Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Dell PowerFlex 4.5.x Administration Guide

PDF

Create credentials

Perform this procedure to create credentials:

Steps

  1. On the menu bar, click Settings and click Security.
  2. Click Resource Credentials.
    The Credentials Management page opens.
  3. Click Create.
  4. In the Create Credentials dialog box, from the Credential Type drop-down list, select one of the following resource types for which you want to create the credentials:
    • Node
    • Switch
    • vCenter
    • Element Manager
    • PowerFlex Gateway
    • OS Admin
    • OS User
    • PowerFlex Management System

    The OS Admin and OS User credential types apply to deployed items, not to PowerFlex Manager itself.

  5. In the Credential Name field, enter the name to identify the credential.
  6. Click Enable Key Pairs to enable login with SSH key pairs:
    To enable key pairs for the Node or Switch credential type:
    1. Import an existing key:
      1. Click Import SSH Key Pair.
      2. Click Choose File and browse to the file that contains your public and private key, and select the private key.
      3. Type a name for the key pair.
      4. Click Import.
    To enable key pairs for the OS Admin or OS User credential type:
    1. To create a new key:
      1. Click Create a new key.
      2. Click Create & Download Key Pair..
      3. Type a name for the key pair.
      4. Click Create.

        The private key file (id_rsa) will be downloaded on your downloads folder. Click the Download Public Key button to download the public key file (id_rsa.pub).

    2. To import an existing key:
      1. Click Import existing key.
      2. Click Import SSH Key Pair.
      3. Click Choose File and browse to the file that contains your public and private key.
      4. Type a name for the Key Pair Name field.
      5. Click Import.
    If you enable SSH key pairs for a Node or Switch credential and use that credential for discovery, PowerFlex Manager uses public or private RSA key pairs to SSH into your node or switch securely, instead of using a username and password. If you enable SSH key pairs for an OS user or OS Admin credential and use that credential for a deployment,PowerFlex Manager uses RSA public/private key pairs for the deployment operations.
    NOTE:PowerFlex Manager does not consume SSH keys for all component types. For example, if you enable SSH key pairs for an admin credential, the SSH keys are not used for the deployment of a CloudLink Center VM. In this case, the username and password would be used instead for all communication.
  7. In the Domain box, optionally specify an LDAP domain for the user.
  8. In the User Name field, enter the username for the credential.

    root is the only valid username for root-level credentials on nodes (iDRAC). You can add iDRAC users with a username other than root.

    For the OS User credential type, you can enter a user other than root. For the embedded operating system, this user account must have SSH enabled and have sudo access. For ESXi, the account must be configured with the administrator role on the local server permission setting, which should enable SSH and other tools like esxcli. You can add existing resource groups with a nonroot user.

    The account on the SVM and/or storage-only nodes for the OS User credential type must have a /home directory and have the correct group permissions. For example, if the account were pfxm_admin, the home directory would be: /home/pfxm_admin

    Here is an example showing the requirements for a pxflex user in the pxflex-grp group on an SVM: 
    [root@svm-dkim-hc-node1 home]# ls -alhtr
        total 0
        drwxr-xr-x.  3 root   root        20 Feb 26 16:03 .
        drwxr-xr-x   3 pxflex pxflex-grp  22 Feb 26 16:10 pxflex
        dr-xr-xr-x. 17 root   root       224 Feb 26 16:37 ..
        [root@svm-dkim-hc-node1 home]# cd pxflex/
        [root@svm-dkim-hc-node1 pxflex]#
        [root@svm-dkim-hc-node1 pxflex]#
        [root@svm-dkim-hc-node1 pxflex]# pwd
        /home/pxflex

    For the OS Admin credential type, the User Name field is disabled because the user is assumed to be root. You must use the root user for new deployments.

    Provide two usernames for the PowerFlex gateway credential type:
    • Gateway Admin User Name
    • Gateway OS User Name

    The Gateway admin user is the REST API administrator. The Gateway OS user is the SSH login user. The Gateway admin user must be the admin user, and the Gateway OS user must be root.

  9. In the Password and the Confirm Password boxes, enter the password for the credential.
    NOTE:When the SSH key pair feature is enabled, the switch credential does not require the Password option.
    For the PowerFlex gateway credential type, provide two passwords:
    • Gateway Admin Password
    • Gateway OS Password

    PowerFlex Manager allows you to supply different passwords for the Gateway admin and Gateway OS users. The passwords are validated when you discover the PowerFlex gateway on the Resources page. The discovery fails if the passwords were not specified correctly on the Credentials Management page. PowerFlex Manager does not update the Gateway Admin and Gateway OS passwords on the node itself. However, if you change the password manually for either of these users, you can update the password on the Credentials Management page, and PowerFlex Manager ensures that subsequent operations on the resource group use the new password.

    Optionally, provide additional settings for VMware vCenter and element manager, and for switch credentials:

    • For VMware vCenter and element manager, in the Domain box, optionally enter the domain ID.
    • For switch credentials, under Protocol, optionally click one of the following connection protocols that are used to access the resource from remote:
      • Telnet
      • SSH
        NOTE:SSH is enabled on supported switches by default.
  10. To configure trap receiving for SNMPv2:
    1. Under SNMP Configuration, select V2 as the SNMP type.
    2. Click + beside the SNMP v2 Community String box.
      The SNMP v2 Community String page opens.
    3. Enter the community string by which PowerFlex Manager receives traps from devices and by which it forwards traps to destinations.
    4. Click Save.
    NOTE:You can add more than one community string. For example, add more than one if the community string by which PowerFlex Manager receives traps differs from the community string by which it forwards traps to a remote destination.
  11. To configure trap receiving for SNMPv3:
    1. Under SNMP Configuration, select V3 as the SNMP type.
    2. Click + beside the SNMP V3 User box.
      The SNMP V3 User page opens.
    3. Enter the Username, which identifies the ID where traps are forwarded on the network management system.
      NOTE:The username must be at least 16 characters.
    4. Select a Security Level from the following:
    • Minimal - No additional information is required.
    • Moderate - Provide an MD5 Authentication Password which is at least eight characters.
    • Maximum - Provide an MD5 Authentication Password and a DES Privacy Password which is at least eight characters.

    You can add more than one user.

    NOTE:You can only select SNMPv3 for nodes. Select the Auto configure nodes to send alerts to PowerFlex Manager check box to discover iDRACs.
  12. Click Save.

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\