No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FusionServer G5500 Server iBMC (V300 or Later) User Guide 04

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
System

System

Function Description

The System page allows you to view and set:

  • Simple Network Management Protocol (SNMP) information
  • Transport Layer Security (TLS) versions
  • User management function on the service side
  • Web session timeout period and web session mode
  • Device location
  • CPU and memory alarm thresholds

GUI

Choose Configuration from the main menu, and select System from the navigation tree.

The System page is displayed.



Parameter Description

Table 3-52  Parameters on the System page

Parameter

Description

SNMP Version

SNMPv1

The first official SNMP version, which is defined in Requests for Comments (RFC) 1157. Using SNMPv1 may pose security risks. For security purposes, use SNMPv3.

NOTE:
If SNMPv1 is enabled, change the SNMP community name upon the first login, and change it periodically.

SNMPv2c

An enhanced version of SNMPv2. SNMPv2c is an experimental protocol defined in RFC 1901 and adopts a community-based management architecture. Using SNMPv2c may pose security risks. For security purposes, use SNMPv3.

NOTE:
If the SNMPv2c service is enabled, change the SNMP community name upon the first login, and change it periodically.

Long Password

Long password function, which can be enabled or disabled.

Enable this function to enforce a minimum of 16 characters for community names.

Default value: for G560 and for G530 V5 and G560 V5.

Click or , and click Save.

  • : enables the Long Password.
  • : disables the Long Password.

Read-Only Community

Read-only community name.

Default value: roAdmin12#$ for G560 and roAdministrator@9000 for G530 V5 and G560 V5.

NOTE:

This parameter is valid only when SNMPv1 or SNMPv2c is used.

Value:

  • If password check is disabled, the community names must meet the following requirements:
    • If the long password feature is enabled, the community name is a string of 16 to 32 characters without spaces.
    • If the long password feature is disabled, the community name is a string of 1 to 32 characters without spaces.
  • If password check is enabled, the community names must meet the following requirements:
    • Length:
      • If the long password feature is enabled, the community name is a string of 16 to 32 characters.
      • If the long password feature is disabled, the community name is a string of 8 to 32 characters without spaces.
    • Contain at least one of the following special characters:

      `~!@#$%^&*()-_=+\|[{}];:'",<.>/?

    • Contain at least two types of the following characters:
      • Uppercase letters A to Z
      • Lowercase letters a to z
      • Digits 0 to 9
    • Cannot contain spaces.
  • If weak password check is enabled, the password cannot be the same as the passwords contain in the weak password dictionary. (You can run the ipmcset -t user -d weakpwddic -v export command to export the weak passwords from the weak password dictionary.)
    NOTE:

    Weak password check is not supported by the G560.

Confirm Read-Only Community

Read-only community name re-entered for confirmation.

Read/Write Community

Read-write community name.

Default value: rwAdmin12#$ for G560 and rwAdministrator@9000 for G530 V5 and G560 V5.

NOTE:

This parameter is valid only when SNMPv1 or SNMPv2c is used.

Value:

  • If password check is disabled, the community names must meet the following requirements:
    • If the long password feature is enabled, the community name is a string of 16 to 32 characters without spaces.
    • If the long password feature is disabled, the community name is a string of 1 to 32 characters without spaces.
  • If password check is enabled, the community names must meet the following requirements:
    • Length:
      • If the long password feature is enabled, the community name is a string of 16 to 32 characters.
      • If the long password feature is disabled, the community name is a string of 8 to 32 characters without spaces.
    • Contain at least one of the following special characters:

      `~!@#$%^&*()-_=+\|[{}];:'",<.>/?

    • Contain at least two types of the following characters:
      • Uppercase letters A to Z
      • Lowercase letters a to z
      • Digits 0 to 9
    • Cannot contain spaces.
  • If weak password check is enabled, the password cannot be the same as the passwords contain in the weak password dictionary. (You can run the ipmcset -t user -d weakpwddic -v export command to export the weak passwords from the weak password dictionary.)
    NOTE:

    Weak password check is not supported by the G560.

Confirm Read/Write Community

Read-write community name re-entered for confirmation.

Login Rules

Select the login rules applied to SNMPv1 and SNMPv2c users.

The login rules are set on the Configuration > Security page. You can click Click here to ensure that log rules have been configured and enabled to view the login rules.

SNMPv3

The third official SNMP version, which enhances security and remote configuration capabilities on the basis of earlier versions.

NOTE:

SNMPv3 is enabled by default and cannot be disabled.

SNMPv3 AuthProtocol

SNMPv3 authentication algorithm.

Value:
  • MD5
  • SHA1

Default value: SHA1

NOTE:
  • This setting applies only to SNMPv3 and SNMPv3 Trap.
  • Using MD5 may pose security risks. SHA1 is recommended.

SNMPv3 PrivProtocol

SNMPv3 encryption algorithm.

Value:
  • DES
  • AES

Default value: AES

NOTE:
  • This setting applies only to SNMPv3 and SNMPv3 Trap.
  • Using DES may pose security risks. AES is recommended.

SNMPv3 EngineID

Uniquely identifies the SNMP engine of the SNMP agent.

SNMPv3 AuthUser

An iBMC user who can access the iBMC using SNMPv3 after a successful authentication.

NOTE:
  • This parameter is not available for the G560.
  • You can select a local iBMC user. An iBMC user with the user management permission can set any local user for SNMPv3 authentication. An iBMC user without the user management permission can only set itself for SNMPv3 authentication.

SNMPv3 PrivPassword

Password for the SNMPv3 authentication.

Default value: same as the user login password.

NOTE:

This parameter is not available for the G530.

Value:

  • If password complexity check is disabled, the password cannot be empty or exceed 20 characters.
  • If password complexity check is enabled, the password must meet the following requirements:

    • Contain 8 to 20 characters
    • Contain at least a space or one of the following special characters:

      `~!@#$%^&*()-_=+\|[{}];:'",<.>/?

    • Contain at least two types of the following characters:

      • Uppercase letters A to Z
      • Lowercase letters a to z
      • Digits 0 to 9
    • Cannot be the same as the user name or the user name in reverse order.
    • Have at least two new characters when compared with the previous password.
  • If weak password check is enabled, the password cannot be the same as the passwords contain in the weak password dictionary. (You can run the ipmcset -t user -d weakpwddic -v export command to export the weak passwords from the weak password dictionary.)
    NOTE:
    • Weak password check is not supported by the G560.

    • The default password Admin@9000 of the G530 V5 and G560 V5 nodes is in the weak password dictionary.

NOTE:
  • During the setting of the SNMP v3 encryption password, historical passwords and validity period are not checked. It is recommended that SNMPv3 encryption password and user password be set with different values. Setting these two passwords to the same value may pose security risks.
  • A non-administrator user cannot manage other users.

Login Rules

Login rules applied to SNMPv3 users.

The login rules configured and enabled for local users will apply to SNMPv3 users.

Table 3-53  Other parameters on the System page

Parameter

Description

TLS Versions

TLS protocol version used to ensure data security and integrity during communication between two applications.

TLS can be enabled to ensure a secure connection between a web browser and a web server.

NOTE:
  • JRE 1.8 uses TLS 1.2 by default.
  • JRE 1.7 uses TLS 1.0 by default. If TLS 1.0 is disabled, the remote KVM cannot be used for JRE 1.7.

OS User Management

Function of user management on the service system.

If this function is enabled, the service system can send user management commands, such as adding or deleting users, user roles, and passwords, to manage iBMC users.

Default value:

For security purposes, set this parameter to .

Click or , and click Save.

  • indicates the service system can manage users.
  • indicates the service system cannot manage users.

Web Session

Timeout Period (min)

Maximum idle period (in minutes) after which the user will be logged out of the iBMC WebUI.

Value range: 5 to 480

Session Mode

Mode in which a user account can be used to log in to the iBMC WebUI.

  • Share: Each user account can be used to log in to the iBMC WebUI from up to four clients at the same time.
  • Exclusive: Each user account can be used to log in to the iBMC WebUI from one client at any given time.

Device Location

Device Location

Location information of the server.

Value: a string of 0 to 64 characters, which can contain digits, letters, and following special characters:

`~!@#$%^&*()-_=+\|[{}];:'",<.>/?

The value is left blank by default.

Alarm Thresholds

CPU Usage (%)

Alarm threshold for CPU usage (in percentage). If the CPU usage exceeds the alarm threshold, the iBMC reports a normal event.

Value range: 0 to 100

NOTE:
If CPU usage alarm threshold is not displayed, install and run iBMA 2.0.

Memory Usage (%)

Alarm threshold for memory usage (in percentage). If the memory usage exceeds the alarm threshold, the iBMC reports a normal event.

Value range: 0 to 100

NOTE:

If memory usage alarm threshold is not displayed, install and run iBMA 2.0.

Network Port Bandwidth Usage (%)

Alarm threshold for the network port bandwidth usage. If the network port bandwidth usage exceeds the alarm threshold, iBMC reports a normal event.

Value range: 0 to 100

NOTE:

If network port bandwidth usage alarm threshold is not displayed, install and run iBMA 2.0.

Procedure

Configuring the SNMP Settings

  1. On the System page, set the SNMP parameters.

    For details about the parameters, see Table 3-52.

  2. Click Save.

    If "Operation Successful" is displayed, the setting is successful.

Setting the TLS Version
  1. In the TLS Versions area on the System page, select the TLS versions.
  2. Click Save.
NOTE:

After modifying this setting, restart the iBMC for the changes to take effect.

Enabling the Service System to Manage iBMC Users

  1. In the OS User Management area, set User Management to .
  2. Click Save.

    If "Operation Successful" is displayed, the setting is successful.

Setting the Timeout Period and Session Mode for the Web Server

  1. In the Web Session page, set Timeout Period (min) and Session Mode. For details about this parameter, see Table 3-53.
  2. Click Save.

    If "Operation Successful" is displayed, the setting is successful.

Setting the Device Location

  1. In the Device Location area, enter the server location information in Device Location.

    For details about this parameter, see Table 3-53.

  2. Click Save.

    If "Operation Successful" is displayed, the setting is successful.

Setting Alarm Thresholds
  1. In the Alarm Thresholds area, set alarm thresholds for CPU and memory usage.

    For details about the parameters, see Table 3-53.

  2. Click Save.

    If "Operation Successful" is displayed, the setting is successful.

Translation
Download
Updated: 2018-10-31

Document ID: EDOC1100031438

Views: 89316

Downloads: 49

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next