Directory-Enabled Remote Management 203 | HP Integrated Lights-Out

Directory-Enabled Remote Management

203

In the example, security policy dictates general use is restricted to clients within the corporate subnet, and server reset capability is additionally restricted to after hours.

Alternatively, the directory administrator could create a role that grants the login right and restrict it to the corporate network, then create another role that grants only the server reset right and restrict it to after-hours operation. This configuration is easier to manage but more dangerous because on-going administration might create another role that grants users from addresses outside the corporate network the login right, which could unintentionally grant the LOM administrators in the server Reset role the ability to reset the server from anywhere, provided they satisfy the time constraints of that role.

Image 203

HP Integrated Lights-Out manual Directory-Enabled Remote Management 203

Contents

HP Integrated Lights-Out User Guide Audience Assumptions Contents User Guide Integrated Lights-Out ILO Security 135 Certificate Services 189 Insight Manager 7 Integration 223 Lights-Out DOS Utility 249 Login Modglobalsettings Moddiagport Settings ILO Parameters 331 Contents Technical Support 397 This Section Operational OverviewNew in This Version Network Connection Overview Usage Model Supported Server Operating System Software Supported Browsers Configuring Linux Font Size Linux Browser ConfigurationPage ILO Configuration Options Configuring iLO ILO Rbsu Browser-Based Setup Scripted Setup Installing iLO Device Drivers ILO Pre-requisite Files for Microsoft Installing or Updating the iLO Drivers for MicrosoftSelect Software and Drivers ILO Pre-Requisite Files for NetWare Installing or Updating iLO Drivers for NetWareNovell NetWare Server Driver Support Instaling or Updating iLO Linux and SuSE Drivers Red Hat Linux and SuSE Linux Server Driver SupportILO Pre-requisite Files for Red Hat and SuSE Linux Files Enabling iLO Advanced Functionality ILO Advanced License Options Activating iLO Advanced Features Using a BrowserILO Advanced Evaluation License User Guide Integrated Lights-Out Activating iLO Advanced Using Scripting ProLiant BL p-Class Configuration ProLiant BL p-Class User Requirements Static IP Bay Configuration Configuring Static IP Bay Settings Configuring a ProLiant BL p-Class Blade Enclosure User Guide Integrated Lights-Out ProLiant BL p-Class Advanced Configuration Parameters ProLiant BL p-Class Standard Configuration Parameters Ribcl Rackinfo Commands Enable iLO IP Address Assignment Modifying Static IP Bay Configuration Settings Ribcl Rackinfo Command ExamplesGetting Static IP Bay Configuration Settings Integration with Riloe II Accessory Boards Logging in to iLO for the First Time Using iLO Logging in to iLO for the First Time Using a Browser Using iLO User Guide Integrated Lights-Out Using iLO Help Progressive Delays for Failed Browser Login Attempts ILO Status System StatusStatus Summary Server Status ILO Event Log Integrated Management Log Post Diagnostic Results for the Host Server Server and iLO Diagnostics Virtual NMI Button Nvram Environment Variables Listing ILO Self-Test Results Remote Console Option Remote Console Remote Console Information Option Display Properties Enhanced Features of the Remote ConsoleRecommended Client Settings Optimizing Performance for Graphical Remote Console Mouse Properties Remote Console Linux SettingsRecommended Server Settings Remote Console Microsoft Windows Server 2003 Settings Microsoft Windows NT 4.0 and Windows 2000 Settings Remote Console Hot Keys Red Hat Linux and SuSE Linux Server SettingsNovell NetWare Settings Supported Hot Keys Remote Console Single-Cursor Single- and Dual-Cursor Modes for Graphical Remote Console Remote Console Dual-Cursor Virtual Devices Virtual Power Using iLO Virtual Media MS-DOS Operating System USB Support USB USB CD USB CD2 Select Local Floppy Drive Using iLO Virtual Media DevicesILO Virtual Floppy Click Connect Access iLO through a browser Connect Click Create Disk Image Select Local CD-ROM Drive ILO Virtual CD-ROM Using an Image File Virtual Media CD-ROM Operating System Notes Mounting USB Virtual Media CD in NetWare Mount /dev/scd0 /mnt/cdrom -t iso9660 Virtual Media Composite Device Support Select Local Floppy Drive Virtual Media Scripting Virtual Media Applet TimeoutILO Virtual Media Privilege Command Line Input Result Virtual Media Image Files Scripting Web Server Requirements CGI Helper Application Virtual Indicators Windows EMS Console Virtual Serial Port Virtual Serial Port and Linux Security Information Linux End-to-End Support AdministrationUser Administration Adding a New User Click View/Modify User Viewing or Modifying an Existing Users Settings Deleting a User Global SettingsClick Global Settings User Guide Integrated Lights-Out Network Settings Click Network Settings Using iLO ILO Diagnostic Port Configuration Parameters Recovering from a Failed iLO Firmware Update SNMP/Insight Manager Settings Enabling Snmp Alerts Generating Test Alerts Click Apply Settings Configure Insight Manager Integration Upgrade iLO Firmware Click Send firmware image Licensing Certificate Administration ProLiant BL p-Class Advanced Management Directory Settings User Guide Integrated Lights-Out Rack Settings Server Blade Management Module Power Management Module ILO Control of ProLiant BL p-Class Server LEDs Redundant Power Management Module Server Post Tracking Insufficient Power NotificationHot-Plug Keyboard Keyboard Definitions Hot-Plug Keyboard Recommended Usage Hot-Plug Keyboard Troubleshooting User Guide Integrated Lights-Out Terminal Services Client Requirements Terminal Services Pass-Through Option Windows RDP Pass-Through Service Terminal Services Pass-Through Installation Windows 2000 Terminal Services Port Change Enabling the Terminal Services Pass-Through Option Terminal Services Warning Message Terminal Services Pass-Through Status Terminal Services Button Display Remote Console and Terminal Services Clients ManagerMultifunction Adapters Terminal Services TroubleshootingComputerPropertiesRemoteRemote Desktop ViewerApplication HP ProLiant Essentials Rapid Deployment Pack IntegrationTelnet Support Telnet Simple Command Set Using Telnet Telnet Security Supported Key Sequences ILO VT100+ Key Map Altk Altlowerj Linux Codes for the F-Keys VT100+ Codes for the F-Keys Secure Shell Using Secure ShellUsing SSH Using PuTTY ILO Supported SSH FeaturesUsing OpenSSH ILO Shared Network Port Requirements ILO Shared Network Port ILO Shared Management Port Features and Restrictions Enabling the iLO Shared Network Port Feature Select AdministrationNetwork Settings Re-enabling the Dedicated iLO Management Port Select NetworkNICTCP/IP, and press the Enter key Command Line Interface Help CLI CommandsEscape Remcons Power Exit VspPage General Security Guidelines Security FeaturesILO Security Encryption ILO Security Override Switch Administration User Accounts Privileges Login Security Global Security Settings Password Guidelines Certificates Securing Rbsu Page Benefits of Directory Integration Directory Services Features Supported by Directory Integration Installing Directory Services Schema Documentation Directory Services Support Schema Required Software Schema Installer EDirectory Installation Prerequisites Schema Preview Setup Directory Services 151 Results Management Snap-In Installer Active Directory Installation Prerequisites Directory Services for Active Directory Directory Services Preparation for Active Directory Start MMC Install the Active Directory Schema snap-in in MMC Snap-In Installation and Initialization for Active Directory Directory Services 157 User Guide Integrated Lights-Out Directory Services 159 User Guide Integrated Lights-Out Directory Services 161 Directory Services Objects Active Directory Snap-Ins HP Devices Active Directory Role Restrictions Members User Guide Integrated Lights-Out Time Restrictions Enforced Client IP Address or DNS Name Access Remove Active Directory Lights-Out Management Snap-in Installation and Initialization for eDirectory Directory Services for eDirectory User Guide Integrated Lights-Out Directory Services 173 Apply Directory Services 175 Directory Services Objects for eDirectory Role Managed Devices Role Restrictions EDirectory Role Restrictions Time Restrictions Delete Lights-Out Management Directory Services 183 Configuring Directory Settings Directory Services 185 Directory Tests User Login Using Directory Services User Guide Integrated Lights-Out Installing Certificate Services Certificate ServicesIntroduction to Certificate Services Configuring Automatic Certificate Request Verifying Directory Services Certificate Services 191 Page Introduction to Directory-Enabled Remote Management Directory-Enabled Remote Management Using Bulk Import Tools Using Existing Groups Using Multiple Roles AdminUserAdminRole Server UserRole Role Time Restrictions Creating Roles to Follow Organizational StructureRestricting Roles DNS-Based Restrictions IP Address Range RestrictionsIP Address and Subnet Mask Restrictions Role Address Restrictions How Directory Login Restrictions are Enforced User Address Restrictions How User Time Restrictions are Enforced Creating Multiple Restrictions and Roles Directory-Enabled Remote Management 203 User Guide Integrated Lights-Out Introduction to Lights-Out Migration Utilities Lights-Out Directories Migration Utilities Compatibility Pre-Migration Checklist HP Lights-Out Directory Package Finding Management Processors Hpqlomig Operation Lights-Out Directories Migration Utilities 209 Upgrading Firmware on Management Processors Enter your Login NamePassword and click Find Lights-Out Directories Migration Utilities 211 Naming Management Processors Select either Use Network Address or Create Name Using Index Configuring Directories Browse Click Update Directory Setting Up Management Processors for Directories Click Configure Hpqlomgc Operation Directory is updated Launching Hpqlomgc Using Application LaunchFirmware version is validated and updated if necessary Management processor directory settings are updated Lights-Out Directories Migration Utilities 219 Hpqlomgc Command Language Iloconfig Page Integrating iLO with Insight Manager Insight Manager 7 Integration Identification and Association Functional Overview Links StatusQueries Configuring Identification of iLO Insight Manager 7 Integration 227 Receiving Snmp Alerts in Insight Manager Port Matching Insight Manager 7 Integration 229 User Guide Integrated Lights-Out ProLiant BL p-Class Rack Visualization User Guide Integrated Lights-Out Integrating iLO with Systems Insight Manager Systems Insight Manager Integration Systems Insight Manager Functional Overview System Insight Manager Status System Insight Manager Identification and Association System Insight Manager Systems Lists Configuring System Insight Manager Identification of iLOSystem Insight Manager Links Receiving Snmp Alerts in Systems Insight Manager System Insight Manager Port Matching Systems Insight Manager Integration 239 Page Lights-Out Configuration Utility Group Administration and iLO Scripting \PROGRAM FILES\INSIGHT MANAGER\HP\SYTEMS Select Management Processor and click OK Query Definition in Insight Manager Application Launch Using Insight Manager Create a Customized List Create a Custom CommandClick ToolsCustom CommandsNew Custom Command Click either Schedule or Run Now Create a Task Lights-Out Configuration Utility Parameters Batch Processing Using the Lights-Out Configuration Utility Cpqlocfg Overview of the Lights-Out DOS Utility Lights-Out DOS Utility Cpqlodos General Guidelines Command Line ArgumentsCpqlodos Recommended Usage Lights-Out DOS Utility 251 Cpqlodos Parameter Ribcl XML Commands for CpqlodosCpqlodos Runtime Error Adduser Parameters Adduser Runtime Errors Setlicense Parameter Setlicense Runtime Errors XML Enhancements Using Perl with the XML Scripting InterfacePerl Scripting XML script modification Opening an SSL Connection Sending the XML Header and Script Body Perl Scripting 259 User Guide Integrated Lights-Out Hponcfg Supported Operating Systems Hponcfg Online Configuration UtilityHponcfg Hponcfg Requirements Hponcfg Installation and Usage Linux Server Installation Windows Server Installation Using Hponcfg Hponcfg Command Line Parameters Hponcfg Usage Model Obtaining an Entire Configuration Sample adduser.xml input file Creating a User Account Hponcfg Online Configuration Utility Page Remote Insight Command Language Ribcl and ProLiant BL p-Class Servers Overview of the Remote Insight Board Command Language Data Types Ribcl Sample Scripts Ribcl General GuidelinesXML Header Boolean String Response DefinitionsString Specific String Ribcl Parameter Ribcl Runtime ErrorsRibcl Login Runtime Errors LoginLogin Parameters Userinfo Parameter Userinfo Runtime ErrorUserinfo Adduser Parameters Adduser Remote Insight Command Language Adduser Runtime Errors Deleteuser Parameter Deleteuser Runtime ErrorsDeleteuser Getuser Parameter Getuser Runtime ErrorsGetuser Getuser Return Messages Moduser Moduser Parameters Moduser Runtime Errors Getallusers Return Messages Getallusers Runtime ErrorGetallusers Getallusers Parameters Getalluserinfo Parameters Getalluserinfo Runtime ErrorsGetalluserinfo Getalluserinfo Return Messages Ribinfo Resetrib Runtime Errors ResetribRibinfo Runtime Errors Resetrib Parameters Getnetworksettings Return Messages GetnetworksettingsGetnetworksettings Parameters Getnetworksettings Runtime Errors Dhcpwinsserver VALUE=Y Regwinsserver VALUE=Y Modnetworksettings Modnetworksettings /RIBINFO Login Ribcl Modnetworksettings Parameters User Guide Integrated Lights-Out Getglobalsettings Parameters GetglobalsettingsModnetworksettings Runtime Errors Getglobalsettings Return Messages ModglobalsettingsGetglobalsettings Runtime Errors Modglobalsettings Parameters User Guide Integrated Lights-Out Remote Insight Command Language Getsnmpimsettings Runtime Errors GetsnmpimsettingsModglobalsettings Runtime Errors Getsnmpimsettings Parameters Modsnmpimsettings Parameters Modsnmpimsettings Modsnmpimsettings Runtime Errors Cleareventlog Parameters Cleareventlog Runtime ErrorsCleareventlog Updateribfirmware Runtime Errors UpdateribfirmwareUpdateribfirmware Parameters Getfwversion Return Messages Getfwversion Runtime ErrorsGetfwversion Getfwversion Parameters Hotkeyconfig Parameters Hotkeyconfig License Hotkeyconfig Runtime Errors License Parameters License Runtime Errors Dirinfo Parameters GetdirconfigDirinfo Runtime Errors Dirinfo Getdirconfig Return Messages Getdirconfig ParametersGetdirconfig Runtime Errors Moddirconfig Parameters Moddirconfig Rackinfo Moddirconfig Runtime Errors Rackinfo Parameters Rackinfo Runtime ErrorsModbladerack Modbladerack Parameters Getdiagportsettings Runtime Errors GetdiagportsettingsModbladerack Runtime Errors Getdiagportsettings Parameters Moddiagportsettings Parameters ModdiagportsettingsGetdiagportsettings Return Messages Gettopology Moddiagportsettings Runtime Errors Gettopology Return Message ServerinfoGettopology Parameters Serverinfo Parameter GethostpowerstatusServerinfo Runtime Errors Gethostpowerstatus Return Messages SethostpowerGethostpowerstatus Parameters Gethostpowerstatus Runtime Errors Sethostpower Runtime Errors ResetserverSethostpower Parameters Presspwrbtn Parameters Resetserver ParametersResetserver Errors Presspwrbtn Holdpwrbtn Parameters Presspwrbtn Runtime ErrorsHoldpwrbtn Runtime Errors Holdpwrbtn Coldbootserver Runtime Errors ColdbootserverColdbootserver Parameters Getuidstatus WarmbootserverWarmbootserver Parameters Warmbootserver Runtime Errors Getuidstatus Response UidcontrolGetuidstatus Parameters Insertvirtualmedia Parameters Uidcontrol ErrorsInsertvirtualmedia Uidcontrol Parameters Insertvirtualfloppy Runtime Errors Ejectvirtualmedia Parameters Ejectvirtualmedia Runtime ErrorsEjectvirtualmedia Getvmstatus Return Messages Getvmstatus Runtime ErrorsGetvmstatus Getvmstatus Parameters Setvmstatus Parameters Setvmstatus Setvmstatus Runtime Errors ILO Parameters Table ILO Parameters Global Settings ILO Parameters 333 SNMP/Insight Manager Settings ILO Parameters 335 ILO Status Server ID Server Status ParametersServer Name User Administration Parameters Virtual Power and Reset PasswordAdminister User Accounts Remote Console Access Pass-Through Configuration Idle Connection Timeout MinutesEnable Lights-Out Functionality Enable iLO Rbsu Remote Console Data Encryption Require Login for iLO RbsuRemote Console Port Configuration Show iLO During Post Virtual Media Port Terminal Services PortWeb Server Non-SSL Port Web Server SSL Port Network Settings Parameters Serial Command Line Interface StatusSerial Command Line Interface Speed bits/second Minimum Password Length Speed Enable NICShared Network Port Transceiver Speed Autoselect ILO IP Address Registering with Wins ServerRegistering with DNS Server Ping Gateway on Startup Dhcp Server ILO Gateway IP AddressILO Subsystem Name Domain Name Snmp Alert Destinations SNMP/Insight Manager Settings ParametersEnable iLO Snmp Alerts Enable Snmp Pass-Through ILO Advanced Pack License Key ILO Advanced License Activation SettingsInsight Manager Web Agent URL Level of Data Returned Bay Rack NameEnclosure Name Bay Name Directory Settings Parameters Power SourceEnable Automatic Power On Enable Rack Alert Logging IML Directory Server Address Enable Directory AuthenticationEnable Local User Accounts LOM Object Password Click Start Test Testing Directory SettingsClick Test Settings Core Attributes Directory Services SchemaHP Management Core Ldap OID Classes and Attributes Core Classes HpqRole Core Class DefinitionsHpqTarget HpqRoleMembership Core Attribute DefinitionsHpqPolicy HpqPolicyDN HpqRoleIPRestrictions HpqRoleIPRestrictionDefaultHpqTargetMembership Directory Services Schema 357 HpqRoleTimeRestriction Lights-Out Management Attributes Lights-Out Management Classes HpqLOMv100 Lights-Out Management Class DefinitionsLights-Out Management Attribute Definitions HpqLOMRightVirtualMedia HpqLOMRightLoginHpqLOMRightRemoteConsole HpqLOMRightConfigureSettings HpqLOMRightServerResetHpqLOMRightLocalUserAdmin Page Minimum Requirements Troubleshooting iLO ILO Post LED Indicators Troubleshooting iLO 365 FEH Code Consistency Check Explanation Event Log Entries Troubleshooting iLO 367 User Guide Integrated Lights-Out Troubleshooting iLO 369 Hardware and Software Link-Related Issues MS-DOS Error Codes Software Login IssuesHardware Directory User Premature Logout Login Name and Password Not AcceptedILO Management Port Not Accessible by Name Inability to Access the Login ILO Rbsu Unavailable after iLO and Server Reset Inability to Connect to the iLO Diagnostic Port Inability to Access iLO Using TelnetInability to Connect to iLO after Changing Network Settings Inability to Connect to the iLO Processor through the NIC Firewall Issues Proxy Server Issues Troubleshooting Alert and Trap Problems Authentication Code Error Message ILO Security Override Switch Local USB Mouse and Linux Troubleshooting Mouse Problems Remote Console Mouse Control Issue Mouse Issue Using SuSE Linux Linux Remote Console Troubleshooting Remote Console ProblemsEmulating a PS/2 Keyboard in a Headless Server Environment User Guide Integrated Lights-Out Remote Console Text Window not Updating Properly PuTTY Client Unresponsive with Shared Network Port Troubleshooting SSH and Telnet ProblemsRemote Console Turns Grey or Black Initial PuTTY Input Slow SSH Text Support from a Remote Conosle Session Troubleshooting Terminal Services ProblemsTerminal Services Button Is Not Working Terminal Services Proxy Stops Responding Video Applications not Displaying in the Remote Console Troubleshooting Video and Monitor ProblemsGeneral Guidelines Telnet Displays Incorrectly in DOS Virtual Media Applet has a Red X and Will Not Display Troubleshooting Virtual Media ProblemsTroubleshooting Miscellaneous Problems Virtual Drive Listing Cookie Order Behavior Cookie Sharing Between Browser Instances and iLOShared Instances Troubleshooting iLO 389 Displaying the Current Session Cookie Preventing Cookie-Related User Issues Incorrect Time or Date of the Entries in the Event Log Inability to Upgrade iLO FirmwareILO Network Flash Recovery Diagnostic Steps Flash Recovery Process ROMPaq ILO Does Not Respond to SSL Requests Testing SSL Request New Certificate Resetting iLO Server Name Still Present after Erase Utility is Executed Troubleshooting a Remote Host Before You Contact HP Technical SupportHP Contact Information User Guide Integrated Lights-Out Acronyms and Abbreviations DAV ILO JVM MTU RDP SSL Page Index LAN Index Uidcontrol