background image

 

Configuring iLO 2  46 

Base64-encoded. A CA processes this request and returns a response (X.509 certificate) that can be 

imported into iLO 2.  
The CR contains a public/private key pair that validates communications between the client browser 
and iLO 2. The generated CR is held in memory until a new CR is generated, iLO 2 is reset, or a 

certificate is imported by the generation process. You can generate the CR and copy it to the client 

clipboard, leave the iLO 2 website to retrieve the certificate, and then return to import the certificate. 
When submitting the request to the CA, be sure to perform the following tasks: 

a.

 

Use the iLO 2 name as listed on the System Status screen as the URL for the server. 

b.

 

Request that the certificate is generated in the RAW format. 

c.

 

Include the 

Begin

 and 

End

 certificate lines. 

Every time you click 

Create Certificate Request,

 a new certificate request is generated, even though 

the iLO 2 name is the same. 

 

Import Certificate—Use this button when you are returning to the Certificate Administration page 
with a certificate to import. Click 

Import Certificate

 to go directly to the Certificate Import screen 

without generating a new CR. A certificate only works with the keys generated for the original CR 

from which the certificate was generated. If iLO 2 has been reset, or another CR was generated 
since the original CR was submitted to a CA, then a new CR must be generated and submitted to the 

CA. 

You can create a CR or import an existing certificate using RIBCL XML commands. These commands 

enable you to script and automate certificate deployment on iLO 2 servers instead of manually deploying 

certificates through the browser interface. For more information, see 

HP Integrated Lights-Out 

Management Processor Scripting and Command Line Resource Guide

 

Two-factor authentication 

Access to iLO 2 requires user authentication. This firmware release provides an enhanced authentication 

scheme for iLO 2 using two factors of authentication: a password or PIN, and a private key for a digital 

certificate. Using two-factor authentication requires that you verify your identity by providing both factors. 

You can store your digital certificates and private keys wherever you choose, for example, on a smart 

card, USB token, or hard drive. 
The Two-Factor Authentication tab enables you to configure security settings and review, import, or delete 

a trusted CA certificate. The Two-Factor Authentication Enforcement setting controls whether two-factor 

authentication is used for user authentication during login. To require two-factor authentication, click 

Enabled

. To turn off the two-factor authentication requirement and allow login with user name and 

password only, click 

Disabled

. You cannot change the setting to Enabled if a trusted CA certificate is not 

configured. To provide the necessary security, the following configuration changes are made when two-

factor authentication is enabled: 

 

Telnet Access: Disabled 

 

Secure Shell (SSH) Access: Disabled 

 

Serial Command Line Interface Status: Disabled 

If telnet, SSH, or Serial CLI access is required, re-enable these settings after two-factor authentication is 

enabled. However, because these access methods do not provide a means of two-factor authentication, 

only a single factor is required to access iLO 2 with telnet, SSH, or Serial CLI. 

Summary of Contents for Xw460c - ProLiant - Blade Workstation

Page 1: ...HP Integrated Lights Out 2 User Guide for Firmware 1 75 and 1 77 Part Number 394326 009 April 2009 Ninth Edition ...

Page 2: ...nd 12 212 Commercial Computer Software Computer Software Documentation and Technical Data for Commercial Items are licensed to the U S Government under vendor s standard commercial license Microsoft Windows Windows Server Windows Vista Windows NT and Windows XP are U S registered trademarks of Microsoft Corporation AMD is a trademark of Advanced Micro Devices Inc Intel is a trademark of Intel Corp...

Page 3: ...O 2 RBSU 20 Setting up iLO 2 using the browser based option 20 Activating iLO 2 licensed features using a browser 20 Installing iLO 2 device drivers 21 Microsoft device driver support 21 Linux device driver support 22 Novell NetWare device driver support 22 Configuring iLO 2 24 iLO 2 configuration overview 24 Upgrading iLO 2 firmware 24 Upgrading iLO 2 using a browser 25 Updating the firmware usin...

Page 4: ...formation Summary 78 iLO 2 Log 80 IML 80 Diagnostics 81 Insight Agents 82 iLO 2 Remote Console 83 Remote Console overview and licensing options 84 Remote Console settings 84 Integrated Remote Console Fullscreen 88 Integrated Remote Console option 88 Shared Remote Console 93 Using Console Capture 93 Using HP iLO Video Player 94 Acquiring the Remote Console 96 Remote Console 96 Text based remote con...

Page 5: ... up directory services 142 Schema documentation 143 Directory services support 143 Schema required software 144 Schema installer 144 Management snap in installer 147 Directory services for Active Directory 147 Directory services for eDirectory 157 User login using directory services 165 Directory enabled remote management 166 Introduction to directory enabled remote management 166 Creating roles t...

Page 6: ...c Port 195 Inability to connect to the iLO 2 processor through the NIC 196 Inability to log in to iLO 2 after installing the iLO 2 certificate 196 Firewall issues 196 Proxy server issues 196 Two factor authentication error 197 Troubleshooting alert and trap problems 197 Inability to receive HP SIM alarms SNMP traps from iLO 2 198 iLO 2 Security Override switch 198 Authentication code error message...

Page 7: ... not displaying correctly 207 Troubleshooting Virtual Media problems 207 Virtual Media applet has a red X and will not display 207 Virtual Floppy media applet is unresponsive 207 Troubleshooting iLO Video Player problems 207 Video capture file does not play 207 Video capture file plays erratically 208 Troubleshooting Remote Text Console problems 208 Viewing the Linux installer in the text console ...

Page 8: ...Contents 8 Lights Out Management attribute definitions 218 Technical support 220 Support information 220 HP contact information 221 Before you contact HP 221 Acronyms and abbreviations 222 Index 229 ...

Page 9: ...p com go integrityiLO This guide includes information about iLO 2 firmware version 1 11 1 2x 1 3x 1 70 1 75 and 1 77 New in this release of iLO 2 iLO 2 version 1 77 adds support for improved power usage through the use of a power High Efficiency Mode HEM For more information see Power efficiency on page 121 iLO 2 version 1 75 adds support for License Model Support iLO 2 offers iLO Advanced and iLO...

Page 10: ...referred to as embedded health iLO 2 monitors temperatures in the server and sends corrective signals to the fans to maintain proper server cooling In addition to temperature monitoring iLO 2 provides fan status monitoring and monitoring of the status of the power supplies voltage regulators and the internal hard drives These examples are just a few ways iLO 2 is used to manage HP ProLiant servers...

Page 11: ...ct password for that user name For more information about the Insight Essentials Rapid Deployment Pack see the documentation that ships on the Insight Essentials Rapid Deployment Pack CD or the HP website http www hp com servers rdp Server management through IPMI version 2 0 compliant applications Server management through the IPMI is a standardized method for controlling and monitoring the server...

Page 12: ...c through the KCS interface can affect the performance of the health driver and overall health performance of the system Do not issue any IPMI commands through the KCS interface that could have a detrimental affect on the monitoring performed by the health driver These commands include any commands that sets or changes IPMI parameters such as Set Watchdog Timer and Set BMC Global Enabled Any IPMI ...

Page 13: ...k on the right side of the browser window Typical user tasks are found under the System Status Remote Console Virtual Media and Power Management tabs of the iLO 2 interface These tasks are described in the Using iLO 2 on page 76 section The Administration tab is typically used by an advanced or administrative user who must manage users configure global and network settings as well as configure or ...

Page 14: ...em For graceful host operating system shutdown HP SIM integration requires health drivers and Management Agents or remote console access iLO 2 provides two interface drivers iLO 2 Advanced Server Management Controller Driver health driver Provides system management support including monitoring of server components event logging and support for the Management Agents iLO 2 Management Interface Drive...

Page 15: ...Operational overview 15 o SUSE LINUX Enterprise Server 10 ...

Page 16: ...rivers on page 21 Preparing to setup iLO 2 Before setting up your iLO 2 management processors you must decide how to handle networking and security The following questions can help you configure iLO 2 for your needs 1 How should iLO 2 connect to the network For a graphical representation and explanation of the available connections see the section Connect to the network Connecting to the network o...

Page 17: ...interfaces o iLO 2 RBSU Setting up iLO 2 using iLO 2 RBSU on page 20 can be used when the system environment does not use DHCP DNS or WINS o Browser based setup Setting up iLO 2 using the browser based option on page 20 can be used when you can connect to iLO 2 on the network using a browser This method can also reconfigure a previously configured iLO 2 o SMASH CLP can be used when a command line ...

Page 18: ... the server has two network ports one server NIC and one iLO 2 NIC connected to a corporate network Dedicated management network where the iLO 2 port is on a separate network Configuring the IP address This step is necessary only if you are using a static IP address When using dynamic IP addressing your DHCP server will automatically assign an IP address for iLO 2 HP recommends using DNS or DHCP w...

Page 19: ...standard Web browser For security reasons HP recommends changing the default settings after logging in to iLO 2 for the first time The default values are User name Administrator Password A random eight character alphanumeric string DNS Name ILOXXXXXXXXXXXX where the Xs represent the serial number of the server NOTE User names and passwords are case sensitive If you enter an incorrect user name and...

Page 20: ...ntaining the iLO 2 management processor If iLO 2 has not been configured to present a login challenge to the RBSU no prompt will appear 4 Make and save any necessary changes to the iLO 2 configuration 5 Exit iLO 2 RBSU Setting up iLO 2 using the browser based option Use the browser based setup method if you can connect to iLO 2 on the network using a browser You can also use this method to reconfi...

Page 21: ...sight Agents and the Terminal Services Pass Through service to communicate with iLO 2 The device drivers required to support iLO 2 are part of the PSP located on the SmartStart CD Management CD or on the HP website http www hp com servers lights out All the support drivers for your server and iLO 2 can be downloaded from the HP website http www hp com servers lights out To download the drivers 1 C...

Page 22: ...hp iLO combines the RIB driver rack daemon RIB agent and rack agent into one package To load the health and iLO 2 driver packages use the following commands rpm ivh hp snmp agents d vv v pp Linux_version i386 rpm rpm ivh hp iLO d vv v pp Linux_version i386 rpm where d is the Linux distribution and version and vv v pp are version numbers For additional information see the Software and Drivers websi...

Page 23: ...nloading the PSP follow the Novell NetWare component installation instructions to complete the installation For additional information about the PSP installation read the text file included in the PSP download When using Novell NetWare 6 X use the ATI ES1000 video driver that is provided by the operating system for best results ...

Page 24: ... latest firmware on the HP website http www hp com servers lights out Select your iLO 2 product and then select Software Drivers After the software and drivers page appears select your iLO 2 product and operating system and then click Locate Software You can also locate your iLO 2 software by selecting the Operating System and Category options You must have the Configure iLO 2 privilege configure ...

Page 25: ...directory support components One of the components HPLOMIG can be used to discover iLO iLO 2 RILOE and RILOE II processors and update their firmware You do not have to use directory integration to take advantage of this functionality Upgrading iLO 2 using a browser You can complete the firmware upgrade from any network client using a supported browser You must have the Update iLO 2 Firmware privil...

Page 26: ...com go support 4 After the first screen displays switch to text console by pressing the Ctrl Alt F1 keys 5 Switch to the directory where the flash component is stored by entering cd mnt usb components at the prompt 6 Remove the loaded HP Lights Out driver by entering the following commands etc init d hp snmp agents stop etc init d hp ilo stop or etc init d hpasm stop 7 Run the component using the ...

Page 27: ...es as well as iLO Standard and iLO Standard Blade Edition feature enhancements at no extra charge A 60 day evaluation license key is available for download from the HP website The evaluation license activates and enables access to iLO 2 Advanced features You can only install one evaluation license per iLO 2 When the evaluation period expires the iLO 2 features deactivate The following versions of ...

Page 28: ...rchase of ProLiant Essentials and Insight Control software over time typically in conjunction with new ProLiant servers that are acquired on a regular basis User administration iLO 2 enables you to manage user accounts stored locally in the secure iLO 2 memory and directory group accounts Use MMC or ConsoleOne to manage directory user accounts iLO 2 supports up to 12 users with customizable access...

Page 29: ...p Accounts Adding a new user IMPORTANT Only users with the Administer User Accounts privilege can manage other users on iLO 2 You can assign a different access privilege to each user Each user can have a unique set of privileges designed for the tasks that the user must perform You can grant or deny access to critical functions such as remote access user management virtual power and other features...

Page 30: ... user privilege that allows you to remotely access the host system Remote Console and Remote Serial Console including video keyboard and mouse control You are still required to have access to the remote system to use this capability o Virtual Power and Reset is a user privilege that allows you to power cycle or reset the host platform Any of these activities interrupts the availability of the syst...

Page 31: ...er Information Viewing or modifying an existing user s settings 1 Log in to iLO 2 using an account that has the Administer User Accounts privilege You must have the Administer User Accounts privilege to manage other users on iLO 2 All users can change their own password using the View Modify User feature 2 Click Administration User Administration and select the name of the user whose information y...

Page 32: ...p Distinguished Name must exist within the directory and users who need access to iLO 2 should be members of this group Complete this field with a Distinguished Name from the directory for example CN Group1 OU Managed Groups DC domain DC extension Administer Group Accounts allows users who belong to this group to alter privileges for any group Remote Console Access allows you to remotely access th...

Page 33: ...s and access options Services options The Services tab enables you to select which services you want to enable on iLO 2 including SSH SSL Remote Console telnet and Terminal Services The Services tab also enables you to set the ports for each selected option Settings on the Services page apply to all iLO 2 users You must have the Configure iLO 2 Settings privilege to modify settings on this page To...

Page 34: ...d communications Web Server SSL Port 443 This setting enables you to specify which port the embedded web server in iLO 2 uses for encrypted communications Terminal Services Passthrough Disabled This setting enables you to control the ability to support a connection through iLO 2 between a Microsoft Terminal Services client and Terminal Services server running on the host The following settings are...

Page 35: ...ection For more information on RDP service see the section Windows RDP Passthrough service Windows RDP passthrough service on page 36 A Terminal Services session provides a performance enhanced view of the host system console When the operating system is unavailable or the Terminal Services server or client is unavailable the traditional iLO 2 Remote Console provides a view of the host system cons...

Page 36: ... describes how to install Terminal Services pass through on Windows Server 2008 Windows Server 2003 and Microsoft Windows XP Windows Server 2003 and Windows Server 2008 Windows servers require Microsoft NET Framework to support the use of iLO 2 Terminal Services The Terminal Services pass through service and the iLO 2 Management Interface driver for Windows Server 2008 and Windows Server 2003 must...

Page 37: ...ot receive the warning message indicating the disconnection until approximately one minute later During this one minute period the first Terminal Services session is available or active This is normal behavior but it is different than the behavior observed when both Terminal Services sessions are established by Windows administrators In that case the warning message is received by the first Termin...

Page 38: ...it of two concurrent sessions The Remote Console activates and becomes available if the Remote Console is in sleep mode and the Terminal Services client is interrupted by any of the following events The Terminal Services client is closed by the user The Windows operating system is shut down The Windows operating system locks up Terminal Services troubleshooting To resolve problems with iLO 2 Termi...

Page 39: ...Default value Descriptions Idle Connection Timeout minutes 30 minutes This setting specifies the interval of user inactivity in minutes before the web server and Remote Console session automatically terminate The following settings are valid 15 30 60 120 minutes or 0 infinite The infinite timeout value does not log out inactive users Lights Out Functionality Enabled This setting enables connection...

Page 40: ... 8 data bits and 1 stop bit N 8 1 for proper operation The serial port speed that is set by this parameter must match the speed of the serial port set in the System ROM RBSU setup Minimum Password Length 8 This setting specifies the minimum number of characters allowed when a user password is set or changed The character length can be set at a value from 0 to 39 Server Name This setting enables yo...

Page 41: ...ogin failure is recorded The SSH login failure counter is set to 2 3 Run the SSH client until receiving the login prompt Log in with an incorrect login name and password You will receive three password prompts After the third incorrect password the connection terminates and the third login failure is recorded The SSH login failure counter is set to 3 At this point iLO 2 firmware records an SSH log...

Page 42: ...e special character o At least one lowercase character o At least one uppercase character Passwords issued for a temporary user ID password reset or a locked out user ID should also conform to these standards Each password must be a minimum length of zero characters and a maximum length of 39 characters The default minimum length is set to eight characters Setting the minimum password length to fe...

Page 43: ...nt upon setting or clearing the iLO 2 Security Override Switch Setting the iLO 2 Security Override Switch also enables you to flash the iLO 2 boot block HP does not anticipate that you will need to update the iLO 2 boot block If an iLO 2 boot block update is ever required physical presence at the server will be required to reprogram the boot block and reset iLO 2 The boot block will be exposed unt...

Page 44: ...ights Out devices and users and the directory can enforce a stronger password policy iLO 2 enables you to use local users directory users or both Two configuration options are available using a directory that has been extended with HP Schema Setting up HP schema directory integration on page 142 or using the directory s default schema schema free Setup for Schema free directory integration on page...

Page 45: ...s are installed SSL certificate administration iLO 2 enables you to create a certificate request import a certificate and view certificate administration information associated with a stored certificate Certificate information is encoded in the certificate by the CA and is extracted by iLO 2 By default iLO 2 creates a self signed certificate for use in SSL connections This certificate enables iLO ...

Page 46: ...d automate certificate deployment on iLO 2 servers instead of manually deploying certificates through the browser interface For more information see HP Integrated Lights Out Management Processor Scripting and Command Line Resource Guide Two factor authentication Access to iLO 2 requires user authentication This firmware release provides an enhanced authentication scheme for iLO 2 using two factors...

Page 47: ...cation is enabled Configuration of the Certificate Owner Field depends on the version of directory support used the directory configuration and the certificate issuance policy of your organization If SAN is specified iLO 2 extracts the User Principle Name from the Subject Alternative Name attribute and then uses the User Principle Name when authenticating with the directory for example username do...

Page 48: ...ror To resolve the error the client certificate must be registered on the client machine For more information on exporting and registering client certificates see the documentation for your smart card or contact your certificate authority 20 Select the certificate that was added to the user in iLO 2 Click OK 21 If prompted to do so insert your smart card or enter your PIN or password After complet...

Page 49: ...print A certificate has NOT been mapped to this user appears with a button that starts the certificate import process To set up a user for two factor authentication and add a user certificate 1 Log in to iLO 2 using an account that has the Configure iLO 2 Settings privilege 2 Click Administration User Administration Select a user 3 Click View Modify 4 Under the User Certificate Information section...

Page 50: ...directory user s login name Which client certificate attribute iLO 2 uses is determined by the Certificate Owner Field configuration setting on the Two Factor Authentication Settings page If Certificate Owner Field is set to SAN iLO 2 obtains the directory user s login name from the UPN attribute of the SAN If the Certificate Owner Field setting is set to Subject iLO 2 obtains the directory user s...

Page 51: ...Two Factor Authentication Settings page causes authentication to fail because the subject of the certificate is not the distinguished name for the user in the directory When authenticating using the HP Extended Schema method HP recommends selecting the SAN option on the Two factor Authentication Settings page Directory settings iLO 2 connects to Microsoft Active Directory Novell e Directory and ot...

Page 52: ...tion if the directory has been extended with HP schema and you plan to use it Use Directory Default Schema Selects directory authentication and authorization using user accounts in the directory Select this option if the directory is not extended with HP schema User accounts and group memberships are used to authenticate and authorize users After entering the directory network information click Ad...

Page 53: ...Object Password If you alter the LOM Object Password reenter the new password in this field User Login Search Contexts enables you to specify common directory subcontexts so that users do not need to enter their full distinguished name at login You can identify all objects listed in a directory using their unique distinguished names However distinguished names can be long and users might not know ...

Page 54: ...to the server and evaluating user privileges as they would be evaluated during a normal login While the tests are running the page periodically refreshes At any time during test execution you can stop the tests or manually refresh the page Consult the help link on the page for test details and actions in the event of trouble Encryption iLO 2 provides enhanced security for remote management in dist...

Page 55: ...yption settings through the CLP or RIBCL see the HP Integrated Lights Out Management Processor Scripting and Command Line Resource Guide Connecting to the iLO 2 using AES 3DES encryption After enabling the Enforce AES 3DES Encryption setting iLO 2 requires you to connect through secure channels web browser SSH or XML port using a cipher strength of at least AES or 3DES To connect to iLO 2 through ...

Page 56: ...ger and available updates see the HP website http www hp com go hpsim HP SIM SSO is a licensed feature available with the purchase of optional licenses For more information see Licensing on page 26 The HP SIM SSO page enables you to view and configure SSO settings through the iLO 2 interface For more information see the section Setting up HP SIM SSO on page 58 You can also access HP SIM SSO config...

Page 57: ...rtificate from a trusted HP SIM Server section Click Import Certificate to request the certificate from the HP SIM server and automatically import it This record supports SSO Trust by Name and SSO Trust by Certificate To prevent any certificate tampering directly import an HP SIM server certificate To directly import an HP SIM server certificate retrieve the HP SIM certificate date using one of th...

Page 58: ...d You can configure iLO 2 privileges for each role in the Single Sign On Settings section For more information about each privilege see the section User administration on page 28 Using directory based user accounts SSO attempts to receive only the privileges assigned in this section Lights Out directory settings do not apply Default privilege assignments are o User Login only o Operator Login Remo...

Page 59: ...ck the operating system when the window is closed even if additional feature licenses are not installed You can view and configure the Remote Console Computer Lock settings through the Administration or Remote Console tabs in the iLO 2 interface The Remote Console Computer Lock feature is disabled by default To change the Remote Console Computer Lock settings 1 Log in to iLO 2 using an account tha...

Page 60: ...tabs of the Network section enable you to view and modify network settings for iLO 2 Only users with the Configure iLO 2 Settings privilege can change these settings Users that do not have the Configure iLO 2 Settings privilege can view the assigned settings To change network settings for iLO 2 1 Log in to iLO 2 using an account that has the Configure iLO 2 Settings privilege Click Administration ...

Page 61: ...he DHCP DNS Settings page for convenience Changing the value on either page changes the DHCP setting IP Address is the iLO 2 IP address If DHCP is used the iLO 2 IP address is automatically supplied If not enter a static IP address The IP Address field appears on the DHCP DNS page for convenience Entering values in the field on either page changes the IP address of the iLO 2 Subnet Mask is the sub...

Page 62: ...ular network traffic and network traffic intended for iLO 2 pass through the system NIC iLO 2 provides support for servers that might not have an iLO 2 Dedicated Management NIC On servers using the iLO 2 Dedicated Management NIC the standard hardware configuration provides iLO 2 network connectivity only through the iLO 2 Shared Network Port connection iLO 2 detects the lack of an iLO 2 Dedicated ...

Page 63: ...bility feature The Shared Network Port is intended to allow managed network port consolidation The use of this feature can create a single failure point that is if the port fails or is unplugged both the host and iLO 2 become unavailable to the network Enabling the iLO 2 Shared Network Port feature The iLO 2 Shared Network Port feature is disabled by default This feature can be enabled through and...

Page 64: ...and command line reference guide scripting must be used to re enable the iLO 2 Dedicated Management NIC Re enabling iLO 2 through RBSU requires that the system be rebooted To re enable the iLO 2 Dedicated Management NIC using RBSU 1 Connect the iLO 2 dedicated management NIC port to a LAN from which the server is managed 2 Reboot the server 3 When prompted during POST press the F8 key to enter iLO...

Page 65: ...ess is automatically supplied If not enter a static IP address The IP Address field appears on the Network Settings page for your convenience Changing the value on either page changes the IP address of iLO 2 Domain Name is the name of the domain where the iLO 2 subsystem resides This name is assigned by DHCP if DHCP is enabled Enabling DHCP allows you to configure the following DHCP options o Use ...

Page 66: ... the IP addresses of the WINS servers If supplied by the DHCP server these fields are automatically populated Otherwise enter the IP addresses manually Static Route 1 Static Route 2 and Static Route 3 destination gateway are the network destination gateway addresses Enter up to three network destination gateway routing pairs SNMP Insight Manager settings The Management option of the Administration...

Page 67: ...ight Manager Settings screen appears 2 Click Send Test Alert in the Configure and Test SNMP Alerts section to generate a test alert and send it to the TCP IP addresses saved in the SNMP Alert Destinations fields 3 After generating the alert a confirmation screen appears 4 Check the HP SIM console for receipt of the trap SNMP generated trap definitions You can generate the following SNMP traps on B...

Page 68: ... is generated when the iLO 2 management processor was asked to transmit a Host SNMP passthrough alert and the management processor was unable to transmit the original SNMP alert iLO 2 attempts to transmit this generic alert in order to notify the SNMP management console that an alert intended to be transmitted from the host system was not transmitted Configuring Insight Manager integration The Ins...

Page 69: ...al deployment of an entire enclosure or the subsequent deployment of blades within an existing enclosure While the preferred method for assigning IP addresses to the iLO 2 in each blade server is through DHCP and DNS these protocols are not always available on nonproduction networks For example after configuring Static IP Bay configuration for the blade in bay 1 subsequent blade additions to the e...

Page 70: ...erver blade This connection enables the static IP 192 168 1 1 for the iLO 2 Web interface 3 Configure the enclosure setting Using the iLO 2 Web interface select the BL p Class tab to access the Enclosure Static IP Settings The BL p Class tab provides a user interface for configuring the enclosure level static IP addresses 4 Select a reasonable starting IP address with the last digit s of the addre...

Page 71: ...ess Bay 16 Assigns the ending IP address All IP addresses must be valid addresses Subnet Mask Assigns the subnet mask for the default gateway This field may be filled in if either Static IP Bay Configuration or DHCP is enabled The entire IP address range must conform to the subnet mask Gateway IP Address Assigns the IP address of the network router that connects the Remote Insight subnet to anothe...

Page 72: ...through the server blade I O port while the blade is in the rack This method requires you to connect the local I O cable to the I O port and a client PC Using the static IP address listed on the I O cable label and the initial access information on the front of the server blade you can access the server blade through iLO 2 through its standard Web browser interface Although any blade can be used f...

Page 73: ...bling you to specify the IP addresses for other iLO 2s in the enclosure After you click Next you are prompted to verify that you want to use DHCP for this iLO 2 IP address Enable DHCP No and Enable Static IP Bay Configuration Yes This configuration causes the iLO 2 being configured to set its IP address according to the settings specified through the Static IP Bay Configuration Clicking Next displ...

Page 74: ...rs After the applet is available you can change the selected drive or select other options not available on the installation wizard page Install Software screen This step of the installation wizard enables you to launch the Remote Console and install the operating system To start the operating system installation process Click Launch Software Installation to launch the Remote Console iLO 2 automat...

Page 75: ...mask for the iLO 2 Diagnostic Port By default the subnet mask is 255 255 255 0 for all iLO 2 Diagnostic Ports o The use of the Diagnostic Port is automatically sensed when an active network cable is plugged in to it When switching between the diagnostic and back ports you must allow 90 seconds for the network switchover to complete before attempting connection through the web browser NOTE The diag...

Page 76: ...rmation includes Server Name Displays the name of the server and is a link to Administration Options Access UUID Displays the ID of the server Server Serial Number Product ID Displays the serial number of the server which is assigned when the system is manufactured You can change this setting using the system RBSU during POST Product ID distinguishes between different systems with similar serial n...

Page 77: ... blinking the tag is removed The UID is not supported on the HP ProLiant ML310 G3 Last Used Remote Console Displays the previously launched remote console and its availability which enables you to quickly launch your preferred Remote Console You can use the Remote Console if it is available and you have the appropriate user privilege You can pick a different console by following the Last Used Remo...

Page 78: ...the location temperature below the caution threshold If the temperature exceeds the caution threshold the fan speed is increased to maximum VRMs Displays VRM status A VRM is required for each processor in the system The VRM adjusts the power to meet the power requirements of the processor supported A failed VRM prevents the processor from being supported and should be replaced Power Supplies Displ...

Page 79: ...ature exceeds the fatal threshold the server is immediately turned off to prevent permanent damage Monitoring policies differ depending on server requirements Policies usually include increasing fan speed to maximum cooling logging the temperature event in the IML log providing visual indication of the event using LED indicators and starting a graceful shutdown of the operating system to avoid dat...

Page 80: ...in DHCP environments as well as recording account name computer name and IP address When login attempts fail iLO 2 also generates alerts and sends them to a remote management console Events logged by higher versions of iLO 2 firmware might not be supported by earlier versions If an event is logged by an unsupported firmware the event is listed as UNKNOWN EVENT TYPE You can clear the event log to e...

Page 81: ...normal Automatic shutdown started Automatic shutdown cancelled Diagnostics The Diagnostics option on the System Status tab displays the Server and iLO 2 Diagnostics screen The Server and iLO 2 Diagnostic screen displays iLO 2 self test results and provides options to generate an NMI to the system and to reset iLO 2 NOTE When connected through the Diagnostics Port the directory server is not availa...

Page 82: ...All tested subsystems should display Passed under normal circumstances Each test displays one of three results Passed Fault or N A The status of these self tests is indicated by the test results and is intended to identify problem areas If a Fault test condition is indicated follow information noted on the screen The specific tests that are run is system dependant Not all tests are run on all syst...

Page 83: ...nformation page provides access links to the different remote console access options After deciding which console option you want to use click the appropriate link iLO 2 provides the following remote console access options Integrated Remote Console Integrated Remote Console option on page 88 Provides access to the system KVM allowing control of Virtual Power and Virtual Media from a single console...

Page 84: ...Advanced license to use the text based console after POST ESX consoles in particular ESX console 1 do not fully support iLO 2 Remote Console and Integrated Remote Console ESX does not support Remote Serial Console iLO 2 blades ship with the iLO 2 Standard Blade Edition which includes the Remote Console However the HP ProLiant ML and HP ProLiant DL models ship with the iLO Standard license which do...

Page 85: ...Fault Console Capture enables you to capture console video to internal buffers of any boot and fault sequences Internal buffer space is limited to the capture of the most recent boot or fault sequence Buffer space is limited The more dynamic and the higher the graphical resolution of the server console the less amount of data that can be stored in the buffer Select which type of video to capture u...

Page 86: ...up to six multiple key combinations assigned to each hot key When a hot key is pressed in the Remote Console on client systems the defined key combination all keys pressed at the same time are transmitted in place of the hot key to the remote host server To access AltGr symbols on international keyboards use hot keys to define these symbols For a list of support hot keys see the section Supported ...

Page 87: ...lable to combine in a Remote Console hot key sequence ESC F12 o L_ALT Space p R_ALT q L_SHIFT r R_SHIFT s INS t DEL u HOME v END w PG UP x PG DN _ y ENTER a z TAB b BREAK c F1 d F2 0 e F3 1 f F4 2 g L_CTRL F5 3 h R_CTRL F6 4 i NUM PLUS F7 5 j NUM MINUS F8 6 k SCRL LCK F9 7 l BACKSPACE F10 8 m SYS RQ F11 9 n ...

Page 88: ... operation Integrated Remote Console Fullscreen Integrated Remote Console Fullscreen allows you to re size the IRC to the same display resolution as the remote host To return to your client desktop exit the console Integrated Remote Console Fullscreen causes your client to resize to the same resolution as the remote server Integrated Remote Console Fullscreen attempts to pick the best client displ...

Page 89: ...Integrated Remote Console Fullscreen display a menu bar and buttons rendered on the screen The menu bar has the following options Remote Console Replay play icon Displays the Replay Menu dialog if Boot Fault Console Capture is enabled or starts the Open File dialog box if Boot Fault Console Capture is not enabled o Replay Current BOOT buffer and Replay Current FAULT buffer Enables you to transfer ...

Page 90: ...e appears when playback is complete Click Close to exit the Replay Console and display the Remote Console menu bar Record camera icon Enables you to manually record current server console video Press Record to display a Save dialog box enabling you to specify the file name and the location to save the current recording session During a recording session Record will appear depressed and change to g...

Page 91: ...ows configurations the mouse acceleration must be set correctly for remote console mouse to behave properly SLES 9 Determine which mouse device is the Remote Console mouse by using the xsetpointer l command to list all mice 1 Determine which mouse you want to modify by cross referencing the output of xsetpointer with the X configuration either etc X11 XF86Config or etc X11 xorg conf 2 Select the r...

Page 92: ...he local mouse and remote mouse get out of alignment while you are using the High Performance Mouse feature you can use the right Ctrl key to realign them Alternatively you can use the Java Remote Console instead of Integrated Remote Console The High Performance Mouse option alleviates all mouse synchronization issues on supported host operating systems You can select this mode on the Remote Conso...

Page 93: ...ion leader control messages If the session host starts to view captured video data during a shared session the video is displayed on all satellite Remote Console sessions Using Console Capture Console Capture is a Remote Console feature that enables you to record and replay a video stream of events such as booting ASR events and sensed operating system faults You can also manually start and stop t...

Page 94: ...LO Video Player you must have a Microsoft Windows 2000 Windows XP or Windows Vista operating systems and Internet Explorer version 6 or later installed on your system iLO Video Player user interface When you launch HP iLO Video Player the user interface appears and serves as the control point for all playback functions iLO Video Player menu options File o Open Opens a video capture file o Exit Clo...

Page 95: ...ile If no file is selected the button is disabled Seek Moves the playback video forward or backward If no file is selected the button is disabled Change Speed Changes the playback speed of the currently selected file The available playback speeds are 1x 2x 4x 8x and 16x The speeds are cycled through with successive presses in the following order 2x 4x 8x 16x and 1x If no file is selected the butto...

Page 96: ...bled Only one acquire command is allowed every five minutes for all users If another user has recently acquired the Remote Console clicking the Acquire button can result in a page informing you that the five minute acquire disabled period is in effect Close the window and re launch Remote Console again The Acquire button is disabled in the new page until the acquire disable period expires When the...

Page 97: ...air cursor to align with the mouse cursor of the remote server The local cursor takes the shape of the remote cursor The cursor appears as a single cursor if the local cursor and the remote cursor are perfectly aligned and the hardware acceleration is set to Full on the managed server Remote Console features and controls The Remote Console applet contains buttons that provide iLO 2 with enhanced f...

Page 98: ...m used NOTE To display the entire host server screen on the client Remote Console applet set the server display resolution less than or equal to that of the client Microsoft Windows Server 2003 settings To optimize performance set the server Display Properties to plain background no wallpaper pattern and set the Server Mouse Properties to Disable Pointer Trails Red Hat Linux and SUSE Linux server ...

Page 99: ...ogin session to the Linux operating system through the serial port A non licensed iLO 2 cannot use Remote Console access after the server completes POST and begins to load the operating system To use Remote Console and iLO Text Console after POST you must have an iLO 2 Advanced or iLO 2 Advanced for BladeSystem Text based console after POST The iLO 2 Text Console after POST feature is a text based...

Page 100: ...You can use the textcons speed option to indicate in milliseconds the between sampling periods A sampling period is where the iLO 2 firmware examines screen changes and updates the iLO 2 Text Console Adjusting the speed can alleviate unnecessary traffic on long or slow network links reduce the bandwidth used and reduce iLO 2 CPU time consumed Reasonable values are between 1 and 5000 1ms to 5 secon...

Page 101: ...s To use special key sequences that you cannot duplicate in the remote console client the Remote Console hot keys configured for Remote Console operate in iLO 2 Text Console For more information see Remote Console hot keys on page 86 Configuring character mapping In general under the ASCII character set CONTROL ASCII characters than 32 are not printable and cannot be displayed These characters may...

Page 102: ...configure a hot key for the keyboard combination For more information see Remote Console hot keys on page 86 Virtual serial port and remote serial console The management processor contains serial port hardware that can replace the physical serial port on the server s motherboard Using an electronic switch the iLO 2 firmware disconnects the server s physical serial port and commands its own serial ...

Page 103: ...ProLiant server serial port Windows EMS console Linux user session through serial tty ttyS0 System POST dialog if BIOS serial console redirection is enabled The current configuration is displayed on the Remote Console Information page when you click the Remote Console tab You can alter the current settings using the host system RBSU accessed during a server reset Configuring Remote Serial Console ...

Page 104: ...gure GRUB to use the Remote Serial Console modify the GRUB configuration file to look like the following Red Hat Linux 7 2 sample shown serial unit 0 speed 115200 terminal timeout 10 serial console default 0 timeout 10 splashimage hd0 2 grub splash zpm gz title Red Hat Linux 2 4 18 4smp root hd0 2 kernel vmlinuz 2 4 18 4smp ro root dev sda9 console tty0 console ttyS0 115200 initrd initrd 2 4 18 rs...

Page 105: ...ation on using the EMS features refer to the Windows Server 2003 documentation Virtual serial port raw mode You can use the virtual serial port capability of iLO 2 to connect a Windows Kernel Debugger from a remote client using WiLODbg exe WiLODbg exe bypasses the decoding of bytes by the iLO 2 firmware After bypassing the decoding of bytes the virtual serial port is in RAW mode unprocessed and se...

Page 106: ...lish the remote serial connection Using a remote Windows Kernel Debugger To start a Windows Kernel Debugger you must launch the WiLODbg exe utility on a client system that has Microsoft WinDBG exe or KD exe installed and then reboot the remote server into debug mode to attach the debugger WiLODbg automatically launches WinDBG exe or KD exe For example WiLODbg IP Address c CommandLine e k p Passwor...

Page 107: ...g on page 26 for more information The ability to use iLO 2 Virtual Media is granted or restricted through iLO 2 user privileges You must have the Virtual Media privilege to select a virtual media device and connect it to the host server The iLO 2 Virtual Media option provides you with a Virtual Floppy disk drive and CD DVD ROM drive which can direct a remote host server to boot and use standard me...

Page 108: ...t tab 7 Clear the Allow the computer to turn off this device to save power check box iLO 2 Virtual Floppy USBKey The iLO 2 Virtual Floppy disk is available at server boot time for all operating systems Booting from the iLO 2 Virtual Floppy enables you to upgrade the host system ROM deploy an operating system from network drives and perform disaster recovery of failed operating systems among other ...

Page 109: ...rom the host server or close the applet NOTE The Virtual Media applet must remain open in your browser as long as you continue to use a Virtual Media Device iLO 2 Virtual Floppy USBKey is available to the host server at run time if the operating system on the host server supports USB floppy or key drives Refer to Operating System USB Support on page 110 for information on which operating systems s...

Page 110: ...e then click Apply After disabling Protected Mode you must close all open browser instances and restart the browser NetWare 6 5 NetWare 6 5 supports the use of USB diskette and key drives See Mounting USB Virtual Floppy USBKey in NetWare 6 5 on page 110 for step by step instructions Red Hat and SUSE Linux Linux supports the use of USB diskette and key drives See Mounting USB Virtual Media USBKey i...

Page 111: ...d the USB drivers using the following commands modprobe usbcore modprobe usb storage modprobe usb ohci 5 Load the SCSI disk driver using the following command modprobe sd_mod 6 Mount the drive o To mount the diskette drive use the following command mount dev sda mnt floppy t vfat o To mount the USB key drive use the following command mount dev sda1 mnt keydrive NOTE Use the man mount command for a...

Page 112: ...ed operating systems among other tasks If the host server operating system supports USB mass storage devices then the iLO 2 Virtual CD DVD ROM is also available after the host server operating system loads You can use the iLO 2 Virtual CD DVD ROM when the host server operating system is running to upgrade device drivers install software and perform other tasks Having the Virtual CD DVD ROM availab...

Page 113: ...st server supports USB floppy drives Refer to Operating system USB support on page 110 for information on which operating systems support USB mass storage at the time of the publication of this manual iLO 2 Virtual Media CD DVD ROM appears to your operating system just like any other CD DVD ROM When using iLO 2 for the first time the host operating system may prompt you to complete a New Hardware ...

Page 114: ... Linux 1 Access iLO 2 through a browser 2 Select Virtual Media in the Virtual Devices tab 3 Select the CD DVD ROM to be used and click Connect 4 Mount the drive using the following command mount dev cdrom1 mnt cdrom1 For SLES 9 mount dev scd0 media cdrom1 Creating iLO 2 disk image files The iLO 2 virtual media feature enables you to create diskette and CD ROM image files within the same applet Cre...

Page 115: ...le are not replicated in the mounted folder Virtual Folder is a licensed feature available with the purchase of iLO 2 Advanced or iLO 2 Select The virtual folder feature enables you to access browse and transfer files from a client to a managed server The virtual folder feature supports the ability to mount and dismount a directory on a local or networked directory that is accessible through the c...

Page 116: ...ilege Some of the power control options do not gracefully shut down the operating system An operating system shutdown should be initiated using the Remote Console before using the Virtual Power Button options The following options are available Momentary Press button provides behavior identical to pressing the physical power button Press and Hold is identical to pressing the physical power button ...

Page 117: ... The Power Regulator for ProLiant feature enables iLO 2 to dynamically modify processor frequency and voltage levels based on operating conditions to provide power savings with minimal effect on performance Processors that support this feature have predefined voltage and frequency states known as p states The software can dynamically switch the processor from one p state to another P 0 is the high...

Page 118: ...ower Cap Setting enables you to set a power cap on the server After a power cap is set the average power reading of the server over time should be at or below the cap value You can set the power cap by entering either a watt or Btu hr value click Show values in Btu hr or a percentage The percentage refers to the difference between the maximum and idle power values The cap value cannot be set below...

Page 119: ...he Power Meter Readings page has two sections Power Meter Readings and 24 Hour History The Power Meter Readings section displays the following The data graph displays the power usage of the server over the previous 24 hours iLO 2 collects power usage information from the server every 5 minutes For each five minute interval the peak and average power usage is stored in a circular buffer These two v...

Page 120: ...h to update the p state data graph You must have the Configure iLO 2 Settings privilege to view the Power Regulator for ProLiant Data page Power Regulator for ProLiant Data is a licensed feature available with the purchase of optional licenses For more information see Licensing on page 26 To access the Power Regulator for ProLiant Data page click Power Management Processor States The Power Regulat...

Page 121: ...er output of the primary supplies the secondary supplies return to normal operation out of step down mode When the power use drops below 60 capacity of the primary supplies the secondary supplies return to step down mode HEM enables you to achieve power consumption equal to the maximum power output of the primary and the secondary supplies while maintaining improved efficiency at lower power usage...

Page 122: ...es Security Options Shutdown Allow system to be shut down without having to log on to Enabled ProLiant BL p Class Advanced management iLO 2 Advanced is a standard component of ProLiant BL p Class server blades that provides server health and remote server blade manageability Its features are accessed from a network client device using a supported Web browser In addition to other features iLO 2 Adv...

Page 123: ...iagnostic station or to the Documentation CD o Through the server blade rear panel connectors out of the rack with the diagnostic station This method enables you to configure a server blade out of the rack by powering the blade with the diagnostic station and connecting to an existing network through a hub The IP address is assigned by a DHCP server on a network The BL p Class tab enables you to c...

Page 124: ...ration takes a few moments If the rack view information cannot be properly obtained an error message appears in place of the rendered components The Refresh button can be used to make another attempt to obtain the proper rack view data Rack View functionality requires version 2 10 or later of the Server Blade and Power Management Module firmware to display correctly Blade configuration and informa...

Page 125: ...vailable including the name and serial number A basic set of information is available for the enclosures that do not contain the blade that you are logged into This information includes the name serial number and enclosure type An advanced set of details is available for the enclosure that contains the bay you are logged into These details include the following Name Serial number Enclosure type Fi...

Page 126: ...fields are available Rack name Rack serial number Enclosure name Enclosure serial number Enclosure type Firmware revision Hardware revision Load balance wire Enclosure temperature Enclosure temperature side A and B Management Module UID Certain fields can be changed and updated by clicking the Apply button Network component information Network component information displays the status of the patch...

Page 127: ...basis Reporting of blade infrastructure status by iLO 2 does not require operating system support The alerts traps originate from the Enclosure Manager and Power Supply Manager and are transmitted to iLO 2 iLO 2 p Class firmware forwards infrastructure alerts as SNMP traps to a correctly configured management console These alerts allow the monitoring of p Class alerts to take place in an SNMP mana...

Page 128: ...ay IP addressing During completion of the First Time Setup Wizard you are asked to set up your enclosure bay IP addressing For more information about the complete wizard setup process see the HP BladeSystem Onboard Administrator User Guide The server blade iLO 2 ports and interconnect module management ports can obtain IP addresses on the management network in three ways DHCP address static IP add...

Page 129: ...t bay and then consecutive bays through the range For example if you set the server bay EBIPA range to 16 100 226 21 to 16 100 226 36 the iLO 2 in device bay 1 will be assigned 16 100 226 21 and the iLO 2 in device bay 12 is assigned 16 100 226 32 If you set the interconnect bay EBIPA range to 16 200 139 51 to 16 209 139 58 the interconnect module management port in interconnect bay 1 will be assi...

Page 130: ... power setting options for c Class server blades see the HP BladeSystem Onboard Administrator User Guide Dynamic power capping is only available if your system hardware platform BIOS ROM and power micro controller firmware version support this feature If your system is capable of performing dynamic power capping iLO 2 automatically functions in Dynamic Power capping mode In Onboard Administrator t...

Page 131: ...tic Power Limit is better in the following cases You do not want caps dynamically adjusted on your server blades You prefer to not power on a server blade if it cannot be allocated full power even if it typically consumes less More than 1 4 of the blades in the enclosure do not meet hardware or firmware requirements for the Enclosure Dynamic Power Cap You do not have redundant AC power supplies Do...

Page 132: ...ne help Web Administration The Web Administration link on the HP Onboard Administrator interface accesses the iLO 2 GUI The System Status page is displayed giving an overview of the health of the server BL p Class and BL c Class features The HP ProLiant BL p Class and ProLiant c Class servers share common features The differences are highlighted in the following table ...

Page 133: ...SBIPC Enclosure authentication to iLO 2 Mutual Not supported Server fan Virtual Physical Blade server information and configuration Unrestricted Restricted Power on override Not supported Supported Front dongle SUV no iLO 2 SUVi Rack management Full support through HP Onboard Administrator Limited support through iLO 2 ...

Page 134: ...ry can be leveraged to support thousands of users on thousands of iLO 2s Security Robust user password policies are inherited from the directory User password complexity rotation frequency and expiration are policy examples Anonymity lack thereof In some environments users share Lights Out accounts which results in the lack of knowing who performed an operation instead of knowing what account or r...

Page 135: ...elp evaluate your directory integration requirements 1 Can you apply schema extensions to your directory o No Are you using Microsoft Active Directory o No Directory integration might not fit your environment Consider deploying an evaluation directory server to assess the benefits of directory integration Yes Use group based schema free directory integration o Yes Proceed to question 2 2 Is your c...

Page 136: ...if you have a domain admin named User1 you can copy the distinguished name of the domain admin security group over to iLO 2 and give it full privileges User1 would then have access to iLO 2 Disadvantages of using schema free directory integration o Supports only Microsoft Active Directory o Group privileges are administered on each iLO 2 However this disadvantage is minimized by group privileges r...

Page 137: ...ng HP ProLiant Lights Out processors with Microsoft Active Directory http h20000 www2 hp com bc docs support SupportManual c00190541 c00190541 pdf Certificate requirements iLO 2 must communicate with the directory using LDAP over SSL This communication requires the directory server to have a certificate Installing the certificate for the domain replicates it throughout the domain controllers in th...

Page 138: ... number 247078 Enabling SSL Communication over LDAP for Windows 2000 Domain Controllers on the Microsoft website http support microsoft com To validate the setup you should have the directory distinguished name for at least one user and the distinguished name of a security group the user is a member of Introduction to certificate services Certificate Services are used to issue signed digital certi...

Page 139: ...te be issued to the server 1 Select Start Run and enter mmc 2 Click Add 3 Select Group Policy and click Add to add the snap in to the MMC 4 Click Browse and select the Default Domain Policy object Click OK 5 Select Finish Close OK 6 Expand Computer Configuration Windows Settings Security Settings Public Key Policies 7 Right click Automatic Certificate Requests Settings and select New Automatic Cer...

Page 140: ...ervers lights out HP recommends using HPLOMIG when configuring many LOM processors for directories For more information on using HPLOMIG see HPQLOMIG directory migration utility on page 173 Schema free setup options Setup options are the same regardless of which method browser HPQLOMIG or script you use to configure the directory After enabling directories and selecting the Schema free option you ...

Page 141: ...ma free nested groups Many organizations have users and administrators arranged into groups Having this arrangement of existing groups is convenient because you can associate them with one or more Integrated Lights Out Management role objects When the devices are associated with the role objects you can use the administrator controls to access the Lights Out devices associated with the role by add...

Page 142: ...p directory services To successfully enable directory enabled management on any Lights Out management processor 1 Plan Review the following sections o Directory services on page 134 o Directory services schema on page 213 o Directory enabled remote management on page 166 2 Install a Download the HP Lights Out Directory Package containing the schema installer the management snap in installer and th...

Page 143: ...G directory migration utility on page 173 The migration utilities are included in the HP Lights Out Directory Package Version 1 13 of the Directories Migration Utility allows Lights Out import and export and supports different user credentials for each Lights Out processor Schema documentation To assist with the planning and approval process HP provides documentation on the changes made to the sch...

Page 144: ...troller that hosts Windows Server 2008 Core Windows Server 2008 Core does not use a GUI for security and performance reasons To use the schema installer you must install a GUI on the domain controller or use a domain controller that hosts an earlier version of Windows Schema installer Bundled with the schema installer are one or more xml files These files contain the schema that will be added to t...

Page 145: ...and to set the computer name and the port to be used for LDAP communications IMPORTANT Extending the schema on Active Directory requires that the user be an authenticated Schema Administrator that the schema is not write protected and the directory is the FSMO role owner in the tree The installer will attempt to make the target directory server the FSMO Schema Master of the forest To get write acc...

Page 146: ...on to be used If selected directory authentication using SSL is used If not selected and Active Directory is selected Windows NT authentication is used If not selected and eDirectory is selected the administrator authentication and the schema extension will proceed using an unencrypted clear text connection Results The Results screen displays the results of the installation including whether the s...

Page 147: ...ter or iLO v1 00 or later iLO 2 advanced features must be licensed You can evaluate iLO Advanced with a free evaluation license key that you can download from the HP website http h10018 www1 hp com wwsolutions ilo iloeval html Directory Services for iLO 2 uses LDAP over SSL to communicate with the directory servers Before installing snap ins and schema for Active Directory read and have available ...

Page 148: ...access the Directory Settings page Click Administration Security Directory 8 Enter the Directory Settings for your directory 9 Enter the Directory User Context 10 Click Administration Network DHCP DNS and in Domain Name and Primary DNS server modify the settings for your environment The LDAP component does not work with a Windows Server 2008 core installation Directory services preparation for Act...

Page 149: ...ant to use 6 Download the Smart Component which contains the installers for the schema extender and the snap ins The Smart Component can be downloaded from the HP website http www hp com servers lights out 7 Run the schema installer application to extend the schema which extends the directory schema with the proper HP objects The schema installer associates the Active Directory snap ins with the n...

Page 150: ...created called Roles and RILOES 1 Use the HP provided Active Directory Users and Computers snap ins to create Lights Out Management objects in the RILOES organizational unit for several iLO 2 devices a Right click the RILOES organizational unit found in the testdomain local domain and select NewHPObject b Select Device in the Create New HP Management Object dialog box c Enter an appropriate name i...

Page 151: ... server administration and will be called remoteAdmins Click OK d Repeat the process creating a role for remote server monitors called remoteMonitors 3 Use the HP provided Active Directory Users and Computers snap ins to assign the roles rights and associate the roles with users and devices a Right click the remoteAdmins role in the Roles organizational unit in the testdomain local domain and sele...

Page 152: ...d Device Following the preceding examples if a user is in both the remoteAdmins and remoteMonitors roles they will have all the rights because the remoteAdmins role has those rights To configure iLO 2 and associate it with a Lights Out Management object used in this example use settings similar to the following on the Directory Settings screen RIB Object DN cn rib email server ou RILOES dc testdom...

Page 153: ...reate iLO 2 and role objects Add users to the role objects Set the rights and restrictions of the role objects Active Directory snap ins The following sections discuss the additional management options available within Active Directory Users and Computers after the HP snap ins have been installed HP Devices The HP Devices tab is used to add the HP devices to be managed within a role Clicking Add e...

Page 154: ...se to the specific user you want to add Highlighting an existing user and clicking Remove removes the user from the list of valid members Active Directory role restrictions The Role Restrictions subtab allows you to set login restrictions for the role These restrictions include Time restrictions IP network address restrictions o IP mask o IP range o DNS name ...

Page 155: ...fault setting is to allow access at all times Enforced client IP address or DNS name access Access can be granted or denied to an IP address IP address range or DNS names 1 In the By Default dropdown menu select whether to Grant or Deny access from all addresses except the specified IP addresses IP address ranges and DNS names 2 Select the addresses to be added select the type of restriction and c...

Page 156: ... available rights are Login This option controls whether users can log in to the associated devices Remote Console This option enables the user access to the Remote Console Virtual Media This option enables the user access to the iLO 2 virtual media functionality Server Reset and Power This option enables the user access to the iLO 2 Virtual Power button to remotely reset the server or power it do...

Page 157: ...the following technical information documents available at Novell Support http support novell com Installing Directory Services for iLO 2 requires extending the eDirectory schema Extending the schema must be completed by an Administrator TID10066591 Novell eDirectory 8 6 NDS compatibility TID10057565 Unknown objects in a mixed environment TID10059954 How to test whether LDAP is working correctly T...

Page 158: ...cts in the hp devices organizational units for several iLO 2 devices using the HP provided ConsoleOne snap ins tool a Right click the hp devices organizational unit found in the region1 organizational unit and select New Object b Select hpqTarget from the list of classes and click OK c Enter an appropriate name and surname in the New hpqTarget page In this example the DNS host name of the iLO 2 de...

Page 159: ...process creating a role for remote server monitors named remoteMonitors in roles in region1 and a remoteAdmins and a remoteMonitors role in roles in region2 4 Assign rights to the role and associate the roles with users and devices using the HP provided ConsoleOne snap ins tool a Right click the remoteAdmins role in the roles organizational unit in the region1 organizational unit and select Proper...

Page 160: ...ich the user is a member and in which the LOM device is a managed device Following the preceding examples if a user is in both the remoteAdmins and remoteMonitors roles they will have all the rights because the remoteAdmins role has those rights To configure a LOM device and associate it with a LOM object used in this example use settings similar to the following on the Directory Settings page NOT...

Page 161: ... the relationships between the managed device and user or groups already contained within the directory service Role managed devices The Role Managed Devices subtab under the HP Management tab is used to add the HP devices to be managed within a role Clicking Add allows you to browse to the specific HP device and add it as a managed device ...

Page 162: ...to browse to the specific user you want to add Highlighting an existing user and clicking Delete removes the user from the list of valid members eDirectory Role Restrictions The Role Restrictions subtab allows you to set login restrictions for the role These restrictions include Time restrictions IP network address restrictions o IP mask o IP range ...

Page 163: ...ess at all times Enforced client IP address or DNS name access Access can be granted or denied to an IP address IP address range or DNS names 1 In the By Default dropdown menu select whether to Allow or Deny access from all addresses except the specified IP addresses IP address ranges and DNS names 2 Select the addresses to be added select the type of restriction and click Add 3 In the Add New Res...

Page 164: ...w be made members of the role giving the users or group of users the rights granted by the role Rights are managed on the Lights Out Management Device Rights subtab of the HP Management tab The available rights are Login This option controls whether users can log in to the associated devices Login access can be used to create a user who is a service provider and who receives alerts from iLO 2 but ...

Page 165: ... accepts all of the following Directory users LDAP Fully Distinguished Names Example CN John Smith CN Users DC HP DC COM or HP com NOTE The short form of the login name by itself does not tell the directory which domain you are trying to access You must provide the domain name or use the LDAP distinguished name of your account DOMAIN user name form Active Directory Only Example HP jsmith username ...

Page 166: ...igured with the appropriate directory settings Refer to Configuring directory settings on page 52 for details on the specific directory settings In general you can configure each device with the appropriate directory server address LOM object distinguished name and any user contexts The server address is either the IP address or DNS name of a local directory server or for more redundancy a multi h...

Page 167: ...ing multiple role relationships users receive all the rights assigned by every applicable role Roles can only grant rights never revoke them If one role grants a user a right then the user has the right even if the user is in another role that does not grant that right Typically a directory administrator creates a base role with the minimum number of rights assigned and then creates additional rol...

Page 168: ...to propagate from a parent then members of the parent which have read access privileges will also have access to iLO 2 To view the access control list navigate to Users and Computers open the properties screen for the Role object and select the Security tab For step by step instructions on how to create network and time restrictions on a role refer to Active Directory Role Restrictions on page 154...

Page 169: ...ion to the directory as that user which means that address restrictions placed on the user account apply when accessing the LOM device However because the user is proxied at the LOM device the network address of the authentication attempt is that of the LOM device not that of the client workstation IP address range restrictions IP address range restrictions enable the administrator to specify netw...

Page 170: ... enforced Administrators can place a time restriction on directory user accounts Time restrictions limit the ability of the user to log in authenticate to the directory Typically time restrictions are enforced using the time at the directory server but if the directory server is located in a different time zone or a replica in a different time zone is accessed then time zone information from the m...

Page 171: ... users from addresses outside the corporate network the login right which could unintentionally grant the LOM administrators in the server Reset role the ability to reset the server from anywhere provided they satisfy the time constraints of that role The previous configuration meets corporate security policy However adding another role that grants the login right can inadvertently grant server re...

Page 172: ...RIBCL XML script file to a group of LOM devices to manage those LOM devices The LOM devices perform the actions designated by the RIBCL file and send a response to the CPQLOCFG log file For more information see the HP Integrated Lights Out Management Processor Scripting and Command Line Resource Guide Traditional import utilities Administrators familiar with tools such as LDIFDE or the NDS Import ...

Page 173: ...soft NET Framework For additional information and to download NET framework see the Microsoft website http www microsoft com net The HPQLOMIG utility supports the following operating systems Active Directory o Windows 2000 o Windows Server 2003 Novell eDirectory 8 6 2 o Windows 2000 o Windows Server 2003 HP Lights Out directory package All of the migration software as well as the schema extender a...

Page 174: ...for management processors using DNS names IP addresses or IP address wildcards The following rules apply to the variables entered in the Addresses field DNS names IP addresses and IP address wildcards must be delimited with a semicolon The IP address wildcard uses the character in the third and fourth octet fields For example IP address 16 100 is valid whereas IP address 16 is not Ranges can also ...

Page 175: ... Enter the variables to perform the management processor search in the Addresses field 4 Enter your login name and password and click Find The Find button changes to Verify when the search is complete You can also input a list of management processors by clicking Import The file is a simple text file with one management processor listed per line The fields are delimited with semicolons The fields ...

Page 176: ...on the number of management processors selected The firmware upgrade of a single management processor can take as long as five minutes to complete If an upgrade fails a message appears in the Results column and HPQLOMIG continues to upgrade the other discovered management processors IMPORTANT HP recommends testing the upgrade process and verifying the results in a test environment before running t...

Page 177: ...irmware flash on servers with a TPM chip If a TPM module is present and enabled in the server and Optional ROM measuring is enabled HPLOMIG displays a warning message shown below If you select Yes HPLOMIG will continue with the flash process Otherwise firmware flash on the selected server is skipped This message displays every time a server with a TPM module is detected during firmware flash Selec...

Page 178: ...ices refer to the Configuring directories when HP Extended schema is selected on page 179 section Schema free default schema directories support refer to the Setup for Schema free directory integration on page 138 section Naming management processors This screen enables you to name Lights Out management device objects in the directory and create corresponding device objects for all management proc...

Page 179: ...tional click Clear All Names and rename the management processors 5 After the names are correct click Next Configuring directories when HP Extended schema is selected The Configure Directory screen enables you to create a device object for each discovered management processor and to associate the new device object to a previously defined role For example the directory defines a user as a member of...

Page 180: ...ity To configure the device objects to be associated with a role 1 Enter the network address login name and password for the designated directory server 2 Enter the container distinguished name in the Container DN field or click Browse 3 Associate device objects with a member of a role by entering the role distinguished name in the Role DN field or click Browse 4 Click Update Directory The tool wi...

Page 181: ... are stored until the next page in the wizard Setting up management processors for directories The last step in the migration process is to configure the management processors to communicate with the directory This screen enables you to create user contexts User contexts enable the user to use short or user object names to log in rather than the full distinguished name For example having a user co...

Page 182: ...s to all of the selected management processors and updates their configuration as you have specified HPLOMIG supports configuring 15 user contexts To access the user context fields use the scroll bar When you click Configure HPLOMIG displays the following message The message indicates that all 15 User contexts are applicable to only iLO 2 machines with supported firmware version 1 75 or later For ...

Page 183: ...cessor All iLO 2 devices installed in servers on the network are discovered in HP SIM as management processors The management processors are associated with the servers in which they are installed Grouping of iLO 2 management processors All iLO 2 devices can be grouped together logically and displayed on one page This capability provides access to iLO 2 from one point in HP SIM iLO 2 hyperlinks HP...

Page 184: ...from a trusted HP SIM Server enter the hostname or IP address of the HP SIM Server and click Import Certificate The server is added to the HP SIM trusted servers list on the HP SIM SSO tab 8 Log in to the HP SIM you entered in step 7 and discover this LOM_server_name After completing the discovery process SSO is enabled for this iLO 2 For more information on Discovery tasks see your HP Systems Ins...

Page 185: ... page can display the server the iLO 2 name next to the server and iLO 2 name IN server in the System Name field for iLO 2 Clicking on a status icon for iLO 2 takes you to the iLO 2 Web interface Clicking on the hardware status icon takes you to the Insight Management Agents for the device Clicking on the iLO 2 or server name takes you to the System Page of the device Within the System Page are th...

Page 186: ...plates or hosts files section enter the IP address e Click OK f To add iLO 2 to HP SIM do one of the following Click Save and Run After the discovery process is complete additional queries display the device as a management processor You may need to edit the SNMP read community string for example by changing it to public so that iLO 2 is displayed in the list of monitored systems You can change th...

Page 187: ...on one line in the file 55000 iLO 2 true false com hp mx core tools identification mgmtproc MgmtProcesso rParser Reviewing Advanced Pack license information in HP SIM HP SIM displays the license status of the iLO 2 management processors You can use this information to determine how many and which iLO 2 devices are licensed for the iLO Advanced Pack To view license information click Deploy License ...

Page 188: ...f a runtime error occurs reset iLO 2 A sequential flashing pattern on LEDs 1 2 3 4 5 6 7 and 8 repeating indefinitely indicates iLO 2 has experienced a failed flash firmware upgrade and is in the flash recovery mode Refer to the iLO network flash recovery section for more information The LED indicators have the following assignments HB 7 6 5 4 3 2 1 LED indicator POST code activity completed Descr...

Page 189: ...lternating flashing pattern of the number 99 plus the remainder of the error code FEH code Consistency check Explanation 9902 TXAPICHK An RTOS function was called with an inappropriate value or from an inappropriate caller 9903 TXCONTEXT The saved context of one or more threads has been corrupted 9905 TRAP A stack probe failed the return address is invalid or an illegal trap instruction has been d...

Page 190: ...rap delivery failure IP address Displays when the SMNP trap does not connect to the specified IP address Test SNMP trap alert failed for IP address Displays when the SNMP trap does not connect to the specified IP address Power outage SNMP trap alert failed for IP address Displays when the SNMP trap does not connect to the specified IP address Server reset SNMP trap alert failed for IP address Disp...

Page 191: ...failed three login attempts using the Remote Console port Added User User Displays when a new entry is made to the authorized user list User Deleted by User Displays when an entry is removed from the authorized user list The User section displays the user who requested the removal Event Log Cleared User Displays when the user clears the Event Log Power Cycle Reset User Displays when the power has ...

Page 192: ... from User Displays when there is a login failure for a Virtual Serial Port session Hardware and software link related issues iLO 2 uses standard Ethernet cabling which includes CAT5 UTP with RJ 45 connectors Straight through cabling is necessary for a hardware link to a standard Ethernet hub Use a crossover cable for a direct PC connection The iLO 2 Management Port must be connected to a network ...

Page 193: ... button another window appears The window might appear with the Create and Cancel buttons missing or appear as only text If the window is closed and reopened the buttons eventually appear correctly o When you select an image file in the applet a file select window appears After you select a file the window closes and returns to the regular applet window However the image file area is not updated a...

Page 194: ...the iLO 2 Management Port must be configured with the IP address of the WINS or DDNS server You can use DHCP to configure the DHCP server with the necessary IP addresses You can also enter the IP addresses through RBSU or by selecting Network Settings on the Administration tab The iLO 2 Management Port must be configured to register with either a WINS server or DDNS server These options are turned...

Page 195: ...e same settings for transceiver speed autoselect speed and duplex For example if one side is autoselecting the connection then the other side should as well The settings for the iLO 2 NIC are controlled in the Network Settings screen Inability to connect to the iLO 2 Diagnostic Port If you cannot connect to the iLO 2 Diagnostic Port through the NIC be aware of the following The use of the diagnost...

Page 196: ...ack ports allow one minute for the network switchover to be complete before attempting connection through the browser Inability to log in to iLO 2 after installing the iLO 2 certificate If the iLO 2 self signed certificate is installed permanently into some browsers and the iLO 2 is reset you might not be able to log back in to iLO 2 because iLO 2 generates a new self signed certificate every time...

Page 197: ... authentication with a certificate that has expired or that is not yet valid Check the validity dates of the certificate to verify that this is the cause of the The page cannot be displayed message To correct this problem issue a valid certificate to the user Map the certificate to the local iLO 2 user account if you are authenticating local iLO 2 users and verify the iLO 2 time clock is set corre...

Page 198: ... switch A warning message is displayed on the iLO 2 Web pages indicating that the iLO 2 Security Override switch is currently in use An iLO 2 log entry is added recording the use of the iLO 2 Security Override switch An SNMP alert may also be sent upon setting or clearing the iLO 2 Security Override switch In the unlikely event that it is necessary setting the iLO 2 Security Override switch also e...

Page 199: ...ct must be in the directory Your login name is what appears after the first CN The remainder of the distinguished name should appear in one of the user context fields User contexts are not case sensitive However anything else including spaces are part of the user context Directory user does not logout after the directory timeout has expires If you set the iLO 2 timeout Infinite timeout the remote ...

Page 200: ...mware If a Remote Console session is already open and the Remote Console link is clicked again the Remote Console session will not restart It may appear to the user as if the Remote Console session has frozen For example if the following steps are executed 1 From Client 1 login to iLO 2 and open a remote console session 2 From Client 2 login to iLO 2 and try to open a Remote Console session The me...

Page 201: ...ectly enabled and configured in the host RBSU You can access the Virtual Serial Port using SSH or telnet if enabled You can access the CLP from a host serial session if the UART and Virtual Serial Port share the same settings To access the CLP from a host serial session enter Esc escape left parentheses to switch to the command line interpreter Pop up blocking applications will prevent the Remote ...

Page 202: ...LoadModule dav_module modules mod_dav so and LoadModule dav_fs_module modules mod_dav_fs so You must also enable authentication by loading the LoadModule auth_module modules mod_auth so LoadModule auth_digest_module modules mod_auth_digest so modules If a directory for the DavLock database does not exist then you must create a directory A DAV directory under Apache2 is all that is necessary This d...

Page 203: ... run out of memory if too many IRC sessions are opened at one time Every IRC session requires at least 16 MB of memory for screen buffer space and Virtual Folder can use about 100 MB If a message box appears when starting the IRC not enough memory is available on the client to buffer the screen data For example To correct these types of errors close some IRC sessions or add memory to the client ma...

Page 204: ...establish an IRC session Verify an available telnet connection The iLO 2 IRC client waits a specified amount of time for an IRC connection to be established with iLO 2 If the client server does not receive a response in this amount of time it issues an error message Possible causes for this message include The network response is delayed A shared remote console session is requested but the remote ...

Page 205: ...using the Remote Console under certain conditions of network latency you can register multiple key presses for a single key press See the section Remote Console settings on page 84 for more information Remote Console playback does not work when the host server is powered down When attached to a host server that is powered down Remote Console playback does not operate To access recorded Remote Cons...

Page 206: ...Console you will see a Security Exception Access denied message Terminal Services proxy stops responding Any time iLO 2 is reset such as changing network settings or global settings Terminal Services pass through is unavailable for two minutes from the beginning of the reset iLO 2 requires 60 seconds to complete the reset and POST with a 60 second buffer before continuing After two minutes the sta...

Page 207: ...e text appears correctly Troubleshooting Virtual Media problems The following sections discuss troubleshooting Virtual Media issues Virtual Media applet has a red X and will not display The Virtual Media applet might produce a red X if an unsupported browser or JVM is used or if Enable All Cookies is not enabled To correct this issue ensure you are using a supported browser and JVM on your client ...

Page 208: ...ght intercept keystroke data and not pass the action to the text console When this occurs it appears as if the keystroke did not perform its function To correct this issue disable any SSH terminal short cuts Troubleshooting miscellaneous problems The following sections discuss troubleshooting miscellaneous hardware or software issues Cookie sharing between browser instances and iLO 2 iLO 2 uses br...

Page 209: ...igating using his or her browser window However the browser is now operating using User2 s session cookie settings even though it is not readily apparent If User1 continues to navigate in this mode User1 and User2 sharing the same process because User2 logged in and reset the session cookie the following can occur User1 s session behaves consistently with the privileges assigned to User2 User1 s a...

Page 210: ...fy this quickly by pinging iLO 2 from the management PC Consult your network administrator for proper routes to access the network interface of iLO 2 Incorrect time or date of the entries in the event log You can update the time and date on iLO 2 by running the RBSU This utility automatically sets the time and date on the processor using the server time and date The time and date are also updated ...

Page 211: ...O 2 does not respond to SSL requests when a Java warning appears If a user is logging into an iLO 2 browser connection and does not complete the login process by responding to the Java certificate warning iLO 2 does not respond to future browser requests The user must continue the login process to free the iLO 2 Web server Testing SSL The following test checks for the correct security dialog promp...

Page 212: ... have the ability to reset iLO 2 To reset iLO 2 choose one of the following options Select the Reset iLO 2 option on the HP Management Agent web page under the iLO 2 section Click Apply on the Network Settings page to manually force the iLO 2 management processor to reset You do not need to change any parameters before clicking Apply Click Reset on the Diagnostic page of the iLO 2 browser interfac...

Page 213: ...butes Attribute name Assigned OID hpqPolicyDN 1 3 6 1 4 1 232 1001 1 1 2 1 hpqRoleMembership 1 3 6 1 4 1 232 1001 1 1 2 2 hpqTargetMembership 1 3 6 1 4 1 232 1001 1 1 2 3 hpqRoleIPRestrictionDefault 1 3 6 1 4 1 232 1001 1 1 2 4 hpqRoleIPRestrictions 1 3 6 1 4 1 232 1001 1 1 2 5 hpqRoleTimeRestriction 1 3 6 1 4 1 232 1001 1 1 2 6 Core class definitions The following defines the HP Management core c...

Page 214: ...n 1 3 6 1 4 1 232 1001 1 1 2 6 hpqTargetMembership 1 3 6 1 4 1 232 1001 1 1 2 3 Remarks None hpqPolicy OID 1 3 6 1 4 1 232 1001 1 1 1 3 Description This class defines Policy objects providing the basis for HP products using directory enabled management Class Type Structural SuperClasses top Attributes hpqPolicyDN 1 3 6 1 4 1 232 1001 1 1 2 1 Remarks None Core attribute definitions The following de...

Page 215: ... 2 4 Description A Boolean representing access by unspecified clients which partially specifies rights restrictions under an IP network address constraint Syntax Boolean 1 3 6 1 4 1 1466 115 121 1 7 Options Single Valued Remarks If this attribute is TRUE then IP restrictions will be satisfied for unexceptional network clients If this attribute is FALSE then IP restrictions will be unsatisfied for ...

Page 216: ...ains the identifier is 0x03 followed by the ASCII encoded DNS name DNS names can be prefixed with a ASCII 0x2A to indicate they should match all names which end with the specified string for example the DNS domain acme com is represented as 0x03 0x2A 0x2E 0x61 0x63 0x6D 0x65 0x2E 0x63 0x6F 0x6D General access is allowed hpqRoleTimeRestriction OID 1 3 6 1 4 1 232 1001 1 1 2 6 Description A seven da...

Page 217: ...ghtLogin 1 3 6 1 4 1 232 1001 1 8 2 1 hpqLOMRightRemoteConsole 1 3 6 1 4 1 232 1001 1 8 2 2 hpqLOMRightVirtualMedia 1 3 6 1 4 1 232 1001 1 8 2 3 hpqLOMRightServerReset 1 3 6 1 4 1 232 1001 1 8 2 4 hpqLOMRightLocalUserAdmi n 1 3 6 1 4 1 232 1001 1 8 2 5 hpqLOMRightConfigureSettin gs 1 3 6 1 4 1 232 1001 1 8 2 6 Lights Out Management class definitions The following defines the Lights Out Management ...

Page 218: ... Boolean 1 3 6 1 4 1 1466 115 121 1 7 Options Single Valued Remarks Meaningful only on ROLE objects if TRUE members of the role are granted the right hpqLOMRightRemoteConsole OID 1 3 6 1 4 1 232 1001 1 8 2 2 Description Remote Console Right for Lights Out Management Products Meaningful only on ROLE objects Syntax Boolean 1 3 6 1 4 1 1466 115 121 1 7 Options Single valued Remarks This attribute is ...

Page 219: ... 1 8 2 5 Description Local User Database Administration Right for HP Lights Out Management products Syntax Boolean 1 3 6 1 4 1 1466 115 121 1 7 Options Single valued Remarks This attribute is only used on ROLE objects If this attribute is TRUE members of the role are granted the right hpqLOMRightConfigureSettings OID 1 3 6 1 4 1 232 1001 1 8 2 6 Description Configure Devices Settings Right for HP ...

Page 220: ... Technical Support and Update Service HP iLO Advanced Pack and HP iLO Advanced Pack for Blade System customers benefit from expedited problem resolution and proactive notification and delivery of iLO Advanced and iLO Select software updates For more information go to the HP website http www hp com go ilo select your product and review the Quickspecs To activate your HP Software Technical Support a...

Page 221: ...e available subscribe to Subscriber s Choice http www hp com go subscriberschoice HP contact information For the name of the nearest HP authorized reseller See the Contact HP worldwide in English webpage http welcome hp com country us en wwcontact html For HP technical support In the United States for contact options see the Contact HP United States webpage http welcome hp com country us en contac...

Page 222: ...tocol ASCII American Standard Code for Information Interchange ASM Advanced Server Management ASR Automatic Server Recovery BMC baseboard management controller CA certificate authority CLI Command Line Interface CLP command line protocol CR Certificate Request CRL certificate revocation list DAV Distributed Authoring and Versioning ...

Page 223: ... Distributed Management Task Force DNS domain name system DVO Digital Video Out EAAS Environment Abnormality Auto Shutdown EBIPA Enclosure Bay IP Addressing EMS Emergency Management Services EULA end user license agreement FEH fatal exception handler GNOME GNU Network Object Model Environment GUI graphical user interface HB heartbeat ...

Page 224: ... Configuration utility HPQLOMGC HP Lights Out Migration Command Line HPQLOMIG HP Lights Out Migration ICMP Internet Control Message Protocol iLO Integrated Lights Out iLO 2 Integrated Lights Out 2 IML Integrated Management Log IP Internet Protocol IPMI Intelligent Platform Management Interface IRC Integrated Remote Console IRQ interrupt request ...

Page 225: ...VM keyboard video and mouse LAN local area network LDAP Lightweight Directory Access Protocol LED light emitting diode LOM Lights Out Management LSB least significant bit MAC Media Access Control MLA Master License Agreement MMC Microsoft Management Console MP Multilink Point to Point Protocol MTU maximum transmission unit ...

Page 226: ...nd Report Language PKCS Public Key Cryptography Standards POST Power On Self Test PSP ProLiant Support Pack RAS remote access service RBSU ROM Based Setup Utility RDP Remote Desktop Protocol RIB Remote Insight Board RIBCL Remote Insight Board Command Language RILOE Remote Insight Lights Out Edition RILOE II Remote Insight Lights Out Edition II ...

Page 227: ... Service Agreement Identifier SBIPC Static Bay IP Configuration SLES SUSE Linux Enterprise Server SMASH System Management Architecture for Server Hardware SNMP Simple Network Management Protocol SSH Secure Shell SSL Secure Sockets Layer SSO single sign on SUM software update manager SUV serial USB video TCP Transmission Control Protocol ...

Page 228: ...UART universal asynchronous receiver transmitter UID unit identification USB universal serial bus VM Virtual Machine VPN virtual private networking VRM voltage regulator module WINS Windows Internet Naming Service WS web services XML extensible markup language ...

Page 229: ...ry ASR 81 93 B BL c Class alerts 67 BL c Class tab 128 BL p Class advanced configuration 71 BL p Class blade server 69 122 BL p Class configuration 69 BL p Class enclosure configuration 70 BL p Class iLO 2 configuration screen 73 BL p Class standard configuration 71 BL p Class user requirements 69 BL p Class iLO 2 IP address 72 BL p Class power notification 127 BL p Class server POST tracking 127 ...

Page 230: ...bleshooting 198 directory services verifying 54 directory settings 51 directory settings configuring 52 directory user restrictions 169 170 directory user roles 168 Directory Enabled remote management 150 157 166 183 disk image files 114 207 diskette changing 112 display settings 98 DLL dynamic link library 173 210 DNS domain name system 150 155 157 163 166 169 215 DNS name 62 DNS server 62 DNS se...

Page 231: ...IG HP Lights Out Migration 140 171 173 hpqLOMRightConfigureSettings 219 hpqLOMRightLogin 218 hpqLOMRightRemoteConsole 218 hpqLOMRightServerReset 219 hpqLOMRightVirtualMedia 218 hpqLOMv100 217 hpqPolicy 214 hpqPolicyDN 214 hpqRole 214 hpqRoleIPRestrictionDefault 215 hpqRoleIPRestrictions 215 hpqRoleMembership 215 hpqRoleTimeRestriction 216 hpqTarget 213 hpqTargetMembership 215 I iLO 2 access 33 iLO...

Page 232: ...nabling 64 management processor name troubleshooting 194 management processors 174 177 management processors naming 178 media virtual 107 medium access control MAC 54 80 memory 80 203 Microsoft Management Console MMC 28 134 139 148 211 Microsoft software 134 147 Microsoft support 13 14 migration utilities 173 migration utilities overview 173 MMC Microsoft Management Console 28 134 139 148 211 moun...

Page 233: ...ole sharing 93 remote console text based 98 99 100 102 remote console troubleshooting 195 199 200 201 208 Remote Desktop Protocol RDP 35 36 37 remote hosts 80 86 122 212 Remote Insight Board Command Language RIBCL 16 24 42 45 54 55 88 91 93 140 142 171 210 remote management overview 166 remote management structure 166 remote management directory enabled 166 remote serial console 41 103 remote seri...

Page 234: ...alerts 66 127 186 SNMP settings 66 software installation 74 software supported 14 software troubleshooting 192 SSH Secure Shell 16 33 39 41 45 46 54 55 56 84 98 102 103 105 201 205 206 SSH key authorization 45 SSH key adding 45 SSL certificate administration 45 SSL connection 45 138 145 157 SSL requests iLO 2 response 211 SSL Secure Sockets Layer 12 33 41 45 51 54 135 138 139 140 143 145 147 148 1...

Page 235: ...ing 29 user account deleting 31 user account modifying 31 user accounts 31 44 user certificates two factor authentication 49 user contexts 199 user interface mode 13 user requirements BL p Class 69 user roles 154 155 162 163 167 168 169 170 user settings 44 using Console Capture 93 using the GUI 13 using the web interface 13 V video problems 206 207 virtual CD DVD ROM 112 virtual CD DVD ROM mounti...

Reviews: