an Administrator group and have an Administrator role).

2.3.4.1 Add node groups
ISM administrators can newly add node groups with the following procedure. 1. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. 2. From the menu on the left side of the screen, select [Node Groups]. 3. From the [Actions] button, select [Add Node Group].
Or 1. From the Global Navigation Menu on the ISM GUI, select [Management] – [Node Groups].

2. Select the

button on the “Node Group List” screen.

The information to be set when you add a new node group is as follows: – Node Group Name Set a unique name to all node groups to be registered in ISM. – Selection of Nodes to be Assigned Select multiple nodes for which the node group affiliation is [Unassigned]. Note that, if you do not assign any nodes here, you can also assign them at a later stage by editing the node group.

Note
Each node can belong to only one node group.

2.3.4.2 Edit node groups
ISM administrators can edit node groups with the following procedure. 1. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. 2. From the menu on the left side of the screen, select [Node Groups]. 3. Execute one of the following: – Select the checkbox for the node group you want to edit, from the [Actions] button, select [Edit Node Group]. – Select the name of the node group you want to edit and, when the information screen is displayed, from the [Actions] button, select [Edit Node Group].
Or 1. From the Global Navigation Menu on the ISM GUI, select [Management] – [Node Groups]. 2. Select the node group from the Node Group List on the left side of the screen, from the [Actions] button, select [Edit Node Group].
The information to be set when you edit a node group is as follows: – Node Group Name Set a unique name to all node groups to be registered in ISM. – Selection of Nodes to be Newly Assigned Select multiple nodes for which the node group affiliation is [Unassigned].
To release or change a node assignment, follow the procedure below.

– 23 –

1. From the Global Navigation Menu on the ISM GUI, select [Management] – [Node Groups]. 2. Select the node group from the Node Group List on the left side of the screen. 3. Select a node on the right side of the screen, then select [Assign to Node Group] from the [Node Actions] button. 4. On the “Assign to Node Group” screen, select the [Select] button. 5. On the “Select Node Group” screen, select one of the following, and then select the [Select] button:
– For disabling a node assignment: [Unassigned] – For changing a node assignment: [] 6. On the “Assign to Node Group” screen, select the [Apply] button.
Note
For nodes in the tree structure, only the parent node can execute [Assign to Node Group]. The child node is automatically set to the same node group as the parent node. For nodes in the tree structure, an icon of structure path is displayed next to the node name on the “Node List” screen. Models where a tree structure is specified are as described in “Table 2.4 Models in which tree structures are set between nodes.”

[Note]: For ETERNUS DX900 S5, no drive enclosures display on the child nodes.

2.3.4.3 Delete node groups
ISM administrators can delete node groups with the following procedure. 1. From the Global Navigation Menu on the ISM GUI, select [Settings] – [Users]. 2. From the menu on the left side of the screen, select [Node Groups]. 3. Execute one of the following: – Select the checkboxes for the node groups you want to delete, from the [Actions] button, select [Delete Node Group]. – Select the name of the node group you want to delete and, when the information screen is displayed, from the [Actions] button, select [Delete Node Group].
Or 1. From the Global Navigation Menu on the ISM GUI, select [Management] – [Node Groups]. 2. Select the node group from the Node Group List on the left side of the screen, from the [Actions] button, select [Delete Node Group].

Note
You cannot delete node groups that contain any nodes. Before you delete a node group, execute one of the operations described below. – Delete any nodes in advance – Release any node assignments – Assign any nodes to other node groups

– 25 –

Chapter 3 Register/Set/Delete a Managed Node
This chapter describes various settings such as registration/deletion of managed nodes, alarm settings for managing nodes, etc.
3.1 Register/Delete Managed Nodes
Node registration can be executed either by discovering and registering existing nodes in the network, or by directly entering the node information. When the information registered in ISM and the information registered in the node does not match, the functionality of the ISM might be limited.
Note
If the parent node of a node with a tree structure between nodes is registered, the child node is automatically registered. The child node is automatically set to the same node group as the parent node. For nodes in the tree structure, an icon of structure path is displayed next to the node name on the “Node List” screen. Models where a tree structure is specified are as described in “Table 2.4 Models in which tree structures are set between nodes.”
3.1.1 Discover Nodes in the Network and Register Nodes
1. From the Global Navigation Menu on the ISM GUI, select [Structuring] – [Node Registration]. The “Node Registration” screen is displayed. Devices discovered by Auto Discovery are displayed in [Discovered Node List]. Proceed to Step 8.
Point
For target nodes by Auto Discovery, refer to “Support Matrix.” https://support.ts.fujitsu.com/index.asp Select [Select a new Product] on the above site and enter “Infrastructure Manager” in [Product Search:]. Select [DOWNLOADS] and select the target operating system. The reference procedures are subject to change without notice.
2. From the [Actions] button, select [Discover nodes]. The “Discover Nodes” screen is displayed.
3. Select [Discovery method]. Select one of the following. Screen display differs depending on your selection in [Discovery method]. – Normal Execute discovery to set the discovery range by specifying the IP address range. Proceed to Step 4. – CSV upload Execute discovery to specify the CSV file in which discovery targets are specified. Proceed to Step 5.
4. When you select “Normal” in [Discovery method], set the [Discovery IP Address range] and [Discovery target], and then set the required setting items for each discovery target. After finishing all settings, select the [Execute] button.
Note
If you specify the IP address in the discovery IP address range with a different number of the third octet (for example, 10.10.0.1 10.10.4.255), Manual Discovery may take several hours or more to complete. To check the latest information, select the [Refresh] – 26 –

button or set [Auto Refresh]. To stop Manual Discovery, select the [Cancel] button on the “Discovery Detail” screen. Note that although you cancel Manual Discovery, the discovery results up to the time of the cancellation are still displayed.

Table 3.1 Discovery (When you select “Normal” for [Discovery method])

Setting items

Setting contents

Discovery IP Address range

Set the discovery range by specifying the IP address range, the FQDN, or the host name. The discovery IP address range can be specified up to the third octet.

Discovery target

Select from the following items:

– Server (iRMC/BMC)

Select when you want to discover the server or PRIMEQUEST 3800B.

– PRIMERGY 2/4/8WAY M7 or later (HTTPS)

Select when you want to discover PRIMERGY M7 series or later.

– PRIMERGY CX1430 M1, PRIMERGY GX (BMC + HTTPS)

Select when you want to discover PRIMERGY CX1430 M1 or PRIMERGY GX.

– PRIMEQUEST2000, PRIMEQUEST3000E (MMB + SSH + SNMP)

Select when you want to discover PRIMEQUEST 2000 series and PRIMEQUEST 3000 series except PRIMEQUEST 3800B.

– PRIMEQUEST4000 (HTTPS)

Select when you want to discover PRIMEQUEST 4000 series.

– Switch, Storage, PRIMERGY BX Chassis (SSH + SNMP)

Select when you want to discover storage, network switch, or PRIMERGY BX chassis.

– Facility (SNMP)

Select when you want to discover RackCDU, PDU, or UPS.

Table 3.2 When selecting Server (iRMC/BMC) in [Discovery target]

Setting items

Description

iRMC/BMC

–

User Name

iRMC/BMC User Name

Password

iRMC/BMC Password

IPMI Port Number

iRMC/BMC Port Number (Default: 623)

HTTPS Port Number

HTTPS Port Number (Default: 443)

Table 3.3 When selecting PRIMERGY 2/4/8WAY M7 or later (HTTPS) in [Discovery target]

Setting items

Description

HTTPS

–

Port Number

HTTPS Port Number (Default: 443)

Table 3.4 When selecting PRIMERGY CX1430 M1, PRIMERGY GX (BMC + HTTPS) in [Discovery target]

Setting items

Description

BMC

–

User Name

BMC User Name

Password

BMC Password

– 27 –

Setting items Port Number HTTPS User Name Password Port Number

BMC Port Number (Default: 623) HTTPS User Name HTTPS Password HTTPS Port Number (Default: 443)

Description

Table 3.5 When selecting PRIMEQUEST 2000, PRIMEQUEST 3000E (MMB + SSH + SNMP) in [Discovery target]

Setting items

Description

MMB

–

User Name

MMB User Name

Password

MMB Password

Port Number

MMB Port Number (Default: 623)

SSH

–

User Name

SSH User Name

Password

SSH Password

Port Number

SSH Port Number (Default: 22)

SNMP

–

Version

Select SNMP Version

Port Number

SNMP Port Number (Default: 161)

Community

SNMP Community Name

Table 3.6 When selecting PRIMEQUEST4000 (HTTPS) in [Discovery target]

Setting items

Description

HTTPS

–

User Name

HTTPS User Name

Password

HTTPS Password

Port Number

HTTPS Port Number (Default: 443)

Table 3.7 When selecting Switch, Storage, PRIMERGY BX Chassis (SSH + SNMP) in [Discovery target]

Setting items

Description

SSH

–

User Name

SSH User Name

Password

SSH Password

Port Number

SSH Port Number (Default: 22)

SNMP

–

Version

Select SNMP Version

Port Number

SNMP Port Number (Default: 161)

Community

SNMP Community Name

– 28 –

Table 3.8 When selecting Facility (SNMP) in [Discovery target]

Setting items

Description

Version

Select SNMP Version

Port Number

SNMP Port Number (Default: 161)

Community

SNMP Community Name

5. When you select “CSV upload” in [Discovery method], set the following items, and then select the [Execute] button. You must prepare CSV files in which the information of the discovery target nodes are provided before executing discovery.

Table 3.9 Discovery (When you select “CSV upload” for [Discovery method])

Setting items

Setting contents

Template

Templates for the CSV file can be downloaded.

You can download the CSV templates by selecting the template depending on the discovery target, and then selecting the [Download] button. Multiple templates can be selected.

File selection method

– Local Select when specifying the CSV file stored locally.

– FTP Select when specifying the CSV file which is transferred to ISM with FTP.

File Path

Select the CSV file to be used for discovery.

Password encryption

– Encrypted Select when the password written in the CSV file is encrypted.

For the password encryption procedures, refer to “2.4 Encryption” in “REST API Reference Manual.”

– Not encrypted Select when the password written in the CSV file is not encrypted.

Action after execute

Specify when you select “FTP” for [File selection method].

Select when you want to delete the CSV file after executing discovery.

The following is an example of writing to the CSV file. – Example for discovery of Server (iRMC/BMC +HTTPS)
“IpAddress”,”IpmiAccount”,”IpmiPassword”,”IpmiPort”,”HttpsAccount”,”HttpsPassword”,”NewHttps Password”,”HttpsPort” “192.168.10.11”,”admin1″,”****”,””,”admin1″,”****”,””,”” “192.168.10.12”,”admin2″,”****”,””,”admin2″,”****”,””,””
– Example for discovery of PRIMERGY 2/4/8WAY M7 or later (HTTPS)
“IpAddress”,”HttpsAccount”,”HttpsPassword”,”NewHttpsPassword”,”HttpsPort” “192.168.10.11”,”admin1″,”****”,”****”,”” “192.168.10.12”,”admin2″,”****”,”****”,””
– Example for discovery of Switch, Storage or PRIMERGY BX Chassis (SSH + SNMP)
“IpAddress”,”SshAccount”,”SshPassword”,”SnmpType”,”Community” “192.168.10.21”,”user1″,”****”,”SnmpV1″,”comm1″ “192.168.10.22”,”user2″,”****”,”SnmpV1″,”comm2″
6. Confirm that a node is discovered and displayed in the [Discovered Node List] on the “Node Registration” screen. When the auto refresh setting is disabled, the discovery status is not refreshed. Specify the refresh period in the auto refresh settings or select the [Refresh] button to refresh the screen.

Port is closed.
Communication Failed.
Authentication Failed.
Communication method is not specified.
Communication is not executed.
–

The specified communication port is closed Check to see if the port number is correct. Communication failure Check to see if the target device is correct or if the user name, password, and port number are correct. (Only for SNMPv3) Authentication failure Check to see if the user name and password are correct. Communication may fail if the SNMPv3 user name or password is incorrect depending on the type of device. The user name or password is not specified. Specify the user name or password

Read User Manual Online (PDF format)

Download This Manual (PDF format)

Download this manual  >>