5.2 Accessing OES Remote Manager

You typically log in as the Linux root user to manage all functions in OES Remote Manager. The root user can access OES Remote Manager even when eDirectory is not available.

Some functions support access by administrator users who are eDirectory users and who are also enabled for Linux with Linux User Management (LUM-enabled). If LUM is enabled in your tree and it is installed and configured on the server, you can log in to OES Remote Manager using your eDirectory credentials. For instructions on enabling Linux, see Setting Up Linux Computers to Use eDirectory Authentication in the OES 2018 SP2: Linux User Management Administration Guide.

If you log in as a local Linux user or as a non-Admin LUM-enabled eDirectory user, you can see only the information that the user has rights to view. Typically, access is restricted to a view of the Linux file systems where the user has file system access rights.

There are two specific things to remember when logging in to OES Remote Manager as a LUM-enabled eDirectory user:

  • If eDirectory and LUM are installed on the local server, the eDirectory user Admin can log in to OES Remote Manager using its fully distinguished name (admin.context) because this user is enabled for Linux User Management by default in this case.

    In order for a user to log in to OES Remote Manager as user Admin or equivalent, you must configure either of the following permissions for the Admin user:

    • The Admin user must be associated to the group that has the Supervisor right for the Entry Rights property for the UNIX Workstation object.

    • The Admin user must have the Supervisor right for the Entry Rights to the NCP object that represents the Linux server in the eDirectory tree.

    IMPORTANT:With either of these permissions, the eDirectory user is granted limited root user privileges when logged in to the server. The user can modify only the configuration files necessary for configuring NRM or any other files that NRM has been assigned rights to allow modifying.

  • In order for non-Admin users to log in using eDirectory credentials, they must be users enabled for Linux User Management.

    Users who are enabled for Linux User Management have a Linux Profile tab on their Modify User page in iManager. They also have an eDirectory object that is associated with the UNIX Workstation object that represents the Linux server.

    You can use iManager or the LUM command line utility namuseradd to enable users for Linux User Management. For instructions, see Overview in the OES 2018 SP2: Linux User Management Administration Guide.

The Admin user has limited file system rights equivalent to root. The user can modify only the configuration files necessary for configuring NRM or any other files that NRM has been assigned rights to allow modifying. For a list of these files, see Section 18.1, Security Features. The user Admin or equivalent user has access according to the Linux and LUM file rights to all other files.

To access to OES Remote Manager:

  1. Open a web browser.

  2. Point the browser to the URL of the server you want to manage by entering the following in the Address (URL) field:

    http://server_ip_address:8008
    
    or
    
    https://server_ip_address:8009

    If you specify HTTP and port 8008, you are automatically re-directed to use secure HTTP (HTTPS) and port 8009.

    For example, either of the following URLs take you to a secure SSL login page for OES Remote Manager on the specified server:

    http://172.16.123.11:8008
    
    https://172.16.123.11:8009
  3. Accept the SSL certificate.

    Certificate handling requires SSL 2.0 or later, or TLS 1.0 or later, to be enabled in your web browser. Otherwise, the browser displays an error indicating that the page cannot be displayed. We recommend the higher security options of SSL 3.0 or the latest TLS if it is available.

  4. When the login dialog box appears, provide the required Username and Password credentials.

    Typically, you log in with the Linux root user name and password.

  5. Use the links in OES Remote Manager to view, configure, and manage the server.

    For information about navigating in OES Remote Manager, see Section 5.4, Understanding the Layout of OES Remote Manager.

  6. After your session for OES Remote Manager is complete, click Logout at the top-right corner to log out, then close the web browser.

    After you log in, your session for OES Remote Manager remains open until you log out or close your web browser. There is no automatic time-out period that triggers a logout. For security reasons, you should also close the browser windows at that workstation after you log out.