Filter
Top Products
2
OpenManage Integration for VMware vCenter
Configuration
The following sections provide step-by-step instructions for the OpenManage Integration for VMware vCenter initial
configuration. Upgrade, uninstallation, and security role information are also covered in the following sections.
Security Roles and Permissions
The OpenManage Integration for VMware vCenter stores user credentials in an encrypted format. It does not provide
any passwords to client applications to avoid any improper requests that could lead to issues. The Backup Database are
fully encrypted using custom security phrases, and therefore the data cannot be misused.
By default, users in the Administrators group have all the privileges. Administrators can use all the functions of the
OpenManage Integration for VMware vCenter within VMware vSphere Client or Web Client. If you want a nonadmin
user to manage the product, then create a role including both the Dell roles and then assign permission on the root/top
node in the inventory and propagate permissions, as needed, on the child nodes to which you want to give access to the
user. For example, if you want a user to manage only Cluster A, then keep the permissions on Cluster A and remove
permissions from other clusters.
Data Integrity
Communication between the OpenManage Integration for VMware vCenter virtual appliance, Administration Console,
and vCenter is accomplished using SSL/HTTPS. The OpenManage Integration for VMware vCenter generates an SSL
certificate used for trusted communication between vCenter and the appliance. It also verifies and trusts the vCenter
server's certificate before communication and the OpenManage Integration for VMware vCenter registration. The
OpenManage Integration for VMware vCenter Console tab (in VMware vCenter) uses security procedures to avoid
improper requests while the keys are transferred back and forth from the Administration Console and back-end
services. This type of security causes cross-site request forgeries to fail.
A secure Administration Console session has a five-minute idle timeout, and the session is only valid in the current
browser window and/or tab. If the user tries to open the session in a new window or tab, a security error is created that
asks for a valid session. This action also prevents the user from clicking any malicious URL that could try to attack the
Administration Console session.
Figure 1. Error Message
11