Cannot manage a device

Use this information to troubleshoot issues when managing devices.

  1. Ensure that the device is supported by Lenovo XClarity Administrator. For information about device support, see Supported devices.
  2. Ensure that the device is reachable on the network from XClarity Administrator and that XClarity Administrator is reachable on the network from the device.

  3. Ensure that all ports that are appropriate for management are open on the network and firewalls. For information about port requirements, see Port availability.

  4. Ensure that the minimum required firmware is installed on each server that you want to manage using XClarity Administrator. For information about firmware requirements, see Supported firmware.

  5. Ensure that CIM over HTTPS is enabled on the device.

    1. Log in to the management web interface for the server using the RECOVERY_ID user account,

    2. Click IMM Management > Security.

    3. Click the CIM Over HTTPS tab, and ensure that Enable CIM Over HTTPS is selected.

  6. For ThinkSystem SR635 and SR655 servers, ensure that IPMI over LAN is enabled. IPMI over LAN is disabled by default on these servers and must be manually enabled before the servers can be managed. To enable IPMI over LAN using TSM, click Settings > IPMI Configuration. You might need to restart the server to activate the change.

  7. If the device's server certificate is signed by an external certificate authority, ensure that the certificate authority certificate and any intermediate certificates are imported into the XClarity Administrator trust store (see Deploying customized server certificates to managed devices.

  8. Ensure that the credentials are correct for the device.
    Note: Ensure that the password follows the security and password policies for the device. Security and password policies might vary.

    When the device is managed by XClarity Administrator, the management controller is put into centralized user management. This means that the user accounts that are defined in the XClarity Administrator internal or external authentication server are also used to log in to the management controller. A new local user account named RECOVERY_ID is created while all other local accounts are disabled on the management controller.

    If the management process failed while configuring centralized user management, the local user accounts on the management controller might be disabled. Perform the following steps to recover the local user accounts:

    • Converged, NeXtScale, and System x servers

      1. Log in to the management web interface for the server using the RECOVERY_ID user account.

      2. Click IMM Management > User.

      3. Configure the user-authentication method on the management controller to Local first, then LDAP.

        1. Click Global Login Settings. The Global Login Settings dialog is displayed.

        2. Click the General tab.

        3. Select Local first, then LDAP for the user-authentication method, and click OK.

      4. Delete and re-create any local user accounts (other than the RECOVERY_ID user account).

      5. Attempt to manage the chassis again using the Force management option to clean up any remaining CIM subscriptions from the previous management attempt.

    • Chassis

      1. Log in to the management CLI for the chassis from an SSH session using the RECOVERY_ID user account.

      2. Run the following command to disable centralized user management and allow you to authenticate to the management controller and other chassis components using local user accounts.

        Note: After you run this command, the RECOVERY_ID user account is removed from the user registry, and the CLI session terminates. You can now authenticate to the management controller and other chassis components by using local user accounts.
        fsmcm –off –T mm[p]

      3. Attempt to manage the chassis again using the Force management option to clean up any remaining CIM subscriptions from the previous management attempt.

  9. For RackSwitch switches

    • Ensure that SSH is enabled on the switch.

    • If set, ensure that the "enable" password that is used to enter Privileged Exec Mode on the switch is correct.

  10. For a System x3950 X6 server, the servers must be managed as two 4U enclosures, each with its own baseboard management controller.
  11. If the system board was replaced in the device, the device was given a new serial number and UUID. If you want XClarity Administrator to recognize the device as the same device as before the replacement, you must update the serial number and UUID to match what it was previously. See the documentation for the device for instructions.
  12. If the device was managed by XClarity Administrator but was not unmanaged correctly, see the following information for recovery steps:
Parent topic: Discovery and management issues