HP Integrity iLO 2 Operations Guide
Table Of Contents
- HP Integrity iLO 2 Operations Guide
- Contents
- About This Document
- 1 Introduction to iLO 2
- Features
- Standard Features
- Always-On Capability
- Virtual Front Panel
- Multiple Access Methods
- Security
- User Access Control
- Multiple Users
- IPMI over LAN
- System Management Homepage
- Firmware Upgrades
- Internal Subsystem Information
- DHCP and DNS Support
- Group Actions
- Group Actions Using HP SIM
- SNMP
- SMASH
- SM CLP
- Mirrored Console
- Remote Power Control
- Power Regulation
- Event Logging
- Advanced Features
- Standard Features
- Obtaining and Activating iLO 2 Advanced Pack Licensing
- Supported Systems and Required Components and Cables
- Integrity iLO 2 Supported Browsers and Client Operating Systems
- Security
- Features
- 2 Ports and LEDs
- 3 Getting Connected to iLO 2
- 4 Logging In to iLO 2
- 5 Adding Advanced Features
- Lights-Out Advanced KVM Card for sx2000 Servers
- Lights-Out Advanced KVM card Requirements
- Configuring the Lights-Out Advanced KVM Card
- Lights-Out Advanced KVM Card IRC Feature
- Lights-Out Advanced KVM Card vMedia Feature
- Installing the Lights-Out Advanced KVM Card in a Server
- Lights-Out Advanced KVM Card Quick Setup Steps
- Using Lights-Out Advanced KVM Features
- Mid Range PCI Backplane Power Behavior
- Troubleshooting the Lights-Out Advanced KVM Card
- Core I/O Card Configurations
- Supported PCI-X Slots
- Upgrading the Lights-Out Advanced KVM Card Firmware
- Lights-Out Advanced KVM Card for sx2000 Servers
- 6 Accessing the Host (Operating System) Console
- 7 Configuring DHCP, DNS, LDAP, and Schema-Free LDAP
- 8 Using iLO 2
- Text User Interface
- MP Command Interfaces
- MP Main Menu
- MP Main Menu Commands
- CO (Console): Leave the MP Main Menu and enter console mode
- VFP (Virtual Front Panel): Simulate the display panel
- CM (Command Mode): Enter command mode
- SMCLP (Server Management Command Line Protocol): Switch to the SMASH SMCLP
- CL (Console Log): View the history of the console output
- SL (Show Logs): View events in the log history
- HE (Help): Display help for the menu or command in the MP Main Menu
- X (Exit): Exit iLO 2
- MP Main Menu Commands
- Command Menu
- Command Line Interface Scripting
- Command Menu Commands and Standard Command Line Scripting Syntax
- BP: Reset BMC passwords
- BLADE: Display BLADE parameters
- CA: Configure asynchronous local serial port
- DATE: Display date
- DC (Default Configuration): Reset all parameters to default configurations
- DF: Display FRU information
- DI: Disconnect LAN, WEB, SSH, or Console
- DNS: DNS settings
- FW: Upgrade the MP firmware
- HE: Display help for menu or command in command menu interface
- ID: System information settings
- IT: Inactivity timeout settings
- LC: LAN configuration usage
- LDAP: LDAP directory settings
- LM: License management
- LOC: Locator UID LED configuration
- LS: LAN status
- PC: Power control access
- PM: Power regulator mode
- PR: Power restore policy configuration
- PS: Power status
- RB: Reset BMC
- RS: Reset system through the RST signal
- SA: Set access LAN/WEB/SSH/IPMI over LAN ports
- SNMP: Configure SNMP parameters
- SO: Security option help
- SS: System Status
- SYSREV: Firmware revisions
- TC: System reset through INIT or TOC signal
- TE: Send a message to other mirroring terminals
- UC: User Configuration (users, passwords, and so on)
- WHO: Display a list of iLO 2 connected users
- XD: iLO 2 Diagnostics or reset
- Web GUI
- System Status
- Remote Serial Console
- Integrated Remote Console
- Virtual Media
- Power Management
- Administration
- BL c-Class
- Help
- SMASH Server Management Command Line Protocol
- SM CLP Features and Functionality Overview
- Accessing the SM CLP Interface
- Using the SM CLP Interface
- SM CLP Syntax
- System1 Target
- System Reset Power Status and Power Control
- Map1 (iLO 2) Target
- Text Console Services
- Firmware Revision Display and Upgrade
- Remote Access Configuration
- Network Configuration
- User Accounts Configuration
- LDAP Configuration
- Text User Interface
- 9 Installing and Configuring Directory Services
- Directory Services
- Directory Services for Active Directory
- Directory Services for eDirectory
- Installing and Initializing Snap-In for eDirectory
- Example: Creating and Configuring Directory Objects for Use with iLO 2 Devices in eDirectory
- Directory Services Objects for eDirectory
- Setting Role Restrictions
- Setting Time Restrictions
- Setting Lights-Out Management Device Rights
- Installing Snap-Ins and Extending Schema for eDirectory on a Linux Platform
- Using the LDAP Command to Configure Directory Settings in iLO 2
- User Login Using Directory Services
- Certificate Services
- Directory-Enabled Remote Management
- Directory Services Schema (LDAP)
- Glossary
- Index
IMPORTANT: To install directory services for iLO 2, an Active Directory schema administrator
must extend the schema.
• Extending the schema in the Microsoft Windows 2000 Server Resource Kit, available at:
http://www.microsoft.com
• Installing Active Directory in the Microsoft Windows 2000 Server Resource Kit, available at:
http://www.microsoft.com
• Microsoft Knowledge Base articles:
216999 “How to Install the Remote Server Administration Tools in Windows”◦
◦ 314978 “How to Use Adminpak.msi to Install a Specific Server Administration Tool in
Windows 2000”
◦ 247078 “How to Enable SSL Communication over LDAP for Windows 2000 Domain
Controllers”
◦ 321051 “How to Enable LDAP over SSL with a Third-Party Certification Authority”
◦ 299687 MS01-036 “Function Exposed by Using LDAP over SSL Could Enable Passwords
to Be Changed”
Integrity iLO 2 requires a secure connection to communicate with the directory service. This secure
connection requires the installation of the Microsoft CA. For more information, see the following
Microsoft technical references:
• Securing Windows 2000, Appendix D, Configuring Digital Certificates on Domain Controllers
for Secure LDAP and SMTP Replication at: http://www.microsoft.com
• Microsoft Knowledge Base Article 321051 “How to Enable LDAP over SSL with a Third-Party
Certification Authority”
Preparing Directory Services for Active Directory
To set up directory services for use with iLO 2:
1. Install Active Directory. For more information, see the resource kit, Installing Active Directory
in the Microsoft Windows 2000 Server.
2. Install the Microsoft Admin Pack (the ADMINPAK.MSI file, which is located in the i386
subdirectory of the Windows 2000 Server or Advanced Server CD). For more information,
see the Microsoft Knowledge Base Article 216999.
3. In Windows 2000, the safety interlock that prevents accidental writes to the schema must be
temporarily disabled. The schema extender utility can do this if the remote registry service is
running and you have appropriate rights. You can also do this by setting
HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Services NTDS Parameters Schema
Update Allowed in the registry to a nonzero value (see the “Order of Processing When
Extending the Schema” section of the Installation of Schema Extensions in the Windows 2000
Server Resource Kit), or by doing the following:
CAUTION: Incorrectly editing the registry can severely damage your system. HP recommends
creating a backup of any valued data on the computer before making changes to the registry.
NOTE: This step is not necessary if you are using Windows Server 2003.
a. Start the MMC.
b. In MMC, install the Active Directory schema snap-in.
c. Right-click Active Directory Schema and select Operations Master.
d. Select The Schema may be modified on this Domain Controller.
Directory Services for Active Directory 175