System Security (8644)


System Security

Several security features are available to help you secure the server and the information that you store in. To control access to the server, you can implement the security features, such as adding passwords, and securing IDE devices and diskette drives.


Using the Power-On Password Menu:. The power-on password can determine unauthorized access to the system.
When you set the power-on password, you can choose one of three password prompt modes.
On    The system prompts the user for the power-on password during startup
     If you have a mouse connected to the mouse port, it will remain locked
     until you enter the power-on password.
   
   NOTE: Whenever the power-on password function is  
   set, the system does not support any locally or remotely scheduled  
   shutdowns or restarts.  
   Therefore, be sure to use the power-on password protection (lockout  
   function) that the operating system provides.  
Off    The system does not prompt the user to enter the power-on
     password during startup.
     If you have a mouse connected to the mouse port, the password prompt
     Off mode prevents the system from detecting that a mouse is attached.
   
   NOTE:  
   
   1. The mouse and keyboard are not active until you enter the power-on  
   password, even if an operating system has been installed in the server.  
   2. The password prompt Off mode does not support any locally or remotely  
   scheduled shutdowns or restarts. Therefore, do not use a power-on  
   wakeup or lockout function.  
   3. A serial mouse is not affected by the password prompt Off mode.  
   
   To adjust the server configuration so that the operating system does  
   not display an error or stop operating when the mouse port is disabled.  

 Operating System       Instructions
 OS/2                 Do one of the following:
                      ° Set the CONFIG.SYS file so that the operating
                        system does not stop on a device-driver error.
                        To do this, put the command  PAUSEONERRR=NO
                        near the top of the  CONFIG.SYS  file.
                      ° Remove the mouse driver statement from the
                        CONFIG.SYS  file.
 Microsoft Windows    When the mouse port disabled error message appears,
 NT Server            enter either the power-on or administrator password
                      to enable the keyboard. Then use the keyboard to put
                      a check mark in the Do not display this message
                      in the future check box.

     If you enter a password, the keyboard will unlock, but the mouse connected
     to the mouse port will remain disabled.
     Password prompt Off mode is useful for network environment that cause
     the server to operate unattended. If a power failure occurs, when power is
     restored, the server will automatically restart and resume operating in this
     mode, without operator intervention.
Dual    If you press the power switch to start the server, the server operates
     in password prompt On mode
     If you start the server by an unattended method, such as remotely over a LAN,
     the server operates in password prompt Off mode.


To set or change a power-on password:

  1.  Select Power-On Password
  2.  Enter the password and press the Down Arrow (  ) key.
     You can use any combination of up to seven characters (A-Z, a-z,  and 0-9) for this password. Keep a record of the password in a safe  place.
  3.  Enter the password again.
  4.  At Password Prompt, select Off, On, or Dual.  Press the Left Arrow (<) or Right (>) key to toggle between  selections.
  5.  Select Change Power-On Password, and follow the instructions on the screen.


NOTE:
  1.  If a power-on password is set and then forgotten, you must remove the  machine cover and move a jumper on the system board  Refer to 'Clear CMOS Request Jumper (J7E1)' for further information.
  2.  If a power-on password is set and the password prompt is set to Off, the pointing  device is disabled until you enter the power-on password.


To delete a power-on password:
  1.  Select Power-On Password
  2.  Select Delete Power-On Password and follow the instructions on the screen.


Using the Administrator Password Menu: The administrator password (sometimes called a supervisor-level password) controls access to some features of the server, including the Configuration/Setup Utility program.


To set or change an Administrator password.

  1.  Select Administrator Password
  2.  Enter the password and press the Down Arrow (  ) key.
     You can use any combination of up to seven characters (A-Z, a-z), and 0-9)  for this password. Keep a record of the password in a safe place.
  3.  Enter the password again.
  4.  Define the Power-On Password Changeable by User field. Choices are:

    Yes The power-on password can be changed without entering the  administrator password, if the administrator password is set.
    No The power-on password cannot be changed unless the administrator password  is entered, if the administrator password is set.

  5.  Select Change Administrator Password: and follow the instructions on the screen


NOTE: If an administrator password is set and then forgotten, you must complete one of the following to regain access to the Configuration/Setup Utility program:


To delete an administrator password:

  1.  Select Administrator Password.
  2.  Select Delete Administrator Password. and follow the instructions on the screen.


If both a power-on and administrator password are set, you can enter either password to complete the system startup. However, the administrator password provides access to all menu choices, and provides the ability to change information. If you enter the power-on password, you will be able to view limited information in the Configuration/Setup Utility program, but you will not be able to change any settings.


Using the Enhanced Security Features: With enhanced security, the administrator password and drive-startup sequence are stored in a high protected, nonvolatile, security EEPROM module. When the administrator password and drive-startup sequence are stored in the security EEPROM, they remain intact even if the battery expires or is removed.


  If enhanced security is enabled, and you forget or lose the administrator password, you must replace the system board in the server to regain access to the Configuration/Setup Utility program.


If enhanced security is enabled and you have set an administrator password, the server will operate as follows:


To enable or disable enhanced security:

NOTE: Enhanced security can be enabled or disabled only when you update the system programs in the machine.

  1.  Insert a system programs update diskette in the machine. System programs updates are available on the World Wide Web.  To obtain up-to-date information about the server model, access the home page for the server at the following address:

    http:/www.pc.ibm.com/us/server/

  2.  Turn on the machine. If it is already turned on , you must turn it off and back on again.
  3.  The update begins, and the system prompts you for the administrator password, if you have set an administrator password.
  4.  When you enter the administrator password, the update diskette will continue to run, and you are given the option of  enabling or disabling enhanced security.


To set, change, or delete an administrator password protected by enhanced security:

  1.  Power-off all attached devices and the server.
  2.  Remove the server cover.
  3.  Locate the switch marked as 7 on the rocker switches section  on the Rocker Switch
     Move the switch to the ON position.

    NOTE: You must know the administrator password to change or delete it.

  4.  Move the switch back to the OFF position after you have set, changed, or deleted the password.
  5.  Replace the cover. Then, power-on the server.


Restricting Access to IDE Devices and Diskette Drives:

The setting for the Secure IDE and Diskette Drives   option controls who has access to the IDE devices and diskette drives (user and administrator, or administrator only). The server comes with this feature set to Enable, so that both the user and administrator have access to the IDE devices and diskette drives.

To diasble access to the IDE devices and diskette drives:

  1.  Select Secure IDE Devices and Diskette Drives from the System Security menu, then press Enter
  2.  Select a device, then, press the Left Arrow (<) or Right Arrow (>) key to toggle the entry to Disable


Setting Adapter ROM Security: Use this setting to lock the keyboard during adapter read-only memory (ROM) initialization, this feature can be used in conjunction with an administrator password to prevent the use of adapter ROM-based utility programs.

Advanced Setup: Select Advanced Setup to change values for advanced hardware features, such as cache control, ROM shadowing, PCI control, Plug and Play control, and microprocessor control.

The system might malfunction if these options are configured incorrectly. Follow the instructions on the screen carefully.

Use the Left Arrow (<) or Right Arrow (>) key to select a menu choice.

Back to  Jump to TOP-of-PAGE

Please see the LEGAL  -  Trademark notice.
Feel free - send a Email-NOTE  for any BUG on this page found - Thank you.