HP Integrity iLO 2 Operations Guide HP Part Number: 5992-1085 Published: November 2012 Edition: 14
© Copyright 2006, 2012 Hewlett-Packard Development Company, L.P. Legal Notices The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
Contents About This Document...................................................................................11 Intended Audience..................................................................................................................11 Publishing History...................................................................................................................11 Document Organization..........................................................................................................
iLO 2 MP Reset Button.............................................................................................................29 Resetting Local User Accounts and Passwords to Default Values................................................29 Console Serial Port and Auxiliary Serial Port...............................................................................29 MP LAN Port..........................................................................................................................
Accessing a Text Host Console Using SMASH SM CLP................................................................63 7 Configuring DHCP, DNS, LDAP, and Schema-Free LDAP................................64 Configuring DHCP..................................................................................................................64 Configuring DNS....................................................................................................................65 Configuring LDAP Extended Schema...........
RB: Reset BMC..............................................................................................................95 RS: Reset system through the RST signal............................................................................95 SA: Set access LAN/WEB/SSH/IPMI over LAN ports........................................................96 SNMP: Configure SNMP parameters...............................................................................96 SO: Security option help..........................
Domain Name Server..................................................................................................137 SNMP Settings............................................................................................................138 BL c-Class........................................................................................................................139 Help..............................................................................................................................
SSH Examples............................................................................................................156 Network Configuration.....................................................................................................156 SM CLP Network Targets, Properties, and Verbs..............................................................156 Target: map1/enetport1..........................................................................................156 Target: map1/enetport1/lanendpt1...
Directory Services Objects for eDirectory............................................................................188 Adding Role Managed Devices.....................................................................................188 Adding Members........................................................................................................188 Setting Role Restrictions.....................................................................................................
hpqLOMRightRemoteConsole...................................................................................206 hpqLOMRightServerReset.........................................................................................206 hpqLOMRightLocalUserAdmin..................................................................................207 hpqLOMRightConfigureSettings................................................................................207 Glossary......................................................
About This Document This document provides information and instructions on how to use the HP Integrated Lights-Out 2 (iLO 2) for HP Integrity for BL870c, BL860c, rx2660, rx3600, and rx6600 servers. The document date and part number indicate the document’s current edition. The date changes when a new edition is published. The document part number changes when extensive changes are made. Document updates may be issued between editions to correct errors or document product changes.
Table 1 Publishing History Details (continued) Document Manufacturing Part Number Operating Systems Supported Supported Servers OpenVMS 8.3 1H1 rx2660 Microsoft Windows Server 2003 rx3600 Red Hat Linux and SuSE rx6600 Publication Date rx7640* rx8640* Superdome sx2000* 5991-6005 HP-UX 11i v2 BL870c OpenVMS 8.3 1H1 BL860c Microsoft Windows Server 2003 rx2660 Red Hat Linux and SuSE rx3600 January 2008 rx6600 rx7640* rx8640* Superdome sx2000* 5991-6024 HP-UX 11i v3 BL870c OpenVMS 8.
Table 1 Publishing History Details (continued) Document Manufacturing Part Number Operating Systems Supported Supported Servers Publication Date rx6600 rx7640* rx8640* Superdome sx2000* 5991-8053_ed11 HP-UX 11i v3 BL870c OpenVMS 8.3 1H1 BL860c Microsoft Windows Server 2008 rx2660 Red Hat Linux and SuSE rx3600 April 2010 rx6600 rx7640* rx8640* Superdome sx2000* 5991-8053_ed12 HP-UX 11i v3 BL870c OpenVMS 8.
Chapter 3 Getting Connected to iLO 2 Use this chapter to connect to iLO 2. Chapter 4 Logging in to iLO 2 Use this chapter to log in to iLO 2. Chapter 5 Adding Advanced Features Use this chapter to learn about the HP Lights-Out Advanced KVM card functionality and installation on the rx7640, rx8640, and Superdome sx2000 servers. Chapter 6 Accessing the Host Console Use this chapter to learn how to access the host console of an HP Integrity server through iLO 2.
CAUTION A caution calls attention to important information that if not understood or followed will result in data loss, data corruption, or damage to hardware or software. IMPORTANT This alert provides essential information to explain a concept or to complete a task NOTE A note contains additional information to emphasize or supplement important points of the main text.
Documentation Feedback HP welcomes your feedback. To make comments and suggestions about product documentation, send a message to docsfeedback@hp.com. Include the document title and manufacturing part number. All submissions become the property of HP.
1 Introduction to iLO 2 The Integrated Lights-Out Management Processor (iLO MP) for Integrity servers is an autonomous management subsystem embedded directly on the server. It is the foundation of the server’s High Availability (HA) embedded server and fault management. It also provides system administrators secure remote management capabilities regardless of server status or location.
NOTE: The following ProLiant iLO 2 features are not available on Integrity iLO 2: • Virtual Folder • Shared LAN • Graphics Console Replay Integrity iLO 2 offers the following standard and advanced features. Standard Features Integrity iLO 2 standard features provide the following basic system board management functions, diagnostics, and essential Lights-Out functionality on iLO 2-supported HP servers.
Virtual Media Access Enables Advanced Pack license users the right to use the virtual media applet. Multiple Users Multiple users can interact with iLO 2. However, iLO 2 command mode and console mode are mirrored, allowing only one user at a time to have write access to the shared console. When a command is completed, write access is released and any user can initiate another command. IMPORTANT: Although iLO 2 can support multiple simultaneous connections, to do so can impact performance.
in-depth hardware configuration and status data, performance metrics, system thresholds, and software version control information. Firmware Upgrades Firmware upgrades enhance the functionality of iLO 2. The MP firmware is packaged along with system, BMC, and FPGA/PSOC firmware. You can download and upgrade the firmware package from the HP website at http://www.hp.com/go/ bizsupport. Select Download drivers and software, select your server, and follow the instructions provided.
SM CLP The SM CLP specification defines a user friendly command-line protocol that provides command line interface (CLI) standards for interoperability. Mirrored Console The system console output stream is reflected to all connected console users, and any user can provide input. Remote Power Control Integrity iLO 2 enables remote power cycle, power on and power off, and TOC. It also provides options to reset the system, the BMC, or iLO 2.
NOTE: iLO vMedia is automatically disconnected if the iLO management processor is reset. HP does not recommend use of iLO vMedia with firmware update tools such as HPOFM which reset the management processor mid-way through the update process. Integrated Remote Console The Integrated Remote Console (IRC) provides a high-performance graphical remote console to HP Integrity-based Windows servers. IRC supports Windows clients running the Internet Explorer browser. IRC requires that the server have VGA.
Obtaining and Activating iLO 2 Advanced Pack Licensing For Integrity entry class systems, an Integrity iLO 2 Advanced Pack license key can be purchased from your HP sales rep. To find the part number for the option for your system, see the HP website at http:/www.hp.com/go/integrityilO. A free 30-day evaluation license is available for download on the HP website. The evaluation license activates and accesses iLO 2 Advanced Pack features. You can only install one evaluation license per iLO 2.
1 Cables are not provided with the server. Integrity iLO 2 Supported Browsers and Client Operating Systems Integrity iLO 2's web GUI standard features are supported with Microsoft Internet Explorer 6.0 SP1 or Internet Explorer 7, Mozilla Firefox 2.0.0.10.02 or Firefox 3, and HP Secure Web Browser 1.7-13. iLO 2's advanced feature of Integrated Remote Console, a graphical remote console, is supported only with Internet Explorer browsers and requires DirectX control.
Login After initial failed login attempts (default three), a delay of approximately one second is imposed on the serial connection and the login banner warnings are repeated. All other connection types are disconnected. IMPORTANT: Ensure that physical access to the server is limited. Anyone can clear passwords by pressing the iLO MP reset button for longer than four seconds.
2 Ports and LEDs All iLO 2 functions are available through the server MP LAN port and the local and remote serial ports. On HP Integrity server blades, all iLO 2 functions are available on the Onboard Administrator (OA). This chapter describes the available iLO 2 ports, connectors, and LEDs on the HP Integrity server blades, and the rx2660, rx3600, and rx6600 servers.
1 2 3 OA/iLO Network Port OA Bay 1 OA Bay 2 (redundant if used) 4 5 Enclosure Link-Up Port Enclosure Link-Down Port Figure 2 shows the OA LEDs and buttons. Figure 2 Onboard Administrator LEDs and Buttons 1 2 3 OA UID LED Enclosure UID LED OA Active LED 4 5 OA Health LED OA Reset Button HP Integrity rx2660 Server Components Figure 3 shows the rear view of the HP Integrity rx2660 server. The system LAN functionality is integrated into the system board.
HP Integrity rx3600 and rx6600 Server Components Figure 4 shows the controls, ports, and LEDs on the rear of the HP Integrity rx3600 and rx6600 servers. NOTE: This figure is oriented vertically to match the orientation of the core I/O board. Figure 4 HP Integrity rx3600 and rx6600 Server Rear Ports and LEDs 1 2 iLO 2 MP Serial Console Port (RS-232) (DB-9F to DB-9F cable) connected to emulation terminal device (PC, laptop, or ASCII terminal) General Use Serial Port (Printers, etc.) 3 4 USB 2.
Table 3 iLO 2 MP Status LEDs iLO 2 MP Status LED LED State Standby Power Solid green. iLO 2 MP Self Test Off. The LED is solid amber when AC power is first applied. It remains solid amber for a few seconds until the MP completes its self test; then the LED turns off. iLO 2 MP Heartbeat Flashing green. BMC Heartbeat Flashing green. iLO 2 MP Reset Button The iLO 2 MP Reset button enables you to reset iLO 2 and reset the user-specific values to factory default values.
Table 4 Console Serial Port Pinouts (continued) Pin Number Signal Description 6 Not used 7 Requests to send 8 Clears to send 9 Not used MP LAN Port Figure 6 shows the MP LAN port connector pins and LEDs. Figure 6 MP LAN Port Table 5 maps the MP LAN port connector pin numbers to their signal descriptions.
3 Getting Connected to iLO 2 This chapter provides information on getting connected to iLO 2 through a rackmount server or a server blade. Setup Checklist Table 8 Setup Checklist Step Action X Standard • For rackmount servers, perform all of the following steps. • For server blades, see “Server Blade Connection” (page 39) first and then continue with steps 3-8 below. 1 Prepare 1. Determine the access method to select and connect cables. 2.
Table 8 Setup Checklist (continued) Step Action Advanced 8 Activate advanced features • Integrity entry class ◦ Activate advanced features by entering your HP Integrity Advanced Pack license key. • Integrity server blades ◦ Ships with Advanced Pack license key factory installed. • Integrity mid range and Superdome ◦ Advanced features are enabled per hard partition with installation of Lights-Out Advanced KVM cards. No Advance Pack license key required.
Figure 7 Setup Flowchart There are differences in how you connect to iLO 2 depending on if you have a rackmount server or a server blade. Rackmount Server Connection For a rackmount server, you can connect directly through the serial console or you can connect using the MP LAN.
1. 2. Determine the physical access method to connect cables. There are two physical connections to iLO 2 : • Console serial port (RS-232) • MP LAN port Assign an IP address to the iLO 2 MP LAN using one of the following methods: • DHCP and DDNS. Though there are several methods to configuring the LAN, HP recommends DHCP with DNS. DHCP with DNS comes preconfigured with default factory settings, including a default user account and password.
Once you have determined the iLO 2 access method, you must determine how you will configure the MP LAN in order to acquire an IP address using the following methods: • DHCP/DNS through the management LAN (dynamically assigns an IP address): use the DNS name on the iLO Network Information Tag on the server. • Setting up a static IP address using a laptop with DHCP services and the management LAN.
1. Obtain the factory-set DNS name from the iLO Network Information Tag on the server. The DNS name is 14 characters long. It consists of the letters MP followed by the 12 characters of the MAC address. For example: mp0014c29c064f This address is assigned to the iLO 2 MP system board. The system board has a unique MAC address that identifies the hardware on the network. 2. 3. 4. 5. Connect the MP LAN cable from the server to an active network port. Apply AC power to the server.
Table 11 ARP Ping Commands ARP Command Description arp -s Assigns the IP address to the iLO 2 MP MAC address. This ARP table entry maps the MAC address of the iLO 2 MP LAN interface to the static IP address designated for that interface. ping Tests network connections and verifies that the MP LAN port is configured with the appropriate IP address.
The LC command enables you to configure a static IP address, host name, subnet mask, and gateway address. IMPORTANT: Ensure you have a console connection through the console serial port (RS-232) or a network connection through the LAN to access the iLO 2 MP CLI and use the LC command. 1. Ensure the emulation software is correctly configured: a. Verify that the communication settings are configured as follows: b.
Server Blade Connection For a server blade, you can connect directly through the SUV cable to the serial console or you can connect using the MP LAN internal connection in the blade enclosure. NOTE: You do not cable up a separate MP LAN cable to each server blade. In most circumstances, it is not necessary to physically connect to the iLO 2 on a Server Blade.
Connecting the SUV Cable to the Server Blade This section describes how to connect your server blade to a terminal device using the SUV port. CAUTION: Disconnect the SUV cable from the port when it is not in use. The port and connector are not intended to provide a permanent connection as it may block proper air flow if left attached for extended periods. On the SUV cable, locking buttons are located on the sides of the server blade connector.
Figure 8 SUV Cable 1 2 3 4 5 6 7 Server Blade Connector 2-Port USB VGA (no access to iLO 2) 9-Pin Console Serial Port (RS-232) USB Label USB-1 USB-0 Server Blade Connection 41
Figure 9 Connecting the SUV Cable To the Server Blade Connecting the Server Blade To iLO 2 Using the Onboard Administrator If the OA/iLO network port on the enclosure is connected to the local network that has a DHCP server, your iLO 2 MP IP address is automatically generated by the DHCP server. The server blade is factory set with DHCP enabled.
Auto Login Auto login provides direct access to iLO 2 from the OA for users who already logged in to the OA. A user who has authenticated their connection to the OA can follow a link to a server blade in the enclosure without an additional login step. Auto login features and usage are as follows: • A user who has authenticated a connection to the OA is able to establish a connection with iLO 2 without providing the user login and password to iLO 2.
need the ability to change settings. This level equates to an iLO 2 user with no privileges set. NOTE: For information on how to set user roles and privilege levels in the OA, see the HP BladeSystem Onboard Administrator User Guide. Initiating an Auto Login Session The auto login session is initiated as follows: 1. The OA finds the first available auto login user by finding the first user entry with a time-created value of 0.(OAtmp1...OAtmp4). 2. If there are no available users, the oldest user is deleted.
User Login User Deletion After an OA user has been created in the iLO 2 database, the OA user login can still fail for a number of reasons: • The iLO 2 upgrade is currently in progress, and no new connections are allowed. • Maximum number of connections for the requested connection type (SSH, Telnet, web GUI) to iLO 2 has been reached. • Requested connection type (SSH, Telnet or web) to iLO 2 is currently disabled.
Setting Up Security For greater security and reliability, HP recommends that iLO 2 LAN management traffic be on a separate dedicated management network or network subnet and that only administrators be granted access to that network. This not only improves performance by reducing traffic load across the main network, it also acts as the first line of defense against security attacks. A separate network enables you to physically control which workstations are connected to the network.
4 Logging In to iLO 2 This chapter provides instructions on how to log in to iLO 2. Integrity iLO 2 standard features provide basic system board management functions, diagnostics, and essential Lights-Out functionality on iLO 2-supported HP servers. For a list of the standard features, see “Standard Features” (page 18). Logging In to iLO 2 Using the Web GUI To log in to iLO 2 using the web GUI: 1. Open a web browser and enter the DNS name or the IP address for the iLO 2. 2.
Table 12 TCP Ports Port Identifier Port Type Port Functionality Port 22 SSH port This is the default port used by clients connecting to iLO 2 using SSH protocol. Port 23 Telnet port This is the default port used by clients connecting to iLO 2 using Telnet protocol. Port 80 http port This is the default port used by clients connecting to iLO 2 using the web interface or a web browser. This port is not secure. This port provides basic iLO 2 identification information when queried.
5 Adding Advanced Features Integrity iLO 2 advanced features are enabled on Integrity servers in one of two ways. • For Integrity entry class and server blades, the advanced features are enabled with a license key. • For Integrity cell-based servers, the advanced features are enabled with a PCI-X accessory card instead of a key. For a description of the iLO 2 advanced features and information on how to add advanced features, see “Advanced Features” (page 21).
◦ vMedia enables remote attachment of a USB read-only CD or DVD storage device, or ISO file image, including support for bootable media. ◦ Use vMedia to easily upgrade firmware on npars. ◦ Create an ISO file of a vfat file system with the required files – ◦ Start vMedia, present .iso file to npar, boot to EFI, go to the fsX: that corresponds to the vMedia, run e.g. update.
Table 14 Supported System Configurations System Component nPartition operating system Description • Microsoft Windows Server 2003 • HP-UX 11i v2 or later • OpenVMS Version 8.3 or later • Windows 2008 Supported platforms • rx7640 • rx8640 • Superdome sx2000 You can install the Lights-Out Advanced KVM card on any sx2000-based Integrity server with updated management processor firmware that provides iLO 2 functionality and uses the web interface to access iLO 2.
1 The remote management workstation must be running Windows with Active-X enabled on Internet Explorer 7. Configuring the Lights-Out Advanced KVM Card Usually, the Lights-Out Advanced KVM card obtains its IP address automatically from a DHCP server. If you do not have a DHCP server on your network, you must manually set the Lights-Out Advanced KVM card IP address.
The Lights-Out Advanced KVM card contains a USB device that is viewed by the host OS as if it were a physical USB device connected to the server. Under the control of the Lights-Out Advanced KVM card firmware, a virtual USB device can be remotely connected to the host server. When the virtual media is connected, an OS that is USB-aware loads its standard USB mass storage driver. Once the USB mass storage driver is loaded, the server OS does not require additional HP drivers running on the server OS.
Figure 10 PCI-X or PCI-X/PCIe Card Cage (Common to all supported servers) 1 PCI-X/PCIe Cards IMPORTANT: 2 PCI-X or PCIe Backplane Cabling requirements: • You must connect the LAN port on the Lights-Out Advanced KVM card to the same network as the MP LAN port on the server. • You need a network cable to your regular core I/O MP port - one per complex. • You need one network cable to each Lights-Out Advanced KVM card. To install the Lights-Out Advanced KVM card, perform the following steps: 1.
8. Power on the PCI power domain, and then boot the nPartition. By default, the Lights-Out Advanced KVM card uses Dynamic Host Control Protocol (DHCP) to obtain an IP address. Alternatively, you can assign a static IP address to the Lights-Out Advanced KVM card through a menu in the main iLO 2 web GUI interface or other iLO 2 MP command line. To remove the Lights-Out Advanced KVM card, reverse these steps.
Figure 11 dvc.CAB Error Follow these steps: a. Close the IRC window. b. Open a vMedia window for that npar (no need to connect). c. Select Always trust content from this publisher in the Warning - Security window after opening vMedia. d. Re-open the IRC window. 9. When rebooting. you should see the output of the console on both the serial console and the IRC. This will not appear if acpiconfig is in default mode. When it displays in graphic mode, you only see it on the IRC.
Mid Range PCI Backplane Power Behavior On Integrity cell-based servers, you can power off the Lights-Out Advanced KVM card separately from the iLO 2 management processor. For example, you can power off a partition containing a Lights-Out Advanced KVM card, while keeping other partitions powered on. Or, you can power off the entire complex (all the partitions). In either case, the iLO 2 management processor is still accessible because it is powered separately from the partitions.
Table 16 General Troubleshooting (continued) Problem Solutions acpiconfig problem: • Must have acpiconfig set to windows or enable vgaroute. • Boot to EFI mode and check with acpiconfig command. Graphics error: Display is unreadable. • Ensure that the system firmware supports the Lights-Out Advanced KVM card. • Ensure that the graphics resolution is compatible and set correctly. vKVM or vMedia features are not available. • Ensure that the LAN cable is connected properly.
Table 17 Unsupported Core I/O Configurations with Possible Solutions Server rx7640 Configuration Result • One core I/O card installed in I/O chassis 1. • Lights-Out Advanced KVM card installed in I/O chassis 0. rx8640 • One core I/O card installed in I/O chassis 0. • Lights-Out Advanced KVM card installed in I/O chassis 1. Solution Operating system does not boot with this unsupported configuration. Move the Lights-Out Advanced KVM card to I/O chassis 1.
fpgaFlasher An EFI utility to update the firmware of the virtual video FPGA chip on the Lights-Out Advanced KVM card. TIP: Before performing certain iLO 2 functions, verify that you have the supported firmware version required to carry out the task.
6 Accessing the Host (Operating System) Console This chapter describes several ways to access the host console of an HP Integrity server. Accessing a Text Host Console through iLO 2 Virtual Serial Console Web browser access is an embedded feature of iLO 2. Before starting this procedure, you must have the following information: • DNS name for the iLO 2 MP LAN. This is found on the iLO Network Information Tag on the server. • Host name To interact with iLO 2 through the web: 1.
Figure 13 Status Summary Page 4. 5. 6. Select the web interface functions by clicking the Primary tabs at the top of the page. Each function lists options in the Navigation Control on the left side of the page. To display data in the content area; select an option and click Refresh to update the display. Click the Remote Console tab.
TOPics HElp Q : : : : Enter the command name for help on individual command Show all MP Help topics and commands Display this screen Quit help ==== MP:HE To display the Main Menu Command List, enter LI at the MP HE: prompt. To return to the MP Main Menu, enter Q. To access help from the web GUI, click Help. You can also click the ? at the top right corner of each page to display help about that page.
7 Configuring DHCP, DNS, LDAP, and Schema-Free LDAP This chapter provides information on how to configure DHCP, DNS, LDAP extended schema, and schema-free LDAP. Configuring DHCP DHCP enables you to automatically assign reusable IP addresses to DHCP clients. This section provides information on how to configure DHCP options such as the Domain Name System (DNS). The iLO 2 MP host name you set through this method displays at the iLO 2 MP command mode prompt.
• Set the link state to 10 BaseT. MP:CM> LC -link t • Set the remote console serial port address. MP:CM> LC -web 2023 • Set the SSH console port address. MP:CM> LC -ssh 22 Configuring DNS To use the DNS command to display and modify the DNS configuration: 1. From the MP Main Menu, enter command mode. 2. At the MP:CM> prompt, enter DNS. The screen displays the current DNS data. 3. When prompted, enter A to select all parameters. The screen displays the current DHCP for DNS servers status. 4.
To configure LDAP extended schema: 1. From the MP Main Menu, enter command mode. 2. At the MP:CM> prompt, enter LDAP. 3. To select Directory Settings, enter D. The current LDAP directory settings appear. 4. To select all parameters enter A. The current LDAP directory authentication status appears. The local iLO 2 user accounts database status also appears. If enabled, the local iLO 2 user database is used if there is an authentication failure using the LDAP Directory. 5.
directory server and set up user accounts and privileges. You can find the tool on the HP website at: http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=US& swItem=MTX-UNITY-I23896 Using directory services after users enter their login and password, the browser sends the cookie to iLO 2. The iLO 2 processor accesses the directory service to determine which roles are available for that user login.
Setting Up Directory Security Groups The following procedure describes how to set up directory security groups in schema-free LDAP using the iLO 2 MP TUI. To use the web interface, see “Group Accounts” (page 130). NOTE: Due to command syntax changes in schema-free LDAP, some customer-developed scripts may not run. You must change any scripts you developed to enable them to run with the new schema-free LDAP syntax.
LDAP and MP Login for Integrity Cell-Based Servers This section provides information on LDAP and MP login access rights and partition configuration in iLO 2 for Integrity cell-based servers. System administrators can use this information to create and assign access rights.
Composite Commands These commands have sub commands within them that require different rights to execute. For example the SO command has User Parameters, MP-wide parameters within it.
Access Rights An iLO 2 user can have any, or all, of the following access rights: Table 20 Access Rights for Cell-Based Servers Single Letter Representation Access Right Login Access L Description This right is required to perform any operation on iLO 2. A user must have this right for each partition to which access is granted. With this right, a user can run Status or Read-only commands. Console Access C This right enables a user to access the console of the specified partition (such as the host OS).
Table 21 Commands and Associated Access Right (continued) Command Access Right IT MP Configuration Access LC MP Configuration Access LDAP MP Configuration Access LS Login Access MA Login Access PARPERM MP Configuration Access PD User Administration Access PE All for all supported partitions PS Login Access PWRGRD Server Power Access RE All for all supported partitions RU (KMIX only) All for all supported partitions SA MP Configuration Access SO 1.
Table 21 Commands and Associated Access Right (continued) Command Location CI Access Right 1. View logs - Console rights for a partition 2. Clear logs - MP Configuration rights for all partitions to which the user has access CO Console Access HE Login Access SL 1. View SEL, FPL, LIVE - Login rights for all partitions to which the user has access 2. View iLO 2 event log - Login rights for all partitions to which the user has access 3.
• For all MP-wide commands (such as ldap, lc, and so on), a user must have corresponding rights for all partitions that the user has access to. • When assigning rights to user logins in a multiserver environment, remember the various combinations of available rights, types of commands, and partition authority.
8 Using iLO 2 This chapter provides information on the different interfaces you can use to interact with iLO 2 such as text user interface, web GUI, and SMASH SM CLP. Text User Interface This section provides information on the text user interface commands you can run in iLO 2. NOTE: HP Integrity server blades do not have fans or power supplies. Therefore, their response to certain commands are different than a rackmount server.
Figure 14 MP Command Interfaces MP Main Menu After logging in to the iLO 2 MP, the MP Main Menu appears. The MP Main Menu runs as a private session. Other iLO 2 users do not see the actions you perform in the private session. Integrity iLO 2 can support multiple sessions to perform independent tasks: • Multiple windows logged into iLO 2 to monitor VFP or study event logs in one window while administering the server from another window.
CO (Console): Leave the MP Main Menu and enter console mode CO switches the console terminal from the MP Main Menu to mirrored/redirected console mode. All console output is mirrored to all users in console mode. Only one of the mirrored users at a time has write access to the console. To get console write access, press Ctrl-Ecf. Press either Ctrl-B or Esc and ( to return to the iLO 2 MP command interface. Verify that all mirrored consoles are of the same terminal type for proper operation.
system firmware. Events funnel into the BMC from different sources throughout the server. iLO 2 polls the BMC for new events and stores them in nonvolatile memory. SL also displays the contents of the iLO 2 Event Log. The records the following events: • iLO 2 MP login and logout attempts • Command logging for specific commands • All entries in the existing history log with more detail Each time a user logs in or out of iLO 2, an event is logged.
Table 25 iLO 2 Event Log Filter Options (continued) Filtering Option Filter Criteria I: IP Address Filter by user IP Address (dotted decimal format) M: Date Filter by date stamp of the records entries (MM/DD/YYYY) If you select more than one filtering option, it acts as an additional filter. For example, if you select the filtering option N followed by P, the logs displayed are the logs that satisfy the filtering criteria for options N and P. NOTE: The iLO2 Event Logs cannot be cleared.
Table 27 Events and Actions (continued) Event Action MPEL MP Event Log - Stores user action events including user login Functions New events overwrite old MPEL events once the MPEL is full. The iLO 2 MPEL records the following events: • iLO 2 MP login, logout attempts and login failure records • MP firmware upgrade • MP firmware activate event • Console access • Clearing of logs MPEL logs cannot be cleared. Formatting options are not available for MPEL.
NOTE: The MPEL log history display provides the same navigation commands as the FPL and the SEL except for the D command.
Table 30 Command Menu Commands (continued) Command Description IT Modifies the iLO 2 inactivity timeouts LC Displays the LAN configuration LDAP Displays the LDAP configuration LM LOC License management Displays and configures locator LED LS Displays the LAN status PC Remote power control PM Remote power mode control PR Configures the power restore policy PS Displays the power management module status RB Resets the BMC RS Resets the system through the RST signal SA Sets access option
you to write a script for one iLO 2, and use it to apply the same commands to additional iLO 2s.
# # -Don # # (End of auto-expect generated content) ####################################################################### # USER set mp_user "Admin" # PASSWORD- get password from terminal instead of storing it in the script stty -echo send_user "For user $mp_user\n" send_user "Password: " expect_user -re "(.
Command Menu Commands and Standard Command Line Scripting Syntax The following list of commands is provided to help you learn about the Command menu commands. Command-line interface scripting syntax for each command is provided to help you accomplish a scripting task. The following rules apply to scripting syntax: • The -nc (no confirmation) is optional. This special keyword designates that no user confirmation is required to execute the command.
OA IP Address IP address of the OA. OA MAC Address MAC address of the OA. Server Blade Configuration Rack Name Logically groups together enclosures in a rack. The rack name is shared with the other enclosures in the rack. Rack UID Rack unique identifier. Bay Number The blade enclosure can support up to eight HP Integrity server blades. When viewed from the rack front, the bays are numbered from left to right, from 1 to 8. The bay number is used to locate and identify a blade.
For HP Integrity server blades, the CA command also provides an option to change between the Integrity iLO mode or the dedicated AUX UART mode. Switching to AUX UART mode when MP remote access is disabled or LAN parameters are not configured requires a push button reset to change back to iLO MP mode. NOTE: Inconsistent bit rate settings can result in improper MP UI while switching between these modes.
Use any of the following methods to reset passwords in iLO 2: • In the UC command, change individual users or reset all users to default values. • Reset passwords by pressing the MP reset button on the back panel of your HP server for longer than four seconds. After iLO 2 reboots, the local console terminal displays a message for five seconds. Responding to this message in time enables a local user to reset the passwords.
The MP firmware is packaged along with system, BMC, and FPGA/PSOC firmware. You can download and upgrade the firmware package from the HP website at http://www.hp.com/go/ bizsupport. IMPORTANT: When performing a firmware upgrade that contains system programmable hardware, you must properly shut down any OS that is running before starting the firmware upgrade process. Select Download drivers and software, select your server, and follow the directions provided.
The inactivity timeout effects how long a user can stay inactive within a command in the text user interface before they are placed back at the command prompt. There is no session timeout on the Integrity iLO 2 text interfaces. NOTE: The iLO 2 MP command interface inactivity timeout cannot be deactivated. Use the flow control timeout to prevent any user who is using a terminal that does not obey flow control from locking the system out from other users.
• iLO 2 MP host name ◦ The iLO 2 MP host name set in this command is displayed at the iLO 2 MP command mode prompt. Its primary purpose is to identify the iLO 2 MP LAN interface in a DNS database. ◦ If you change the iLO 2 MP host name and the IP address was obtained through DHCP and DDNS is registered, a delete old name request for the old host name and an add name request for the new host name are sent to the DDNS server. ◦ Typically you enter the DNS name for the LAN IP.
• Directory Server LDAP Port: Port number for the secure LDAP service on the server. The default value for this port is 636. • Distinguished Name: Specifies where this iLO 2 instance is listed in the directory tree. For example: cn=MP Server,ou=Management Devices,o=hp • User Search Contexts (1,2,3): User name contexts that are applied to the login name entered to access iLO 2.
LDAP: Schema-Free LDAP Schema-Free LDAP enables you to use directory authentication for logging in to iLO 2 without having to do any schema extension on the directory server or snap-in installation on the client. For information on schema-free LDAP, see “Configuring Schema-Free LDAP” (page 67). LM: License management Command access level: MP configuration access LM displays your current license status. Use it to enter a license key to enable the Advanced Pack license features.
CYCLE Turns the system power off, then on. The delay between off and on is 30 seconds. Graceful Shutdown The BMC sends a signal to the OS to shut down prior to turning off the system power. Command line usage and scripting: PC [ -on | -off | -graceful | -cycle ] [ -nc ] -? Example: [gstlhpg1] MP:CM> pc -on -nc PC -on -nc System will be powered on. -> System is being powered on. -> Command successful.
Power mode will be set to OS Control. Confirm? (Y/[N]): y y Please wait .. -> Power mode has been successfully changed See also: PC, PR PR: Power restore policy configuration Command access level: MP configuration access PR configures the power restore policy. The power restore policy determines how the system behaves when AC power returns after an AC power loss. • If PR is set to On, the system powers on after AC is applied. • If PR is set to Off, the system stays powered off after AC is applied.
RS [ -nc ] -? See also: TC SA: Set access LAN/WEB/SSH/IPMI over LAN ports Command access level: MP configuration access SA sets access permissions for users logging in to iLO 2 over the LAN. You can set iLO 2 to allow Telnet access, web access, SSH, IPMI over LAN, or all four. There is no capability to manage the IPMI user name or password in iLO 2. There is only the ability to enable or disable access with IPMI through the SA command.
[ -4dest ] [ -nc ] -? See also: ID SO: Security option help Command access level: MP configuration access SO modifies the security option of iLO 2 (login timeouts, password faulty, SSL certificate generation, SSH keys). The following are SO command parameters: • Login timeout: Zero to five minutes. This is the maximum time allowed to enter login name and password after the connection is established. The connection is interrupted when the timeout value is reached.
SYSREV [ -nc ] -? Example: MP:CM> SYSREV Current firmware revisions MP FW : F.01.57 BMC FW : 75.12 EFI FW : ROM A 05.63, ROM B 05.60 System FW : 01.40 PDH FW : 00.0d UCIO FW : 03.0a PRS FW : 00.08 UpSeqRev: 01, DownSeqRev: 01 TC: System reset through INIT or TOC signal Command access level: MP configuration access NOTE: During normal operation, shut down the OS before issuing this command. TC resets the system through the INIT or TOC signal.
There are two default users, Admin and Oper. The Admin user has all rights (C, P, M, U, and V). The Oper user has the console access right by default. You can change the configuration of these default users with the UC command. All users have the right to log in to iLO 2 and to run Status (read-only) commands (view event logs, check system status, power status, and so on), but not to run any commands that alter the state of iLO 2 or the system.
-> Current User will be deleted User may be disconnected in this process -> User Configuration has been updated. -> Command successful. [gstlhpg1] MP:CM> See also: CA, SO, LDAP WHO: Display a list of iLO 2 connected users Command access level: Login access WHO displays the login name of the connected console client users, the ports on which they are connected, and the mode used for the connection.
Some of the functionality in the web GUI only display if you have the iLO 2 Advanced Pack license. For more information on the iLO 2 Advanced Pack license, see “Obtaining and Activating iLO 2 Advanced Pack Licensing” (page 23) and the HP website at: http://h71028.www7.hp.com/enterprise/cache/279991-0-0-0-121.html NOTE: Cookies must be enabled on the web browser in order to successfully login to the iLO 2 web GUI.
Table 31 Status Summary General Page Description (continued) Field Description Firmware Revisions Displays the current firmware revisions for iLO MP, BMC, EFI, system firmware, PDH, UCIO, PRS, and PMPIC for entry class server blades. iLO 2 MP IP Address The IP address of the iLO 2 subsystem. Date & Time Displays the date and time as known to the iLO 2. Locator UID LED Displays the status of the blue locator or UID LED and enables you to turn the Locator LED on or off.
Table 32 Active Users Page Description (continued) Field Description Authorized The type of authentication: LDAP directory user authentication (LDAP) or locally stored iLO 2 user accounts (local). Rights Rights control the iLO 2 functions a user can perform. There are five user access rights: console access, MP configuration, power control, virtual media, and user administration. A user can be configured to have some, none, or all the access rights. Mode Current iLO 2 mode that the user is in.
Table 33 FW Revisions Page Descriptions (continued) Field Description PRS Power Reset Sequencer PMPIC Power Management Programmable Interrupt Controller for entry class server blades Server Status > General The Server Status General page (Figure 18) displays the status of server components. It also displays the status of the system processors and which processor is the monarch. NOTE: Depending on your server, this page might look slightly different.
NOTE: Depending on your server, this page might look slightly different. Figure 19 Server Status Identification Page Table 35 lists the fields and descriptions. Table 35 Server Status Identification Page Description Field Description Server Host Name Displays the server host name. Rack UID Displays the rack unique identifier: a known unique identifier for the rack. Bay Displays the bay number. The blade enclosure can support as many as eight HP Integrity server blades.
Figure 20 System Event Log Page NOTE: The BL c-Class tab is available only on HP Integrity server blades. Table 36 lists the fields, buttons, and descriptions. Table 36 System Event Log Page Description Fields and Buttons Description System Event Log High attention events and errors. Reading the SEL off the attention LED (blinking yellow light). Forward Progress Log Contains events of all types. Does not need to be cleared. In a web GUI session you cannot view forward progress logs, only SEL logs.
1: Major forward progress 2: Informational 3: Warning 5: Critical 7: Fatal Remote Serial Console The Remote Serial Console page (Figure 21) enables you to securely view and manage a remote server. You must have console access right to use this feature. You can also connect to the system console by launching View Console from the Remote Serial Console page. NOTE: Depending on your server, this page might look slightly different.
To ensure proper operation of the remote serial console, verify the following conditions: • Your emulator can run the supported terminal type. • The iLO 2 terminal setting in the applet is a supported setting. • The operating system environment settings and your client terminal type are set properly. • All mirrored consoles are of the same terminal type for proper operation.
The console window remains open until you sign out of the iLO 2 interface using the provided link in the banner, leave the iLO 2 site, or refresh the entire page. The remote serial console provides the console, and the GUI provides the iLO 2 MP Main Menu functionality. Output from the console is stored in nonvolatile memory in the console log, regardless of whether or not any users are connected to a console. The Remote Serial Console page refreshes every 10 seconds.
• Modify login passwords without administrator access right • Remotely change the configuration parameters of the IRC Because the iLO 2 IRC is hardware-based, it is available regardless of the state of the operating system. IRC Requirements and Usage The IRC feature is only available if you have the iLO 2 Advanced Pack license. If iLO 2 is not licensed to use the IRC, see the Licensing page under the Administration tab to activate the Advance Pack license.
• The web session will timeout after 15 minutes if no mouse or keyboard activity is detected in the web interface and the vMedia, RSC, or IRC are not launched. An inactivity timeout configuration option is currently unavailable. • A slight delay might be observed between the physical and virtual mouse pointer. NOTE: If you run system discovery utilities such as MAPPER or IOSCAN, the output might display an extra keyboard and mouse that are not physically connected.
Console settings affect the information that you see on the IRC. In HP-UX, if you modify the console settings in EFI to graphics, the modivication affects the IRC as follows: • If you set VGA-Primary and Serial-Not Configured in EFI, the IRC is a system console. If you configure HP-UX to start X Windows, IRC also acts as an X terminal. • If you set Serial-Primary and VGA-Not Configured in EFI, the IRC is only an X terminal.
Figure 23 Integrated Remote Console Page NOTE: The BL c-Class tab is available only on HP Integrity server blades. To access the IRC, select Remote Console > Integrated Remote Console and click Launch. The IRC might experience a slight delay as it first loads on your browser. The IRC page refreshes every 10 seconds. Table 38 lists the fields, buttons, and actions. Table 38 IRC Page Description Fields and Buttons Action Fullscreen Resizes the IRC page.
Figure 24 Integrated Remote Console Window Table 39 lists the menu bar, buttons, and actions you can perform in the IRC window. Table 39 IRC Window Description Menu Bar Buttons Action Thumb Tack Enables you to keep the menu open, or retracts it when the mouse is moved away. Ctrl+Alt+Del Enables you to simulate the Ctrl Alt Del keyboard sequence on a remote console. Exit (red button) Enables you to close and exit the console and return to the client desktop.
Virtual Media Virtual Media (vMedia) provides you with virtual devices that mimic physical hardware devices such as a virtual floppy disk drive and a CD/DVD drive that connects through the network to the managed server just as if it was physically connected. The vMedia device can be a physical CD/DVD drive on the management workstation, or it can be an image file stored on a local disk drive or network drive.
1. Select Virtual Media. The Virtual Media page appears (Figure 25) NOTE: Depending on your server, this page might look slightly different. Figure 25 Virtual Media Page 2. 3. Click Launch to load the vMedia applet. The vMedia applet loads in support of the vMedia device. At this point, you can connect to a virtual CD/DVD or virtual floppy/USB key device or create an iLO 2 disk image file.
NOTE: This feature requires that the Java Plug-in 1.4.2 or 1.5 is installed. This feature requires the vMedia right and the Advance Pack License. For more information, see “Obtaining and Activating iLO 2 Advanced Pack Licensing” (page 23). If a user does not have the vMedia right, it can be granted from the User Administration page under the Administration tab by a user with Admin privileges. To use a physical CD/DVD drive in your client system: 1. Select Virtual Media.
5. Click Connect. The connected drive icon and LED changes states to reflect the current status of the virtual CD/DVD. Figure 27 Virtual Media Dialog Box (after connection) After you are connected, virtual devices are available to the host server until you close the vMedia applet or sign out from a web session. When you are finished using the virtual CD/DVD, disconnect the device from the host server or close the applet. NOTE: The vMedia applet must remain open when using a vMedia device.
performance of the iLO 2 vMedia is faster when image files are used. The utility to create the iLO 2 CD/DVD disk image files is integrated into the vMedia applet. Store image files on your client computer or on a network drive that can be accessed from the client using a fast network segment. A disk image file produces better performance than using a physical CD in your client computer. To create image files from physical diskettes, CDs, or DVDs, use the Disk>>Image option.
To insert the next CD during an OS installation or any application installation with multiple image files: 1. To select the next image file or to replace the CD/DVD with the next CD/DVD, click Browse 2. To continue the installation, click OK on the host server. IMPORTANT: Do not click Disconnect to select the next CD/DVD image file. The connected drive icon and LED changes states to reflect the current status of the virtual CD/DVD.
Figure 30 Virtual Floppy/USB Key To use an image file: 1. Click Launch. 2. Within the virtual USB key section of the vMedia applet, select Local Image File. 3. In the textbox, enter the path or file name of the image, or to locate the image file by using the Choose Disk Image File dialog, click Browse. To ensure the source diskette or image file is not modified during use, select Force read-only access. IMPORTANT: You must select the USB key image file with this option.
The HP server ROM provides support during server boot for vMedia with the El Torito bootable CD format. You can view the list of supported operating systems on the HP website at http://www.hp.com/ go/integrityilo. Java Plug-in Version The vMedia feature requires prior installation of Java Plug-in 1.4.2_10 or higher. Client Operating System and Browser Support for vMedia You can view the list of supported client operating systems on the HP website at http:// www.hp.com/go/integrityilo.
NOTE: The BL c-Class tab is available only on HP Integrity server blades. For information on how to set the power management options in the OA, see the HP BladeSystem Onboard Administrator User Guide on the HP website at: http://h20000.www2.hp.com/bc/docs/support/SupportManual/c00705292/c00705292.pdf Table 40 lists the fields, buttons, and descriptions. Table 40 Power & Reset Page Description Fields and Buttons Description System Power The current power state of the system.
Table 40 Power & Reset Page Description (continued) Fields and Buttons iLO 2 Description This feature has the following options: • Reset to the iLO 2 default configuration: This option enables you to set all iLO 2 parameters back to their default values. You must have iLO configuration access right to issue this option. • Reset the iLO 2: This option enables you to reset the iLO 2. You can safely perform an iLO 2 reset without affecting the operation of the server.
Table 41 lists the fields, buttons, and descriptions. Table 41 Power Meter Readings Page Description Fields and Buttons Description Power Meter Readings Data is displayed using a bar graph. Each bar represents the power usage taken over a five minute interval. Peak and average power usage are displayed by default. You can display or hide peak, average, and minimum power samples by using the appropriate checkbox. Samples are collected over a 24-hour period.
Figure 33 Power Regulator Page NOTE: The BL c-Class tab is available only on HP Integrity server blades. Table 42 lists the fields, buttons, and descriptions. Table 42 Power Regulator Page Description Fields and Buttons 126 Description Power Regulator Mode Three are four modes in which the power regulator can operate. The power regulator modes (Static Low, Static High and Dynamic) are independent of the operating system and work for any operating system.
The power regulation functionality is achieved through two different interfaces: • Power Regulation through HP SIM (using the HP IPM plug in) HP Insight Power Manager (HP IPM), a plug-in to HP Systems Insight Manager (HP SIM), is an integrated power monitoring and management application that provides centralized control of server power consumption and thermal output. It extends the unified infrastructure management framework of HP SIM by providing new energy levers into the server.
TIP: Before performing certain iLO 2 functions, verify that you have the supported firmware version required to carry out the task. Licensing The Licensing page (Figure 34) is used to enter a license key to enable the iLO 2 Advanced Pack features. NOTE: Licensing keys are not used with cell-based servers, the Lights-Out Advanced KVM card is used instead. For information on the Lights-Out Advanced KVM card, see Chapter 5 (page 49).
• LDAP schema-free integration • Integration with Insight Power Manager Table 43 lists the fields, buttons, and descriptions. Table 43 Licensing Page Description Fields and Buttons Description Licensing Key Status The status of the license - inactive if no license has been installed, the type of the license (Evaluation or Permanent), and the number of days remaining if the license installed is an Evaluation license.
NOTE: The BL c-Class tab is available only on HP Integrity server blades. There are two default users: 1. Admin: The Admin user has all five rights (console access, power control, MP configuration, user administration, virtual media). 2. Oper: The Oper user has the login and console access rights by default. Table 44 lists the fields and descriptions.
Figure 36 Group Accounts Page NOTE: The BL c-Class tab is available only on HP Integrity server blades. Table 45 lists the fields, buttons, and descriptions. Table 45 Group Accounts Page Description Fields and Buttons Description Administrator Click Administrator and click Edit to open the Group Settings page and enter information. User Click User and click Edit to open the Group Settings page and enter information.
Figure 37 LAN Page NOTE: The BL c-Class tab is available only on HP Integrity server blades. Table 46 lists the fields, buttons, and descriptions. Table 46 LAN Page Description Fields and Buttons Description Telnet You can enable or disable Telnet access to iLO 2 using the enable or disable option. SSH You can enable or disable SSH access to the iLO 2 using the enable or disable option. An industry-standard client-server connectivity protocol that provides a secure remote connection.
Figure 38 Serial Page NOTE: The BL c-Class tab is available only on HP Integrity server blades. Table 47 lists the fields, buttons, and descriptions. Table 47 Serial Page Description Fields and Buttons Description Bit Rate in Bits per Second This option enables you to set the baud rate. Input and output data rates are the same. Flow Control Flow control can be through hardware or software. Hardware uses RTS/CTS; software uses Xon or Xoff. Submit Submits the information.
Figure 39 Login Options Page NOTE: The BL c-Class tab is available only on HP Integrity server blades. Table 48 lists the fields, buttons, and descriptions. Table 48 Login Options Page Description Fields and Buttons Description Login Timeout in Minutes The timeout value in minutes is effective on all ports, including local ports. Password Faults Allowed This sets a limit on the number of password faults allowed when logging in to iLO 2. The default number of password faults allowed is three.
Figure 40 Current LDAP Parameters Page NOTE: The BL c-Class tab is available only on HP Integrity server blades. Table 49 lists the fields and descriptions. Table 49 Current LDAP Parameters Page Description Field Directory Authentication Description Choosing enable or disable, activates or deactivates directory support on iLO 2: • Enable with Extended Schema: selects directory authentication and authorization using directory objects created with HP schema.
Table 49 Current LDAP Parameters Page Description (continued) Field Description Submit Submits the information. Cancel Cancels the action. Network Settings The Network Settings tab enables you to access the following pages: • Standard • Domain Name Server IMPORTANT: If you are connected through a network and you make any changes to DHCP status, IP address, subnet mask, or gateway IP address, iLO 2 automatically resets once you confirm the change.
Table 50 lists the fields, buttons, and descriptions. Table 50 Standard Page Description Fields and Buttons Description MAC Address The 12 digit (hexadecimal) MAC address. DHCP Status Enable or Disable. iLO 2 MP Host Name The host name set here is displayed at the iLO 2 command interface prompt. IP Address The iLO 2 MP IP address. If DHCP is being used, the IP address is automatically supplied. Subnet Mask The subnet mask for the iLO 2 IP network.
Table 51 DNS Page Description Fields and Buttons Description Use DHCP supplied domain Use the DHCP server-supplied domain name. name Domain name This represents the factory-default DNS name of the subsystem, for example, “hp.com” in “ilo.hp.com”. You can enter a new DNS name. Use DHCP supplied DNS servers Use the DHCP server-supplied DNS server list. Register with Dynamic DNS Register its name with a DDNS server. Submit Submits the DNS information. Cancel Cancels the action.
Table 52 SNMP Settings Page Description (continued) Field Description Enter 1, 2, 3, 4 to configure a destination IP address for SNMP alerts. The default is blank (unused). Community String Configure the community string to secure the access to the management information base (MIB) objects. The default is public. Submit Submits the information. Cancel Cancels the action.
Table 53 Onboard Administrator Page Description Field OA IP Address Description The IP address of the OA. IMPORTANT: Integrity iLO 2 must have a reachable IP address as the default gateway address. Since the OA is always reachable, HP recommends using the OA IP address as the gateway address for Integrity iLO 2. If you use the Enclosure IP mode, this solution works during a failover.
Figure 45 Help Page NOTE: The BL c-Class tab is available only on HP Integrity server blades. You can also click the ? at the top right corner of each page to display help about the page you are on. Select any of the topics listed in the left navigation bar to access that particular help screen.
• Uses scripts to automate some iLO 2 tasks, especially when you are setting up many identical servers. • Available from any TUI (serial, Telnet, and SSH). • CLP sessions are independent from each other and nonmirrored. • Provides a subset of MP CLI commands. • Provides access to the MP Main Menu interface and system console interface. SM CLP Session Sessions between a client and an SM CLP service are established over a transport protocol.
To change the default interface from MP Main Menu to SM CLP: 1. At the MP Main Menu, enter CM. 2. From the CM prompt, enter SA to modify iLO 2 access configuration. 3. Use the following example as you follow the prompts on the screen to change the default interface from MP Main Menu to SM CLP. MP:CM>SA This command allows you to modify MP access configuration.
hpiLO-> badcommand status=2 status_tag=COMMAND PROCESSING FAILED error_tag=COMMAND NOT RECOGNIZED hpiLO-> If an invalid target is specified, the response differs as follows: hpiLO-> show /badtarget1 status=3 status_tag=COMMAND PROCESSING FAILED error_tag=COMMAND SYNTAX ERROR ‘/badtarget1’ is an invalid target. hpiLO-> SM CLP Syntax The following sections provide terms, descriptions, and examples of the SM CLP syntax.
Table 54 Supported Command Verbs (continued) Command Action help displays general help and all supported commands. help displays help for the specified verb. help displays help for the specified target. help displays help for the specified property. load Moves a binary image to iLO 2 from a URI. reset Causes a target to cycle from enabled to disabled and back to enabled. set show Sets a property to a specific value.
Command Options Command options control verb behavior. Command options can appear immediately after the verb and must be prefaced with a dash (-). Most command options have both a full name and a short form; for example: show –level all or show –l all Level Option The level option instructs the command verb to include n number of levels in the scope of its execution. A level typically refers to the depth of containment to be processed by the verb.
Find and display all targets that have the EnabledState property: hpiLO-> show -l all -d properties=”enabled state” Find and display all Account targets in the system and their information: hpiLO-> show -l all account* Table 55 shows the available command options. Table 55 Command Options Option Short Form Description -display -d Selects the data you want to display. -force -f Instructs the verb to ignore warning conditions that otherwise prevent execution.
Table 56 SM CLP Reserved Characters and Character Sequences (continued) Character or Sequence Name Description and Uses / Address term separator Separates the UFiT terms of a target address. . Dot Recognized as a special target address token meaning this container. .. Dot-dot Recognized as a special target address token meaning the container of this container. () Parentheses In a comma-separated option argument term list, delineates the values of an argument from the next option argument.
status_tag=COMMAND COMPLETED system1 has been issued a reset Displaying Power Status To display the power state of the system, query the value of the enabledstate property of the system1 target. For example: hpiLO-> show -d properties=enabledstate system1 status=0 status_tag=COMMAND COMPLETED /system1 Properties EnabledState=Enabled Powering Off the System To power off the system, apply the stop (graceful shutdown) or stop-force (power off) commands to the system1 target.
Map1 Example The following example displays information about map1: hpiLO-> show map1 status=0 status_tag=COMMAND COMPLETED /map1 Targets dhcpendpt1 dnsendpt1 dnsserver1 dnsserver2 dnsserver3 enetport1 gateway1 group1 settings1 sshsvc1 swinstallsvc1 swinventory1 telnetsvc1 textredirectsap1 textredirectsvc1 Properties Name=iLO Advanced, HP Integrity Dedicated=Management Verbs cd help show load reset hpiLO-> Resetting iLO 2 To reset iLO 2, run the reset command to the MAP1 target as in the following
Table 59 /map1/textredirectsap1 Properties Property Name Description Access and Values EnabledState Shows whether the text redirection is enabled. Read-only The value is set to Enabled. SessionTerminateSequence A string sequence used for terminating text redirection session and returning to SM CLP. Read-only The value is set to SMCLP. Enter SMCLP at the MP Main Menu to return to the SM CLP interface. Description Description of this text redirection service access Read-only point.
Starting a System Console Session To start a system console session, enter the following command: hpiLO->start /system1/consoles1/textredirectsap1 Determining the Session Termination Character Sequence for the System Console To determine the session termination character sequence for the system console, enter the following command: hpiLO-> show -d properties=SessionTerminateSequence /system1/consoles1/testredirectsap1 status 0 status_tag=COMMAND COMPLETED /system1/consoles1/testredirectsap1 Propertie
help Displays context-sensitive help. show Displays information. Target: map1/swinventory1 SoftwareInventory is a dedicated collection for all firmware in the system known to iLO 2. Table 62 shows swinventory1 target properties. Table 62 swinventory1 Properties Property Name Description Description Access and Values Provides a textual description of the object. Verbs cd Changes the current default target. help Displays context-sensitive help. show Displays information.
Properties VersionString=F.01.57 This example displays all the firmware revisions. hpiLO-> show /map1/swinventory1/swid* /map1/swinventory1/swid1 TargetType=MP FW VersionString=F.01.57 /map1/swcollection1/swid2 TargetType=BMC FW VersionString=01.60 /map1/swcollection1/swid3 TargetType=EFI FW VersionString=ROM A 05.11, ROM B 255.255 /map1/swcollection1/swid4 TargetType=System FW VersionString=ROM A 62.03, ROM B 255.255, Boot ROM B /map1/swcollection1/swid5 TargetType=PDH FW VersionString=00.
Telnet SM CLP Targets This section describes targets, their properties, and supported verbs necessary to enable or disable Telnet access to iLO 2. Target: map1/telnetsvc1 The telnetsvc1 target represents the telnetsvc service provided by map1. Table 64 shows telnetsvc1 target properties. Table 64 telnetsvc1 Properties Property Name EnabledState Description Access and Values Shows whether Telnet is enabled or disabled.
show Displays information. help Displays context-sensitive help. SSH Examples The following examples show specific SSH commands. Enable SSH Service -> start /map1/sshsvc1 Disable SSH Service -> stop /map1/sshsvc1 Network Configuration Network commands enable you to display or modify network settings. SM CLP Network Targets, Properties, and Verbs This section describes targets, target properties, and supported verbs necessary to implement the iLO 2 network configuration through SM CLP.
Table 67 lanedpt1 Properties (continued) Property Name Description Access and Values Enabled, Disabled MACAddress Represents the iLO 2 MP MAC address. Verbs cd Changes the current default target. help Displays context-sensitive help. show Displays information. Read-only The MAC address is formatted as twelve hexadecimal digits (010203040506), with each pair representing one of the six octets of the MAC address.
Table 69 dhcpendpt1 Properties (continued) Property Name Description Access and Values Disabled: The iLO 2 DHCP client is disabled. OtherTypeDescription Textual description of this protocol endpoint. Verbs cd Changes the current default target. help Displays context-sensitive help. show Displays information. start Enables iLO 2 DHCP. stop Disables iLO 2 DHCP. Read-only Set to DHCP. Target: map1/dnsendpt1 The dnsendpt1 target represents the iLO 2 DNS client.
Table 72 shows dnsserver1, dnsserver2, and dnsserver3 target properties Table 72 dnsserver1, dnsserver2, dnsserver3 Properties Property Name Description Access and Values AccessInfo Represents the IP address of the DNS server. AccessContext Represents access context (description) of Read-only this access point. Set to DNS server. Verbs show Displays information. help Displays context-sensitive help. set Sets a property to a specific value.
hpiLO-> show -d properties=macaddress /map1/enetport1/lanendpt1 or hpiLO-> show -d properties=permanentaddress /map1/enetport1/ Determine current IP Address hpiLO-> show -d properties=ipv4address /map1/enetport1/lanendpt1/ipendpt1 Determine Subnet Mask hpiLO-> show -d properties=subnetmask /map1/enetport1/lanendpt1/ipendpt1 Set IP Address and Subnet Mask To modify a Static IP Address and Subnet Mask, set IPv4Address and SubnetMask properties of the ipendpt1 target: hpiLO-> set /map1/enetp
NOTE: • Scriptable vMedia is available only if you have the iLO 2 Advanced Pack license and the vMedia user privilege. • Only one vMedia connection is supported at a time. You cannot connect with the scriptable vMedia while the Applet vMedia is connected and vice versa.
vMedia Functionality on Server Blades and Rack-Mounted Servers Administrators can easily transfer data to the managed system from the web (Apache or IIS) server containing the vMedia ISO images. On the client side, the web (Apache or IIS) server is running and the ISO images are stored so they can be accessed over HTTP. NOTE: HTTPS is currently not supported through the SM CLP interface. The drives (connected ISO images) on the client side appear as local drives (USB CD Read-only) on the managed server.
NOTE: The oemhp_applet_connected has a value equal to yes. If you attempt to connect when there is no valid image location set in the oemhp_image property, you will receive an error. Disconnect vMedia This command disconnects the media and clears the oemhp_image value. –> set / map1 / oemhp_vm1 / cddr1 oemhp_connect=no NOTE: If you attempt to disconnect when the drive is not connected, you will receive an error.
1. Using the LCD display on the OA enclosure, navigate to the DVD Drive - Attach... option. 2. Using the Telnet/SSH connection to the OA. NOTE: While in the OA, you will not be entering the SM CLP vMedia commands directly in MP. Instead, you will issue the commands from the Telnet/SSH connection of the OA to connect or disconnect vMedia.
3. Using the OA GUI, navigate to Enclosure Information/Enclosure Settings/DVD Drive. The OA web GUI interface provides an easy-to-navigate graphical interface. Select a specific action for vMedia, such as inserting a disk, connecting, and so on. Known Issues • Only DVD/CD is supported at this time. • Floppy/USB Key is currently not supported. • Only one device is supported at a time with scriptable vMedia (either DVD/CD or Floppy/Key).
• Installing Windows Server 2003 using Smart-setup and RTM-bit physical CDs • Installing Windows Server 2003 using Smart-setup and RTM-bit ISO images • Installing HP-UX using a physical CD • Installing HP-UX using ISO images Installing an Application Installing MS SQL Server from an MSDN DVD User Accounts Configuration This section describes targets, their properties, and supported verbs used for configuring and viewing iLO 2 user accounts using SM CLP.
create Create a new user account. delete Delete a user account. User Account Examples The following examples show specific user account commands.
Verbs cd Changes the current default target. help Displays context-sensitive help. show Displays information. set Sets a property to a specific value. LDAP Configuration Examples Configure LDAP parameters. This command: hpiLO-> set oemhp_dirauth= ExtendedSchema `oemhp_dirsrvaddr=192.0.2.
9 Installing and Configuring Directory Services This chapter provides information on how to install and configure iLO 2 directory services. You can install and configure iLO 2 directory services to leverage the benefits of a single point of administration for iLO 2 user accounts. Directory Services The following are benefits of directory integration: Scalability Leverage the directory to support thousands of users on thousands of iLO 2s.
Directory Services Installation Prerequisites Before installing directory services, you must do the following: • Obtain an iLO 2 Advanced Pack license. • Configure LDAP. TIP: Before performing certain iLO 2 functions, verify that you have the supported firmware version required to carry out the task. To make sure you have the latest supported firmware version, see the HP website at http://www.hp.com/go/bizsupport.
Directory Services Support Integrity iLO 2 supports the following directory services: • Microsoft Active Directory • Microsoft Windows Server 2003 Active Directory • Novell eDirectory 8.6.2 • Novell eDirectory 8.7 The iLO 2 software is designed to run within the Microsoft Active Directory Users and Computers, and Novell ConsoleOne management tools. This enables you to manage user accounts on Microsoft Active Directory or Novell eDirectory.
Required Schema Software The iLO 2 requires specific software to extend the schema and provide snap-ins to manage the iLO 2 network. An HP Smart Component that contains the schema installer and the management snap-in installer is available for download from the HP website at http://www.hp.com/go/ integrityiLO. The two components you need for Integrity iLO 2 directory integration are the Schema Extender Utility and the Snap-in Installer. Schema Installer One or more .
Figure 47 Schema Setup Screen The Directory Server section of the Setup screen enables you to select whether to use Active Directory or eDirectory, and to set the computer name and the port to be used for LDAP communications. IMPORTANT: To extend the schema on Active Directory you must be an authenticated schema administrator, the schema must not be write protected, and the directory must be the flexible single master operation (FSMO) role owner in the tree.
Figure 48 Schema Results Screen Management Snap-In Installer The management snap-in installer installs the snap-ins required to manage iLO 2 objects in a Microsoft Active Directory Users and Computers directory or in a Novell ConsoleOne directory. To create an iLO 2 directory using iLO 2 snap-ins, perform the following tasks: 1. Create and manage iLO 2 objects and role objects. 2. Make the associations between iLO 2 objects and role objects.
IMPORTANT: To install directory services for iLO 2, an Active Directory schema administrator must extend the schema. • Extending the schema in the Microsoft Windows 2000 Server Resource Kit, available at: http://www.microsoft.com • Installing Active Directory in the Microsoft Windows 2000 Server Resource Kit, available at: http://www.microsoft.com • Microsoft Knowledge Base articles: ◦ 216999 “How to Install the Remote Server Administration Tools in Windows” ◦ 314978 “How to Use Adminpak.
e. Click OK. The Active Directory schema folder may need to be expanded for the checkbox to be available. 4. 5. 6. 7. Create a certificate or install Certificate Services. This step is necessary because iLO 2 uses SSL to communicate with Active Directory. To specify that a certificate be issued to the server running Active Directory, do the following: a. Launch MMC on the server and add the default domain policy snap-in (Group policy and browse to default domain policy object). b.
Figure 49 Directory Example 1. 2. Create an organizational unit to contain the iLO 2 devices managed by the domain. In this example, two organizational units are created, Roles and MPs. Use the Active Directory Users and Computers snap-ins provided by HP to create iLO 2 objects for several iLO 2 devices in the MP organizational unit. a. In the mpiso.com domain, right-click the MPs organizational unit and select NewHPObject. b.
c. d. e. 3. 4. 5. In the Name field of the dialog box, enter an appropriate name In this example, the DNS host name of the iLO 2 device, lpmp, is used as the name of the iLO 2 object, and the surname is iLO 2. Enter and confirm a password in the Device LDAP Password and Confirm fields (this is optional). Click OK. Use the HP provided Active Directory Users and Computers snap-ins to create HP role objects in the roles organizational unit.
Figure 52 Lights-Out Management Tab 7. 8. Click OK. Using the same procedure in step 4, edit the properties of the remoteMonitors role, add the lpmp device to the Managed Devices list on the HP Devices tab, and use the Members tab to add users to the remoteMonitors role. 9. On the Lights-Out Management tab, click the Login checkbox. 10. Click Apply and OK. Members of the remoteMonitors role are able to authenticate and view the server status.
After the snap-in is installed, you can create iLO 2 objects and roles in the directory. Using the Users and Computers tool, you can: • Create iLO 2 objects and role objects. • Add users to the role objects. • Set the rights and restrictions of the role objects. Active Directory Snap-Ins The following sections discuss the additional management options available in Active Directory Users and Computers after you have installed the HP snap-ins.
Figure 54 Members Tab Setting Login Restrictions The Role Restrictions tab (Figure 55) enables you to set login restrictions for a role.
Figure 55 Role Restrictions Tab Setting Time Restrictions • To manage the hours available for login by members of the role, click the Effective Hours button. The Logon Hours screen appears (Figure 56). • To select the times available for login each day of the week in half-hour increments, use the Logon Hours screen.
In the By Default list, select whether to grant or deny access from all addresses except for specified IP addresses, IP address ranges, and DNS names. To restrict an IP address: 1. From the Role Restrictions tab, select IP/MASK and click Add. The New IP/Mask Restriction dialog box appears (Figure 57). Figure 57 New IP/Mask Dialog Box 2. 3. 4. 5. In the New IP/Mask Restriction dialog box, enter the information and click OK. To restrict access based on a DNS, select DNS Name and click Add.
Figure 58 Lights-Out Management Tab Table 78 lists the available Lights-Out Management rights. Table 78 Lights-Out Management Rights MP Rights Login Description This option controls whether users can log in to the associated devices and execute Status or Read-only commands (view event logs and console logs, check system status, power status, and so on) but not execute any commands that would alter the state of iLO 2 or the system.
Example: Creating and Configuring Directory Objects for Use with iLO 2 Devices in eDirectory The following example demonstrates how to set up roles and HP devices in a company called samplecorp, which consists of two regions: region1 and region2. Assume that samplecorp has an enterprise directory arranged according to that in Figure 59. Figure 59 Roles and Devices Example Begin by creating organizational units in each region to contain iLO 2 devices and roles specific to that region.
2. From in the region1 organizational unit, right-click the HP devices organizational unit. Select New, and select Object. a. Select hpqTarget from the list of classes, and click OK. b. Enter an appropriate name and surname in the New hpqTarget dialog box. In this example, the DNS host name of the iLO 2 device, rib-email-server, is used as the name of the iLO 2 object, and the surname is RILOEII (iLO 2). Click OK. The Select Object Subtype dialog box (Figure 60) appears.
a. b. c. d. e. Right-click the remoteAdmins role in the roles organizational unit in the region1 organizational unit, and select Properties. Select the Role Managed Devices subtab of the HP Management tab, and click Add. Using the Select Objects dialog box, browse to the HP devices organizational unit in the region1 organizational unit. Select the three iLO 2 objects created in step 2. Click OK and click Apply. Add users to the role.
devices,ou=region1,o=samplecorp Directory User Context 1 = ou=users,o=samplecorp For example, user CSmith (located in the users organizational unit within the samplecorp organization, who is also a member of one of the remoteAdmins or remoteMonitors roles) would be allowed to log in to iLO 2. He would type csmith (case insensitive) in the Login Name field of the iLO 2 login, and use his eDirectory password in the Password field to gain access.
Figure 63 Members Tab (eDirectory) To browse to the specific user you want to add, click Add. To remove a user from the list of valid members, highlight the user name and click Delete. Setting Role Restrictions The Role Restrictions subtab (Figure 64) enables you to set login restrictions for a role.
These restrictions include the following: • Time Restrictions • IP Network Address Restrictions • ◦ IP/Mask ◦ IP Range DNS Name Setting Time Restrictions You can manage the hours available for login by members of a role using the time grid displayed in the Role Restrictions subtab (Figure 64). You can select the times available for login for each day of the week in half-hour increments.
Setting Lights-Out Management Device Rights After you create a role, you can select rights for the role and make users and group objects members of the role, which gives users or groups of users the rights granted by that role. Use the Lights-Out Management Device Rights subtab of the HP Management tab (Figure 66) to manage rights. Figure 66 Lights-Out Management Device Rights Tab Table 79 lists the available management device rights.
objects support the Login Authentication utility to the iLO 2 device and enable iLO 2 users to execute commands based on their assigned roles. Installing the Java Runtime Environment As a prerequisite for extending schema, you must have Java Runtime Environment (JRE) 1.4.2 installed. To ensure you have the correct version of JRE installed on your system: 1. To determine the Java version, execute the following command: # java -version The Java version installed on your system is displayed. 2.
The SSL port (636) is used during the schema extension. You can verify this by running the netstat –nt grep :636 command while the hpdsse.sh file is being executed. Verifying Snap-In Installation and Schema Extension To verify the installation of snap-ins and schema extension: 1. Run ConsoleOne and log on to the tree. 2. Verify the new classes by opening the Schema Manager from the Tools list. All the classes related to the HP directory services must be present in the classes list.
Enter new value, or Q to Quit: -> Current Distinguished Name has been retained User Search Context 1: Current -> o=mp Enter new value, or Q to Quit: -> Current User Search Context 1 has been retained User Search Context 2: Current -> o=demo Enter new value, or Q to Quit: -> Current User Search Context 2 has been retained User Search Context 3: Current -> o=test Enter new value, or Q to Quit: -> Current User Search Context 3 has been retained New Directory Configuration (* modified values
Directory users that are specified with the user name form can be located in one of three searchable contexts that are configured within Directory Settings. • Local users - Login ID For the iLO 2 login, the maximum length of the Login Name is 25 characters for local users. For directory services users, the maximum length of the Login Name is 256 characters.
Directory-Enabled Remote Management This section is for administrators who are familiar with directory services and with the iLO 2 product. To familiarize yourself with the product and services, see “Directory Services” (page 169). Be sure you understand the examples and are comfortable with setting up the product. In general, you can use the HP provided snap-ins to create objects.
For example, an organization might have two types of users: administrators of the iLO 2 device or host server, and users of the iLO 2 device. In this situation, it makes sense to create two roles, one for the administrators and one for the users. Both roles include some of the same devices, but grant different rights. Sometimes, it is useful to assign generic rights to the lesser role, and include the iLO 2 administrators in that role, and the administrative role.
Role Time Restrictions You can place time restrictions on iLO 2 roles. Users are only granted rights that are specified for the iLO 2 devices listed in the role if they are members of the role and meet the time restrictions for that role. The iLO 2 devices use local host time to enforce time restrictions. If the iLO 2 device clock is not set, the role time restriction fails (unless no time restrictions are specified on the role).
Enforcing Directory Login Restrictions The following figure shows how two sets of restrictions potentially limit a directory user's access to iLO 2 devices. User access restrictions limit a user's access to authenticate to the directory. Role access restrictions limit an authenticated user's ability to receive iLO 2 privileges based on rights specified in one or more roles. Figure 69 shows the user and role access restrictions.
Figure 70 User Time Restrictions User Address Restrictions You can place network address restrictions on a directory user account, and the directory server enforces these restrictions. See the directory service documentation for information about the enforcement of address restrictions on LDAP clients, such as a user logging in to an iLO 2 device. Network address restrictions placed on the user in the directory may not be enforced in the expected manner if the directory user logs in through a proxy server.
Figure 71 Restricting General Use Alternatively, the directory administrator could create a role that grants the login right and restrict it to the corporate network, create another role that grants only the server reset right and restrict it to after-hours operation.
Changes made to the schema during the schema setup process include changes to the following: • Core classes • Core attributes NOTE: Roles such as hpqTargets, and so on, are for extended schema LDAP only. They are not used in schema-free LDAP. Core Classes Table 80 lists the core LDAP OID classes. Table 80 Core Classes Class Name Assigned OID hpqTarget 1.3.6.1.4.1.232.1001.1.1.1.1 hpqRole 1.3.6.1.4.1.232.1001.1.1.1.2 hpqPolicy 1.3.6.1.4.1.232.1001.1.1.1.
hpqRole Table 83 hpqRole OID 1.3.6.1.4.1.232.1001.1.1.1.2 Description This class defines role objects, providing the basis for HP products using directory-enabled management. Class Type Structural SuperClasses Group Attributes hpqRoleIPRestrictions—1.3.6.1.4.1.232.1001.1.1.2.5hpqRoleIPRestrictionDefault—1.3.6.1.4.1.232.1001.1.1.2.4 hpqRoleTimeRestriction—1.3.6.1.4.1.232.1001.1.1.2.6hpqTargetMembership—1.3.6.1.4.1.232.1001.1.1.2.3 Remarks None hpqPolicy Table 84 hpqPolicy OID 1.3.6.1.4.1.232.
hpqTargetMembership Table 87 hpqTargetMembership OID 1.3.6.1.4.1.232.1001.1.1.2.3 Description This attribute provides a list of hpqTarget objects that belong to this object. Syntax Distinguished Name—1.3.6.1.4.1.1466.115.121.1.12 Options Multi Valued Remarks None hpqRoleIPRestrictionDefault Table 88 hpqRoleIPRestrictionDefault OID 1.3.6.1.4.1.232.1001.1.1.2.
Table 90 hpqRoleTimeRestriction (continued) OID 1.3.6.1.4.1.232.1001.1.1.2.6 Options Single Valued Remarks This attribute is only used on role objects. Time restrictions are satisfied when the bit corresponding to the current local side real time of the device is 1, and unsatisfied when the bit is 0. The least significant bit of the first byte corresponds to Sunday, from 12 midnight, to Sunday 12:30 AM.
iLO 2 Attribute Definitions Table 94 through Table 99 define the iLO 2 core class attributes. hpqLOMRightLogin Table 94 hpqLOMRightLogin OID 1.3.6.1.4.1.232.1001.1.8.2.1 Description Login right for HP iLO 2 products. Syntax Boolean-1.3.6.1.4.1.1466.115.121.1.7 Options Single Valued Remarks The attribute is meaningful only on role objects. If TRUE, members of the role are granted the right. hpqLOMRightRemoteConsole Table 95 hpqLOMRightRemoteConsole OID 1.3.6.1.4.1.232.1001.1.8.2.
hpqLOMRightLocalUserAdmin Table 98 hpqLOMRightLocalUserAdmin OID 1.3.6.1.4.1.232.1001.1.8.2.5 Description Local user database administration right for HP iLO 2 products. Syntax Boolean-1.3.6.1.4.1.1466.115.121.1.7 Options Single valued Remarks This attribute is only used on role objects. If this attribute is TRUE, members of the role are granted the right. hpqLOMRightConfigureSettings Table 99 hpqLOMRightConfigureSettings OID 1.3.6.1.4.1.232.1001.1.8.2.
Glossary A Address In networking, a unique code that identifies a node in the network. Names such as host1.hp.com are translated to dott-quad addresses such as 168.124.3.4 by the Domain Name Service (DNS). Address Path An address path is one in which each term has the appropriate intervening addressing association. Administrator A person managing a system through interaction with management clients, transport clients, and other policies and procedures. ARP Address Resolution Protocol.
The CLP consists of a set of command verbs that manipulate command targets representing Managed Elements (ME) that are within the scope of access by a MAP. Each CLP interaction consists of a command line transmitted to the CLP service and a subsequent response transmitted back to the client. Each command transmitted generates only one response data transmission to the client.
Domain A grouping of hosts that is identified by a name. The hosts usually belong to the same Internet Protocol (IP) network address. Domain Name The unique name assigned to a system or group of systems on the Internet. The host names of all the systems in the group have the same domain name suffix. Domain names are interpreted from right to left. E Ethernet An industry-standard type of local area network (LAN) that enables real-time communication between systems connected directly through cables.
Integrated Lights-Out (iLO) The iLO functionality offers remote server management through an independent management processor (MP). iLO was introduced into most HP Integrity entry class servers in late 2004. Prior to that, embedded remote server management was referred to as MP functionality. All legacy MP functionality has been carried forward and combined with new features, all under the heading of "iLO". Therefore, "iLO" and "MP" mean the same thing for entry class servers. IP Internet Protocol.
MAP Manageability Access Point. A network-accessible interface for managing a computer system. A MAP can be initiated by a management process, a management processor, a service processor, or a service process. MAP Address Space This is the hierarchical graph of the UFiTs contained in the MAP’s AdminDomain. Each instance starting at the AdminDomain is a node in the graph.
Remote System A system other than the one on which the user is working. S Schema Definitions that describe what type of information can be stored as entries in the directory. When information that does not match the schema is stored in the directory, clients attempting to access the directory may be unable to display the proper results. Schemas come in many forms, such as a text file, information in a repository, or diagrams.
User The CLP User represents an instance of a client which transmits and receives CLP-compliant messages. The CLP is part of the SM CLP architecture. It is intended to either be a person or a script interacting with a terminal service such as Telnet or SSHv2. User Account A record of essential user information that is stored on the system. Each user who accesses a system has a user account. User Friendly class Tag (UFcT) A short, user-friendly synonym for a CIM class name.
Index A access options, 96 access rights console access, 18 local user administration access, 18 MP configuration access, 18 power control access, 18 virtual media access, 19 accounts creating, 45 modifying, 45 resetting to default values, 29 active directory, 174 advanced features, 21 advanced pack license, 23 obtaining and activating, 23 alert levels, system status logs, 79 ARP ping commands, 36 using to configure a static IP address, 37 using to configure iLO 2 MP LAN, 36 auto login CLI SSH connection, 4
configuring the LAN, 35 configuring using the command menu, 90 configuring with the LC command, 64 DHCP, security risk when enabled, 36 DI command, 88 diagnostics, 100 directory objects, configuring for Active Directory, 176 directory services benefits, 169 features, 169 installing, 170 prerequisites, 170 schema, 201–207 supported directories and operating systems, 171 user login, 194 directory services for Active Directory, 174 creating and configuring directory objects, 176 defining client IP address or D
inactivity timeout configuration, 111 inactivity timers, modifying, 90 installing certificates, 195 directory services, 170 Integrated Lights-Out Management Processor, 17 integrated remote console (IRC) accessing, 113 full screen, 114 introduction, 109 mouse and keyboard limitations, 110 mouse properties, 111 usage, 110 vKVM supported resolutions and browser configurations, 111 IP address, how iLO 2 MP acquires, 34 IPMI over LAN, 19 IT command, 90 J Japanese keyboard, 110 java for HP-UX, 24 java for OpenVM
O OA IP address as default gateway address, 42, 140 Object Identifiers see HP management object identifiers OIDs see HP management object identifiers Onboard Administrator, 139 accessing iLO 2, 39 cabling, 42 components, 26 IP addresses, 42 LEDs and buttons, 27 operating systems, client, 24 operating systems, supported, 111 P partitions, 51, 56, 69, 70, 73 password clearing, 25 modifying default, 45 number of faults allowed, 97 resetting BMC, 85 resetting default, 88 resetting factory default, 29 PC comman
using the ID command, 89 SO command, 97 specific object identifiers, 205–207 attribute definitions, 206–207 attributes, 205 classes, 205 SPU host name, 89 SS command, 97 standard features, 18 static IP address assigning with ARP ping, 36 assigning with LC command, 38 status LEDs, 29 supported systems, 23 SYSREV command, 97 system checking status of, 101 firmware, 53, 103 resetting through the RST signal, 95 system error log, 78 system event log viewing using the web GUI, 105 system status logs, 78, 79 syste
