HP Integrated Lights-Out manual EDirectory Role Restrictions

Page 179

Directory Services

179

IP Range

DNS Name

eDirectory Role Restrictions

The Role Restrictions subtab allows you to set login restrictions for the role. These restrictions include:

Time Restrictions

IP Network Address Restrictions

IP/Mask

IP Range

Page 178 Page 180
Image 179
Page 178 Page 180
Contents HP Integrated Lights-Out User Guide Audience Assumptions Contents User Guide Integrated Lights-Out ILO Security 135 Certificate Services 189 Insight Manager 7 Integration 223 Lights-Out DOS Utility 249 Login Modglobalsettings Moddiagport Settings ILO Parameters 331 Contents Technical Support 397 This Section Operational OverviewNew in This Version Network Connection Overview Usage ModelSupported Server Operating System Software Supported Browsers Configuring Linux Font Size Linux Browser ConfigurationPage ILO Configuration Options Configuring iLOILO Rbsu Browser-Based Setup Scripted Setup Installing iLO Device DriversILO Pre-requisite Files for Microsoft Installing or Updating the iLO Drivers for MicrosoftSelect Software and Drivers ILO Pre-Requisite Files for NetWare Installing or Updating iLO Drivers for NetWareNovell NetWare Server Driver Support Instaling or Updating iLO Linux and SuSE Drivers Red Hat Linux and SuSE Linux Server Driver SupportILO Pre-requisite Files for Red Hat and SuSE Linux Files Enabling iLO Advanced Functionality ILO Advanced License Options Activating iLO Advanced Features Using a BrowserILO Advanced Evaluation License User Guide Integrated Lights-Out Activating iLO Advanced Using Scripting ProLiant BL p-Class ConfigurationProLiant BL p-Class User Requirements Static IP Bay ConfigurationConfiguring Static IP Bay Settings Configuring a ProLiant BL p-Class Blade EnclosureUser Guide Integrated Lights-Out ProLiant BL p-Class Advanced Configuration Parameters ProLiant BL p-Class Standard Configuration ParametersRibcl Rackinfo Commands Enable iLO IP Address AssignmentModifying Static IP Bay Configuration Settings Ribcl Rackinfo Command ExamplesGetting Static IP Bay Configuration Settings Integration with Riloe II Accessory Boards Logging in to iLO for the First Time Using iLOLogging in to iLO for the First Time Using a Browser Using iLO User Guide Integrated Lights-Out Using iLO Help Progressive Delays for Failed Browser Login AttemptsILO Status System StatusStatus Summary Server Status ILO Event Log Integrated Management Log Post Diagnostic Results for the Host Server Server and iLO DiagnosticsVirtual NMI Button Nvram Environment Variables ListingILO Self-Test Results Remote Console Option Remote ConsoleRemote Console Information Option Display Properties Enhanced Features of the Remote ConsoleRecommended Client Settings Optimizing Performance for Graphical Remote ConsoleMouse Properties Remote Console Linux SettingsRecommended Server Settings Remote ConsoleMicrosoft Windows Server 2003 Settings Microsoft Windows NT 4.0 and Windows 2000 SettingsRemote Console Hot Keys Red Hat Linux and SuSE Linux Server SettingsNovell NetWare Settings Supported Hot Keys Remote Console Single-Cursor Single- and Dual-Cursor Modes for Graphical Remote ConsoleRemote Console Dual-Cursor Virtual Devices Virtual Power Using iLO Virtual Media MS-DOS Operating System USB SupportUSB USB CD USB CD2 Select Local Floppy Drive Using iLO Virtual Media DevicesILO Virtual Floppy Click Connect Access iLO through a browser Connect Click Create Disk Image Select Local CD-ROM Drive ILO Virtual CD-ROMUsing an Image File Virtual Media CD-ROM Operating System Notes Mounting USB Virtual Media CD in NetWare Mount /dev/scd0 /mnt/cdrom -t iso9660 Virtual Media Composite Device Support Select Local Floppy Drive Virtual Media Scripting Virtual Media Applet TimeoutILO Virtual Media Privilege Command Line Input Result Virtual Media Image Files Scripting Web Server RequirementsCGI Helper Application Virtual Indicators Windows EMS Console Virtual Serial PortVirtual Serial Port and Linux Security InformationLinux End-to-End Support AdministrationUser Administration Adding a New User Click View/Modify User Viewing or Modifying an Existing Users SettingsDeleting a User Global SettingsClick Global Settings User Guide Integrated Lights-Out Network Settings Click Network Settings Using iLO ILO Diagnostic Port Configuration Parameters Recovering from a Failed iLO Firmware Update SNMP/Insight Manager SettingsEnabling Snmp Alerts Generating Test Alerts Click Apply SettingsConfigure Insight Manager Integration Upgrade iLO FirmwareClick Send firmware image Licensing Certificate AdministrationProLiant BL p-Class Advanced Management Directory SettingsUser Guide Integrated Lights-Out Rack Settings Server Blade Management Module Power Management ModuleILO Control of ProLiant BL p-Class Server LEDs Redundant Power Management ModuleServer Post Tracking Insufficient Power NotificationHot-Plug Keyboard Keyboard DefinitionsHot-Plug Keyboard Recommended Usage Hot-Plug Keyboard TroubleshootingUser Guide Integrated Lights-Out Terminal Services Client Requirements Terminal Services Pass-Through OptionWindows RDP Pass-Through Service Terminal Services Pass-Through Installation Windows 2000 Terminal Services Port Change Enabling the Terminal Services Pass-Through OptionTerminal Services Warning Message Terminal Services Pass-Through StatusTerminal Services Button Display Remote Console and Terminal Services ClientsManagerMultifunction Adapters Terminal Services TroubleshootingComputerPropertiesRemoteRemote Desktop ViewerApplication HP ProLiant Essentials Rapid Deployment Pack IntegrationTelnet Support Telnet Simple Command Set Using TelnetTelnet Security Supported Key SequencesILO VT100+ Key Map Altk Altlowerj Linux Codes for the F-Keys VT100+ Codes for the F-KeysSecure Shell Using Secure ShellUsing SSH Using PuTTY ILO Supported SSH FeaturesUsing OpenSSH ILO Shared Network Port Requirements ILO Shared Network PortILO Shared Management Port Features and Restrictions Enabling the iLO Shared Network Port Feature Select AdministrationNetwork Settings Re-enabling the Dedicated iLO Management Port Select NetworkNICTCP/IP, and press the Enter key Command Line InterfaceHelp CLI CommandsEscape Remcons PowerExit VspPage General Security Guidelines Security FeaturesILO Security Encryption ILO Security Override Switch AdministrationUser Accounts Privileges Login SecurityGlobal Security Settings Password GuidelinesCertificates Securing Rbsu Page Benefits of Directory Integration Directory ServicesFeatures Supported by Directory Integration Installing Directory Services Schema Documentation Directory Services Support Schema Required Software Schema Installer EDirectory Installation PrerequisitesSchema Preview Setup Directory Services 151 Results Management Snap-In InstallerActive Directory Installation Prerequisites Directory Services for Active DirectoryDirectory Services Preparation for Active Directory Start MMC Install the Active Directory Schema snap-in in MMC Snap-In Installation and Initialization for Active Directory Directory Services 157 User Guide Integrated Lights-Out Directory Services 159 User Guide Integrated Lights-Out Directory Services 161 Directory Services Objects Active Directory Snap-Ins HP Devices Active Directory Role Restrictions MembersUser Guide Integrated Lights-Out Time Restrictions Enforced Client IP Address or DNS Name Access Remove Active Directory Lights-Out Management Snap-in Installation and Initialization for eDirectory Directory Services for eDirectoryUser Guide Integrated Lights-Out Directory Services 173 Apply Directory Services 175 Directory Services Objects for eDirectory Role Managed Devices Role Restrictions EDirectory Role Restrictions Time Restrictions Delete Lights-Out Management Directory Services 183 Configuring Directory Settings Directory Services 185 Directory Tests User Login Using Directory Services User Guide Integrated Lights-Out Installing Certificate Services Certificate ServicesIntroduction to Certificate Services Configuring Automatic Certificate Request Verifying Directory ServicesCertificate Services 191 Page Introduction to Directory-Enabled Remote Management Directory-Enabled Remote ManagementUsing Bulk Import Tools Using Existing Groups Using Multiple Roles AdminUserAdminRole Server UserRole Role Time Restrictions Creating Roles to Follow Organizational StructureRestricting Roles DNS-Based Restrictions IP Address Range RestrictionsIP Address and Subnet Mask Restrictions Role Address Restrictions How Directory Login Restrictions are EnforcedUser Address Restrictions How User Time Restrictions are EnforcedCreating Multiple Restrictions and Roles Directory-Enabled Remote Management 203 User Guide Integrated Lights-Out Introduction to Lights-Out Migration Utilities Lights-Out Directories Migration UtilitiesCompatibility Pre-Migration ChecklistHP Lights-Out Directory Package Finding Management Processors Hpqlomig OperationLights-Out Directories Migration Utilities 209 Upgrading Firmware on Management Processors Enter your Login NamePassword and click FindLights-Out Directories Migration Utilities 211 Naming Management Processors Select either Use Network Address or Create Name Using IndexConfiguring Directories Browse Click Update DirectorySetting Up Management Processors for Directories Click Configure Hpqlomgc Operation Directory is updated Launching Hpqlomgc Using Application LaunchFirmware version is validated and updated if necessary Management processor directory settings are updatedLights-Out Directories Migration Utilities 219 Hpqlomgc Command Language Iloconfig Page Integrating iLO with Insight Manager Insight Manager 7 IntegrationIdentification and Association Functional OverviewLinks StatusQueries Configuring Identification of iLO Insight Manager 7 Integration 227 Receiving Snmp Alerts in Insight ManagerPort Matching Insight Manager 7 Integration 229 User Guide Integrated Lights-Out ProLiant BL p-Class Rack Visualization User Guide Integrated Lights-Out Integrating iLO with Systems Insight Manager Systems Insight Manager IntegrationSystems Insight Manager Functional Overview System Insight Manager Status System Insight Manager Identification and AssociationSystem Insight Manager Systems Lists Configuring System Insight Manager Identification of iLOSystem Insight Manager Links Receiving Snmp Alerts in Systems Insight Manager System Insight Manager Port Matching Systems Insight Manager Integration 239 Page Lights-Out Configuration Utility Group Administration and iLO Scripting\PROGRAM FILES\INSIGHT MANAGER\HP\SYTEMS Select Management Processor and click OK Query Definition in Insight ManagerApplication Launch Using Insight Manager Create a Customized List Create a Custom CommandClick ToolsCustom CommandsNew Custom Command Click either Schedule or Run Now Create a TaskLights-Out Configuration Utility Parameters Batch Processing Using the Lights-Out Configuration UtilityCpqlocfg Overview of the Lights-Out DOS Utility Lights-Out DOS UtilityCpqlodos General Guidelines Command Line ArgumentsCpqlodos Recommended Usage Lights-Out DOS Utility 251 Cpqlodos Parameter Ribcl XML Commands for CpqlodosCpqlodos Runtime Error Adduser Parameters Adduser Runtime ErrorsSetlicense Parameter Setlicense Runtime ErrorsXML Enhancements Using Perl with the XML Scripting InterfacePerl Scripting XML script modification Opening an SSL Connection Sending the XML Header and Script Body Perl Scripting 259 User Guide Integrated Lights-Out Hponcfg Supported Operating Systems Hponcfg Online Configuration UtilityHponcfg Hponcfg Requirements Hponcfg Installation and UsageLinux Server Installation Windows Server InstallationUsing Hponcfg Hponcfg Command Line ParametersHponcfg Usage Model Obtaining an Entire ConfigurationSample adduser.xml input file Creating a User AccountHponcfg Online Configuration Utility Page Remote Insight Command Language Ribcl and ProLiant BL p-Class Servers Overview of the Remote Insight Board Command LanguageData Types Ribcl Sample Scripts Ribcl General GuidelinesXML Header Boolean String Response DefinitionsString Specific StringRibcl Parameter Ribcl Runtime ErrorsRibcl Login Runtime Errors LoginLogin Parameters Userinfo Parameter Userinfo Runtime ErrorUserinfo Adduser Parameters AdduserRemote Insight Command Language Adduser Runtime Errors Deleteuser Parameter Deleteuser Runtime ErrorsDeleteuser Getuser Parameter Getuser Runtime ErrorsGetuser Getuser Return Messages ModuserModuser Parameters Moduser Runtime Errors Getallusers Return Messages Getallusers Runtime ErrorGetallusers Getallusers ParametersGetalluserinfo Parameters Getalluserinfo Runtime ErrorsGetalluserinfo Getalluserinfo Return Messages RibinfoResetrib Runtime Errors ResetribRibinfo Runtime Errors Resetrib ParametersGetnetworksettings Return Messages GetnetworksettingsGetnetworksettings Parameters Getnetworksettings Runtime ErrorsDhcpwinsserver VALUE=Y Regwinsserver VALUE=Y ModnetworksettingsModnetworksettings /RIBINFO Login Ribcl Modnetworksettings Parameters User Guide Integrated Lights-Out Getglobalsettings Parameters GetglobalsettingsModnetworksettings Runtime Errors Getglobalsettings Return Messages ModglobalsettingsGetglobalsettings Runtime Errors Modglobalsettings Parameters User Guide Integrated Lights-Out Remote Insight Command Language Getsnmpimsettings Runtime Errors GetsnmpimsettingsModglobalsettings Runtime Errors Getsnmpimsettings ParametersModsnmpimsettings Parameters ModsnmpimsettingsModsnmpimsettings Runtime Errors Cleareventlog Parameters Cleareventlog Runtime ErrorsCleareventlog Updateribfirmware Runtime Errors UpdateribfirmwareUpdateribfirmware Parameters Getfwversion Return Messages Getfwversion Runtime ErrorsGetfwversion Getfwversion ParametersHotkeyconfig Parameters HotkeyconfigLicense Hotkeyconfig Runtime ErrorsLicense Parameters License Runtime ErrorsDirinfo Parameters GetdirconfigDirinfo Runtime Errors DirinfoGetdirconfig Return Messages Getdirconfig ParametersGetdirconfig Runtime Errors Moddirconfig Parameters ModdirconfigRackinfo Moddirconfig Runtime ErrorsRackinfo Parameters Rackinfo Runtime ErrorsModbladerack Modbladerack Parameters Getdiagportsettings Runtime Errors GetdiagportsettingsModbladerack Runtime Errors Getdiagportsettings ParametersModdiagportsettings Parameters ModdiagportsettingsGetdiagportsettings Return Messages Gettopology Moddiagportsettings Runtime ErrorsGettopology Return Message ServerinfoGettopology Parameters Serverinfo Parameter GethostpowerstatusServerinfo Runtime Errors Gethostpowerstatus Return Messages SethostpowerGethostpowerstatus Parameters Gethostpowerstatus Runtime ErrorsSethostpower Runtime Errors ResetserverSethostpower Parameters Presspwrbtn Parameters Resetserver ParametersResetserver Errors PresspwrbtnHoldpwrbtn Parameters Presspwrbtn Runtime ErrorsHoldpwrbtn Runtime Errors HoldpwrbtnColdbootserver Runtime Errors ColdbootserverColdbootserver Parameters Getuidstatus WarmbootserverWarmbootserver Parameters Warmbootserver Runtime ErrorsGetuidstatus Response UidcontrolGetuidstatus Parameters Insertvirtualmedia Parameters Uidcontrol ErrorsInsertvirtualmedia Uidcontrol ParametersInsertvirtualfloppy Runtime Errors Ejectvirtualmedia Parameters Ejectvirtualmedia Runtime ErrorsEjectvirtualmedia Getvmstatus Return Messages Getvmstatus Runtime ErrorsGetvmstatus Getvmstatus ParametersSetvmstatus Parameters SetvmstatusSetvmstatus Runtime Errors ILO Parameters Table ILO ParametersGlobal Settings ILO Parameters 333 SNMP/Insight Manager Settings ILO Parameters 335 ILO Status Server ID Server Status ParametersServer Name User Administration Parameters Virtual Power and Reset PasswordAdminister User Accounts Remote Console AccessPass-Through Configuration Idle Connection Timeout MinutesEnable Lights-Out Functionality Enable iLO RbsuRemote Console Data Encryption Require Login for iLO RbsuRemote Console Port Configuration Show iLO During PostVirtual Media Port Terminal Services PortWeb Server Non-SSL Port Web Server SSL PortNetwork Settings Parameters Serial Command Line Interface StatusSerial Command Line Interface Speed bits/second Minimum Password LengthSpeed Enable NICShared Network Port Transceiver Speed AutoselectILO IP Address Registering with Wins ServerRegistering with DNS Server Ping Gateway on StartupDhcp Server ILO Gateway IP AddressILO Subsystem Name Domain NameSnmp Alert Destinations SNMP/Insight Manager Settings ParametersEnable iLO Snmp Alerts Enable Snmp Pass-ThroughILO Advanced Pack License Key ILO Advanced License Activation SettingsInsight Manager Web Agent URL Level of Data ReturnedBay Rack NameEnclosure Name Bay NameDirectory Settings Parameters Power SourceEnable Automatic Power On Enable Rack Alert Logging IMLDirectory Server Address Enable Directory AuthenticationEnable Local User Accounts LOM Object PasswordClick Start Test Testing Directory SettingsClick Test Settings Core Attributes Directory Services SchemaHP Management Core Ldap OID Classes and Attributes Core ClassesHpqRole Core Class DefinitionsHpqTarget HpqRoleMembership Core Attribute DefinitionsHpqPolicy HpqPolicyDNHpqRoleIPRestrictions HpqRoleIPRestrictionDefaultHpqTargetMembership Directory Services Schema 357 HpqRoleTimeRestrictionLights-Out Management Attributes Lights-Out Management ClassesHpqLOMv100 Lights-Out Management Class DefinitionsLights-Out Management Attribute Definitions HpqLOMRightVirtualMedia HpqLOMRightLoginHpqLOMRightRemoteConsole HpqLOMRightConfigureSettings HpqLOMRightServerResetHpqLOMRightLocalUserAdmin Page Minimum Requirements Troubleshooting iLOILO Post LED Indicators Troubleshooting iLO 365 FEH Code Consistency Check Explanation Event Log EntriesTroubleshooting iLO 367 User Guide Integrated Lights-Out Troubleshooting iLO 369 Hardware and Software Link-Related Issues MS-DOS Error CodesSoftware Login IssuesHardware Directory User Premature Logout Login Name and Password Not AcceptedILO Management Port Not Accessible by Name Inability to Access the Login ILO Rbsu Unavailable after iLO and Server ResetInability to Connect to the iLO Diagnostic Port Inability to Access iLO Using TelnetInability to Connect to iLO after Changing Network Settings Inability to Connect to the iLO Processor through the NIC Firewall Issues Proxy Server Issues Troubleshooting Alert and Trap ProblemsAuthentication Code Error Message ILO Security Override SwitchLocal USB Mouse and Linux Troubleshooting Mouse ProblemsRemote Console Mouse Control Issue Mouse Issue Using SuSE LinuxLinux Remote Console Troubleshooting Remote Console ProblemsEmulating a PS/2 Keyboard in a Headless Server Environment User Guide Integrated Lights-Out Remote Console Text Window not Updating Properly PuTTY Client Unresponsive with Shared Network Port Troubleshooting SSH and Telnet ProblemsRemote Console Turns Grey or Black Initial PuTTY Input SlowSSH Text Support from a Remote Conosle Session Troubleshooting Terminal Services ProblemsTerminal Services Button Is Not Working Terminal Services Proxy Stops RespondingVideo Applications not Displaying in the Remote Console Troubleshooting Video and Monitor ProblemsGeneral Guidelines Telnet Displays Incorrectly in DOSVirtual Media Applet has a Red X and Will Not Display Troubleshooting Virtual Media ProblemsTroubleshooting Miscellaneous Problems Virtual Drive ListingCookie Order Behavior Cookie Sharing Between Browser Instances and iLOShared Instances Troubleshooting iLO 389 Displaying the Current Session Cookie Preventing Cookie-Related User IssuesIncorrect Time or Date of the Entries in the Event Log Inability to Upgrade iLO FirmwareILO Network Flash Recovery Diagnostic StepsFlash Recovery Process ROMPaq ILO Does Not Respond to SSL Requests Testing SSLRequest New Certificate Resetting iLOServer Name Still Present after Erase Utility is Executed Troubleshooting a Remote HostBefore You Contact HP Technical SupportHP Contact Information User Guide Integrated Lights-Out Acronyms and Abbreviations DAV ILO JVM MTU RDP SSL Page Index LAN Index Uidcontrol
Top Page Image Contents