HP Integrated Lights-Out 2 Management Processor Scripting and Command Line Resource Guide HP Part Number: 382328-008 Published: July 2011 Edition: 2
© Copyright 2011 Hewlett-Packard Development Company, L.P Notices The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Confidential computer software.
Contents 1 Introduction.............................................................................................10 Overview..............................................................................................................................10 New in this version.................................................................................................................10 HP Insight Control server deployment.....................................................................................
5 Group administration and iLO 2 scripting....................................................47 Lights-Out Configuration Utility.................................................................................................47 Unauthenticated XML query.....................................................................................................47 Query definition in HP SIM......................................................................................................
DELETE_USER....................................................................................................................74 DELETE_USER parameter................................................................................................74 DELETE_USER runtime errors...........................................................................................75 DELETE_CURRENT_USER....................................................................................................
GET_SNMP_IM_SETTINGS return messages.....................................................................97 MOD_SNMP_IM_SETTINGS...............................................................................................97 MOD_SNMP_IM_SETTINGS parameters..........................................................................97 MOD_SNMP_IM_SETTINGS runtime errors......................................................................98 UPDATE_RIB_FIRMWARE...................................................
IMPORT_SSH_KEY...........................................................................................................115 IMPORT_SSH_KEY parameters......................................................................................115 IMPORT_SSH_KEY runtime errors..................................................................................115 MOD_DIR_CONFIG........................................................................................................116 MOD_DIR_CONFIG parameters..........
SET_HOST_POWER_SAVER parameters.........................................................................132 SET_HOST_POWER_SAVER runtime errors......................................................................132 GET_HOST_POWER_REG_INFO.......................................................................................132 GET_HOST_POWER_REG_INFO parameters..................................................................133 GET_HOST_POWER_REG_INFO runtime errors.......................................
GET_SERVER_AUTO_PWR................................................................................................144 GET_SERVER_AUTO_PWR parameters...........................................................................144 GET_SERVER_AUTO_PWR return message.....................................................................144 GET_UID_STATUS............................................................................................................144 GET_UID_STATUS parameters..........................
1 Introduction Overview HP iLO 2 provides multiple ways to configure, update, and operate HP ProLiant servers remotely. The HP Integrated Lights-Out 2 User Guide describe each feature and explain how to use these features with the browser-based interface and RBSU. The HP Integrated Lights-Out Management Processor Scripting and Command Line Resource Guide describes the syntax and tools available to use iLO 2 through a command line or scripted interface.
The IPMI specification defines a standardized interface for platform management.
Templates> Windows Components> Windows Remote Management (WinRM)> WinRM Client. Set Allow Basic authentication to Enabled. Compatibility • WS-Management in iLO 2 are compatible with the Windows Vista WinRM utility, Microsoft Operations Manager 3, and the Management Pack provided by HP. • The full set of WS-Management commands is available on iLO 2 servers that support embedded system health. A greatly reduced subset of these commands is available on servers without embedded systems health support.
2 Command line Command line interface overview HP has worked with key industry partners within Distributed Management Task Force (DMTF), Inc. to define an industry-standard set of commands. DMTF is working on a suite of specifications, Systems Management Architecture for Server, to standardize manageability interfaces for servers. The iLO 2 uses the command set defined in the Server Management Command Line Protocol Specification, 1.00 Draft. The CLP is intended to replace the simple CLI.
The following commands are supported in this release of CLP. The same command set is supported through the serial port, SSH, and Telnet connections. The privilege level of the logged in user is checked against the privilege required for the command. The command is only executed if the privilege levels match. If the serial command line session status is set to Enabled-No Authentication, then all the commands are executed without checking the privilege level.
clients, using the Home or the End key enables the iLO 2 CLP service to remap the Backspace key to use the value 0x7f, making the key functional. In the Windows PuTTy client, the Backspace key can be mapped to a value of 0x8 by changing the setting for Terminal Keyboard to Control-H. Escape commands The escape key commands are short-cuts to popular tasks. • ESC ( – Invokes the serial CLI connection.
If you do not specify a property, then all properties are shown. In the case of the /map1/ firmware1 context, there are two properties available: version and date. If you execute show /map1/firmware1 date, only the date is shown. • create – Creates a new instance of the MAP in the name space. • delete – Removes instances of the MAP in the name space. • load – Moves a binary image from a URL to the MAP. • reset – Causes a target to cycle from enabled to disabled, and then back to enabled.
User commands User commands enable you to view and modify user settings. User settings are located at /map1/accounts1. Targets All local users are valid targets. For example, if there are three local users with the login names Administrator, admin, and test, then valid targets would be: • Administrator • admin • test Properties Property Access Description username read/write Corresponds to the iLO 2 login name. password read/write Corresponds to the password for the current user.
Properties Property Access Description oemhp_ssotrust Read/write The Single Sign-On required trust level. Valid values are disabled, all, name, and certificate. oemhp_ssouser Read/write The privileges associated with the user role. Valid values are login, oemhp_rc, oemhp_power, oemhp_vm, config, admin oemhp_ssooperator Read/write The privileges associated with the operator role. Valid values are login, oemhp_rc, oemhp_power, oemhp_vm, config, admin.
• /map1/dnsserver3 • /map1/dhcpserver1 • /map1/settings1 • /map1/vlan1 Properties, Targets, and Verbs: • dhcpendpt1 Properties • — EnabledState — OtherTypeDescription dnsendpt1 Properties • — EnabledState — HostName — DomainName — OtherTypeDescription gateway1 Properties • — AccessInfo — AccessContext dnsserver1 Properties — AccessInfo — AccessContext Verbs • ◦ cd ◦ version ◦ exit ◦ show ◦ set dnsserver2 Properties • ◦ AccessInfo ◦ AccessContext dnss
• dhcpserver1 Properties • ◦ AccessInfo ◦ AccessContext settings1 Targets — DNSSettings1 Properties – DNSServerAddress – RegisterThisConnection – DomainName – DHCPOptionToUse WINSSettingData1 Properties — • – WINSServerAddress – RegisterThisConnection – DHCPOptionToUse Verbs – cd – version – exit – show StaticIPSettings1 Properties ◦ oemhp_SRoute1Address ◦ oemhp_Gateway1Address ◦ oemhp_SRoute2Address ◦ oemhp_Gateway2Address ◦ oemhp_SRoute3Address ◦ oemhp_ Ga
iLO 2 is reset after network settings have been applied. iLO 2 settings The iLO 2 settings commands enable you to view or modify iLO 2 settings. iLO 2 settings are located at /map1/config1. Targets No targets Properties • oemhp_rawvspport=3002 • oemhp_console_capture_port=17990 • oemhp_console_capture_enable=yes • oemhp_interactive_console_replay_enable=yes • oemhp_capture_auto_export_enable=no • oemhp_capture_auto_export_location=http://192.168.1.1/folder/ capture%t.
Property Access Description oemhp_sshport Read/Write Sets the SSH port value. oemhp_sshstatus Read/Write Enables or disables SSH. Boolean values are accepted. oemhp_serialclistatus Read/Write Enables or disables CLP session through serial port. Boolean values are accepted. oemhp_serialcliauth Read/Write Enables or disables authorization requirement for CLP session through serial port. Boolean values are accepted.
Targets • Fan • Sensor • Power supply Properties Property Access Description DeviceID Read Displays fan, sensor, or power supply label number ElementName Read Displays fan, sensor, or power supply location Operationalstatus Read Displays fan, sensor, or power supply operational status VariableSpeed Read Displays if fan is operating at variable speed Desired Speed Read Displays the current fan speed HealthState Read Displays the health status of the fan, sensor, or power supply Rat
oemhp_CautionValue=0 oemhp_CriticalValue=0 Other sensor targets show system temperatures. The command show system1/sensor3 displays one of the temperature zone properties. For example: /system1/sensor3 Targets Properties DeviceID=Temp 1 ElementName=I/O Board Zone OperationalStatus=Ok RateUnits=Celsius CurrentReading=32 SensorType=Temperature HealthState=Ok oemhp_CautionValue=68 oemhp_CriticalValue=73 SNMP settings SNMP settings commands enable you to view and modify SNMP settings.
License commands License commands enable you to display and modify the iLO 2 license. License commands are available at: /map1/ Targets None Commands Command Description cd Changes the current directory show Displays license information set Changes the current license Examples • set /map1 license=1234500000678910000000001 • show /map1 license Directory commands Directory commands enable you to view and modify directory settings.
You can define additional groups using additional set commands. You can specify one or more properties on the command line. If multiple properties are on the same command line, then they must be separated by a space. For example: • set /map1/oemhp_dircfg1 • set /map1/oemhp_dircfg1 oemhp_dirauth=default_schema oemhp_dirsrvaddr=adserv.demo.com Virtual media commands Access to the iLO 2 virtual media is supported through the CLP.
protocol://username:password@hostname:port/filename • The protocol field is mandatory and must be either HTTP or HTTPS. • The username:password field is optional. • The hostname field is mandatory. • The port field is optional. • The filename field is mandatory. The CLP performs only a cursory syntax verification of the value. You must visually verify the URL is valid. Examples • set oemhp_image=http://imgserver.company.com/image/dosboot.
set oemhp_boot=disconnect This example executes the following commands: • — Changes the current context to the floppy or key drive. — Issues the disconnect command that disconnects the media and clears the oemhp_image. Insert a CDROM image into the virtual CD-ROM: cd /map1/oemhp_vm1/cddr1 show set oemhp_image=http://my.imageserver.com/ISO/install_disk1.iso set oemhp_boot=connect show This example executes the following commands: • — Changes the current context to the CD-ROM drive.
Start and reset commands Start and reset commands enable you to power on and reboot the server containing iLO 2 or the iLO 2 itself.
Instead of using the simple commands, the following example shows the new CLP format: start /system1/oemhp vsp1 • remcons The remcons command starts a Remote Console session and is limited to users with the Remote Console privilege. Only a text-based remote console is supported, similar to a Telnet session. When in Remote Console session, enter Esc( to return to the CLI.
record:1..n where n is the total number of records Properties Property Access Description number read Displays the record number for the event. severity read Displays the severity of the event. It can be informational, noncritical, critical, or unknown. date read Displays the event date. time read Displays the event time. description read Displays a description of the event. Examples • show /system1/log1 – Displays the Integrated Management Log.
Property Access Description autoselect Read/write Displays and modifies the diagnostic port autoselect setting. speed Read/write Displays and modifies the diagnostic port speed setting. fullduplex Read/write Displays and modifies if the diagnostic port supports full-duplex or half-duplex mode. ipaddress Read/write Displays and modifies the IP address for the diagnostic port. mask Read/write Displays and modifies the subnet mask for the diagnostic port.
Properties Property Access Description bootorder Read/write Sets the boot order for a given boot source Examples • set /system1/bootconfig1/bootsource(n) bootorder=(num) • show /system/bootconfig1 – Displays the complete boot configuration • show /system1/bootconfig1/bootsource1 – Displays the boot order for bootsource1 LED commands LED commands are used to change the state of the UID light on the server.
Target Description oemhp_MinPower Displays the minimum average power reading from the past 24 hours. warning_type Displays and modifies the warning type. warning_threshold Displays and modifies the warning threshold for power consumption. warning_duration Displays and modifies the duration the power threshold must be exceeded before a warning is generated. The following properties are available in /system1. Property Access Description name Read Displays the system name.
CPU power state – Enables you to examine the CPU power states. CPU power state values are shown as a part of the cpu target and use an additional property of logical_processor. Example: The show cpu1/logical_processor1 command displays the p-states of the processor: For example: /system1/cpu1/logical_processor1 Targets Properties current_pstate=1 pstate0_avg=0.0 pstate1_avg=100.0 pstate2_avg=0.0 pstate3_avg=0.0 pstate4_avg=0.0 pstate5_avg=0.0 pstate6_avg=0.0 pstate7_avg=0.
• show /system1/slot1 – Displays information on one slot • show /system1/firmware1 – Displays information about system ROM For example: /system1/firmware1 Targets Properties version=P56 date=01/05/2006 NOTE: 1.81. system1/cpu, system1/memory, and system1/slot are not supported in iLO Other commands 36 • start /system1/oemhp vsp1 – Starts virtual serial port session.
3 Telnet Telnet support iLO 2 supports the use of Telnet to access the iLO 2 command line interface. Telnet access to iLO 2 supports the CLI, which can invoke a Remote Console connection as well as a Virtual Serial Port connection. For more information, see “Command line” (page 13). Using Telnet To use Telnet, the iLO 2 Remote Console Port Configuration and Remote Console Data Encryption on the Global Settings screen must be configured as follows: 1. Set the Remote Console Port Configuration to Enabled. 2.
The keys do not work before authentication. The power control requests are correctly ignored when you do not have the correct power control privileges. Telnet security Telnet is an unsecured network protocol. To reduce any security risks: • Use SSH instead of Telnet. SSH is essentially secure or encrypted Telnet. CLI is supported through Telnet as well as SSH. • Use a segregated management network. Preventing unauthorized access to the network segment prevents unauthorized activity.
Key Sequence Key Sequence ALT_L \eL ALT_AT \e@ ALT_M \eM ALT_OPENSQ \e[\? ALT_N \eN ALT_BSLASH \e\\ ALT_O \eO\? ALT_CLOSESQ \e] ALT_P \eP ALT_CARAT \e^ ALT_Q \eQ ALT_USCORE \e_ ALT_R \eR ALT_ACCENT \e` ALT_T \eT ALT_PIPE \e| ALT_U \eU ALT_CBRACK \e} ALT_V \eV ALT_TILDE \e~ ALT_W \eW ALT_TAB \e\t ALT_X \eX ALT_BS \e\010 ALT_Y \eY ALT_CR \e\r ALT_Z \eZ ALT_ESC \e\e\? ALT_LOWER_A \ea ALT_F1 \e\eOP ALT_LOWER_B \eb ALT_F2 \e\eOQ ALT_LOWER_C \ec
Key Sequence Key Sequence ALT_LOWER_X \ex ALT_END \e\e[4~ ALT_LOWER_Y \ey ALT_PGUP \e\e[5~ ALT_LOWER_Z \ez ALT_PGDN \e\e[6~ ALT_SPACE \e\040 ALT_HOME \e\e[H ALT_EXCL \e! ALT_END \e\e[F ALT_QUOTE \e\" ALT_UP \e\e[A ALT_POUND \e# ALT_DOWN \e\e[B ALT_DOLLAR \e$ ALT_RIGHT \e\e[C ALT_PERCENT \e% ALT_LEFT \e\e[D VT100+ codes for the F-keys Key Sequence F1_KEY \eOP F2_KEY \eOQ F3_KEY \eOR F4_KEY \eOS F5_KEY \eOT F6_KEY \eOU F7_KEY \eOV F8_KEY \eOW F9_KEY \
Key Sequence INSERT_KEY \e[2~ DELETE_KEY \e[3~ END_KEY \e[4~ PG_UP \e[5~ PG_DOWN \e[6~ Supported key sequences 41
4 Secure Shell SSH overview SSH is a Telnet-like program for logging into and for executing commands on a remote machine, which includes security with authentication, encryption, and data integrity features. The iLO 2 firmware can support simultaneous access from two SSH clients. After SSH is connected and authenticated, the command line interface is available. iLO 2 supports: • SSH protocol version 2 • PuTTY 0.58, which is a free version of Telnet and SSH protocol available for download on the Internet.
ssh -l loginname ipaddress/dns name Using PuTTY • To start a PuTTY session, double-click the PuTTY icon in directory where PuTTY is installed. • To Start a PuTTY session from the command line: ◦ To start a connection to a server called host: putty.exe [-ssh | -telnet | -rlogin | -raw] [user@]host ◦ For Telnet sessions, the following alternative syntax is supported: putty.exe telnet://host[:port]/ ◦ To start an existing saved session called sessionname: putty.
Mxagentconfig Mxagentconfig is a utility used to export and install HP SIM public SSH keys into other systems. This utility simplifies the process and can install the public key on many systems simultaneously. Mxagentconfig will make an SSH connection to iLO 2, authenticate with a user name and password, and transmit the necessary public key. iLO 2 stores this key as a trusted SSH client key. Importing SSH keys from PuTTY The public key file format generated by PuTTY is not compatible with iLO 2.
4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. Select all the text in the public key area. Copy the key and paste it into a Notepad session. Return to the PuTTY Key Generator utility. Click Save private key to save, and then enter a file name when prompted, for example, c:\bchan.ppk. Return to Notepad. Save the public key file. Click File>Save As, and then enter a file name when prompted, for example, c:\bchan.pub. Log into iLO 2 (if not already open).
16. Enter the logon name associated with the public key. The public key in iLO 2 authenticates with the private key in PuTTY. If the keys match, you are logged into iLO 2 without using a password. Keys can be created with a key passphrase. If a key passphrase was used to generate the public key, you are prompted for the key passphrase before you log into iLO 2. Importing SSH keys generated using ssh-keygen After generating an SSH key using ssh-keygen and creating the key.
5 Group administration and iLO 2 scripting Lights-Out Configuration Utility The Lights-Out Configuration Utility (CPQLOCFG.EXE) is a Microsoft Windows-based utility that connects to the iLO 2 using a secure connection over the network. RIBCL scripts are passed to the iLO 2 over the secure connection to CPQLOCFG. This utility requires a valid user ID and password with the appropriate privileges.
1 Integrated Lights-Out 2 (iLO 2) 1.10 ASIC: 5 ILO0004PBM158 ILO1226570004PBM158 Query definition in HP SIM To group all of the iLO 2 devices, log in to HP SIM and create a query. To create the query: 1. Log in to HP SIM. 2. Click Device in the navigation bar on the top left side of the screen. 3. Click Queries>Device. 4. Locate the Personal Queries section in the main window.
-V is the verbose message (optional). If the RIBCL file is in the root directory of on the C:\ drive, then the parameters are: -F C:\MANAGEUSERS.xml -V NOTE: The -L parameter cannot designate an output log file. A default log file named with the DNS name or the IP address is created in the same directory where CPQLOCFG is launched. 6. Click Next. A screen displays the options for naming the task, defining the query association, and setting a schedule for the task. 7.
NOTE: • If you are not using the command line to enter the user name and password, and are using the XML file, you can use the double-quotes special character (“). However, if you use “ in the password in the XML file, you must change the outside double quotes to single quotes, for example: ‘admin”admin’. • If you use CPQLOCFG or LOCFG, and enter the password on the command line with the -p option, you cannot use the double-quotes special character (“).
Invoke the script using: cpqlocfg -s -f mod_snmp_im_settings.xml -t WebAgent='"Your_Value_Here"' When replacing a token that requires double quotes, use single quotes around the token. For information on the syntax of the XML data file, see “Using RIBCL” (page 70). Sample XML scripts are available on the HP website at http://www.hp.com/servers/lights-out in the Best Practices section.
6 Perl scripting Using Perl with the XML scripting interface The scripting interface provided enables administrators to manage virtually every aspect of the device in an automated fashion. Primarily, administrators use tools like the cpqlocfg.exe to assist deployment efforts. Administrators using a non-Windows client can use Perl scripts to send XML scripts to the Lights-Out devices. Administrators can also use Perl to perform more complex tasks than cpqlocfg.exe can perform.
Opening an SSL connection Perl scripts must open an SSL connection to the device HTTPS port, by default port 443.
my $script = shift; my ($ssl, $reply, $lastreply, $res, $n); $ssl = openSSLconnection($host); # write header $n = Net::SSLeay::ssl_write_all($ssl, ''."\r\n"); rint "Wrote $n\n" if $debug; # write script $n = Net::SSLeay::ssl_write_all($ssl, $script); print "Wrote $n\n$script\n" if $debug; $reply = ""; $lastreply = ""; READLOOP: while(1) { $n++; $reply .
later command. However, the PERL script must send data within a few seconds or the device will time out and disconnect. When using the XML scripting interface with PERL scripts, the following restrictions apply: • PERL scripts must send the XML header before sending the body of the script. • PERL scripts must provide script data fast enough to prevent the device from timing out. • Only one XML document is allowed per connection, which means one pair of RIBCL tags.
7 Virtual Media scripting Scripting Web server requirements Virtual Media scripting uses a media image that is stored and retrieved from a Web server accessible from the management network. The web server must be a HTTP 1.1 compliant server that supports the Range header. Furthermore, for write access to the file, the Web server must support DAV and must support the Content-Range header for DAV transactions. If the Web server does not meet the requirements for DAV, a helper CGI program may be used.
Command Line Input Result [-eject] Ejects the media that is currently connected through the virtual media drive. The virtual media drive is still connected, but no media is present in the drive. [-wp ] Defines the write-protected status of the Virtual Floppy/USB key drive. This argument has no effect on the Virtual CD-ROM drive. [-boot ] Defines how the virtual media drive is used to boot the target server.
If any of the modules are missing, use modprobe to load them. 2. Mount the drive using one of following: • mount /dev/sda /mnt/floppy -t vfat – Mounts a virtual floppy. • mount /dev/sda1 /mnt/keydrive – Mounts a virtual USB key drive. • mount /dev/cdrom1 /mnt/cdrom – Mounts a virtual CD-ROM on a Red Hat system. Use /dev/cdrom if the server does not have a locally attached CD-ROM drive. • mount /dev/scd0 /mnt/cdrom – Mounts a virtual CD-ROM on a SUSE system.
# $file = $prefix . "/" . $file; # # Decode the range # if ($range =~ m/([0-9A-Fa-f]+)-([0-9A-Fa-f]+)/) { $start = hex($1); $end = hex($2); $len = $end - $start + 1; } # # Decode the data (it's a big hex string) # $decode = pack("H*", $data); # # Write it to the target file # sysopen(F, $file, O_RDWR); binmode(F); sysseek(F, $start, SEEK_SET); syswrite(F, $decode, $len); close(F); Setting up IIS for scripted virtual media Before setting up IIS for scripted media, make sure IIS is operational.
f. g. Verify your Web Service Extensions allows Perl scripts to execute. If not, click Web Service Extensions and set Perl CGI Extension to Allowed. Verify the prefix variable in the helper script is set correctly. Additional information: The basic format for the XML insert command is: • The device field can be either FLOPPY or CDROM. • The IMAGE_URL can be either an http or https URL to a diskette or CD_ROM image.
# Decode the data (a large hex string) # $decode = pack("H*", $data); # # Write it to the target file # sysopen(F, $file, O_RDWR); binmode(F); sysseek(F, $start, SEEK_SET); syswrite(F, $decode, $len); close(F); print "Content-Length: 0\r\n"; print "\r\n"; Setting up IIS for scripted virtual media 61
8 HPONCFG online configuration utility HPONCFG The HPONCFG utility is an online configuration tool used to set up and configure the iLO, iLO 2, and RILOE II from within Windows and Linux operating systems without requiring a reboot of the server operating system. The utility runs in a command line mode and must be executed from an operating system command line using an account with administrator or root access.
Linux server installation HPONCFG is installed automatically when ProLiant Support Pack is installed. The rpm of HPONCFG for Linux distributions can be downloaded from the HP website. Install the appropriate package using the rpm installation utility. For example, for a package installation, you can install hponcfg rpm on Red Hat Enterprise Linux 3 by entering the following command: rpm -ivh hponcfg-1.9.0-3.linux.
dualcursor command line option, along with the mouse option, optimizes mouse handling as suited for remote console dual-cursor mode. The allusers command line option optimizes mouse handling for all users on the system. This option is available only for the Windows operating system. • /display – Configures Windows display parameters to optimize graphical remote console display performance. The options must be preceded by a / (slash) for Windows and Linux as specified in the usage string.
In this example, the utility indicates that it obtained the data successfully and wrote the data to the output file. The following is a typical example of the contents of the output file: PAGE 66PASSWORD = "%user_password%">
For security reasons, user passwords are not returned. Obtaining a specific configuration A specific configuration can be obtained using the appropriate XML input file. For example, the following is the contents of a typical XML input file, get_global.
Setting a configuration You can set a specific configuration by using the command format: HPONCFG /f add_user.xml /l log.txt In this example, the input file has contents: PAGE 68HPONCFG /f add_user.xml /s username="test user",login="testlogin",password=testpasswd Example 2: In this example, %host_power% is a variable. MOD_NETWORK_SETTINGS parameters If the following parameters are not specified, then the parameter value for the specified setting is preserved. Zero values are not permitted in some fields. Consequently, an empty string deletes the current value in some fields.
DHCP_ENABLE – Used to enable DHCP. The possible values are Yes or No. It is case insensitive. IP_ADDRESS – Used to select the IP address for the iLO 2 if DHCP is not enabled. If an empty string is entered, the current value is deleted. SUBNET_MASK – Used to select the subnet mask for the iLO 2 if DHCP is not enabled. If an empty string is entered, the current value is deleted. GATEWAY_IP_ADDRESS – Used to select the default gateway IP address for the iLO 2 if DHCP is not enabled.
MOD_NETWORK_SETTINGS runtime errors The possible MOD_NETWORK_SETTINGS error messages include: • RIB information is open for read-only access. Write access is required for this operation. • User does not have correct privilege for action. CONFIG_ILO_PRIV required. GET_GLOBAL_SETTINGS The GET_GLOBAL_SETTINGS command requests the respective iLO 2 global settings. For this command to parse correctly, the command must appear within a RIB_INFO command block, and RIB_INFO MODE can be set to read or write.
A possible GET_GLOBAL_SETTINGS return message from iLO 2 1.
As of release iLO 2 version 1.50, the Virtual Serial Port supports automatically enabling and disabling software flow control. By default, this behavior is disabled.
F8_LOGIN_REQUIRED – Determines if login credentials are required to access the RBSU for iLO 2. The possible values are Yes or No. REMOTE_CONSOLE_PORT_STATUS – Determines the behavior of remote console service. The possible values include: • 0 – No change • 1 – Disabled (The remote console port is disabled. This prevents remote console and Telnet sessions from being used.) • 2 – Automatic (This is the default setting. The remote console port remains closed unless a remote console session is started.
French Canadian German Italian Japanese Latin American Portuguese Spanish Swedish Swiss French Swiss German SSH_PORT – Specifies the port used for SSH connection on iLO 2. The processor must be reset if this value is changed. SSH_STATUS – Determines if SSH is enabled. The valid values are Yes or No, which enable or disable SSH functionality. SERIAL_CLI_STATUS – Specifies the status of the CLI.
GET_SNMP_IM_SETTINGS parameters None GET_SNMP_IM_SETTINGS runtime errors None GET_SNMP_IM_SETTINGS return messages A possible GET_SNMP_IM_SETTINGS return message is: PAGE 98WEB_AGENT_IP_ADDRESS – The address for the Web-enabled agents. The value for this element has a maximum length of 50 characters. It can be any valid IP address. If an empty string is entered, the current value is deleted. SNMP_ADDRESS_1, SNMP_ADDRESS_2, and SNMP_ADDRESS_3 – The addresses that receive traps sent to the user. Each of these parameters can be any valid IP address and has a maximum value of 50 characters.
When you send an XML script to update iLO 2 firmware, iLO 2 firmware verifies the TPM configuration status of option ROM measuring. If it is enabled, iLO 2 firmware returns the same warning message as stated in web interface. You can add the TPM_ENABLE command to the script file. HP recommends using XML script syntax to execute firmware updates. To enable the firmware update to continue, you must set TPM_ENABLE to a value of Y or Yes. Example 2: PAGE 100GET_FW_VERSION parameters None GET_FW_VERSION runtime errors None GET_FW_VERSION return messages The following information is returned within the response: FIRMWARE_DATE = MANAGEMENT_PROCESSOR = /> HOTKEY_CONFIG The HOTKEY_CONFIG command configures the remote console hot key settings in iLO 2.
CTRL_V – Specifies settings for the CTRL_V hot key. The settings must be separated by commas. For example, CTRL_V="CTRL,ALT,ESC." Up to five keystrokes can be configured for each hot key. CTRL_W – Specifies settings for the CTRL_W hot key. The settings must be separated by commas. For example, CTRL_W="CTRL,ALT,ESC." Up to five keystrokes can be configured for each hot key. CTRL_X – Specifies settings for the CTRL_X hot key. The settings must be separated by commas. For example, CTRL_X="CTRL,ALT,ESC.
F2 0 e ; F3 1 f ' F4 2 g L_CTRL F5 3 h R_CTRL F6 4 i NUM PLUS F7 5 j NUM MINUS F8 6 k SCRL LCK F9 7 l BACKSPACE F10 8 m SYS RQ F11 9 n LICENSE The LICENSE command activates or deactivates the iLO's advanced features. For this command to parse correctly, the command must appear within a RIB_INFO command block, and RIB_INFO MODE must be set to write. The user must have the configure iLO 2 privilege to execute this command.
INSERT_VIRTUAL_MEDIA This command notifies iLO 2 of the location of a diskette image. The INSERT_VIRTUAL_MEDIA command must display within a RIB_INFO element, and RIB_INFO must be in write mode. Example: INSERT_VIRTUAL_MEDIA parameters DEVICE specifies the Virtual Media device target.
• An invalid Virtual Media option has been given. • Virtual Media already connected through a script. You must eject or disconnect before inserting new media. EJECT_VIRTUAL_MEDIA EJECT_VIRTUAL_MEDIA ejects the Virtual Media image if one is inserted. The EJECT_VIRTUAL_MEDIA command must display within a RIB_INFO element and RIB_INFO must be in write mode. Example: PAGE 105GET_VM_STATUS return messages The return message displays the current state of the Virtual Media. The VM_APPLET parameter shows if a virtual media device is already connected via the Virtual Media Applet. If the VM_APPLET = CONNECTED, then the Virtual Media is already in use and cannot be connected via scriptable Virtual Media or Virtual Media XML commands. The DEVICE parameter tells which device this return message is for.
immediately when the VM_BOOT_OPTION is set. The Virtual Media device is connected on the next server boot after setting of the VM_BOOT_OPTION. • • BOOT_ONCE – Sets the VM_BOOT_OPTION to BOOT_ONCE. The Virtual Media device is connected during the next server boot, but on any subsequent server boots, it will not be connected.
SET_VM_STATUS runtime errors The possible runtime errors are: • RIB information is open for read-only access. Write access is required for this operation. • User does not have correct privilege for action. VIRTUAL_MEDIA_PRIV required. • An invalid Virtual Media option has been given. CERTIFICATE_SIGNING_REQUEST This command requests a certificate from iLO 2. When this command is received, iLO 2 generates a certificate signing request.
PAGE 109CSR_SUBJECT_COMMON_NAME – This field has a maximum length of 60 characters. It must use only alphanumeric, dot and hyphen characters. When you set CSR_USE_CERT_CUSTOM_SUBJECT to Yes, this field is mandatory. CSR_CERT_SETTINGS errors The possible CSR_CERT_SETTINGS error messages include: • RIB information is open for read-only access. Write access is required for this operation. • User does not have correct privilege for action. CONFIG_ILO_PRIV required. • User supplied invalid fields.
IMPORT_CERTIFICATE parameters There are no parameters for this command. IMPORT_CERTIFICATE errors The possible IMPORT_CERTIFICATE error messages include: • RIB information is open for read-only access. Write access is required for this operation. • Error reading certificate: The imported certificate is invalid. • Invalid certificate common name: The common name in the certificate does not match iLO 2's hostname.
MOD_TWOFACTOR_SETTINGS The MOD_TWOFACTOR_SETTINGS command is used to modify the Two-Factor Authentication settings on the iLO 2. For this command to parse correctly, the MOD_TWOFACTOR_SETTINGs command must appear within a RIB_INFO command block, and RIB_INFO MODE must be set to write. You must have the configure RILOE II privilege to execute this command.
-----BEGIN CERTIFICATE----MIIEtzCCA5+gAwIBAgIQBGg9C0d7B5pF/l4bVA44hjANBgkqhkiG9w0BAQUFADBM MRMwEQYKCZImiZPyLGQBGRYDTEFCMRUwEwYKCZImiZPyLGQBGRYFSkpSSUIxHjAc ...
IMPORT_USER_CERTIFICATE – Imports the certificate into iLO 2 and maps it to the specified local user. Any client that authenticates with this certificate authenticates as the local user to which it is mapped. The SHA1 hash of this certificate displays on the Modify User website for the user to whom it is mapped. If iLO 2 is using directory authentication, client certificate mapping to local user accounts is optional and only necessary if authentication with local accounts is desired.
GET_DIR_CONFIG parameters None GET_DIR_CONFIG runtime errors None GET_DIR_CONFIG return messages Starting with iLO 2 1.80, directory integration can work with HP Lights-Out schema with or without extensions (schema-free). Depending on your directory configuration, the response to GET_DIR_CONFIG contains different data.
IMPORT_SSH_KEY The IMPORT_SSH_KEY command imports a SSH_KEY and associated iLO 2 user name into iLO 2. This command requires CPQLOCFG version 2.27 or later. After generating an SSH key using ssh-keygen and creating the key.pub file, you must perform the following: 1. Locate the key.pub file and insert its contents between "-----BEGIN SSH KEY----" and "-----END SSH KEY-----”.
• Invalid iLO user name: The appended user name is not a valid iLO 2 user. • No slots are available for storing additional SSH Key. MOD_DIR_CONFIG The MOD_DIR_CONFIG command modifies the directory settings on iLO 2. For this command to parse correctly, the MOD_DIR_CONFIG command must appear within a DIR_INFO command block, and DIR_INFO MODE must be set to write. The user must have the configure iLO 2 privilege to execute this command. Example: PAGE 117 -----BEGIN CERTIFICATE----. . .
SSO_SERVER runtime errors A runtime error is generated: • If a certificate is a duplicate. • If a certificate is corrupt. • If the HP SIM server cannot be contacted using IMPORT_FROM. • If the HP SIM Trusted Server database is full. You must delete other records to make sufficient room to add a new entry. • If the trust mode is set incorrectly. DELETE_SERVER The DELETE_SERVER command is used to remove an HP SIM Trusted SSO Server record.
10 HPQLOMGC command language Using HPQLOMGC HPQLOMGC reads directory settings for the management processor from an XML file. The script used is a subset of the RIBCL and has been extended to support multiple management processor firmware images. HPQLOMGC does not operate on iLO 2 devices. The following is an example of an XML file: PAGE 153This command line uses the following parameters: • UPDATE_RIB_FIRMWARE IMAGE_LOCATION For more information, see “UPDATE_RIB_FIRMWARE parameters” (page 99).
11 iLO 2 ports Enabling the iLO 2 Shared Network Port feature through XML scripting For information on how to use the SHARED_NETWORK_PORT command to enable the iLO 2 Shared Network Port through XML scripting, see “Using RIBCL” (page 70). The following sample script configures the iLO 2 to select the Shared Network Port. You can customize this script to your needs. Using this script on platforms that do not support the Shared Network Port will cause an error. PAGE 15512 iLO 2 parameters Status Summary parameters Parameter Definition Server name Displays the server name. If the Insight Management Agents are being used with the host server operating system, they will provide the iLO 2 with the server name. UUID Identifies the host. Although the UUID is assigned when the system is manufactured, you can change this setting using the system RBSU during POST. Server Serial Number / Product ID Identifies the serial number of the server.
Parameter Definition License Type Displays whether the system has a feature license installed. Some features of iLO 2 cannot be accessed unless optionally licensed. iLO 2 Firmware Version Displays information about the version of iLO 2 firmware currently installed. Active Sessions Displays the users currently logged into iLO 2. Latest iLO 2 Event Log Entry Displays the most recent entry in the iLO 2 event log.
Global Settings parameters Settings (parameters) found on the Access Options page of the iLO 2 user interface. Parameter Default value Descriptions Idle Connection Timeout (minutes) 30 minutes This setting specifies the interval of user inactivity, in minutes, before the web server and Remote Console session automatically terminate. The following settings are valid: 15, 30, 60, 120 minutes, or 0 (infinite). The infinite timeout value does not log out inactive users.
Parameter Default value Descriptions To force the browser to refresh, save this setting, and press F5. Authentication Failure Logging Enabled-Every 3rd Failure This setting allows you to configure logging criteria for failed authentications. All login types are supported and every login type works independently. The following are valid settings: • Enabled-Every Failure – A failed login log entry is recorded after every failed login attempt.
Parameter Default value Description Terminal Services client and Terminal Services server running on the host. The following settings are valid: • Automatic – When remote console is started, the Terminal Services client is launched. • Enabled – The pass-through feature is enabled and can connect the Terminal Services client directly to the iLO 2 without logging-into the iLO 2. • Disabled – The pass-through feature is off.
Parameter Default value Definition disabled, you must assign a static IP address to the iLO 2. Assign the IP address using the iLO 2 IP address parameter. DHCP Yes Enables you to select static IP (disabled) or Enables the use of a DHCP server to obtain an IP address for the iLO 2 subsystem. You cannot set the iLO 2 IP address and subnet mask if DHCP is enabled.
Parameter Default value Definition Use DHCP supplied DNS servers Enabled Toggles whether iLO 2 will use the DHCP server-supplied DNS server list. If not, enter one in the Primary/Secondary/Tertiary DNS Server boxes. Use DHCP supplied WINS servers Enabled Toggles whether iLO 2 will use the DHCP server-supplied WINS server list. If not, enter one in the Primary/Secondary WINS Server boxes. Use DHCP supplied static routes Enabled Toggles whether iLO 2 will use the DHCP server-supplied static route.
SNMP/Insight Manager settings parameters Parameter Default Value Definition SNMP alert destination(s) No Enter the IP address of the remote management PC that will receive SNMP trap alerts from the iLO 2. Up to three IP addresses can be designated to receive SNMP alerts. Enable iLO 2 SNMP alerts No The iLO 2 alert conditions are detected by the iLO 2 and are independent of the host server operating system. These alerts can be Insight Manager SNMP traps.
Parameter Default value Definition Directory server LDAP port 636 This option sets the port number used to connect to the directory server. The SSL-secured LDAP port number is 636. LOM object distinguished name This option specifies the unique name for the iLO 2 in the directory. LOM Object Distinguished Names are limited to 256 characters. LOM object password This parameter specifies the password for the iLO 2 object to access the directory. LOM Object Passwords are limited to 39 characters.
Parameter Default value Definition Blade serial number Provided by blade server The blade serial number identifies the serial number for the server blade product. Power source Rack provides power The server blade enclosure can be installed in a rack by using one of two configurations: • The server blade power supplies can be used to convert normal AC facility power to 48 V DC to power the rack. In this configuration, select the power source as Rack Provides Power.
13 Technical support HP contact information For the name of the nearest HP authorized reseller: • See the Contact HP worldwide (in English) webpage at http://www.hp.com/go/assistance'. For HP technical support: • To obtain HP contact information for any country, see the Contact HP worldwide web site at http://www.hp.com/go/assistance'. To contact HP by phone: ◦ Call 1 800 334 5144. This service is available 24 hours a day, 7 days a week.
Acronyms and abbreviations ASCII American Standard Code for Information Interchange ASM Advanced Server Management ASR Automatic Server Recovery BMC baseboard management controller CA certificate authority CGI Common Gateway Interface CLI Command Line Interface CLP command line protocol CR Certificate Request DAV Distributed Authoring and Versioning DDNS Dynamic Domain Name System DHCP Dynamic Host Configuration Protocol DLL dynamic link library DNS domain name system DSA Digita
NIC network interface controller NMI non-maskable interrupt NVRAM non-volatile memory PERL Practical Extraction and Report Language PKCS Public-Key Cryptography Standards POST Power-On Self Test PSP ProLiant Support Pack RAS remote access service RBSU ROM-Based Setup Utility RDP Remote Desktop Protocol RIB Remote Insight Board RIBCL Remote Insight Board Command Language RILOE Remote Insight Lights-Out Edition RILOE II Remote Insight Lights-Out Edition II RSA Rivest, Shamir, and
Index A ADD_USER ADD_USER parameters, 73 ADD_USER runtime errors, 74 Obtaining the basic configuration, 64 administration Group administration and iLO 2 scripting, 47 User Administration parameters, 156 authentication, WS-Management, 11 authorized reseller HP contact information, 165 Technical support, 165 B BL p-Class blade parameters, 163 blade commands, CLP, 31 blade commands, RIBCL, 118 blade information, 31 boot commands, 32 boot commands, CLP, 32 boot commands, RIBCL COLD_BOOT_SERVER, 142 WARM_BOOT_S
DELETE_CURRENT_USER parameters, 75 DELETE_CURRENT_USER runtime errors, 75 DELETE_SERVER DELETE_SERVER, 151 DELETE_SERVER parameters, 151 DELETE_SERVER runtime errors, 151 DELETE_SSH_KEY, 75 DELETE_USER DELETE_USER, 74 DELETE_USER parameter, 74 DELETE_USER runtime errors, 75 DIR_INFO command block, 113 directory services, 162 directory settings, 162 directory settings, parameters, 162 directory settings, RIBCL DIR_INFO, 113 GET_DIR_CONFIG, 113 MOD_DIR_CONFIG, 116 domain name system (DNS) GET_NETWORK_SETTINGS
GET_HOST_POWER_STATUS, 134 GET_HOST_POWER_STATUS Parameters, 134 GET_HOST_POWER_STATUS Return Messages, 134 GET_HOST_POWER_STATUS Runtime Errors, 134 GET_HOST_PWR_MICRO_VER GET_HOST_PWR_MICRO_VER, 135 GET_HOST_PWR_MICRO_VER parameters, 135 GET_HOST_PWR_MICRO_VER return messages, 136 GET_HOST_PWR_MICRO_VER runtime errors, 135 GET_NETWORK_SETTINGS GET_NETWORK_SETTINGS, 85 GET_NETWORK_SETTINGS parameters, 85 GET_NETWORK_SETTINGS return messages, 85 GET_NETWORK_SETTINGS runtime errors, 85 GET_ONE_TIME_BOOT, 136
I IIS, scripted media, 59 iLO 2 port, re-enabling, 154 iLO 2 settings iLO 2 settings, 21 ILO_CONFIG, 152 iLO 2 settings, CLP, 21 iLO 2 settings, RIBCL, 80 iLO 2 status parameters, 155 iLO ports, 154 ILO_CONFIG, 152 IMPORT_CERTIFICATE IMPORT_CERTIFICATE, 109 IMPORT_CERTIFICATE errors, 110 IMPORT_CERTIFICATE parameters, 110 IMPORT_SSH_KEY IMPORT_SSH_KEY, 115 IMPORT_SSH_KEY parameters, 115 IMPORT_SSH_KEY runtime errors, 115 importing SSH keys, PuTTY, 44 INSERT_VIRTUAL_MEDIA INSERT_VIRTUAL_FLOPPY runtime errors
overview, RIBCL, 70 overview, Telnet, 37 overview, virtual media scripting, 56 P parameter definitions, 155 Perl, sending XML scripts, 53 Perl, SSL connection, 53 Perl, using, 52 Perl, XML enhancements, 52 phone numbers, 165 power management HP Insight Control Software deployment, 10 properties, system, 33 PuTTY utility, 42 PuTTY, importing SSH keys, 44 PuTTY, starting a session, 43 R RACK_INFO command block, 118 Remote Insight Board Command Language (RIBCL), 70 RESET_RIB RESET_RIB, 81 RESET_RIB parameter
start and reset commands, CLP, 29 start and reset commands, RIBCL COLD_BOOT_SERVER, 142 HOLD_PWR_BTN, 141 PRESS_PWR_BTN, 141 RESET_RIB, 81 RESET_SERVER, 141 WARM_BOOT_SERVER, 142 starting a PuTTY session, 43 status, WS-Management, 11 string, RIBCL Boolean string, 70 Specific string, 70 String, 70 support, 165 supported key sequences Supported hot keys, 101 Supported key sequences, 38 supported operating systems, 62 system status, 155 system target information, CLP, 33 system target information, RIBCL, 125 s
