HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
Server Management - Systems Insight Manager
cancel
Showing results for 
Search instead for 
Did you mean: 

DMZ Directory Server

 
Eric LeGault_1
Occasional Contributor

DMZ Directory Server

I have two domains in my environment (one being the DMZ domain) and each has its own domain controllers, obviously. How can I configure the Directory Servers in Insight 5.1 SP1 with the DCs for both domains when there is a separate username/password for each domain (i.e., DOMAIN1\username and DMZ\username)?

I'm able to configure one or the other and they work fine. But if I combine the two, the connection fails.

The reason for this is because I've created collections based on OUs. And without the DMZ DCs entered into the Directory Server configuration, my DMZ OU collections do not get populated.

Thanks and let me know if I need to provide more or clearer information.

- elegault

1 REPLY
Jesse Zellmer
Frequent Advisor

Re: DMZ Directory Server

Hi Eric -

I have the same type of configuration. I login to HP SIM 5.1 with the domain credentials from the non-DMZ domain I have HP SIM installed in. I then can manage all my servers and DC's in the DMZ.

The two biggest things I can think of off hand would be to make sure the necessary firewall ports are opened < http://h10018.www1.hp.com/wwsolutions/misc/hpsim-helpfiles/ManagingHPServers-withHPSIM.pdf >, then you should be able to collect data on those boxes. In the VCA on all DMZ servers, I configured that with an HP SIM service account in my domain where HP SIM is installed. It was then able to use that account to gather VCA status and referened support pack info.

I would also add the name and IP address of your CMS in DNS of the DMZ or the HOSTS file of each server you want to monitor with HP SIM. We added it to DNS.

Please let me know if this didn't answer your question!

Jesse