HP Integrity iLO 2 Operations Guide
Table Of Contents
- HP Integrity iLO 2 Operations Guide
- Contents
- About This Document
- 1 Introduction to iLO 2
- Features
- Standard Features
- Always-On Capability
- Virtual Front Panel
- Multiple Access Methods
- Security
- User Access Control
- Multiple Users
- IPMI over LAN
- System Management Homepage
- Firmware Upgrades
- Internal Subsystem Information
- DHCP and DNS Support
- Group Actions
- Group Actions Using HP SIM
- SNMP
- SMASH
- SM CLP
- Mirrored Console
- Remote Power Control
- Power Regulation
- Event Logging
- Advanced Features
- Standard Features
- Obtaining and Activating iLO 2 Advanced Pack Licensing
- Supported Systems and Required Components and Cables
- Integrity iLO 2 Supported Browsers and Client Operating Systems
- Security
- Features
- 2 Ports and LEDs
- 3 Getting Connected to iLO 2
- 4 Logging In to iLO 2
- 5 Adding Advanced Features
- Lights-Out Advanced KVM Card for sx2000 Servers
- Lights-Out Advanced KVM card Requirements
- Configuring the Lights-Out Advanced KVM Card
- Lights-Out Advanced KVM Card IRC Feature
- Lights-Out Advanced KVM Card vMedia Feature
- Installing the Lights-Out Advanced KVM Card in a Server
- Lights-Out Advanced KVM Card Quick Setup Steps
- Using Lights-Out Advanced KVM Features
- Mid Range PCI Backplane Power Behavior
- Troubleshooting the Lights-Out Advanced KVM Card
- Core I/O Card Configurations
- Supported PCI-X Slots
- Upgrading the Lights-Out Advanced KVM Card Firmware
- Lights-Out Advanced KVM Card for sx2000 Servers
- 6 Accessing the Host (Operating System) Console
- 7 Configuring DHCP, DNS, LDAP, and Schema-Free LDAP
- 8 Using iLO 2
- Text User Interface
- MP Command Interfaces
- MP Main Menu
- MP Main Menu Commands
- CO (Console): Leave the MP Main Menu and enter console mode
- VFP (Virtual Front Panel): Simulate the display panel
- CM (Command Mode): Enter command mode
- SMCLP (Server Management Command Line Protocol): Switch to the SMASH SMCLP
- CL (Console Log): View the history of the console output
- SL (Show Logs): View events in the log history
- HE (Help): Display help for the menu or command in the MP Main Menu
- X (Exit): Exit iLO 2
- MP Main Menu Commands
- Command Menu
- Command Line Interface Scripting
- Command Menu Commands and Standard Command Line Scripting Syntax
- BP: Reset BMC passwords
- BLADE: Display BLADE parameters
- CA: Configure asynchronous local serial port
- DATE: Display date
- DC (Default Configuration): Reset all parameters to default configurations
- DF: Display FRU information
- DI: Disconnect LAN, WEB, SSH, or Console
- DNS: DNS settings
- FW: Upgrade the MP firmware
- HE: Display help for menu or command in command menu interface
- ID: System information settings
- IT: Inactivity timeout settings
- LC: LAN configuration usage
- LDAP: LDAP directory settings
- LM: License management
- LOC: Locator UID LED configuration
- LS: LAN status
- PC: Power control access
- PM: Power regulator mode
- PR: Power restore policy configuration
- PS: Power status
- RB: Reset BMC
- RS: Reset system through the RST signal
- SA: Set access LAN/WEB/SSH/IPMI over LAN ports
- SNMP: Configure SNMP parameters
- SO: Security option help
- SS: System Status
- SYSREV: Firmware revisions
- TC: System reset through INIT or TOC signal
- TE: Send a message to other mirroring terminals
- UC: User Configuration (users, passwords, and so on)
- WHO: Display a list of iLO 2 connected users
- XD: iLO 2 Diagnostics or reset
- Web GUI
- System Status
- Remote Serial Console
- Integrated Remote Console
- Virtual Media
- Power Management
- Administration
- BL c-Class
- Help
- SMASH Server Management Command Line Protocol
- SM CLP Features and Functionality Overview
- Accessing the SM CLP Interface
- Using the SM CLP Interface
- SM CLP Syntax
- System1 Target
- System Reset Power Status and Power Control
- Map1 (iLO 2) Target
- Text Console Services
- Firmware Revision Display and Upgrade
- Remote Access Configuration
- Network Configuration
- User Accounts Configuration
- LDAP Configuration
- Text User Interface
- 9 Installing and Configuring Directory Services
- Directory Services
- Directory Services for Active Directory
- Directory Services for eDirectory
- Installing and Initializing Snap-In for eDirectory
- Example: Creating and Configuring Directory Objects for Use with iLO 2 Devices in eDirectory
- Directory Services Objects for eDirectory
- Setting Role Restrictions
- Setting Time Restrictions
- Setting Lights-Out Management Device Rights
- Installing Snap-Ins and Extending Schema for eDirectory on a Linux Platform
- Using the LDAP Command to Configure Directory Settings in iLO 2
- User Login Using Directory Services
- Certificate Services
- Directory-Enabled Remote Management
- Directory Services Schema (LDAP)
- Glossary
- Index
e. Click OK.
The Active Directory schema folder may need to be expanded for the checkbox to be available.
4. Create a certificate or install Certificate Services. This step is necessary because iLO 2 uses
SSL to communicate with Active Directory.
5. To specify that a certificate be issued to the server running Active Directory, do the following:
a. Launch MMC on the server and add the default domain policy snap-in (Group policy and
browse to default domain policy object).
b. Click Computer Configuration>Windows Settings>Security Settings>Public Key Policies.
c. Right-click Automatic Certificate Requests Settings, and select New>Automatic Certificate
Request.
d. Using the wizard, select the domain controller template and the certificate authority you
want to use.
6. Download the Smart Component that contains the installers for the schema extender and the
snap-ins. You can download the Smart Component from the HP website at http://www.hp.com/
go/integrityiLO.
7. Run the schema installer application to extend the schema, which extends the directory schema
with the proper HP objects.
The schema installer associates the Active Directory snap-ins with the new schema. The snap-in
installation setup utility is a Windows MSI setup script and runs anywhere MSI is supported
(Windows XP, Windows 2000, Windows 98). However, some parts of the schema extension
application require the .NET Framework, which you can download from the Microsoft website
at http://www.microsoft.com.
Installing and Initializing Snap-Ins for Active Directory
Follow these steps to install the snap-ins and configure the directory service:
1. To install the snap-ins, run the snap-in installation application.
2. Configure the directory service with the appropriate objects and relationships for iLO 2
management:
a. Use the management snap-ins from HP to create iLO 2 policy, admin, and user role
objects.
b. Use the management snap-ins from HP to build associations between the iLO 2 object,
the policy object, and the role object.
c. Point the iLO 2 object to the admin and user role objects (admin and user roles
automatically point back to the iLO 2 object).
For more information about iLO 2 objects, see “Directory Services Objects” (page 179).
At a minimum, create:
• One role object that contains one or more users and one or more iLO 2 objects.
• One iLO 2 object corresponding to each iLO 2 using the directory.
Example: Creating and Configuring Directory Objects for Use with iLO 2 in Active
Directory
The following example shows how to set up roles and HP devices in an enterprise directory with
the domain mpiso.com, which consists of two organizational units: Roles and MPs.
NOTE: Roles, such as hpqTargets and so on, are for extended schema LDAP only. They are not
used in schema-free LDAP.
Assume that a company has an enterprise directory including the domain mpiso.com, arranged
as shown in Figure 49.
176 Installing and Configuring Directory Services