HP iLO 2 Scripting and Command Line Guide HP Part Number: 382328-009 Published: June 2012 Edition: 1
© Copyright 2012 Hewlett-Packard Development Company, L.P Notices The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Confidential computer software.
Contents 1 Introduction.............................................................................................10 Overview..............................................................................................................................10 New in this version.................................................................................................................10 HP Insight Control server deployment.....................................................................................
5 Group administration and iLO 2 scripting....................................................48 CPQLOCFG Utility..................................................................................................................48 Unauthenticated XML query.....................................................................................................48 Query definition in HP SIM......................................................................................................
ADD_USER runtime errors..............................................................................................79 DELETE_USER....................................................................................................................79 DELETE_USER parameter................................................................................................79 DELETE_USER runtime errors...........................................................................................80 DELETE_CURRENT_USER...
MOD_GLOBAL_SETTINGS runtime errors.......................................................................102 GET_SNMP_IM_SETTINGS...............................................................................................102 GET_SNMP_IM_SETTINGS parameters..........................................................................103 GET_SNMP_IM_SETTINGS runtime errors......................................................................103 GET_SNMP_IM_SETTINGS return messages..............................
GET_DIR_CONFIG..........................................................................................................120 GET_DIR_CONFIG parameters.....................................................................................120 GET_DIR_CONFIG runtime errors..................................................................................120 GET_DIR_CONFIG return messages..............................................................................120 IMPORT_SSH_KEY.................................
GET_HOST_POWER_SAVER_STATUS parameters............................................................137 GET_HOST_POWER_SAVER_STATUS runtime errors.........................................................137 GET_HOST_POWER_SAVER_STATUS return messages.....................................................137 SET_HOST_POWER_SAVER..............................................................................................138 SET_HOST_POWER_SAVER parameters..........................................................
WARM_BOOT_SERVER runtime errors...........................................................................149 SERVER_AUTO_PWR........................................................................................................149 SERVER_AUTO_PWR parameters..................................................................................149 SERVER_AUTO_PWR runtime errors...............................................................................149 GET_SERVER_AUTO_PWR...................................
1 Introduction Overview HP iLO 2 provides multiple ways to configure, update, and operate HP ProLiant servers remotely. The HP Integrated Lights-Out 2 User Guide describes each feature and explains how to use these features with the browser-based interface and RBSU. The HP Integrated Lights-Out Management Processor Scripting and Command Line Resource Guide describes the syntax and tools available to use iLO 2 through a command line or scripted interface.
iLO 2 provides the KCS interface, or open interface, for SMS communications. The KCS interface provides a set of I/O mapped communications registers. The default system base address for the I/O mapped SMS Interface is 0xCA2 and is byte-aligned at this system address. The KCS interface is accessible to SMS software that is running on the local system. Examples of compatible SMS software applications are as follows: • IPMI version 2.
Status The WS-Management in iLO 2 returns status information for fans, temperatures, power supplies, and VRMs.
2 Command line Command line interface overview HP has worked with key industry partners within Distributed Management Task Force (DMTF), Inc. to define an industry-standard set of commands. DMTF is working on a suite of specifications, Systems Management Architecture for Server, to standardize manageability interfaces for servers. The iLO 2 uses the command set defined in the Server Management Command Line Protocol Specification, 1.00 Draft. The CLP is intended to replace the simple CLI.
hpiLO-> The following commands are supported in this release of CLP. The same command set is supported through the serial port, SSH, and Telnet connections. The following commands are supported in this release of CLP. The same command set is supported through the serial port and SSH connections. The privilege level of the logged in user is verified against the privilege required for the command. The command is only executed if the privilege levels match.
NOTE: If a CLP command spans more than one line, you cannot navigate between different lines. Windows 2000 Telnet client does not support the Functions keys F1,.., F12, Insert, Home, and End keys. These keys do not work in an iLO 2 command-line session. The Backspace key in the iLO 2 CLP implementation is mapped to the value 0x8.
The first line of information returned by the show command is the current context. In the example, / is the current context. Following the context is a list of subtargets (Targets) and properties (Properties) applicable to the current context. The verbs (Verbs) section shows which commands are applicable to this context. Specify the show command with an explicit or implicit context as well as a specific property.
• “License commands” (page 25) • “Directory commands” (page 26) • “Virtual media commands” (page 26) • “Start and reset commands” (page 29) • “Firmware update” (page 30) • “Eventlog commands” (page 31) • “Blade commands” (page 32) • “Boot commands” (page 33) • “LED commands” (page 34) • “System properties and targets” (page 34) • “Other commands” (page 37) User commands User commands enable you to view and modify user settings. User settings are located at /map1/accounts1.
In the example, username corresponds to the login name. • set lname1 username=lname2 password=password1 name=name2 group=admin,configure,oemhp_power,oemhp_vm,oemhp_rc In the example, lname1 is the login name of the user. HP SIM SSO settings HP SIM SSO settings commands are accessed using /map1/oemhp_ssocfg1. You must have the Configure iLO 2 Settings privilege to change these properties. SSO is only supported for browser access from trusted HP SIM servers. SSO is a licensed feature.
hpiLO->show Network commands The network subsystems are located at: • /map1/enetport1 • /map1/dhcpendpt1 • /map1/dnsendpt1 • /map1/gateway1 • /map1/dnsserver1 • /map1/dnsserver2 • /map1/dnsserver3 • /map1/dhcpserver1 • /map1/settings1 • /map1/vlan1 Properties, Targets, and Verbs: • dhcpendpt1 Properties • — EnabledState — OtherTypeDescription dnsendpt1 Properties • — EnabledState — HostName — DomainName — OtherTypeDescription gateway1 Properties
• ◦ show ◦ set dnsserver2 Properties • ◦ AccessInfo ◦ AccessContext dnsserver3 Properties • ◦ AccessInfo ◦ AccessContext dhcpserver1 Properties • ◦ AccessInfo ◦ AccessContext settings1 Targets — DNSSettings1 Properties – DNSServerAddress – RegisterThisConnection – DomainName – DHCPOptionToUse WINSSettingData1 Properties — 20 Command line – WINSServerAddress – RegisterThisConnection – DHCPOptionToUse Verbs – cd – version
• – exit – show StaticIPSettings1 Properties ◦ oemhp_SRoute1Address ◦ oemhp_Gateway1Address ◦ oemhp_SRoute2Address ◦ oemhp_Gateway2Address ◦ oemhp_SRoute3Address ◦ oemhp_ Gateway3Address ◦ DHCPOptionToUse Examples set /map1/enetport1 speed=100 set /map1/enetport1/lanendpt1 ipv4address=192.168.0.13 subnetmask=255.255.252 You can specify one or more properties on the command line. If multiple properties are given on the same command line, they must to be separated by a space.
• oemhp_shared_console_port=0 • oemhp_key_up_key_down_enable=yes Property Access Description oemhp_mapenable Read/Write Enables or disables the iLO 2. Boolean values are accepted. oemhp_timeout Read/Write Sets session timeout in minutes. Valid values are 15, 30, 60, and 120. oemhp_passthrough Read/Write Enables or disables Terminal Services Passthrough. Boolean values are accepted. oemhp_rbsuenable Read/Write Enables or disables RBSU prompt during POST. Boolean values are accepted.
Property Access Description oemhp_enforce_aes Read/Write Enable or disable enforcing AES/3DES encryption oemhp_enhanced_cliprompt_enable Read/Write oemhp_vsp_log_enable Read/Write Enable or disable the enhanced CLI prompt. By default, the feature is disabled. Enable or disable the Virtual Serial Port Log Feature. By default, the feature is disabled. Examples set /map1/config1 oemhp_enable=yes oemhp_timeout=30 You can specify one or more properties in the command line.
Property Access Description Oemhp_CautionValue Read Displays temperature sensor caution value Oemhp_CriticalValue Read Displays temperature sensor critical value Examples The command show system1/fan1 displays the system fan1 properties. For example: /system1/fan1 Targets Properties DeviceID=Fan 1 ElementName=I/O Board OperationalStatus=Ok VariableSpeed=Yes DesiredSpeed=40 HealthState=Ok. VRM power supplies are usually mapped to the sensor targets.
SNMP settings SNMP settings commands enable you to view and modify SNMP settings. SNMP settings are available at /map1/snmp1 . Targets None Properties Property Access Description accessinfo1 Read/Write Sets the first SNMP trap destination address. accessinfo2 Read/Write Sets the second SNMP trap destination address. accessinfo3 Read/Write Sets the third SNMP trap destination address. oemhp_iloalert Read/Write Enables or disables iLO 2 SNMP alerts. Boolean values accepted.
Directory commands Directory commands enable you to view and modify directory settings. Directory settings are available at: /map1/oemhp_dircfg1 Targets None Properties Property Access Description oemhp_dirauth Read/Write Enables or disables directory authentication.
Properties Property Access Description oemhp_image Read/Write The image path and name for virtual media access. The value is a URL with a maximum length of 80 characters. oemhp_connect Read Displays if a virtual media device is already connected through the CLP or scriptable virtual media. oemhp_boot Read/Write Sets the boot flag. The valid values are: • Never – Do not boot from the device. The value is displayed as No_Boot. • Once – Boot from the device only once. The value is displayed as Once.
• vm device get – Gets the status of the virtual media • vm device set boot access – Sets the status of the virtual media Command options: — Valid device names are floppy or cdrom NOTE: USB key drives must be used with the floppy keyword syntax. — The path is the URL to the media image — Boot options are boot_once, boot_always, no_boot, connect, or disconnect — Access options are write_protect or write_allow.
• Eject a CD-ROM image from the Virtual CD-ROM: cd /map1/oemhp_vm1/cddr1 set oemhp_boot=disconnect This example executes the following commands: • — Changes the current context to the CD-ROM drive. — Issues the disconnect command that disconnects the media and clears the oemhp_image. Insert a CD-ROM image and set for single boot: cd /map1/oemhp_vm1/cddr1 set oemhp_image=http://my.imageserver.com/ISO/install_disk1.
soft iLO 2.00 CLI support • power The power command is used to change the power state of the server and is limited to users with the Power and Reset privilege.
Command format load -source [] where is the URL of firmware update image file on web server. The URL is limited to 80 characters in the iLO 2.00 release of the firmware. URL example: protocol://username:password@hostname:port/filename • protocol field is mandatory and must be either HTTP or HTTPS. • username:password field is optional. • hostname field is mandatory. • port field is optional • filename field is mandatory.
• delete /system1/log1 – Deletes system event log. • delete /map1/log1 – Deletes iLO 2 event log. Blade commands Blade commands enable you to view and modify the values on a p-Class or c-Class server. These values are available at: /system1/map1/blade1 p-Class Blades These commands are only supported in iLO 2 firmware version 1.82 or earlier.
Examples • set /map1/blade1/bay_name=BayOne – Sets the blade bay name to BayOne. • show /map1/blade1/diagport1/ipaddress – Displays the IP address of the front diagnostic port. • show /map1/blade1/rack1/enclosure1(n)/encl_type – Displays the enclosure type for blade enclosure n. c-Class Blades These commands are only supported in iLO 2 firmware version 2.09 or later.
• BootFmCd : bootsource1 • BootFmFloppy : bootsource2 • BootFmDrive : bootsource3 • BootFmUSBKey : bootsource4 • BootFmNetwork : bootsource5 Properties Property Access Description bootorder Read/write Sets the boot order for a given boot source Examples • set /system1/bootconfig1/bootsource(n) bootorder=(num) • show /system/bootconfig1 – Displays the complete boot configuration • show /system1/bootconfig1/bootsource1 – Displays the boot order for bootsource1 LED commands LED commands a
Targets Target Description oemhp_PresentPower Displays the average power reading from the last sample. oemhp_AveragePower Displays the average power reading from the past 24 hours. oemhp_MaxPower Displays the greatest peak power reading from the past 24 hours. oemhp_MinPower Displays the minimum average power reading from the past 24 hours. warning_type Displays and modifies the warning type. warning_threshold Displays and modifies the warning threshold for power consumption.
The cpu property is a target of /system1 and displays information about the system processor. The following properties are available in /system1/cpu: Property Access Description speed Read Displays the processor speed. cachememory1 Read Displays the size of the processor level-1 cache. cachememory2 Read Displays the size of the processor level-2 cache. logical_processor Read Displays the logical processor. CPU power state – Enables you to examine the CPU power states.
Firmware – Displays information about the system ROM.
3 Telnet Telnet support iLO 2 supports the use of Telnet to access the iLO 2 command line interface. Telnet access to iLO 2 supports the CLI, which can invoke a Remote Console connection as well as a Virtual Serial Port connection. For more information, see “Command line” (page 13). Using Telnet To use Telnet, the iLO 2 Remote Console Port Configuration and Remote Console Data Encryption on the Global Settings screen must be configured as follows: 1. Set the Remote Console Port Configuration to Enabled. 2.
The keys do not work before authentication. The power control requests are correctly ignored when you do not have the correct power control privileges. Telnet security Telnet is an unsecured network protocol. To reduce any security risks: • Use SSH instead of Telnet. SSH is essentially secure or encrypted Telnet. CLI is supported through Telnet as well as SSH. • Use a segregated management network. Preventing unauthorized access to the network segment prevents unauthorized activity.
Telnet Key Sequence Key Sequence ALT_L \eL ALT_AT \e@ ALT_M \eM ALT_OPENSQ \e[\? ALT_N \eN ALT_BSLASH \e\\ ALT_O \eO\? ALT_CLOSESQ \e] ALT_P \eP ALT_CARAT \e^ ALT_Q \eQ ALT_USCORE \e_ ALT_R \eR ALT_ACCENT \e` ALT_T \eT ALT_PIPE \e| ALT_U \eU ALT_CBRACK \e} ALT_V \eV ALT_TILDE \e~ ALT_W \eW ALT_TAB \e\t ALT_X \eX ALT_BS \e\010 ALT_Y \eY ALT_CR \e\r ALT_Z \eZ ALT_ESC \e\e\? ALT_LOWER_A \ea ALT_F1 \e\eOP ALT_LOWER_B \eb ALT_F2 \e\eOQ ALT_
Key Sequence Key Sequence ALT_LOWER_X \ex ALT_END \e\e[4~ ALT_LOWER_Y \ey ALT_PGUP \e\e[5~ ALT_LOWER_Z \ez ALT_PGDN \e\e[6~ ALT_SPACE \e\040 ALT_HOME \e\e[H ALT_EXCL \e! ALT_END \e\e[F ALT_QUOTE \e\" ALT_UP \e\e[A ALT_POUND \e# ALT_DOWN \e\e[B ALT_DOLLAR \e$ ALT_RIGHT \e\e[C ALT_PERCENT \e% ALT_LEFT \e\e[D VT100+ codes for the F-keys Key Sequence F1_KEY \eOP F2_KEY \eOQ F3_KEY \eOR F4_KEY \eOS F5_KEY \eOT F6_KEY \eOU F7_KEY \eOV F8_KEY \eOW F9_KEY \
Telnet Key Sequence INSERT_KEY \e[2~ DELETE_KEY \e[3~ END_KEY \e[4~ PG_UP \e[5~ PG_DOWN \e[6~
4 Secure Shell SSH overview SSH is a Telnet-like program for logging into and for executing commands on a remote machine, which includes security with authentication, encryption, and data integrity features. The iLO 2 firmware can support simultaneous access from two SSH clients. After SSH is connected and authenticated, the command line interface is available. iLO 2 supports: • SSH protocol version 2 • PuTTY 0.58, which is a free version of Telnet and SSH protocol available for download on the Internet.
ssh -l loginname ipaddress/dns name Using PuTTY • To start a PuTTY session, double-click the PuTTY icon in directory where PuTTY is installed. • To Start a PuTTY session from the command line: ◦ To start a connection to a server called host: putty.exe [-ssh | -telnet | -rlogin | -raw] [user@]host ◦ For Telnet sessions, the following alternative syntax is supported: putty.exe telnet://host[:port]/ ◦ To start an existing saved session called sessionname: putty.
Mxagentconfig Mxagentconfig is a utility used to export and install HP SIM public SSH keys into other systems. This utility simplifies the process and can install the public key on many systems simultaneously. Mxagentconfig will make an SSH connection to iLO 2, authenticate with a user name and password, and transmit the necessary public key. iLO 2 stores this key as a trusted SSH client key. Importing SSH keys from PuTTY The public key file format generated by PuTTY is not compatible with iLO 2.
4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 46 Select all the text in the public key area. Copy the key and paste it into a Notepad session. Return to the PuTTY Key Generator utility. Click Save private key to save, and then enter a file name when prompted, for example, c:\bchan.ppk. Return to Notepad. Save the public key file. Click File>Save As, and then enter a file name when prompted, for example, c:\bchan.pub. Log into iLO 2 (if not already open).
16. Enter the logon name associated with the public key. The public key in iLO 2 authenticates with the private key in PuTTY. If the keys match, you are logged into iLO 2 without using a password. Keys can be created with a key passphrase. If a key passphrase was used to generate the public key, you are prompted for the key passphrase before you log into iLO 2. Importing SSH keys generated using ssh-keygen After generating an SSH key using ssh-keygen and creating the key.
5 Group administration and iLO 2 scripting CPQLOCFG Utility The CPQLOCFG.EXE utility is a Windows-based utility that connects to iLO using a secure connection over the network. RIBCL scripts are passed to iLO over the secure connection to CPQLOCFG. This utility requires a valid user ID and password with the appropriate privileges. Launch the CPQLOCFG utility from HP SIM for Group Administration, or launch it independently from a command prompt for batch processing.
3. Select 2) Disabled (No Response to Request) to disable unauthenticated XML query return information NOTE: You must have unauthenticated XML query enabled if you are performing device discoveries with HP SIM. To obtain unauthenticated identifying information, submit the following command to the iLO web server port (or select option 1) Enabled (iLO+Server Association Data) from iLO): https://iloaddress/xmldata?item=all A typical response is:
5 9c:8e:99:13:20:ca 6 9c:8e:99:13:20:ce 7 9c:8e:99:13:20:cb 8 9c:8e:99:13:20:cf 1 Integrated Lights-Out 4 (iLO 4) 1.01 08/30/2011 ASIC: 16 ILOABC12345678 ILOBL4608ABC12345678 1 0 3.
9. Enter the query name, for example, Mgmt Processors. 10. Select Device(s) of type, and then select Devices by product name. In the criteria window, set the product name to HP iLO 3. 11. Select Device(s) of type, and then select Devices by product name. In the criteria windows, set the product name to HP iLO 2. 12. Click type in the Query Description box. The Device Types window opens. 13. Select Management Processor and click OK. 14. Click Save to return to the Device Query screen. 15.
11. Click Finish to save the Application Launch task. 12. Click the Execute a Task icon (the green triangle) to execute the Group Administration. Batch processing using CPQLOCFG Group Administration is also delivered to iLO through batch processing. The components used by batch processing are CPQLOCFG, an RIBCL file, and a batch file.
NOTE: • If you are not using the command line to enter the user name and password, and are using the XML file, use the double-quotes special character ("). However, if you use " in the password in the XML file, you must change the outside double quotes to single quotes. For example: 'admin"admin' If you use CPQLOCFG or LOCFG, and enter the password or command on the command line with the -p option, you cannot use the double-quotes special character (").
If the parameter contains multiple words, you must enclose the phrase within double quotes (" "). Up to 25 variables are supported in an XML file. The maximum length of variable name is 48 characters. Web agent example: Invoke the script using: cpqlocfg -s iLO-ip-name -f mod_snmp_im_settings.
6 Perl scripting Using Perl with the XML scripting interface The scripting interface provided enables administrators to manage virtually every aspect of the device in an automated fashion. Primarily, administrators use tools like the cpqlocfg.exe to assist deployment efforts. Administrators using a non-Windows client can use Perl scripts to send XML scripts to the Lights-Out devices. Administrators can also use Perl to perform more complex tasks than cpqlocfg.exe can perform.
Opening an SSL connection Perl scripts must open an SSL connection to the device HTTPS port, by default port 443.
my $script = shift; my ($ssl, $reply, $lastreply, $res, $n); $ssl = openSSLconnection($host); # write header $n = Net::SSLeay::ssl_write_all($ssl, ''."\r\n"); rint "Wrote $n\n" if $debug; # write script $n = Net::SSLeay::ssl_write_all($ssl, $script); print "Wrote $n\n$script\n" if $debug; $reply = ""; $lastreply = ""; READLOOP: while(1) { $n++; $reply .
later command. However, the PERL script must send data within a few seconds or the device will time out and disconnect. When using the XML scripting interface with PERL scripts, the following restrictions apply: 58 • PERL scripts must send the XML header before sending the body of the script. • PERL scripts must provide script data fast enough to prevent the device from timing out. • Only one XML document is allowed per connection, which means one pair of RIBCL tags.
7 Virtual Media scripting Scripting Web server requirements Virtual Media scripting uses a media image that is stored and retrieved from a Web server accessible from the management network. The web server must be a HTTP 1.1 compliant server that supports the Range header. Furthermore, for write access to the file, the Web server must support DAV and must support the Content-Range header for DAV transactions. If the Web server does not meet the requirements for DAV, a helper CGI program may be used.
Command Line Input Result [-eject] Ejects the media that is currently connected through the virtual media drive. The virtual media drive is still connected, but no media is present in the drive. [-wp ] Defines the write-protected status of the Virtual Floppy/USB key drive. This argument has no effect on the Virtual CD-ROM drive. [-boot ] Defines how the virtual media drive is used to boot the target server.
If any of the modules are missing, use modprobe to load them. 2. Mount the drive using one of following: • mount /dev/sda /mnt/floppy -t vfat – Mounts a virtual floppy. • mount /dev/sda1 /mnt/keydrive – Mounts a virtual USB key drive. • mount /dev/cdrom1 /mnt/cdrom – Mounts a virtual CD-ROM on a Red Hat system. Use /dev/cdrom if the server does not have a locally attached CD-ROM drive. • mount /dev/scd0 /mnt/cdrom – Mounts a virtual CD-ROM on a SUSE system.
# $file = $prefix . "/" . $file; # # Decode the range # if ($range =~ m/([0-9A-Fa-f]+)-([0-9A-Fa-f]+)/) { $start = hex($1); $end = hex($2); $len = $end - $start + 1; } # # Decode the data (it's a big hex string) # $decode = pack("H*", $data); # # Write it to the target file # sysopen(F, $file, O_RDWR); binmode(F); sysseek(F, $start, SEEK_SET); syswrite(F, $decode, $len); close(F); Setting up IIS for scripted virtual media Before setting up IIS for scripted media, make sure IIS is operational.
f. g. Verify your Web Service Extensions allows Perl scripts to execute. If not, click Web Service Extensions and set Perl CGI Extension to Allowed. Verify the prefix variable in the helper script is set correctly. Additional information: The basic format for the XML insert command is: • The device field can be either FLOPPY or CDROM. • The IMAGE_URL can be either an http or https URL to a diskette or CD_ROM image.
# Decode the data (a large hex string) # $decode = pack("H*", $data); # # Write it to the target file # sysopen(F, $file, O_RDWR); binmode(F); sysseek(F, $start, SEEK_SET); syswrite(F, $decode, $len); close(F); print "Content-Length: 0\r\n"; print "\r\n"; 64 Virtual Media scripting
8 HPONCFG online configuration utility HPONCFG The HPONCFG utility is an online configuration tool used to set up and configure iLO from within Windows and Linux operating systems without requiring a reboot of the server operating system. HPONCFG runs in a command line mode and must be executed from an operating system command line using an account with administrator or root access. HPONCFG provides a limited graphical interface for servers that use Windows operating systems.
http://h20000.www2.hp.com/bizsupport/TechSupport/DriverDownload.jsp? prodNameId=4154847&lang=en&cc=us&taskId=135&prodSeriesId=4154735& prodTypeId=18964 • Windows-based servers—The iLO Management Interface Driver must be loaded on the server. • Linux-based servers—The iLO Management interface driver (hpilo) must be loaded on the server and the health driver package (hp-health rpm) must be installed. The Intelligent Provisioning operating system installation process normally installs this driver.
the USER_LOGIN and PASSWORD tags are present in the LOGIN tag, and that these fields contain data. Any data is accepted in these fields. To successfully execute HPONCFG, the utility must be invoked as Administrator on Windows servers and as root on Linux servers. HPONCFG returns an error message if you do not possess sufficient privileges.
[/xmlverbose or /v][/m firmwarelevel] | /i [/l filename] [/s namevaluepairs] [/xmlverbose or /v] [/m firmwarelevel] | /w filename [/m firmwarelevel] | /get_hostinfo [/m firmwarelevel] | /mouse [/dualcursor][/allusers] ] For more information on using these parameters, see “HPONCFG command line parameters” (page 67). Using HPONCFG on Linux servers Invoke the HPONCFG configuration utility from the command line. HPONCFG displays a usage page if it is entered with no command line parameters.
PAGE 70
PASSWORD="floppyshoes"> The specified user is added to the device. Using variable substitution HPONCFG version 1.2 and later enables you to specify variables in the XML RIBCL script and to assign values to those variables when you run HPONCFG.
Capturing and restoring a configuration Use HPONCFG to capture basic configuration information in an XML readable file format. Use this file to set or restore the iLO configuration. This feature is available with HPONCFG version 1.2 and later. HPONCFG writes the configuration information in the HP RIBCL format. • To capture a configuration, you must specify the name and location of the output file on the command line. For example: hponcfg /w config.
For security reasons, the default user administrator and user passwords are not captured in the configuration file or returned in the response. A variable is provided in its place to use with the substitute option to provide a default password for all users when restoring a configuration. Manually change the password before using the file to restore the configuration.
/map1/accounts1. • create username=lname1 password=password In this example, username corresponds to the login name. • set lname1 username=lname2 password=password1 name=name2 group=admin,configure,oemhp_power,oemhp_vm,oemhp_rc In this example, lname1 is the login name of the user.
9 Using RIBCL Overview of the RIBCL RIBCL enables you to write XML scripts to configure and manage iLO 2 configuration settings, user accounts, directory settings, server settings, and HP SIM SSO settings. You can download sample scripts for all iLO 2 commands described in this section from the HP website at http://www.hp.com/ servers/lights-out.
STATUS="0x0001" MSG="There has been a severe error." /> • RESPONSE This tag name indicates that the iLO 2 is sending a response to the previous commands back to the client application to indicate the success or failure of the commands that have been sent to the iLO 2. • STATUS This parameter contains an error number. The number 0x0000 indicates that there is no error. • MSG This element contains a message describing the error that happened. If no error occurred, the message No error appears.
LOGIN parameters USER_LOGIN is the login name of the user account. This parameter is case sensitive and must never be blank. PASSWORD is the password associated with the user. This parameter is case sensitive and can be a combination of any printable characters. LOGIN runtime errors The possible runtime error messages include: • User login name was not found. • Password must not be blank. • Logged-in user does not have required privilege for this command.
ADD_USER parameters USER_NAME – The actual name of the user. This parameter can be a combination of any printable characters up to a maximum length of 39 characters. This parameter is case sensitive and must never be blank. USER_LOGIN – The name used to gain access to the respective iLO 2. This parameter can be a combination of any printable characters up to a maximum length of 39 characters. This parameter is case sensitive and must never be blank.
the user must be allowed to configure iLO 2. If this parameter is used, the Boolean string value must never be blank. CONFIG_RACK_PRIV – A Boolean parameter that gives the user permission to configure and manage the server rack resources. This parameter is applicable to ProLiant BL p-Class servers only. This parameter is optional, and the Boolean string must be set to Yes if the user must be allowed to manage or configure rack resources.
DELETE_USER runtime errors The possible DELETE_USER errors include: • User information is open for read-only access. Write access is required for this operation. • Cannot delete user information for currently logged in user. • User login name was not found. • User login name must not be blank. • User does not have correct privilege for action. ADMIN_PRIV required. DELETE_CURRENT_USER The DELETE_CURRENT_USER command is used to remove the user account defined by the USER_LOGIN attribute.
DELETE_SSH_KEY runtime errors Possible DELETE_SSH_KEY runtime errors include: • User login name must not be blank. • User does not have correct privilege for action. ADMIN_PRIV required. GET_USER The GET_USER command returns local user information, excluding the password. The USER_LOGIN parameter must exist in the current user database. For this command to parse correctly, the command must appear within a USER_INFO command block, and USER_INFO MODE can be in read or write.
MOD_USER The MOD_USER command is used to modify an existing local user's account. The USER_LOGIN parameter must exist in the current user database. For this command to parse correctly, the command must appear within a USER_INFO command block, and USER_INFO MODE must be set to write. The user must have the administrative privilege. A user without the administrative privilege can only modify their individual account password. Example: PAGE 83If the following parameters are not specified, then the parameter value for the specified user is preserved. USER_NAME – The actual name of the user to be added. This parameter is case sensitive, can be any valid string, and has a maximum length of 39 characters. This string is used for display only and must never be blank. USER_LOGIN – The name used to gain access to the respective iLO 2. This parameter can be a combination of any printable characters up to a maximum length of 39 characters.
Example: GET_ALL_USERS parameters None GET_ALL_USERS runtime errors The possible GET_ALL_USERS error messages include: User does not have correct privilege for action. ADMIN_PRIV required.
GET_ALL_USER_INFO parameters None GET_ALL_USER_INFO runtime errors The possible GET_ALL_USER_INFO error message include: User does not have correct privilege for action. ADMIN_PRIV required.
……… RIB_INFO commands …… Clear iLO 2 event log example: CERT_SIGNATURE_ALGORITHM Currently, iLO 2 firmware defaults to the MD5 message digest algorithm when generating a self signed SSL certificate.
RESET_RIB The RESET_RIB command is used to reset iLO 2. For this command to parse correctly, the command must appear within a RIB_INFO command block, and RIB_INFO MODE can be set to read or write. The user must have the configure iLO 2 privilege to execute this command. Example: PAGE 88GET_EVENT_LOG runtime errors GET_EVENT_LOG returns a runtime error if it is not called from within the RIB_INFO or SERVER_INFO block. For example: GET_EVENT_LOG return messages The response includes all of the events recorded, in the order that they occurred. Events are not sorted by severity or other criteria.
LAST_UPDATE="04/04/2004 12:34" INITIAL_UPDATE="04/04/2004 12:34" COUNT="1" DESCRIPTION="POST Error: 1775-Drive Array - ProLiant Storage System not Responding" /> ... CLEAR_EVENTLOG The CLEAR_EVENTLOG command clears the iLO 2 Event Log. For this command to parse correctly, the command must appear within a RIB_INFO command block, and RIB_INFO MODE must be set to write. The user must have the configure iLO 2 privilege to execute this command. Example: PAGE 90 Disabled example: PAGE 91
GET_NETWORK_SETTINGS parameters None GET_NETWORK_SETTINGS runtime errors None GET_NETWORK_SETTINGS return messages A possible GET_NETWORK_SETTINGS return message is: PAGE 92STATUS = "0x0001" MSG = "Error Message"/> MOD_NETWORK_SETTINGS MOD_NETWORK_SETTINGS is used to modify network settings. For this command to parse correctly, the command must appear within a RIB_INFO command block, and RIB_INFO MODE must be set to write. The user must have the configure iLO 2 privilege to execute this command. The iLO 2 scripting firmware does not attempt to decipher if the network modifications are appropriate for the network environment.
Modify VLAN example: PAGE 94SHARED_NETWORK_PORT – Sets the Shared Network Port value. The values are Yes or No. For iLO, the Shared Network Port feature is only available on servers with hardware, NIC firmware, and iLO firmware that supports this feature. For iLO 2, the Shared Network Port is supported on all firmware versions, and the feature is available if the hardware is supported. ProLiant server Minimum iLO firmware version DL320G3 1.64 DL360 G4 1.60 DL360 G4 1.64 DL380 G4 1.60 DL385 G1 1.64 DL580 G3 1.
DHCP_DNS_SERVER – Specifies if the DHCP-assigned DNS server is to be used. The possible values are Yes or No. It is case sensitive. This selection is only valid if DHCP is enabled. DHCP_WINS_SERVER – Specifies if the DHCP-assigned WINS server is to be used. The possible values are Yes or No. It is case sensitive. This selection is only valid if DHCP is enabled. DHCP_STATIC_ROUTE – Specifies if the DHCP-assigned static routes are to be used. The possible values are Yes or No. It is case sensitive.
GET_GLOBAL_SETTINGS parameters None GET_GLOBAL_SETTINGS runtime errors None GET_GLOBAL_SETTINGS return messages A possible GET_GLOBAL_SETTINGS return message is as follows:
PAGE 100As of release iLO 2 version 1.50, the Virtual Serial Port supports automatically enabling and disabling software flow control. By default, this behavior is disabled. You can enable this configuration option using the RIBCL only. To enable this option, execute the following script: Example 2: PAGE 101REMOTE_CONSOLE_PORT_STATUS – Determines the behavior of remote console service. The possible values include: • 0 – No change • 1 – Disabled (The remote console port is disabled. This prevents remote console and Telnet sessions from being used.) • 2 – Automatic (This is the default setting. The remote console port remains closed unless a remote console session is started.) • 3 – Enabled (The remote console port is always enabled. This enables remote console and Telnet sessions to be used.
Spanish Swedish Swiss French Swiss German SSH_PORT – Specifies the port used for SSH connection on iLO 2. The processor must be reset if this value is changed. SSH_STATUS – Determines if SSH is enabled. The valid values are Yes or No, which enable or disable SSH functionality. SERIAL_CLI_STATUS – Specifies the status of the CLI.
GET_SNMP_IM_SETTINGS parameters None GET_SNMP_IM_SETTINGS runtime errors None GET_SNMP_IM_SETTINGS return messages A possible GET_SNMP_IM_SETTINGS return message is: PAGE 104MOD_SNMP_IM_SETTINGS parameters All of the following parameters are optional. If a parameter is not specified, then the parameter value for the specified setting is preserved. WEB_AGENT_IP_ADDRESS – The address for the Web-enabled agents. The value for this element has a maximum length of 50 characters. It can be any valid IP address. If an empty string is entered, the current value is deleted. SNMP_ADDRESS_1, SNMP_ADDRESS_2, and SNMP_ADDRESS_3 – The addresses that receive traps sent to the user.
When you send an XML script to update iLO 2 firmware, iLO 2 firmware verifies the TPM configuration status of option ROM measuring. If it is enabled, iLO 2 firmware returns the same warning message as stated in web interface. You can add the TPM_ENABLE command to the script file. HP recommends using XML script syntax to execute firmware updates. To enable the firmware update to continue, you must set TPM_ENABLE to a value of Y or Yes. Example 2: PAGE 106
GET_FW_VERSION parameters None GET_FW_VERSION runtime errors None GET_FW_VERSION return messages The following information is returned within the response: FIRMWARE_DATE = MANAGEMENT_PROCESSOR = /> HOTKEY_CONFIG The HOTKEY_CONFIG command configures the remote console hot key settings in iLO 2.
CTRL_U – Specifies settings for the CTRL_U hot key. The settings must be separated by commas. For example, CTRL_U="CTRL,ALT,ESC." Up to five keystrokes can be configured for each hot key. CTRL_V – Specifies settings for the CTRL_V hot key. The settings must be separated by commas. For example, CTRL_V="CTRL,ALT,ESC." Up to five keystrokes can be configured for each hot key. CTRL_W – Specifies settings for the CTRL_W hot key. The settings must be separated by commas. For example, CTRL_W="CTRL,ALT,ESC.
TAB - b { BREAK . c } F1 / d | F2 0 e ; F3 1 f ' F4 2 g L_CTRL F5 3 h R_CTRL F6 4 i NUM PLUS F7 5 j NUM MINUS F8 6 k SCRL LCK F9 7 l BACKSPACE F10 8 m SYS RQ F11 9 n LICENSE The LICENSE command activates or deactivates the iLO's advanced features. For this command to parse correctly, the command must appear within a RIB_INFO command block, and RIB_INFO MODE must be set to write. The user must have the configure iLO 2 privilege to execute this command.
LICENSE runtime errors The possible LICENSE error messages include: • License key error. • License is already active. • User does not have correct privilege for action. CONFIG_ILO_PRIV required. INSERT_VIRTUAL_MEDIA This command notifies iLO 2 of the location of a diskette image. The INSERT_VIRTUAL_MEDIA command must display within a RIB_INFO element, and RIB_INFO must be in write mode. Example: PAGE 110INSERT_VIRTUAL_FLOPPY runtime errors The possible INSERT_VIRTUAL_FLOPPY error messages include: • RIB information is open for read-only access. Write access is required for this operation. • IMAGE_URL must not be blank. • User does not have correct privilege for action. VIRTUAL_MEDIA_PRIV required. • Unable to parse Virtual Media URL • An invalid Virtual Media option has been given. • Virtual Media already connected through a script. You must eject or disconnect before inserting new media.
GET_VM_STATUS parameters DEVICE specifies the Virtual Media device target. The possible values are FLOPPY or CDROM. If the DEVICE is not specified, FLOPPY is assumed. This value is case-sensitive. GET_VM_STATUS runtime errors The possible GET_VM_STATUS error is: An invalid Virtual Media option has been given. GET_VM_STATUS return messages The return message displays the current state of the Virtual Media.
SET_VM_STATUS parameters DEVICE specifies the Virtual Media device target. The possible values are FLOPPY or CDROM. If the DEVICE is not specified, FLOPPY is assumed. This value is case-sensitive. VM_BOOT_OPTION – Specifies the boot option parameter for the Virtual Media. The possible values are BOOT_ALWAYS, BOOT_ONCE, or NO_BOOT. These values control how the Virtual Media device behaves during the boot phase of the server. Setting these values does not affect the current state of the Virtual Media device.
the Virtual Media device will not be connected and the following Virtual Media device settings will be reset to their default values: ◦ BOOT_OPTION = NO_BOOT ◦ IMAGE_INSERTED = NO VM_WRITE_PROTECT – Sets the write protect flag value for the Virtual Floppy. This value is not significant for the Virtual Media CD. The possible values are Y or N. SET_VM_STATUS runtime errors The possible runtime errors are: • RIB information is open for read-only access. Write access is required for this operation.
Example 2 (set custom CSR settings): PAGE 115CSR_SUBJECT_ORG_NAME – This field has a maximum length of 60 characters. It must use only alphanumeric, punctuation, and blank space characters. When you set CSR_USE_CERT_CUSTOM_SUBJECT to Yes, this field is mandatory. CSR_SUBJECT_ORGUNIT_NAME – This field has a maximum length of 60 characters. It must use only alphanumeric, punctuation, and blank space characters. When you set CSR_USE_CERT_CUSTOM_SUBJECT to Yes, this field is mandatory.
-----END CERTIFICATE---- IMPORT_CERTIFICATE parameters There are no parameters for this command. IMPORT_CERTIFICATE errors The possible IMPORT_CERTIFICATE error messages include: • RIB information is open for read-only access. Write access is required for this operation. • Error reading certificate: The imported certificate is invalid. • Invalid certificate common name: The common name in the certificate does not match iLO 2's hostname.
Example of a Two-Factor Authentication settings return message when SAN field in the certificate for directory authentication is enabled: MOD_TWOFACTOR_SETTINGS The MOD_TWOFACTOR_SETTINGS command is used to modify the Two-Factor Authentication settings on the iLO 2.
• Importing a CA and a user certificate example: -----BEGIN CERTIFICATE----MIIEtzCCA5+gAwIBAgIQBGg9C0d7B5pF/l4bVA44hjANBgkqhkiG9w0BAQUFADBM MRMwEQYKCZImiZPyLGQBGRYDTEFCMRUwEwYKCZImiZPyLGQBGRYFSkpSSUIxHjAc ...
CERT_OWNER_SUBJECT – Causes iLO 2 to derive the user's distinguished name from the subject name. For example, if the subject name is "/DC=com/DC=domain/OU=organization/ CN=user", iLO 2 derives: "CN=user,OU=organization,DC=domain,DC=com". CERT_OWNER_SAN and CERT_OWNER_SUBJECT – These settings are only used if directory authentication is enabled. IMPORT_CA_CERTIFICATE – Imports the certificate into iLO 2 as the trusted Certificate Authority.
GET_DIR_CONFIG The GET_DIR_CONFIG command requests the respective iLO 2 directory settings. For this command to parse correctly, the GET_DIR_CONFIG command must appear within a DIR_INFO command block, and DIR_INFO MODE can be set to read or write. Example: PAGE 121 IMPORT_SSH_KEY The IMPORT_SSH_KEY command imports a SSH_KEY and associated iLO 2 user name into iLO 2.
IMPORT_SSH_KEY runtime errors The possible IMPORT_SSH_KEY error messages include: • RIB information is open for read-only access. Write access is required for this operation. • Error reading SSH Key: The imported SSH Key is invalid. • Invalid iLO user name: The appended user name is not a valid iLO 2 user. • No slots are available for storing additional SSH Key. MOD_DIR_CONFIG The MOD_DIR_CONFIG command modifies the directory settings on iLO 2.
PAGE 124◦ 4 – Virtual Media ◦ 5 – Configure iLO 2 Settings NOTE: Do not use the following tags when using directory integration with schema extension: • DIR_ENABLE_GRP_ACCT • DIR_GRPACCT1_NAME • DIR_GRPACCT1_PRIV Do not use the following tags when using schema-free directories: • DIR_OBJECT_DN • DIR_OBJECT_PASSWORD DIR_LOCAL_USER_ACCT – Enables or disables local user accounts. The possible values are Yes and No. DIR_SERVER_ADDRESS specifies the location of the directory server.
The possible RACK_INFO error messages include: • Invalid Mode. • Server is not a rack server; rack commands do not apply. Example: ……… RACK_INFO commands ……… GET_RACK_SETTINGS The GET_RACK_SETTINGS command requests the respective iLO 2's rack settings. For this command to parse correctly, the GET_RACK_SETTINGS command must appear within a RACK_INFO command block, and RACK_INFO MODE can be set to read or write. Example: PAGE 126
GET_DIAGPORT_SETTINGS parameters None GET_DIAGPORT_SETTINGS runtime errors None GET_DIAGPORT_SETTINGS return messages A possible GET_DIAGPORT_SETTINGS return message is: PAGE 127DP_FULL_DUPLEX is used to decide if the iLO 2 diagnostic port is to support full-duplex or half-duplex mode. It is only applicable if DP_SPEED_AUTOSELECT was set to No. The possible values are Yes or No.It is case insensitive. DP_IP_ADDRESS is used to select the IP address for the iLO 2 Diagnostic Port. If an empty string is entered, the current address is unchanged. The expected format is XXX.XXX.XXX.XXX. DP_SUBNET_MASK is used to select the subnet mask for the iLO 2 Diagnostic Port.
MOD_ENCLOSURE_IP_SETTINGS MOD_ENCLOSURE_IP_SETTINGS modifies the Static IP Bay Configuration settings. This command is only valid inside a RACK_INFO block. The logged-in user must have the configure iLO 2 privilege.
MOD_ENCLOSURE_IP_SETTINGS parameters BAY_ENABLEMASK enables the use of Static IP Bay Configuration addressing. The attribute MASK is a 16-bit number. Each bit represents a slot in the enclosure. If the bit is set, that particular slot is assigned to use the Static IP Bay Configuration settings. The LSB represents slot 1. For example, the MASK="0x0001" only allows slot 1 to use Static IP Bay Configuration. This number can be either a hexadecimal number or a decimal number.
MOD_BLADE_RACK MOD_BLADE_RACK command is used to modify the rack infrastructure settings. For this command to parse properly, the MOD_BLADE_RACK command must appear within a RACK_INFO command block, and RACK_INFO MODE must be set to write. The user must have the configure iLO 2 privilege to execute this command. Example: PAGE 131MOD_BLADE_RACK runtime errors The possible MOD_BLADE_RACK error messages include: • Rack information is open for read-only access. Write access is required for this operation. • Rack Name too long. • Enclosure Name too long. • Bay Name too long. • User does not have correct privilege for action. CONFIG_ILO_PRIV required. SERVER_INFO The SERVER_INFO command can only appear within a LOGIN command block. Only commands that are SERVER_INFO type commands are valid inside the SERVER_INFO command block.
GET_SERVER_NAME The GET_SERVER_NAME command is used to retrieve the host server name used by the iLO 2. You can set this parameter using several methods, including the SERVER_NAME command, host RBSU, iLO 2 browser-based interface, and loading HP ProLiant Management Agents. This command is supported by iLO 2 firmware version 1.30 or later. It is not supported by iLO or RILOE II. Example: PAGE 133SERVER_NAME runtime errors • If the configure iLO settings privilege is absent, a runtime error is returned. • If SERVER_INFO is not opened for write, a runtime error is returned. GET_EMBEDDED_HEALTH GET_EMBEDDED_HEALTH command is used to retrieve health information of the server. For this command to parse correctly, the GET_EMBEDDED_HEALTH command must appear within a SERVER_INFO command block. You can set SERVER_INFO MODE to read or write. Example: PAGE 134
cpqlocfg.exe: Script succeeded on "16.100.000.192:000" GET_POWER_READINGS The GET_POWER_READINGS command is used to get the power readings from the server power supply.
VALUE="275" VALUE="278" VALUE="283" VALUE="270" UNIT="Watts"/> UNIT="Watts"/> UNIT="Watts"/> UNIT="Watts"/> GET_POWER_CAP The GET_POWER_CAP command is used to get the power cap of the server. For this command to parse correctly, the GET_POWER_CAP command must appear within a SERVER_INFO command block, and SERVER_INFO MODE can be set to read or write.
SET_POWER_CAP parameters SET_POWER_CAP POWER_CAP is the power cap on the server. Valid power cap values are determined using a power test run on the server at boot. The possible values are 0 to disable the power cap, or a numeric value in watts (as determined in the power test.) SET_POWER_CAP runtime errors The possible SET_POWER_CAP error messages include: • Server information is open for read-only access. Write access is required for this operation.
> • SET_HOST_POWER_SAVER The SET_HOST_POWER_SAVER command is used to set the Power Regulator Setting for the server processor. For this command to parse correctly, the SET_HOST_POWER_SAVER command must appear within a SERVER_INFO command block, and SERVER_INFO MODE must be set to write. The user must have the virtual power and reset privilege to execute this command. Example: PAGE 139 GET_HOST_POWER_REG_INFO parameters None GET_HOST_POWER_REG_INFO runtime errors GET_HOST_POWER_REG_INFO returns a runtime error if an iLO 2 Advanced License is not found. For example: GET_HOST_POWER_REG_INFO return messages The GET_HOST_POWER_REG_INFO command returns all data available at the time of the request.
2 34.3 0 65.7 ..... 0 GET_HOST_POWER_STATUS The GET_HOST_POWER_STATUS command requests the power state of the server.
block, and SERVER_INFO MODE must be set to write. The user must have the virtual power and reset privilege to execute this command. Example: SET_HOST_POWER Parameters HOST_POWER enables or disables the Virtual Power Button. The possible values are Yes or No.
GET_HOST_PWR_MICRO_VER return messages • No errors and displays version information: PAGE 143SET_ONE_TIME_BOOT The SET_ONE_TIME_BOOT command temporarily adapts the boot process for one cycle. Once the script runs successfully, the host boots once to the device specified. This command must appear within a SERVER_INFO element, and SERVER_INFO must be set to write. The parameter in the command is mandatory. Example: PAGE 144GET_PERSISTENT_BOOT parameters There are no parameters for this command. GET_PERSISTENT_BOOT runtime errors None GET_PERSISTENT_BOOT return messages The return message displays the current boot order settings. A possible GET_PERSISTENT_BOOT return is: PAGE 145• Too many boot devices has been provided. • Device has been repeated. • Boot device not supported. SET_PERSISTENT_BOOT return messages A possible SET_PERSISTENT_BOOT return is: PAGE 146
RESET_SERVER The RESET_SERVER command will force a warm boot of the server, if the server is currently on. For this command to parse correctly, the RESET_SERVER command must appear within a SERVER_INFO command block, and SERVER_INFO MODE must be set to write. The user must have the virtual power and reset privilege to execute this command. Example: PAGE 148a SERVER_INFO command block, and SERVER_INFO MODE must be set to write. The user must have the virtual power and reset privilege to execute this command. Example: HOLD_PWR_BTN parameters There are no parameters for this command. HOLD_PWR_BTN runtime errors The possible error messages include: • Server information is open for read-only access.
WARM_BOOT_SERVER parameters There are no parameters for this command. WARM_BOOT_SERVER runtime errors The possible error messages include: • Server information is open for read-only access. Write access is required for this operation. • Host power is already OFF. • User does not have correct privilege for action. RESET_SERVER_PRIV required.
GET_SERVER_AUTO_PWR The GET_SERVER_AUTO_PWR command is used to get the automatic power on and power on delay settings of the server. Example: GET_SERVER_AUTO_PWR parameters None GET_SERVER_AUTO_PWR return message A possible GET_SERVER_AUTO_PWR return is: PAGE 151GET_UID_STATUS response The following information is returned within the response: UID_CONTROL The UID_CONTROL command toggles the server UID. For this command to parse correctly, the UID_CONTROL command must appear within a SERVER_INFO command block, and SERVER_INFO MODE must be set to write. Example: PAGE 152GET_VPB_CABLE_STATUS return messages A possible GET_VPB_CABLE_STATUS return message is: SSO_INFO The SSO_INFO MODE command can only appear within a LOGIN command block. Only commands that are SSO_INFO MODE-type commands are valid inside the SSO_INFO MODE command block. SSO_INFO MODE requires the MODE parameter with a value of read or write.
GET_SSO_SETTINGS parameters None GET_SSO_SETTINGS return messages The following is an example of an SSO settings response from a configured iLO 2. There are 0 or more SSO_SERVER records reflecting the number of stored server records in each.
command block, and SSO_INFO MODE must be set to write. The user must have the Configure iLO 2 privilege to execute this command. Example: PAGE 155There are three roles for privilege assignment. Omitting a role leaves the current assignment unaltered: • USER_ROLEPrivileges associated with User • OPERATOR_ROLEPrivileges associated with Operator • ADMINISTRATOR_ROLEPrivileges associated with Administrator For each role, there are multiple privileges that can be manipulated. The privilege is specified within the role tag. If a privilege is omitted, the current value is unaltered.
-----BEGIN CERTIFICATE----. . .
SSO_SERVER runtime errors A runtime error is generated: • If a certificate is a duplicate. • If a certificate is corrupt. • If the HP SIM server cannot be contacted using IMPORT_FROM. • If the HP SIM Trusted Server database is full. You must delete other records to make sufficient room to add a new entry. • If the trust mode is set incorrectly. DELETE_SERVER The DELETE_SERVER command is used to remove an HP SIM Trusted SSO Server record.
10 HPQLOMGC command language Using HPQLOMGC HPQLOMGC reads directory settings for the management processor from an XML file. The script used is a subset of the RIBCL and has been extended to support multiple management processor firmware images. HPQLOMGC does not operate on iLO 2 devices. The following is an example of an XML file: PAGE 159This command line uses the following parameters: • UPDATE_RIB_FIRMWARE IMAGE_LOCATION For more information, see “UPDATE_RIB_FIRMWARE parameters” (page 105).
11 iLO 2 ports Enabling the iLO 2 Shared Network Port feature through XML scripting For information on how to use the SHARED_NETWORK_PORT command to enable the iLO 2 Shared Network Port through XML scripting, see “Using RIBCL” (page 75). The following sample script configures the iLO 2 to select the Shared Network Port. You can customize this script to your needs. Using this script on platforms that do not support the Shared Network Port will cause an error. PAGE 16112 iLO 2 parameters Status Summary parameters Parameter Definition Server name Displays the server name. If the Insight Management Agents are being used with the host server operating system, they will provide the iLO 2 with the server name. UUID Identifies the host. Although the UUID is assigned when the system is manufactured, you can change this setting using the system RBSU during POST. Server Serial Number / Product ID Identifies the serial number of the server.
Parameter Definition License Type Displays whether the system has a feature license installed. Some features of iLO 2 cannot be accessed unless optionally licensed. iLO 2 Firmware Version Displays information about the version of iLO 2 firmware currently installed. Active Sessions Displays the users currently logged into iLO 2. Latest iLO 2 Event Log Entry Displays the most recent entry in the iLO 2 event log.
Global Settings parameters Settings (parameters) found on the Access Options page of the iLO 2 user interface. Parameter Default value Descriptions Idle Connection Timeout (minutes) 30 minutes This setting specifies the interval of user inactivity, in minutes, before the web server and Remote Console session automatically terminate. The following settings are valid: 15, 30, 60, 120 minutes, or 0 (infinite). The infinite timeout value does not log out inactive users.
Parameter Default value Descriptions To force the browser to refresh, save this setting, and press F5. Authentication Failure Logging Enabled-Every 3rd Failure This setting allows you to configure logging criteria for failed authentications. All login types are supported and every login type works independently. The following are valid settings: • Enabled-Every Failure – A failed login log entry is recorded after every failed login attempt.
Parameter Default value Description Terminal Services client and Terminal Services server running on the host. The following settings are valid: • Automatic – When remote console is started, the Terminal Services client is launched. • Enabled – The pass-through feature is enabled and can connect the Terminal Services client directly to the iLO 2 without logging-into the iLO 2. • Disabled – The pass-through feature is off.
Parameter Default value Definition disabled, you must assign a static IP address to the iLO 2. Assign the IP address using the iLO 2 IP address parameter. DHCP Yes Enables you to select static IP (disabled) or Enables the use of a DHCP server to obtain an IP address for the iLO 2 subsystem. You cannot set the iLO 2 IP address and subnet mask if DHCP is enabled.
Parameter Default value Definition Use DHCP supplied DNS servers Enabled Toggles whether iLO 2 will use the DHCP server-supplied DNS server list. If not, enter one in the Primary/Secondary/Tertiary DNS Server boxes. Use DHCP supplied WINS servers Enabled Toggles whether iLO 2 will use the DHCP server-supplied WINS server list. If not, enter one in the Primary/Secondary WINS Server boxes. Use DHCP supplied static routes Enabled Toggles whether iLO 2 will use the DHCP server-supplied static route.
SNMP/Insight Manager settings parameters Parameter Default Value Definition SNMP alert destination(s) No Enter the IP address of the remote management PC that will receive SNMP trap alerts from the iLO 2. Up to three IP addresses can be designated to receive SNMP alerts. Enable iLO 2 SNMP alerts No The iLO 2 alert conditions are detected by the iLO 2 and are independent of the host server operating system. These alerts can be Insight Manager SNMP traps.
Parameter Default value Definition Directory server LDAP port 636 This option sets the port number used to connect to the directory server. The SSL-secured LDAP port number is 636. LOM object distinguished name This option specifies the unique name for the iLO 2 in the directory. LOM Object Distinguished Names are limited to 256 characters. LOM object password This parameter specifies the password for the iLO 2 object to access the directory. LOM Object Passwords are limited to 39 characters.
Parameter Default value Definition Blade serial number Provided by blade server The blade serial number identifies the serial number for the server blade product. Power source Rack provides power The server blade enclosure can be installed in a rack by using one of two configurations: • The server blade power supplies can be used to convert normal AC facility power to 48 V DC to power the rack. In this configuration, select the power source as Rack Provides Power.
13 Technical support HP contact information For the name of the nearest HP authorized reseller: • See the Contact HP worldwide (in English) webpage at http://www.hp.com/go/assistance. For HP technical support: • To obtain HP contact information for any country, see the Contact HP worldwide web site at http://www.hp.com/go/assistance. To contact HP by phone: ◦ Call 1 800 334 5144. This service is available 24 hours a day, 7 days a week.
Acronyms and abbreviations ASCII American Standard Code for Information Interchange ASM Advanced Server Management ASR Automatic Server Recovery BMC baseboard management controller CA certificate authority CGI Common Gateway Interface CLI Command Line Interface CLP command line protocol CR Certificate Request DAV Distributed Authoring and Versioning DDNS Dynamic Domain Name System DHCP Dynamic Host Configuration Protocol DLL dynamic link library DNS domain name system DSA Digita
NIC network interface controller NMI non-maskable interrupt NVRAM non-volatile memory PERL Practical Extraction and Report Language PKCS Public-Key Cryptography Standards POST Power-On Self Test PSP ProLiant Support Pack RAS remote access service RBSU ROM-Based Setup Utility RDP Remote Desktop Protocol RIB Remote Insight Board RIBCL Remote Insight Board Command Language RILOE Remote Insight Lights-Out Edition RILOE II Remote Insight Lights-Out Edition II RSA Rivest, Shamir, and
Index A ADD_USER ADD_USER parameters, 78 ADD_USER runtime errors, 79 obtaining the basic configuration, 68 administration Group administration and iLO 2 scripting, 48 User Administration parameters, 162 authentication, WS-Management, 11 authorized reseller HP contact information, 171 Technical support, 171 B BL p-Class blade parameters, 169 blade commands c-Class, 33 p-Class, 32 blade commands, CLP, 32 blade commands, RIBCL, 124 blade information, 32 boot commands, 33 boot commands, CLP, 33 boot commands,
D data types, 75 data types, RIBCL, 75 dedicated NIC, re-enabling, 160 DELETE_CURRENT_USER DELETE_CURRENT_USER, 80 DELETE_CURRENT_USER parameters, 80 DELETE_CURRENT_USER runtime errors, 80 DELETE_SERVER DELETE_SERVER, 157 DELETE_SERVER parameters, 157 DELETE_SERVER runtime errors, 157 DELETE_SSH_KEY, 80 DELETE_USER DELETE_USER, 79 DELETE_USER parameter, 79 DELETE_USER runtime errors, 80 DIR_INFO command block, 119 directory services, 168 directory settings, 168 directory settings, parameters, 168 directory
GET_HOST_POWER_SAVER_STATUS return messages, 137 GET_HOST_POWER_SAVER_STATUS runtime errors, 137 GET_HOST_POWER_STATUS GET_HOST_POWER_SAVER_STATUS, 137 GET_HOST_POWER_STATUS, 140 GET_HOST_POWER_STATUS Parameters, 140 GET_HOST_POWER_STATUS Return Messages, 140 GET_HOST_POWER_STATUS Runtime Errors, 140 GET_HOST_PWR_MICRO_VER GET_HOST_PWR_MICRO_VER, 141 GET_HOST_PWR_MICRO_VER parameters, 141 GET_HOST_PWR_MICRO_VER return messages, 142 GET_HOST_PWR_MICRO_VER runtime errors, 141 GET_NETWORK_SETTINGS GET_NETWORK_
HPONCFG, requirements, 65 HPONCFG supported operating systems, 65 HPONCFG, using HPONCFG online configuration utility, 65 Installing HPONCFG, 66 Using HPONCFG on Windows servers, 67 HPONCFG, utility overview, 66 HPONCFG, variable substitution, 71 HPQLOMGC, using, 158 I IIS, scripted media, 62 iLO 2 port, re-enabling, 160 iLO 2 settings iLO 2 settings, 21 ILO_CONFIG, 158 iLO 2 settings, CLP, 21 iLO 2 settings, RIBCL, 85 iLO 2 status parameters, 161 iLO ports, 160 ILO_CONFIG, 158 IMPORT_CERTIFICATE IMPORT_CE
O online configuration untility, 65 OpenSSH utility, 43 operating systems supported, 65 operational overview, 75 overview, 10 overview, CLP, 13 overview, HPONCFG, 65 overview, IPMI, 10 overview, Perl scripting, 55 overview, RIBCL, 75 overview, Telnet, 38 overview, virtual media scripting, 59 P p-Class blade commands, 32 parameter definitions, 161 Perl, sending XML scripts, 56 Perl, SSL connection, 56 Perl, using, 55 Perl, XML enhancements, 55 phone numbers, 171 power management HP Insight Control Software
SSH utility, 43 SSH, connection, 43 SSH, features, 43 ssh-keygen, 47 SSL connection, opening, 56 SSL, WS-Management, 11 SSO_INFO, 152 SSO_SERVER SSO_SERVER, 155 SSO_SERVER parameters, 156 SSO_SERVER runtime errors, 157 start and reset commands, CLP, 29 start and reset commands, RIBCL COLD_BOOT_SERVER, 148 HOLD_PWR_BTN, 147 PRESS_PWR_BTN, 147 RESET_RIB, 87 RESET_SERVER, 147 WARM_BOOT_SERVER, 148 starting a PuTTY session, 44 status, WS-Management, 11 string, RIBCL Boolean string, 75 Specific string, 75 String
