Home » HP Manuals » Servers » HP Integrity Superdome 2 16-socket » Manual Viewer

HP Integrity Superdome 2 16-socket HP Integrity Superdome 2 Onboard Administra - Page 148

Connect to Directory Server, Connect using SSL, Certificate of Directory Server, User Authentication

View all HP Integrity Superdome 2 16-socket manuals

Add to My Manuals
Save this manual to your list of manuals

Page 148 highlights

A successful test reports that Onboard Administrator is able to resolve the Directory Server host name using domain name. A failed test reports that Onboard Administrator is unable to resolve the Directory Server host name. The administrator must be sure that the directory server host name is correct and that the host name is correct for the directory server. Connect to Directory Server This test attempts to connect to the specified directory server IP address and service port. A successful connection attempt indicates that the directory service is running and available at the specified directory server and port. A successful test reports that Onboard Administrator can establish a connection to the directory server at the host name or address and the port number specified. The successful test reports that there is network service available. A failed test reports that Onboard Administrator cannot establish a connection to the directory server. The unsuccessful test reports that the network service is not available. The administrator must verify the host name or address and port number. Connect using SSL This test verifies that the directory server is providing the directory service over an SSL connection. A successful test reports that Onboard Administrator can establish an SSL connection to the directory server host name or IP address and port. The network service is available as a secure SSL connection. A failed test reports that the network service is not available as a secure SSL connection and the Onboard Administrator does not allow this type of connection. The administrator must identify a directory server that supports SSL connections or reconfigure the directory server to use SSL connections. Certificate of Directory Server If the directory server SSL certificate has been loaded onto Onboard Administrator, be sure that the certificate provided by the directory server matches the current certificate stored on Onboard Administrator. If the directory server SSL certificate has not been loaded, then this test does not run. A successful test reports that Onboard Administrator was able to validate the directory server certificate against the certificates stored on Onboard Administrator for the specified directory server. A failed test reports that the directory server certificate stored on Onboard Administrator does not match the certificate provided on the SSL connection. User Authentication This test attempts to log in the user to the directory using the user name and password provided. If this fails, then each search context is attempted. If a search context begins with the character @, then the DN used to log in is the search name concatenated to the user name entered. Otherwise, the search DN used to log in is constructed as follows: cn=,. The result from this test identifies the search context that was successful in authenticating the user. User Authorization After a user has successfully authenticated and logged into Onboard Administrator, the configured directory group to which the user belongs is identified. A user can belong to multiple directory groups, so the directory group that gives the user the most privileges is identified. A successful test reports the directory group with the highest privilege levels for the authenticated user. 148 Configuring HP Integrity Superdome 2 compute enclosures and enclosure devices

Section	Page
HP Integrity Superdome 2 Onboard Administrator User Guide	1
Contents	3
1 Introduction	8
Overview	8
Access requirements	10
Onboard Administrator overview	11
Detecting component insertion and removal	11
Identifying components	11
Managing power and cooling	12
Controlling components	12
Managing partitions	12
Interfaces	12
Onboard Administrator user interfaces	13
Onboard Administrator authentication	13
Running Onboard Administrator for the first time	14
Logging on to the Onboard Administrator GUI	15
Running the setup wizard	15
Using online help	16
Changing enclosure and device configurations	16
Recovering the administrator password	17
2 HP Integrity Superdome 2 Insight Display	18
HP Integrity Superdome 2 Insight Display components	18
Insight Display overview	18
Running the Insight Display installation	19
Navigating the Insight Display	23
Health Summary screen	24
Enclosure Settings screen	25
Enclosure Info screen	26
Blade and Port Info screen	27
Turn Enclosure UID On/Off screen	28
View User Note screen	29
Chat Mode screen	29
Insight Display errors	30
Power errors	30
Cooling errors	30
Location errors	31
Configuration errors	31
Device failure errors	31
3 HP Superdome 2 Door Status Display	32
Before running Door Display setup	32
Setting up the Door Display	32
Door Display status menu	36
Display Settings menu	38
Firmware Update menu	39
4 First Time Setup Wizard	41
Before you begin	41
Enclosure Selection screen	41
Configuration Management screen	42
Rack and Enclosure Settings screen	43
Administrator Account Setup screen	44
Local User Accounts screen	45
Enclosure Bay IP Addressing screen	47
Directory Groups screen	48
Directory Settings screen	49
Onboard Administrator Network Settings screen	50
SNMP Settings screen	50
Power Management screen	51
Finish	53
5 Navigating Onboard Administrator	55
Navigation overview	55
Tree view	55
Graphical view navigation	57
6 Complex Overview	60
Complex Overview screen	60
Compute Enclosures tab	61
Power and Thermal tab	61
Complex Information screen	63
Status tab	63
Information tab	65
Complex Logs tab	67
Complex CLI Tab	67
Complex Information: Firmware Management	67
Complex Firmware Summary screen	67
Online complex firmware update on Superdome 2	68
Introduction	68
Services unavailable	69
Management Processor access	69
IPMI	70
Event logs	70
IPMI Watchdog	70
Partition ID	70
Console	71
System Firmware Services During Boot, Shutdown, etc.	71
Affected OS Commands	72
Network Services to OA	72
Frequently asked questions:	72
Known issues:	73
hpvminfo command qualifiers fail	73
Newly created HPVM guests cannot be started	73
Serviceguard Manager performance degradation and proxy errors	74
cimserver shutdown and startup fail	74
cimauth is unable to add authorizations	74
cprop command qualifiers fail	74
SMH is unable to query memory or enclosure information	74
setboot and related commands are unable to display or modify boot variables	74
wbemassist namespace error	74
par* and vpar* commands fail	74
Firmware Update screen	74
Enclosure DVD Module screen	77
7 Configuring HP Integrity Superdome 2 compute enclosures and enclosure devices	79
Viewing the status screens	79
Enclosure settings	80
Enclosure Settings screen	80
Enclosure Information tab	82
AlertMail screen	83
Device Power Sequence Device Bays tabs	85
Device Power Sequence Interconnect Bays tab	87
Date and Time screen	87
Enclosure TCP/IP Settings screen	88
Network Access screen	89
Trusted Hosts tab	90
Anonymous Data tab	91
Link Loss Failover screen	91
Enclosure Bay IP Addressing screen	91
SNMP Settings screen	94
Configuration Scripts screen	96
Device Summary screen	97
Active to Standby screen	98
Onboard Administrator Module	98
Active Onboard Administrator screen	98
Active Onboard Administrator Status and Information tab	99
Active Onboard Administrator Virtual Buttons tab	100
TCP/IP Settings screen	101
Certificate Administration screen	102
Certificate Request tab	103
Active Onboard Administrator Certificate Upload tab	106
System log	106
Log Options tab	109
Standby Onboard Administrator screen	109
TCP/IP Settings for Standby Onboard Administrator	110
Standby Onboard Administrator Virtual Buttons tab	110
Standby Certificate Request tab	110
Standby Onboard Administrator Certificate Upload tab	110
Device bays	111
Device Bay Overview screen	111
Device Bay Information - Bay xx screen	113
Device Bay Information tab	116
Device bay virtual buttons tab	118
Interconnect bays	118
Interconnect Bay Summary screen	118
Interconnect Bay Information screen	119
Interconnect Bay Information tab	121
Interconnect Bay Virtual Buttons tab	122
Port Mapping - Interconnect Bay screen	122
XFM bays	123
XFM Bay Summary screen	123
XFM Bay Information - Bay screen	124
XFM Bay Status tab	125
XFM Bay Information tab	126
XFM Bay Virtual Buttons	126
GPSM bays	127
GPSM Bay Summary screen	127
GPSM Bay Information screen	128
GPSM Status tab	128
GPSM Bay Information tab	129
GPSM Virtual Buttons	129
Enclosure power management	129
Planning power management	129
Power and Thermal screen	130
Power Management screen	131
Enclosure Power Allocation screen	132
Enclosure Power Meter screen	133
Power Subsystem screen	133
Power Supply Information - Bay screen	135
Fans and cooling management	136
Thermal Subsystem screen	136
Thermal Subsystem Fan Zones tab	137
Superdome 2 Enclosure fan location rules	139
Fan Information - Bay screen	139
Managing users	140
Users/Authentication	140
User roles and privilege levels	141
Role-based user accounts	141
Local Users screen	142
Add Local User	142
Edit Local User	143
Edit Local User Certificate Information tab	145
Password Settings screen	145
Directory Settings screen	146
Uploading a certificate	146
Directory Certificate Upload tab	147
Directory Test Settings tab	147
Directory Groups	149
Add an LDAP Group screen	150
Edit an LDAP Group screen	151
SSH Administration screen	152
HP SIM Integration screen	153
Edit Local User Certificate Information tab	154
Two-Factor Authentication screen	154
Two-Factor Authentication Certificate Information tab	154
Two-Factor Authentication Certificate Upload tab	155
Signed In users	155
Session Options tab	156
Insight Display	156
Management network IP dependencies	156
8 HP Integrity Superdome 2 IOX Enclosures	157
IOX Enclosure Information screen	157
IOX Power and Thermal screen	159
IOX Power Subsystem screen	160
IOX Power Supply screen	161
IOX Thermal Subsystem screen	161
9 Port mapping	163
Device bay port mapping for Superdome 2 Compute Enclosures	163
Device bay port mapping tabular view for Superdome 2 compute enclosures	163
10 Using the CLI	164
Command line overview	164
11 Using the serial connection	165
Setting up Onboard Administrator using the CLI	165
Pinout signals for Onboard Administrator Serial RS232 connector	165
Using the service port connection	166
12 Using configuration scripts	167
Configuration scripts	167
Reset Factory Defaults screen	168
13 Troubleshooting	169
Onboard Administrator error messages	169
Onboard Administrator factory default settings	178
Onboard Administrator SNMP traps	179
14 Enabling LDAP Directory Services Authentication to Microsoft Active Directory	181
Certificate Services	181
Preparing the directory	181
Uploading the DC certificate (optional)	182
Creating directory groups	184
Testing the directory login solution	185
Troubleshooting LDAP on Onboard Administrator	185
15 Support and other resources	187
Before you contact HP	187
HP contact information	187
Subscription service	187
Documentation feedback	187
Installing HP Insight Remote Support Software	187
New and changed information in this edition	188
Related information	188
Typographic conventions	188
A Time zone settings	190
Africa time zone settings	190
Americas time zone settings	190
Asia time zone settings	192
Universal time zone settings	192
Oceanic time zone settings	193
Europe time zone settings	193
Polar time zone settings	194
Standard terms, abbreviations, and acronyms	195

Match case Limit results 1 per page

A successful test reports that Onboard Administrator is able to resolve the Directory Server host

name using domain name.

A failed test reports that Onboard Administrator is unable to resolve the Directory Server host

name. The administrator must be sure that the directory server host name is correct and that the

host name is correct for the directory server.

Connect to Directory Server

This test attempts to connect to the specified directory server IP address and service port. A successful

connection attempt indicates that the directory service is running and available at the specified

directory server and port.

A successful test reports that Onboard Administrator can establish a connection to the directory

server at the host name or address and the port number specified. The successful test reports that

there is network service available.

A failed test reports that Onboard Administrator cannot establish a connection to the directory

server. The unsuccessful test reports that the network service is not available. The administrator

must verify the host name or address and port number.

Connect using SSL

This test verifies that the directory server is providing the directory service over an SSL connection.

A successful test reports that Onboard Administrator can establish an SSL connection to the directory

server host name or IP address and port. The network service is available as a secure SSL

connection.

A failed test reports that the network service is not available as a secure SSL connection and the

Onboard Administrator does not allow this type of connection. The administrator must identify a

directory server that supports SSL connections or reconfigure the directory server to use SSL

connections.

Certificate of Directory Server

If the directory server SSL certificate has been loaded onto Onboard Administrator, be sure that

the certificate provided by the directory server matches the current certificate stored on Onboard

Administrator. If the directory server SSL certificate has not been loaded, then this test does not

run.

A successful test reports that Onboard Administrator was able to validate the directory server

certificate against the certificates stored on Onboard Administrator for the specified directory

server.

A failed test reports that the directory server certificate stored on Onboard Administrator does not

match the certificate provided on the SSL connection.

User Authentication

This test attempts to log in the user to the directory using the user name and password provided.

If this fails, then each search context is attempted. If a search context begins with the character @,

then the DN used to log in is the search name concatenated to the user name entered. Otherwise,

the search DN used to log in is constructed as follows:

cn=

The result from this test identifies the search context that was successful in authenticating the user.

User Authorization

After a user has successfully authenticated and logged into Onboard Administrator, the configured

directory group to which the user belongs is identified. A user can belong to multiple directory

groups, so the directory group that gives the user the most privileges is identified.

A successful test reports the directory group with the highest privilege levels for the authenticated

user.

148

Configuring HP Integrity Superdome 2 compute enclosures and enclosure devices