- Notes, cautions, and warnings
- Preface
- Overview
- Deployment
- Getting started
- System configuration
- Configure network settings
- Manage users, roles, and scopes
- Ending user sessions
- Directory services integration
- Login using OIDC providers
- Security certificates
- Manage console settings
- Set the login security properties
- Customize the alert display
- Configure SMTP, SNMP, and Syslog
- Manage incoming alerts
- Manage warranty settings
- Configure remote commands and scripts
- OpenManage Mobile settings
- Enable or disable alert notifications for OpenManage Mobile
- Enable or disable OpenManage Mobile subscribers
- Delete an OpenManage Mobile subscriber
- View the alert notification service status
- Notification service status
- View information about OpenManage Mobile subscribers
- OpenManage Mobile subscriber information
- Troubleshooting OpenManage Mobile
- Discovering devices
- Server-initiated discovery
- Create a device discovery job
- Protocol support matrix for discovering devices
- View device discovery job details
- Edit a device discovery job
- Run a device discovery job
- Stop a device discovery job
- Discover multiple devices by .csv import
- Global exclusion of ranges
- Specify a discovery mode for server discovery
- Create a custom discovery job for servers
- Specify discovery mode for chassis discovery
- Create a custom discovery job for the chassis
- Specify discovery mode for Dell storage discovery
- Specify discovery mode for network switch discovery
- Create a custom discovery job for HTTPS storage devices
- Create a custom discovery job for SSH devices
- Create a custom discovery job for SNMP devices
- Specify the discovery mode for multiple discovery jobs
- Delete a device discovery job
- Managing devices and device groups
- Organize devices into groups
- Create a custom static or query group
- Create a static device group
- Create a query device group
- Edit a static group
- Edit a query group
- Rename a static or query group
- Delete a static or query device group
- Clone a static or query group
- Add devices to a new group
- Add devices to existing group
- Refresh health on group
- All Devices screen device list
- All Devices screen actions
- Delete devices from OpenManage Enterprise
- Exclude devices from OpenManage Enterprise
- Run inventory on devices
- Update the device firmware and drivers by using baselines
- Refresh the device health of a device group
- Refresh health on devices
- Roll back an individual device's firmware version
- Export the single device inventory
- Performing more actions on chassis and servers
- Hardware information displayed for MX7000 chassis
- Export data
- View and configure individual devices
- Run and download diagnostic reports
- Extract and download a Services report
- Managing individual device hardware logs
- Run remote commands on managed devices
- Launch the iDRAC device management application
- Launch the virtual console
- Attaching iDRAC virtual media
- Refresh device inventory of a single device
- View installed and available licenses on a device
- Organize devices into groups
- Managing device inventory
- Managing device firmware and drivers
- Managing device deployment templates
- Create a deployment template from a reference device
- Create a deployment template by importing a template file
- View a deployment template information
- Edit a server deployment template
- Edit a chassis deployment template
- Edit IOA deployment template
- Edit network properties of a deployment template
- Deploy device deployment templates
- Deploy IOA deployment templates
- Clone deployment templates
- Export a deployment template
- Delete deployment templates
- Auto deploy device configuration before discovery
- Create auto deployment targets
- Delete auto deployment targets
- Export auto deployed target details
- Overview of stateless deployment
- Define networks
- Edit or delete a configured network
- Export VLAN definitions
- Import network definitions
- Managing device warranty
- Managing alerts
- Managing MIB files
- Configuring profiles
- Configuration compliance
- Managing licenses
- Using jobs for device control
- Monitoring audit logs
- Monitoring reports
- Back up, restore, or migrate
- Updating the console and plugins
- Managing plugins
- Troubleshooting
- Troubleshooting connectivity
- Firmware and DSU requirements for HTTPS
- Firmware schedule reference
- Firmware baseline field definitions
- Supported and unsupported actions on proxied sleds
- Schedule job field definitions
- Alert categories after EEMI relocation
- Token substitution in remote scripts and alert policy
- Catalog Management field definitions
- Devices with unknown compliance status
- Device rediscovery running for a long time after deleting iDRAC service account
- Dell Connectivity Service : Failed with exception: Unable to get access token from DCS
OpenManage Enterprise 4.1.x User's Guide
Login using OIDC providers
You can log in using OpenID Connect (OIDC) providers. OpenID Connect providers are the identity and user management software that allow users to securely access applications. OpenManage Enterprise supports PingFederate and Keycloak.
CAUTION:
- User roles and scopes are reset to 'default' on client re-registration with an OIDC provider PingFederate (PingIdentity). This issue might lead to resetting of the privileges and scope of nonadmin roles (DM and Viewer) to that of the Administrator.
- OIDC provider is triggered during an appliance upgrade, change in network configuration, or change in SSL certificate.
- To avoid security concerns post any of the above-mentioned re-registration events, the administrator must reconfigure all the OpenManage Enterprise Client IDs on the PingFederate site. Also, it is highly recommended that Client IDs are created only for Administrator users with Pingfederate till this issue is resolved.
NOTE:
- To perform any tasks on OpenManage Enterprise, you must have the necessary user privileges. See Role and scope-based access.
- Only a maximum of four OpenID Connect provider IDs can be added in the appliance.
Prerequisites:
Before enabling an OpenID Connect provider login, you must:
- Add an OIDC provider in the OpenManage Enterprise: In OpenManage Enterprise Application Settings, add an OpenID Connect provider. When you add the OpenID Connect provider, a Client ID is generated for the OpenID Connect provider. For more information, see: Add an OIDC provider.
- Configure the OpenID Connect provider using the Client ID: In the OpenID Connect provider, locate the Client ID, and define a login role (Administrator, Device Manager, or Viewer) by adding and mapping the scope that is called dxcua (Dell extended claim for user authentication). For more information, see:
When you add an OpenID Connect provider, it is listed on the screen. The following OIDC provider details are displayed:
- Name lists the name of the OpenID Connect provider when it was added in the appliance.
- Enabled indicates whether the OpenID Connect provider is enabled in the appliance.
- Discovery URI lists the Uniform Resource Identifier (URI) of the OpenID Connect provider.
- Registration Status can be one of the following:
- Successful indicates a successful registration with the OpenID Connect provider.
- Failed indicates an unsuccessful registration with the OpenID Connect provider. The 'Failed' OpenID Connect provider registration is allowed even when they are enabled.
- In Progress is displayed when the appliance tries to register with the OpenID Connect provider.
On the right pane, Client ID, Registration Status, Discovery URI are displayed for the selected OpenID Connect provider. Click See details to view the certificate details of the OpenID Connect provider.
On the screen, the following tasks are available:
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\