Home » HP Manuals » Desktops » HP BL680c » Manual Viewer

HP BL680c HP Virtual Connect Enterprise Manager User Guide - Page 81

Removing an external manager account

UPC - 884420396314

Add to My Manuals
Save this manual to your list of manuals

Page 81 highlights

11 Removing an external manager account For VCEM to manage VC Domains (using the Virtual Connect Manager, the embedded software in a Virtual Connect Ethernet module) VCEM uses programmatic interfaces with each Virtual Connect Manager. VCEM automatically creates an external manager account in each Virtual Connect Manager for subsequent authentication. NOTE: VCEM uses a Secure Sockets Layer (SSL) connection provided by HP SIM. For more information about the available cipher suites and how to enable or disable them, see the Understanding HP SIM security white paper at http://h18013.www1.hp.com/products/servers/management/hpsim/infolibrary.html. VCEM creates a local account on each Virtual Connect Manager it manages. To prevent inadvertent modification, this account is not visible from the user-interface on the Virtual Connect Manager associated with the VC Domain being managed by VCEM. This account has full privileges to the Virtual Connect Manager and the credentials are used for SOAP interfaces with the Virtual Connect Manager, using a connection over Secure Sockets Layer (SSL). These credentials are securely stored on the Central Management Server (CMS) used to run VCEM. Each Virtual Connect Manager managed by VCEM has a unique, randomly generated password. Removing the external manager account removes Virtual Connect Manager from VCEM control. Remove the account using the following methods: • Preferred method-Uses the VCEM user-interface and removes the account from the Virtual Connect Manager and the credential store from VCEM. • Remove the VC Domain from the VC Domain Group • Secondary method-Uses the Virtual Connect Manager command line interface to remove the account from the Virtual Connect Manager. If the preferred method is not possible, then the Virtual Connect Manager supports command line interfaces that allow the external manager account to be deleted from the Virtual Connect Manager and allow a Virtual Connect Manager to be removed from VCEM control. To remove the external manager account: 1. Telnet in to the Virtual Connect Manager using an SSH connection such as SSH [email protected], where xxx is the VC Domain IP address. 2. To determine the username of the external manager account, from the Virtual Connect Manager command prompt, enter show external-manager. For this example, assume the username returned was xyz. 3. To disable the account, from the Virtual Connect Manager command prompt, enter set external-manager Username=xyz Enabled=false If VC Domain firmware is 2.0x, perform the following: • To remove the account and release the VC Domain from VCEM control, from the Virtual Connect Manager command prompt, enter remove external-manager Username=xyz mactype= MacStart= MacEnd= wwnType= WwnStart= WwnEnd= serverIdType= serverIdStart= serverIdEnd= NOTE: "-quiet" is an option to suppress user confirmation prompts. This option is useful for scripting operations. This option is available for VC firmware 2.0x for the disable account, remove the account, and release ranges commands. For more information, see the HP Virtual Connect Manager Command Line Interface User Guide. 81

Section	Page
HP Virtual Connect Enterprise Manager	1
Table of Contents	3
About this document	9
Intended audience	9
Publishing history	9
Related documents	9
HP encourages your comments	9
1 Introduction	11
Key features and benefits	11
Key features	11
Key benefits	11
What's new	12
Platform support	12
Architectural overview	12
HP Virtual Connect technology	12
Managing HP Virtual Connect	13
HP Virtual Connect Manager	13
HP Virtual Connect Enterprise Manager	14
VCEM operations	14
Setup and configuration summary	15
2 Installing and configuring VCEM	17
Preparing for a VCEM installation	17
Installing VCEM	17
Performing post-installation configuration tasks	17
Post-installation configuration tasks	17
VCEM home page	19
3 Managing VC Domains	21
VC Domains	21
Requirements for adding a VC Domain to a VC Domain Group	22
Mixed Virtual Connect firmware versions and firmware compatibility in a VC Domain Group	25
Virtual Connect 2.3x features that must be disabled in a VC Domain to be part of the VC Domain Group with Virtual Connect firmware 2.1x	26
Virtual Connect 2.1x features that must be disabled in a VC Domain to be part of the VC Domain Group with Virtual Connect firmware 2.0x	28
VC Domain tasks	30
Licensing an enclosure for VCEM	30
Creating a VC Domain Group	31
Adding a VC Domain to a VC Domain Group	32
Removing a VC Domain from a VC Domain Group	33
Working with multienclosure VC Domains	34
VC Domain Maintenance	36
VC Domain Group configuration replicated to other VC Domains during VC Domain Maintenance	38
Performing VC Domain Maintenance	39
Backing up and restoring domain configurations through VC Domain Maintenance	40
Changes in Virtual Connect Manager that might affect completing VC Domain Maintenance	41
Working with HP Virtual Connect 8Gb Fibre Channel Module for c-Class BladeSystem	41
Adding or removing remote enclosures from a multienclosure domain in VC Domain Maintenance	41
Canceling a VC Domain Maintenance task	41
Resynchronizing a VC Domain with Configuration Mismatch	42
4 Managing VC Domain Groups	43
VC Domain Groups	43
Creating a VC Domain Group	44
Maintaining a VC Domain from the VC Domain Group page	45
Canceling a VC Domain Group maintenance task	46
Upgrading VC Domain Group Firmware Mode	46
Deleting a VC Domain Group	46
Adding or removing VC modules to VC Domain Group configuration	48
Moving Ethernet networks (VLANs tagged) from one shared uplink to another	49
Correlating VCEM operations in HP SIM and Virtual Connect logs	49
5 Managing server profiles	51
Profiles	51
Creating a profile	53
Configuring the target boot LUN	53
Configuring multiple networks	54
Configuring Network Port Speed	55
Deleting a profile	56
Editing a profile	56
Verifying the presence of EFI partition data	56
Assigning a profile	57
Unassigning a profile	57
Copying and assigning a profile to a bay	57
Moving a profile	58
Performing a VC Profile Failover	58
Preconditions for VC Profile Failover	59
Designating spare bays	59
Initiating VC Profile Failover through the VCEM CLI	59
Initiating VC Profile Failover through the VCEM GUI	59
Initiating VC Profile Failover using HP SIM Automatic Event Handling	59
6 Managing bays	61
Bays	61
Powering down a bay	62
Assigning a profile to a bay	63
Unassigning a profile from a bay	63
Designating spare bays	64
Performing a VC Profile Failover	64
Preconditions for VC Profile Failover	65
Designating spare bays	65
Initiating VC Profile Failover through the VCEM CLI	65
Initiating VC Profile Failover through the VCEM GUI	65
Initiating VC Profile Failover using HP SIM Automatic Event Handling	65
7 Managing MAC and WWN addresses	67
MAC Addresses	67
Tracking individual MAC addresses	67
Creating MAC exclusion ranges	68
Deleting MAC exclusion ranges	68
Reclaiming external MAC addresses	68
Adding custom MAC address ranges	69
Editing custom MAC address ranges	69
Removing custom MAC address ranges	69
WWN Addresses	69
Tracking individual WWN addresses	70
Creating WWN exclusion ranges	70
Deleting WWN exclusion ranges	71
Allocating WWN addresses	71
Reclaiming external WWN addresses	72
Adding custom WWN address ranges	72
Editing custom WWN address ranges	73
Deleting custom WWN address ranges	73
8 Working with Logical Serial Numbers	75
Logical Serial Numbers	75
Identifying logical serial number values	75
9 Tracking VCEM job status	77
Jobs	77
Job status message window	77
Reviewing job details	78
Deleting jobs	78
10 Upgrading Virtual Connect firmware after VCEM is managing VC Domains	79
Preparation checklist	79
Performing the firmware update using the VC Domain Maintenance capability	79
11 Removing an external manager account	81
12 Command Line Interface usage in VCEM	83
Perform VC profile failover on specified VC Domain bay server	83
List details for specified VCEM job	83
Show CLI usage online help	84
CLI exit and error codes	85
13 Troubleshooting VCEM	87
Troubleshooting	87
Unauthorized error when trying to access the VCEM home page	87
A job appears with Failed status	87
Enclosure has two Onboard Administrators, and one fails	87
VCEM is prompting for Onboard Administrator credentials on a configured VC Domain	87
Virtual Connect Manager does not accept Onboard Administrator credentials	87
Unable to add VC Domain to a VC Domain Group	88
Unable to add an unconfigured VC Domain to a VC Domain Group	88
Cannot access VC Domain from Virtual Connect Manager after a data migration has been performed	89
Cannot manage a VC Domain when VC module failover is taking place	89
VC Domain displays Missing External Manager lock status	89
VC Domain displays Configuration Mismatch status	90
VC Domain displays Connectivity failure status	90
Cannot resynchronize VC Domain that is in Configuration Mismatch state	91
Operation fails to perform in the VC Domain or VC Domain Group under maintenance status	91
Remove from VC Domain Group job is successful but with errors	92
VC Domain displays Expired License status	92
Error on database operation occurs	93
Errors occur while loading VCEM pages	93
Failed to execute VCEM operation because VC firmware not supported	93
Creating a server profile or adding a VC Domain to a VC Domain Group fails	94
Uninstalling VCEM	94
Backing up and restoring VCEM	94
No HP-predefined ranges for MAC and WWN addresses in VC Domain Groups	95
Cannot change the MAC/WWN/Serial Number ranges in Virtual Connect Manager when there are server profiles	95
VCEM database is inaccessible or irretrievable with no backup, or VCEM file systems are corrupt with no backup	95
Enclosure has a hardware failure and must be replaced	96
Replace VC modules in a VC Domain managed by VCEM	96
Failover fails to initiate with an ERROR (30) - Could not initiate failover; nested exception is: java.net.SocketTimeoutException: Read timed out	97
VC Profile Failover fails during Onboard Administrator replacement	97
VCEM cannot power down ProLiant server model BL465 G1	97
After VC Domain is removed from VC Domain Group in VCEM, profile with external-managed status cannot be edited through Virtual Connect Manager	97
Server profile edit operation fails when target server is powered on	97
Server profile network connections that use multiple networks are not working	98
Server profile network configuration was lost	98
VC Domain status is \	98
Server profile job completed with success but changes have not occurred	98
VCEM getting started online help screen does not appear automatically at HP SIM login	99
HP SIM customizations for VCEM have not taken place	99
After a server profile failover, some connections defined in the server profile are not functional	100
Server profiles are not displaying physical port mapping and allocated bandwidth information	100
VCEM page displays \	100
VC Domain not discovered by HP SIM	100
Create VC Domain Group or Add VC Domain to VC Domain Group operations fail and the message \	101
Profile move, assign, or failover operations fail and the message \	101
VC Domain Maintenance operation fails when moving Ethernet networks (VLANs tagged) from a deleted shared uplink set to another	101
14 HP services and technical support	103
HP contact information	103
Glossary	105

Match case Limit results 1 per page

11 Removing an external manager account

For VCEM to manage VC Domains (using the Virtual Connect Manager, the embedded software in a Virtual

Connect Ethernet module) VCEM uses programmatic interfaces with each Virtual Connect Manager. VCEM

automatically creates an external manager account in each Virtual Connect Manager for subsequent

authentication.

NOTE:

VCEM uses a Secure Sockets Layer (SSL) connection provided by HP SIM. For more information

about the available cipher suites and how to enable or disable them, see the

Understanding HP SIM security

white paper at

tp://h1

.hp

.com/pr

oduc

ts/ser

ers/manag

ent/hpsim/inf

olibr

.html

VCEM creates a local account on each Virtual Connect Manager it manages. To prevent inadvertent

modification, this account is not visible from the user-interface on the Virtual Connect Manager associated

with the VC Domain being managed by VCEM. This account has full privileges to the Virtual Connect

Manager and the credentials are used for SOAP interfaces with the Virtual Connect Manager, using a

connection over Secure Sockets Layer (SSL). These credentials are securely stored on the Central Management

Server (CMS) used to run VCEM. Each Virtual Connect Manager managed by VCEM has a unique, randomly

generated password.

Removing the external manager account removes Virtual Connect Manager from VCEM control. Remove

the account using the following methods:

•

Preferred method—Uses the VCEM user-interface and removes the account from the Virtual Connect

Manager and the credential store from VCEM.

•

Remove the VC Domain from the VC Domain Group

•

Secondary method—Uses the Virtual Connect Manager command line interface to remove the account

from the Virtual Connect Manager.

If the preferred method is not possible, then the Virtual Connect Manager supports command line

interfaces that allow the external manager account to be deleted from the Virtual Connect Manager

and allow a Virtual Connect Manager to be removed from VCEM control.

To remove the external manager account:

Telnet in to the Virtual Connect Manager using an SSH connection such as SSH

Administrator@

xxx.xxx.xxx.xxx

, where

xxx

is the VC Domain IP address.

To determine the username of the external manager account, from the Virtual Connect Manager

command prompt, enter

show external-manager

. For this example, assume the username

returned was

xyz

To disable the account, from the Virtual Connect Manager command prompt, enter

set external-manager Username=xyz Enabled=false

If VC Domain firmware is 2.0x, perform the following:

•

To remove the account and release the VC Domain from VCEM control, from the Virtual

Connect Manager command prompt, enter

remove external-manager Username=xyz

mactype=<Factory-Default/User-Defined> MacStart=<> MacEnd=<>

wwnType=<Factory-Default/User-Defined> WwnStart=<> WwnEnd=<>

serverIdType=<Factory-Default/User-Defined> serverIdStart=<>

serverIdEnd=<>

NOTE:

"-quiet" is an option to suppress user confirmation prompts. This option is useful for scripting

operations. This option is available for VC firmware 2.0x for the disable account, remove the account,

and release ranges commands.

For more information, see the

HP Virtual Connect Manager Command Line Interface User Guide