Integrated Management Module (IMM) indicates that remote login attempts from all users will be locked out after detecting more than five (5) sequential login failures from any one user. However, after five (5) login failures through Secure Shell (SSH), the user can still login IMM through the web browser.
Source
RETAIN tip: H204099
Symptom
Integrated Management Module (IMM) indicates that remote login attempts from all users will be locked out after detecting more than five (5) sequential login failures from any one user. However, after five (5) login failures through Secure Shell (SSH), the user can still login IMM through the web browser.
Affected configurations
The system may be any of the following IBM servers:
- System x3200 M3, type 7327, any model
- System x3200 M3, type 7328, any model
- System x3250 M3, type 4252, any model
- System x3250 M3, type 4261, any model
- System x3400 M3, type 7378, any model
- System x3400 M3, type 7379, any model
- System x3500 M3, type 7380, any model
- System x3550 M3, type 4254, any model
- System x3550 M3, type 7944, any model
- System x3650 M3, type 4255, any model
- System x3650 M3, type 7945, any model
- iDataPlex dx360 M3 server, type 6391, any model
This tip is not software specific.
This tip is not option specific.
The following system firmware level(s) are affected:
Solution
This behavior is corrected in Integrated Management Module (IMM) firmware Version 1.32 (Build ID: YUOOD4G) and later.
The file is available by selecting the appropriate Product name, Product machine type, and operating system on IBM Support's Fix Central web page, at the following URL:
Workaround
The symptom can be fixed by disabling the Domain Name System (DNS) reverse lookup function on the DNS server in the same subnet.
Additional information
The SSH daemon in IMM code records the user login to IMM by host name as default. But the Hypertext Transfer Protocol (HTTP) deamon (web service) records the user login to IMM by Internet Protocol (IP) address as default. In IMM, the Open Source daemon translates the IP address to host name and returns to IMM system. This allows a user to login to IMM after five (5) authentication failures.
Disabling the DNS Reverse lookup function on the DNS server makes the SSH daemon in IMM code record the user login to IMM by IP address and avoids the symptom.
System x:Operating system independent / None
[{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"QU04FAH","label":"System x->System x3200 M3->7328"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"QU04IMI","label":"System x->System x3200 M3->7327"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"QU04IOF","label":"System x->System x3250 M3->4252"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"QU04IPR","label":"System x->System x3250 M3->4261"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"QU04SLL","label":"System x->System x3650 M3->7945"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"QU04SMA","label":"System x->System x3550 M3->7944"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"QU04SMO","label":"System x->System x iDataPlex dx360 M3 server->6391"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"QU04SNM","label":"System x->System x3400 M3->7378"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"QU04SOK","label":"System x->System x3500 M3->7380"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"QU04SPC","label":"System x->System x3550 M3->4254"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}},{"Type":"HW","Business Unit":{"code":"BU016","label":"Multiple Vendor Support"},"Product":{"code":"QU04SPI","label":"System x->System x3650 M3->4255"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Line of Business":{"code":"","label":""}}]