Black Box ServSwitch DTX Control User Manual
  1. Manuals
  2. Brands
  3. Black Box Manuals
  4. Control Unit
  5. ServSwitch DTX Control
  6. User manual
Black Box ServSwitch DTX Control User Manual

Black Box ServSwitch DTX Control User Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
April 2010
TM

Advertisement

Table of Contents
loading

Related Manuals for Black Box ServSwitch DTX Control

Summary of Contents for Black Box ServSwitch DTX Control

  • Page 1 April 2010...
  • Page 2 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE ServSwitch DTX™ Control User Guide...
  • Page 3 SERVSWITCH™ FAMILY Instructions This symbol is intended to alert the user to the presence of important operating and maintenance (servicing) instructions in the literature accompanying the appliance.
  • Page 4 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE European Union Notification WARNING: This is a class A product. In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures. USA Notification WARNING: Changes or modifications to this unit not expressly approved by the party responsible for compliance could void the user’s authority to operate the equipment.
  • Page 5 DTX Control appliance will save you money, time, and effort. The BLACK BOX ServSwitch DTX Extender system, which includes the ServSwitch DTX Control appliance, is a secure, web browser-based, centralized enterprise management solution that allows users to remotely manage and monitor multiple ServSwitch DTX Extender systems.

  • Page 6: Table Of Contents

    TABLE OF CONTENTS Table of Contents Appendix A: Technical Specifications 2. Product Overview 2.1 Introduction 2.2 Features and benefits 2.3 System Components 2.4 Upgrading the DTX Control Software 2.5 Safety precautions 3. Installation and Setup 3.1 Installing the Appliance 3.2 Launching the DTX Control Appliance Web Interface 3.3 Configuring DTX Control Servers 3.4 Backing up and Restoring Hub Servers Manually 3.5 Spoke Servers...
  • Page 7 ServSwitch DTX™ Control INSTALLER/USER GUIDE 8.1 Supported Authentication Services 8.2 RSA SecurID external authentication service 8.3 User Authentication Services Window 9. Managing User Accounts 9.1 User Accounts Windows 9.2 Adding User Accounts 9.3 Deleting User Accounts 9.4 Unlocking User Accounts 9.5 Resetting a User Account Password 9.6 Changing User Account Properties 9.7 User Access Rights...

  • Page 8: Appendix A: Technical Specifications

    CHAPTER APPENDIX A: TECHNICAL SPECIFICATIONS Appendix A: Technical Specifications Table A.1: DTX Control Appliance Technical Specifications Network Connection Number Type Ethernet, 10BaseT, 100BaseT, GigE Connector RJ-45 Serial Port Number Type RS-232 serial Connector DB9 male Mechanical 4.3 x 42.7 x 35.6 cm (1.7 x 16.8 x 14 in), 1 U H x W x D form factor Weight...
  • Page 9 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE USA (UL, FCC), Canada (cUL), Germany Safety and EMC Approvals (TUV), European Union (CE), Japan (VCCI), and Markings Russia (GOST), Korea (MIC) and Australia (C-Tick) NOTE: Safety certifications and EMC certifications for this product are obtained under one or more of the following designations: CMN (Certification Model Number), MPN (Manufacturer’s Part Number) or Sales Level Model designation.

  • Page 10: Product Overview

    CHAPTER 2. PRODUCT OVERVIEW 2. Product Overview 2.1 Introduction The DTX Control appliance is a secure, web browser-based, centralized enterprise management solution that allows users to remotely manage and monitor multiple DTX Extender systems. The DTX Extender system, which includes a transmitter and a user station, provides users with a full computer desktop experience from anywhere on the corporate TCP/IP network, while maintaining the computers securely housed in a corporate data center.

  • Page 11: System Components

    SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE HTTPS (Hypertext Transfer Protocol with SSL encryption) to interact with the DTX Extender system. NOTE: To access the DTX Control appliance through a firewall, you must ensure that the firewall uses the default HTTPS port 443. DTX extender system support The transmitter connects externally to the video, audio and USB ports of the target computer and is attached directly to the target computer.

  • Page 12: Upgrading The Dtx Control Software

    NOTE: The AC inlet is the main power disconnect. CAUTION: Failure to observe the precautions in this section may result in personal injury or damage to equipment. Observe the following general safety precautions when setting up and using BLACK BOX equipment. •...
  • Page 13 Choose a location that avoids excessive heat, direct sunlight, dust or chemical exposure, all of which can cause the product to fail. For example, do not place a BLACK BOX product near a radiator or heat register, which can cause overheating.
  • Page 14 CHAPTER 2. PRODUCT OVERVIEW • Place the equipment so that at least 50% of the equipment is inside the table or desk’s leg support area to avoid tipping of the table or desk. Cabling installation, maintenance and safety tips The following is a list of important safety considerations that should be reviewed prior to installing or maintaining your cables: •...
  • Page 15 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE...

  • Page 16: Installation And Setup

    CHAPTER 3. INSTALLATION AND SETUP 3. Installation and Setup The following sections will help you install and set up your DTX Control appliance. Helpful topics in this chapter include the following: • "Installing the Appliance" on page 9 • "Launching the DTX Control Appliance Web Interface" on page 11 •...
  • Page 17 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE DTX Control appliance, transmitters and user stations, as well as user accounts, are then configured from the browser interface to the DTX Control appliance. To connect the DTX Control appliance: WARNING:To reduce the risk of electric shock or damage to your equipment: - Do not disable the power cord grounding plug.

  • Page 18: Launching The Dtx Control Appliance Web Interface

    CHAPTER 3. INSTALLATION AND SETUP • Set eth speed • Choose using DHCP or defining an IP address • Type subnet mask • Type gateway IP address • Select default gateway • Define primary DNS and secondary DNS NOTE: The IP address on LAN port 1 must not change during operation of the appliance. Always configure LAN port 1 with a static IP address or, if using DHCP, ensure that the IP addresses are assigned with unlimited lease times.
  • Page 19 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE The DTX Control Explorer window Once a user has been logged in and authenticated, the Explorer window is displayed. From the Explorer window, you can view, access and manage units and users via the DTX Control appliance.
  • Page 20 CHAPTER 3. INSTALLATION AND SETUP Table 3-1. Explorer Windows Area Descriptions Letter Description Top option bar - Use the top option bar to log out of a software session, or to access online help. The name of the logged in user is displayed on the left side of the top option bar.

  • Page 21: Configuring Dtx Control Servers

    SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Table 3-2. General Keyboard Commands Description Transfers focus to the next control in the window, including the calendar Shift-Tab Transfers focus to the previous HTML control 3.3 Configuring DTX Control Servers This section describes how to configure DTX Control server properties, backup and restore hub servers and manage spoke servers.
  • Page 22 CHAPTER 3. INSTALLATION AND SETUP Property Description Target Enables/disables unit status polling for the DTX Control server, and Computer specifies the delay between polling cycles and the number of managed Polling appliances that will be concurrently polled. Spoke Servers Enables you to manage the DTX Control spoke servers in your system. Server certificates DTX Control administrators manage server certificates.
  • Page 23 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE • If you click View Certificate, you may install the certificate; see below. To correct certificate security alerts for client and hub server connections: From the DTX Control client, open a client session. The Security Alert dialog box will appear.
  • Page 24 CHAPTER 3. INSTALLATION AND SETUP On the hub server, click the System tab - DTX Control.Server will automatically be selected in the top navigation bar and the name of the DTX Control hub server will appear at the top of the side navigation bar. Click Spoke Servers in the side navigation bar.

  • Page 25: Backing Up And Restoring Hub Servers Manually

    SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Click Unit Status Polling in the side navigation bar. The Server Unit Status Polling Properties window will open. Select Enable unit status polling. Type the number of seconds to wait between polling cycles (from 30-999 seconds). The default is 900 seconds (15 minutes).
  • Page 26 CHAPTER 3. INSTALLATION AND SETUP You may also change the properties of a spoke server or remove spoke servers from your system. To display a list of spoke servers: NOTE: The Spoke Servers window is only available on the hub server. Click the System tab.
  • Page 27 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE To register a hub server as a spoke server: Only DTX Control administrators may access this procedure. NOTE: When registering a hub server as a spoke server on another DTX Extender system, the information on the hub server being registered will be lost. Its database will be updated to match the new hub server to which it is being registered.
  • Page 28 CHAPTER 3. INSTALLATION AND SETUP To change spoke server network properties: NOTE: Spoke server network settings may need to be changed by DTX Control administrators when network settings are changed and the hub server did not automatically detect the changes. When changing the network settings, ensure that a port mismatch does not occur between the hub server and the spoke server.

  • Page 29: Replication

    SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Promoting spoke servers Promoting a spoke server to be a hub server is usually done only if the current hub server is no longer operational and will not be brought back into service. (For less severe problems with a hub server, the backup and restore operations can be used.) If a spoke server must be promoted, be sure to run the replication task, if possible on all other spoke servers, then on the spoke server being promoted, immediately before the promotion.
  • Page 30 CHAPTER 3. INSTALLATION AND SETUP When different changes are made to one existing item, two outcomes are possible. For example, assume an item is added and configured on the hub server and is then replicated to the spoke server. Later, an administrator changes something about the item on the spoke server.
  • Page 31 To register a DTX Control appliance as a spoke server: NOTE: Because the spoke database gets deleted in this operation, BLACK BOX recommends making a backup copy of the spoke database first.

  • Page 32: Next Steps

    CHAPTER 3. INSTALLATION AND SETUP In the hub DTX 5000-CTL Management Appliance, click on System - DTX Control - Properties - Spoke Servers to show the Spoke Server view. Check the box of the spoke server registration to be deleted. Click the Delete button and confirm the operation. The spoke server is no longer listed in the Spoke Server view.
  • Page 33 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE...

  • Page 34: Units View Windows

    CHAPTER 4. UNITS VIEW WINDOWS 4. Units View Windows Units View windows display list of units that have been added to the DTX Control database. A user must have unit view access rights to open Units View windows. Also, units will not display if they are hidden.

  • Page 35: Showing And Hiding Units

    SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE • Groups - Units that have been assigned to a personal or global unit group. • Sites - Units that have been assigned to a site. • Departments - Units that have been assigned to a department. •...

  • Page 36: Units View Windows Fields

    CHAPTER 4. UNITS VIEW WINDOWS Click Visibility in the Available Fields column and then click Add. Visibility will be moved to the Fields to Show column. Click Show hidden items. Click Save and then click Close. The Units View window will open, containing the hidden items and the Visibility column.

  • Page 37: Multiple Unit Operations From A Units View Window

    SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE 4.4 Multiple Unit Operations from a Units View Window From a Units View window, you may delete one or more units or assign access rights for one or more units. You may also use the Operations button/menu to initiate certain actions on one or more units. •...

  • Page 38: Unit Overview Windows

    CHAPTER 4. UNITS VIEW WINDOWS You may also access this window at any time by clicking the Units tab, then clicking Operation Results in the side navigation bar. To view the results for an individual operation, click on the name. The Operation Results window for that operation type will open, indicating: •...

  • Page 39: Unit Status Window

    SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Click Save and then click Close. The Units View window will open. 4.6 Unit Status Window To use the Unit Status window: Click the Units tab, then click Unit Status in the side navigation bar. The Unit Status window opens.

  • Page 40: Managing Units

    CHAPTER 5. MANAGING UNITS 5. Managing Units This chapter describes how to manage unit properties and settings, access rights and local account settings, and how to view unit asset and usage reports. 5.1 Using the Units Tab in the Explorer Window From the Units tab in the DTX Control Explorer, you can manage user operations such as adding and deleting units, changing unit properties and upgrading your firmware.
  • Page 41 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Table 5-1. Unit Status Values Status and Type Description Icon Unit is turned on, can be communicated with and Managed Units Idle is not associated with an active media session. Managed Units In Use Unit is associated with a session. Managed Units Upgrading Unit firmware is being upgraded.
  • Page 42 CHAPTER 5. MANAGING UNITS • Target Computers: Click Target Computers in the side navigation bar to see a list of all target computers in the system. • Active Sessions: Click Active Sessions in the side navigation bar to view a list of all the users that are accessing user stations, and which transmitters are being accessed by which users.
  • Page 43 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE The Search Results window will open. The name and MAC address of the discovered unit will be displayed. Click Next. The Completed Successfully window will open. To exit the Add Unit Wizard, click Finish. To add a single unit that does not have an IP address: In a Units - All window containing managed units, click Add.

  • Page 44: The Unit Overview Window

    CHAPTER 5. MANAGING UNITS Click Next. The DTX Control appliance will search for managed units within the IP address range. When the search is completed, the Select Units to Add window will open, listing the results. To add one or more managed units, select the managed units in the Units Found list, then click Add.
  • Page 45 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Control appliance. To view a list that contains only transmitters or only user stations, select the appropriate option in the side navigation bar. To view information about individual user stations or transmitters, click on a specific unit listed in the Units - All window.
  • Page 46 CHAPTER 5. MANAGING UNITS Click Save and then click Close. Configuring network settings for a transmitter or user station The administrator can use the DTX Control appliance to change a unit's IP address, subnet mask, default gateway and DHCP status. These changes can be done from the Unit Settings menu available in the side navigation bar of the Unit Overview window.
  • Page 47 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Under Unit Settings in the side navigation bar, click Modes. The Unit Auto Login/Operating Mode Settings window opens. In the Unit Auto Login Mode section, choose Disable or Enable. If Auto Login Mode is enabled, select a target computer from the Auto Login Mode Target Computer list-box.
  • Page 48 CHAPTER 5. MANAGING UNITS the network. The DTX Control appliance is not required as part of the system when in Extender Mode. When in Desktop Mode, a DTX Extender system can be managed and administered through the DTX Control appliance. To change the operating mode for a DTX user station: Click the Units tab.
  • Page 49 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Managing firmware upgrades To upgrade the firmware on a single unit: NOTE: You cannot perform a firmware upgrade unless a firmware upgrade file has been added to the DTX Control appliance repository. Also, upgrading the unit firmware requires the unit to reboot; currently active sessions will be disconnected.
  • Page 50 CHAPTER 5. MANAGING UNITS Managing user access to target computers To manage user access to target computers: Click the Units tab. The Units - All window will open. Select Target Computers from the side navigation menu. This displays a list of all target computers in the Target Computers - All window.

  • Page 51: Departments And Locations Windows

    SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE 5.4 Departments and Locations Windows The DTX Control appliance also provides a means to attach logical location identifiers to units, making it easier for administrators to track and locate units within their organization. The Departments window identifies units that have been assigned to a department, while the Locations window identifies units that have been assigned to a location.
  • Page 52 CHAPTER 5. MANAGING UNITS To change the name of a department or location: Click the Units tab. The Units - All window will open. To change the name of a department, click Departments in the top navigation bar. The Departments window opens. - or - To change the name of a location, click Locations in the top navigation bar.
  • Page 53 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE • If a user had Admin rights in the DTX Control software for all nodes in the tree (including the Topology node), the user will be added as a member and inherit the access rights of a DTX Control administrator user group member in the DTX Control system.
  • Page 54 CHAPTER 5. MANAGING UNITS The Import in Progress window will open, displaying the current step being performed, as the DTX Control software database is importing. Upon completion of the wizard, an event will be recorded with the results of the import. Click Finish.
  • Page 55 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Performing a forced log-out To disconnect an active media session: Click the Units tab. The Units - All window will open. Click Active Sessions in the side navigation bar. The Active Media Sessions window will open. A list is displayed of all the current active media sessions. Click to select the checkbox to the left of the sessions.

  • Page 56: Unit Sessions And Connections

    CHAPTER 6. UNIT SESSIONS AND CONNECTIONS 6. Unit Sessions and Connections This chapter describes how to view and manage unit sessions and connections in the DTX  Control software. 6.1 Active Sessions There are two types of active session displays: all active sessions in your system and active session information for each target device.
  • Page 57 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Click Appliance Settings in the side navigation bar. Then click Sessions in the side navigation bar, then Active. The Appliance Sessions window will open. To disconnect one or more sessions, click the checkbox to the left of the sessions. To disconnect all sessions on the page, click the checkbox to the left of Start-Date-Time at the top of the list.

  • Page 58: Grouping Units

    CHAPTER 7. GROUPING UNITS 7. Grouping Units The DTX Control Explorer automatically groups managed appliances by the type of appliance. Target devices are automatically grouped based on the type to which they are assigned. You may also add and change the following types of groups: •...
  • Page 59 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Type a name, then click Add. The Sites, Departments or Locations window will open. A site, department or location will not be listed in the side navigation bar until a unit has been associated with it. To delete a site, department or location: Click the Units tab.
  • Page 60 CHAPTER 7. GROUPING UNITS Click one of the links listed in Table 7-1 in the side navigation bar to display the corresponding window for the units you wish to associate, change or remove the association. Table 7-1. Links for Managing Sites, Departments or Location Associations Changes Site Link Window...

  • Page 61: Custom Fields

    SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Click on a site, department, location link in the side navigation bar to display another entry in the unit list. 7.2 Custom Fields Ten custom fields are available. To use the custom fields, first change the default labels on the fields (Custom Field 1, Custom Field 2 and Custom Field 3) and then associate a custom label with a unit.
  • Page 62 CHAPTER 7. GROUPING UNITS There are two types of unit groups: global and personal. A global unit group can be viewed by any user logged into the DTX Control software. A personal unit group may only be viewed by the person who created it. Up to 32 personal unit groups may be created by a user. There are two top-level system-defined unit group containers: global root and personal root.
  • Page 63 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Table 7-2. Unit Groups Features Can add Can change Can have units as Group Type rights? subgroups? members? System Defined No, can Global Root only add groups Unassigned No, can Personal Root only add groups User Defined Global Groups Personal Groups...
  • Page 64 CHAPTER 7. GROUPING UNITS Figure 7-2. Unit Group Hierarchy Example Table 7-3. Unit Group Hierarchy Example Descriptions Number Number Description Description Global unit group Global unit group Alpha has one or Unassigned has all units that more subgroups are not assigned to a group; it cannot have subgroups Global Unit group Gamma has two Personal unit group ProjectB...
  • Page 65 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Click Groups in the top navigation bar. The Unit Groups window will open. If a unit group has subgroups (children), an arrow will be displayed next to its name. • To display a list of groups in the global root group, click Global Root. The first global unit group listed will automatically be selected.
  • Page 66 CHAPTER 7. GROUPING UNITS Click the group container or the parent group of the unit group you want to display information about. Click on the unit group name. The side navigation bar will contain information links about the selected unit group. •...
  • Page 67 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE To delete a unit group: NOTE: Deleting a unit group deletes the group only; the units still exist in the DTX Control system. You cannot delete any system-defined unit groups (global root, personal root and unassigned.) Click the Units tab.
  • Page 68 CHAPTER 7. GROUPING UNITS To add or remove members in a unit group: NOTE: Removing a unit group or unit member from a unit group does not delete the group/unit from the DTX  Control system or any other group to which it belongs. Click the Units tab.
  • Page 69 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE To add or remove a user or user group from the User and User Groups list: Click Edit List. The Unit Access Rights User Selection window will open. • To add one or more users or user groups, select the user(s) or user group(s) from the Available list, then click Add.

  • Page 70: Authentication Services

    CHAPTER 8. AUTHENTICATION SERVICES 8. Authentication Services Users must be authenticated before they may access or perform any tasks in the DTX Control system. When users log in, they will be prompted for a username and password. The DTX Control system will look up the login, determine the authentication service to use and forward the login credentials to the appropriate authentication service for verification.
  • Page 71 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE The DTX 5000-CTL Management Appliance obtains external group membership and external user information when a user logs in. If a user’s group membership changes or the user is deleted externally, the DTX Control appliance will not see these changes until the next time the user logs in.
  • Page 72 CHAPTER 8. AUTHENTICATION SERVICES Type a number (from 1-64) in the Minimum Password Length field, or click the arrows to select a number. Check the Passwords Expire checkbox to require a user to change the password after a certain number of days. Specify a number (from 1-365) in the Maximum Expiration (days) field, or select a number.
  • Page 73 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Type the text that you wish to appear in each of the six custom field labels. Click Save and then click Close. The User Authentication Services window will open. By default, the custom field labels do not display in the User Accounts - All window, but they may be added to the display (or added to the default display by an administrator), using the Customize link.
  • Page 74 CHAPTER 8. AUTHENTICATION SERVICES Example 1 (with sub-domain): “mktg.sunrise.mycompany.com/sun/myusers” Example 2 (with sub-domain and no container specified): “mktg.sunrise.mycompany.com/” Example 3 (with sub-domain): “ou=myusers,ou=sun,dc=mktg,dc=sunrise,dc=mycompany,dc=com” In the Group Container field, specify the name of the container to search for user groups. This will limit the search scope to that container. The name may be entered in several forms, optionally including a sub-domain.
  • Page 75 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE addition, the Active Directory server addresses must be resolvable to their host names via DNS. When this is not checked, the LDAP protocol will be used. Click Enable Chasing of Referrals to allow the Active Directory server to refer DTX Control clients to additional directory servers.
  • Page 76 CHAPTER 8. AUTHENTICATION SERVICES Click Next to accept the certificate. The Select Browsing Method window will open. Click Browse Anonymously to browse users on the external Active Directory authentication server. -or- Click Browse with user credentials to browse users on the external Active Directory authentication based on credentials configured on the server.
  • Page 77 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Click the name of the Active Directory (AD) service. The side navigation bar will change to include the name of the AD service at the top and, below the name, the information you may define. Click Connection in the side navigation bar.
  • Page 78 CHAPTER 8. AUTHENTICATION SERVICES 11. Click Enable Chasing of Referrals to allow the Active Directory server to refer DTX Control clients to additional directory servers. 12. Specify the search mode: Enable Use Recursion to search groups if you wish to have the AD service access the domain controller for the specified domain name.
  • Page 79 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE trusted, based on the certificate policy; Untrusted indicates the certificate cannot be trusted. 16. To register certificates: To select one or more certificates, click the checkbox to the left of the server IP addresses. To select all certificates on the page, click the checkbox to the left of the IP Address heading.
  • Page 80 CHAPTER 8. AUTHENTICATION SERVICES Click Browse with User Credentials to browse users on the external Active Directory authentication based on credentials configured on the server. If this option is selected, do the following: Type the username for an Active Directory account that has browse rights in the User Name field.
  • Page 81 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Type the username for a Windows NT account that has browse rights in the User Name field. Type the password for a Windows NT account that has browse rights in the Password field. Click Next. The Establish Connection with Authentication Service window will briefly appear.
  • Page 82 CHAPTER 8. AUTHENTICATION SERVICES Click User Browsing in the side navigation bar. The Authentication Service User Browsing - NT window will open. Click Browse Anonymously to anonymously browse users on the external Windows NT authentication server. -or- Click Browse with User Credentials to browse users on the external Windows NT authentication based on credentials configured.
  • Page 83 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE • Click Do Not Use SSL to have authentication performed using unencrypted clear text instead of SSL encryption. This method is the least secure and automatically sets the Port Number field to a default port number of 389. •...
  • Page 84 CHAPTER 8. AUTHENTICATION SERVICES Type the Base distinguished name (DN) from which to begin searches. This is a required field unless the Directory Service has been configured to allow anonymous search. Each Search DN value must be separated by a comma. Type the object class.
  • Page 85 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Click Connection in the side navigation bar. The Authentication Service Connection Settings - LDAP window will open. Type a name in the Service Name field to change the name of the service that appears in the Name column of the User Authentication Services window.
  • Page 86 CHAPTER 8. AUTHENTICATION SERVICES 12. Click Register to register the certificates. The Accept SSL Certificate window will appear. 13. Click Save to store the certificate values to the DTX Control database on the host. The Certificate Management window will open if only one certificate was selected. If more than one certificate was selected, each will appear in order in subsequent Accept SSL Certificate windows.
  • Page 87 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Click Authentication Services in the top navigation bar. The User Authentication Services window will open. Click the name of the LDAP service. The side navigation bar will change to include the name of the LDAP service at the top and, below the name, the information you may define.
  • Page 88 CHAPTER 8. AUTHENTICATION SERVICES Type a log in ID in the User Name field, in one of two forms: a fully qualified distinguished name or the username of an account in the base user DN. Type the password for the LDAP user account in the Password field. Click Save and then click Close.
  • Page 89 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE MS-CHAP v2 - Microsoft Challenge Handshake Authentication Protocol Version 2 In the Shared Secret field, type the shared secret (that was configured on the RADIUS server in step 1), which is a password protected field. Microsoft’s implementation allows up to 128 ASCII characters for the shared secret;...
  • Page 90 CHAPTER 8. AUTHENTICATION SERVICES MS-CHAP - Microsoft Challenge Handshake Authentication Protocol MS-CHAP v2 - Microsoft Challenge Handshake Authentication Protocol Version 2 In the Shared Secret field, type the shared secret, which is a password protected field. Microsoft’s implementation allows up to 128 ASCII characters for the shared secret;...
  • Page 91 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE The Specify TACACS+ Connection Settings window will open. Type the address of the TACACS+ host or type the DNS host name in the Server Address field. Type the number of the port (from 1-65535) connecting to the TACACS+ host in the Port Number field.
  • Page 92 CHAPTER 8. AUTHENTICATION SERVICES If you selected DTX Control internal groups and the external authentication service was added successfully, the Completed Successful window will open. -or- If you selected any other option, the Specify TACACS+ Server Group Authorization Settings window will open. In the Service field, type the appropriate TACACS+ service.
  • Page 93 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Type the address of the TACACS+ host in dot notation format (xxx.xxx.xxx.xxx) or type the DNS host name in the Server Address field. Type the number of the port (from 1-65535) for connecting to the TACACS+ host in the Port Number field.

  • Page 94: Rsa Securid External Authentication Service

    CHAPTER 8. AUTHENTICATION SERVICES If TACACS+ privilege level attribute is the method, the default value is priv-lvl. If TACACS+ custom attribute for group names is the method, the default value is group_name. Click Save. Click Close. The User Authentication Services dialog box will appear. 8.2 RSA SecurID external authentication service When an RSA SecurID external authentication service is added, the DTX 5000-CTL Management Appliance obtains user authentication information and relays it to the RSA...
  • Page 95 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE The sdconf.rec file will be uploaded from the DTX Control client to the server. This file will be used as the initial RSA configuration file for all DTX Control servers. If some DTX Control servers require a different configuration, a different sdconf.rec file must be configured.

  • Page 96: User Authentication Services Window

    CHAPTER 8. AUTHENTICATION SERVICES To update the RSA configuration files used by one or more DTX Control servers to communicate with the RSA Authentication Manager software: Click the checkbox to the left of the server name. To select all DTX Control servers on the page, click the checkbox to the left of Server at the top of the list. Click Update.
  • Page 97 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE To refresh trusted forests: NOTE: Refresh Trusted Forests is only applicable for Active Directory services for which discovering trusted forests was enabled. Click the User tab, then click Authentication Services to open the User Authentication Services window.

  • Page 98: Managing User Accounts

    CHAPTER 9. MANAGING USER ACCOUNTS 9. Managing User Accounts This chapter describes how to manage user accounts. The DTX 5000-CTL Management Appliance allows you to: • Add, change and delete user accounts • Unlock user accounts • Specify user account restrictions • Change user group membership •...
  • Page 99 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Table 9-1. User Status Icons Authentication Icon Status Method Enabled - The user can log in and use the DTX Control Face software. Disabled - The user cannot log in to the DTX Control Face with a Internal software.

  • Page 100: Adding User Accounts

    CHAPTER 9. MANAGING USER ACCOUNTS • Business Phone - Business phone number defined in the user’s properties. See "Phone contact" on page 99. • Default E-Mail - Default email account defined in the user’s properties. See "Email contact" on page 100. •...
  • Page 101 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Select an authentication service and then click Next. • If you selected Internal, go to step 4. • If you selected any other authentication service, go to step 5. The Type in User Credentials window will open. Type a username, password and confirm the password of the user you are adding.

  • Page 102: Deleting User Accounts

    CHAPTER 9. MANAGING USER ACCOUNTS If you selected any other type of external authentication service in step 3, you may either specify the username or find the user on the external authentication service. • To specify the user, enable the Specify user on external authentication service radio button and type the name of the user.

  • Page 103: Unlocking User Accounts

    SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE 9.4 Unlocking User Accounts If lock-out settings have been specified for the DTX Control internal authentication service and a user exceeds these settings, the user will not be allowed to attempt another log in until a certain amount of time has passed.
  • Page 104 CHAPTER 9. MANAGING USER ACCOUNTS • Home and business addresses • Home, business, mobile and pager phone numbers • Primary email address and up to five additional email addresses • Notes you wish to add about the user • Up to six custom fields Some properties may be changed only if the user account will be using the DTX Control internal authentication service.
  • Page 105 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE User account restrictions and expiration settings Account restriction and expiration settings may be changed only for internal authentication users. To change user account restrictions and expiration settings: Click the Users tab. Click on a username. The User Name window will open. Click Restrictions in the side navigation bar.
  • Page 106 CHAPTER 9. MANAGING USER ACCOUNTS Click User Groups in the side navigation bar. The User Group Membership window will open. To add a user to one or more groups, select the group(s) in the Available Groups list, then click Add. The columns will be moved to the Member Of list. To remove the user from one or more groups, select the group(s) in the Member Of list, then click Remove.
  • Page 107 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Email contact Email contacts may be changed only for internal authentication users. To specify email contact information for user: Click the Users tab. In a User Accounts window, click on a username. The User Name window will open. Click E-Mail Addresses in the side navigation bar.

  • Page 108: User Access Rights

    CHAPTER 9. MANAGING USER ACCOUNTS 9.7 User Access Rights Access rights indicate whether a user is allowed to perform certain actions on a unit in the DTX Control system. You may assign access control rights from a user perspective. You select a user account, specify the units for which rights will be assigned, then indicate the permission to perform the action (none, allow, deny or inherit) for each unit.
  • Page 109 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE To add or remove access rights through a user account: Click the Users tab. Click on a username. Click Access Rights in the side navigation bar. The User Access Rights window will open. To add or remove a unit or unit group from the Unit and Unit Groups list, click Edit List.

  • Page 110: User Groups

    CHAPTER 10. USER GROUPS 10. User Groups Users that have been added to the DTX Control system may be added to the following two types of user groups: • Built-In - The DTX 5000-CTL Management Appliance is delivered with six predefined user groups: Appliance Administrators, Auditors, DTX Control administrators, Everyone, User Administrators and Users.

  • Page 111: Built-In User Groups

    SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE specified in the DTX Control software. The group container defaults to the AD domain root if it is unspecified. For example, if you have an AD external authentication service for the “sw.eng.mydomain.com” domain with no group container specified, the “Domain Users” group in the “sw.eng.mydomain.com/Users”...
  • Page 112 CHAPTER 10. USER GROUPS Table 10-1. Built-In User Group Allowed Operations Built-In User Group Operation Server User Appliance Auditors Users Administrator Administrator Administrator Configure DTX Control system-level settings Add, change, import and delete DTX Control software Backup and restore the DTX Control database Register a spoke server...

  • Page 113: Adding User-Defined User Groups

    SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Built-In User Group Operation Server User Appliance Auditors Users Administrator Administrator Administrator Add, change, delete user accounts and user-defined user groups All event- related operation Change your own password In addition to the built-in user groups, the DTX 5000-CTL Management Appliance supports user-defined user groups.
  • Page 114 CHAPTER 10. USER GROUPS • If you selected Internal as the authentication service, go to step 4. • If you selected any other type of authentication service, go to step 5. NOTE: If you are adding a group to the TACACS+ authentication service, see "TACACS+ external authentication services"...

  • Page 115: Deleting User-Defined User Groups

    SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE TACACS+ external authentication services To add a TACACS+ user group: Click the Users tab. Click Groups in the top navigation bar. Click User-Defined in the side navigation bar. The User Groups - User Defined window will open. Click Add.

  • Page 116: User Group Properties

    CHAPTER 10. USER GROUPS Confirm or cancel the deletion. 10.4 User Group Properties To display the properties of a built-in user group: Click the Users tab. Click Groups in the top navigation bar. Built-In will automatically be selected in the side navigation bar and the User Groups - Built-in window will open. Click on a user group name.

  • Page 117: User Group Access Rights

    SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE Click Members in the side navigation bar. The User Group Members window will open. Click Assign. The Assign Users to User Group window will open. To add one or more users to the user group, select the user(s) in the Available Users list, then click Add.
  • Page 118 CHAPTER 10. USER GROUPS Click Effective Rights in the side navigation bar and then click All Units, Target Devices or Appliances. The Target Devices Effective Rights window or Appliance Effective Rights window will open. Columns indicate the available actions for the unit. •...
  • Page 119 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE • Deny - the access right is denied for members of the user group. • Inherit - the access right is inherited from the unit group(s) to which the selected unit/unit group belongs. When Inherit is selected, the Allow and Deny checkboxes will become gray and unchangeable, and indicate the inherited value.

  • Page 120: Events And Event Logs

    CHAPTER 11. EVENTS AND EVENT LOGS 11. Events and Event Logs When an enabled, defined event occurs in the DTX Control software system, it is saved in the event log. You may display the event log content, view details about an individual event log entry or delete an event log entry.
  • Page 121 SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE In the Send To field, type the email addresses of the persons you want to notify. Separate multiple addresses with a comma (,). This field has a limit of 1024 characters. In the From field, type the email address (up to 64 characters) of the person you wish to designate as the sender of the notification.
  • Page 122 CHAPTER 11. EVENTS AND EVENT LOGS In the From field, change the email address (up to 64 characters) of the person you wish to designate as the sender of the notification. In the Subject field, change the subject heading (up to 64 characters) for the notification To change the events: •...

  • Page 123: Changing The Event Log Retention Period

    SERVSWITCH DTX™ CONTROL INSTALLER/USER GUIDE 11.2 Changing the Event Log Retention Period By default, an event log is retained for seven days (one week). You may specify a retention period of up to 365 days (one year). NOTE: Event log information is stored in the DTX Control database and is replicated. Increasing the event log retention time may impact the performance of the DTX Control system.
  • Page 124 Customer Support Information: For FREE Technical Support 24 hours a day, 7 days a week, call 724-746-5500 or fax 724-746-0746 Mailing address: Black Box Corporation, 1000 Park Dr., Lawrence, PA 15055-1018 World-Wide Web: www.blackbox.com • Email: info@blackbox.com © Copyright 2010. Black Box Corporation. All rights reserved.

Table of Contents