Home » HP Manuals » Servers » HP Integrity Superdome 2 16-socket » Manual Viewer

HP Integrity Superdome 2 16-socket HP Integrity Superdome 2 Onboard Administra - Page 181

Enabling LDAP Directory Services Authentication to Microsoft Active Directory, Certificate Services

View all HP Integrity Superdome 2 16-socket manuals

Add to My Manuals
Save this manual to your list of manuals

Page 181 highlights

14 Enabling LDAP Directory Services Authentication to Microsoft Active Directory Certificate Services The Microsoft implementation of LDAP over SSL requires that the Domain Controllers install DC certificates from the CA of the organization. This process occurs when the Enterprise Root CA service is added to a server in Active Directory. HP strongly recommends using an Enterprise Root CA to minimize the complexities of requesting and accepting DC certificates from a standalone CA. Preparing the directory For a normal production environment, similar groups already exist in some form, but the following group names can be used as-is if desired. To prepare the directory: 1. Create an Active Directory group named OA Admins, and then put a user named Test Admin to this group 2. Create a group called OA Operators, and then add a user named Test Operator to this group. User permissions are irrelevant. Preparing the Onboard Administrator To prepare the Onboard Administrator: Certificate Services 181

Section	Page
HP Integrity Superdome 2 Onboard Administrator User Guide	1
Contents	3
1 Introduction	8
Overview	8
Access requirements	10
Onboard Administrator overview	11
Detecting component insertion and removal	11
Identifying components	11
Managing power and cooling	12
Controlling components	12
Managing partitions	12
Interfaces	12
Onboard Administrator user interfaces	13
Onboard Administrator authentication	13
Running Onboard Administrator for the first time	14
Logging on to the Onboard Administrator GUI	15
Running the setup wizard	15
Using online help	16
Changing enclosure and device configurations	16
Recovering the administrator password	17
2 HP Integrity Superdome 2 Insight Display	18
HP Integrity Superdome 2 Insight Display components	18
Insight Display overview	18
Running the Insight Display installation	19
Navigating the Insight Display	23
Health Summary screen	24
Enclosure Settings screen	25
Enclosure Info screen	26
Blade and Port Info screen	27
Turn Enclosure UID On/Off screen	28
View User Note screen	29
Chat Mode screen	29
Insight Display errors	30
Power errors	30
Cooling errors	30
Location errors	31
Configuration errors	31
Device failure errors	31
3 HP Superdome 2 Door Status Display	32
Before running Door Display setup	32
Setting up the Door Display	32
Door Display status menu	36
Display Settings menu	38
Firmware Update menu	39
4 First Time Setup Wizard	41
Before you begin	41
Enclosure Selection screen	41
Configuration Management screen	42
Rack and Enclosure Settings screen	43
Administrator Account Setup screen	44
Local User Accounts screen	45
Enclosure Bay IP Addressing screen	47
Directory Groups screen	48
Directory Settings screen	49
Onboard Administrator Network Settings screen	50
SNMP Settings screen	50
Power Management screen	51
Finish	53
5 Navigating Onboard Administrator	55
Navigation overview	55
Tree view	55
Graphical view navigation	57
6 Complex Overview	60
Complex Overview screen	60
Compute Enclosures tab	61
Power and Thermal tab	61
Complex Information screen	63
Status tab	63
Information tab	65
Complex Logs tab	67
Complex CLI Tab	67
Complex Information: Firmware Management	67
Complex Firmware Summary screen	67
Online complex firmware update on Superdome 2	68
Introduction	68
Services unavailable	69
Management Processor access	69
IPMI	70
Event logs	70
IPMI Watchdog	70
Partition ID	70
Console	71
System Firmware Services During Boot, Shutdown, etc.	71
Affected OS Commands	72
Network Services to OA	72
Frequently asked questions:	72
Known issues:	73
hpvminfo command qualifiers fail	73
Newly created HPVM guests cannot be started	73
Serviceguard Manager performance degradation and proxy errors	74
cimserver shutdown and startup fail	74
cimauth is unable to add authorizations	74
cprop command qualifiers fail	74
SMH is unable to query memory or enclosure information	74
setboot and related commands are unable to display or modify boot variables	74
wbemassist namespace error	74
par* and vpar* commands fail	74
Firmware Update screen	74
Enclosure DVD Module screen	77
7 Configuring HP Integrity Superdome 2 compute enclosures and enclosure devices	79
Viewing the status screens	79
Enclosure settings	80
Enclosure Settings screen	80
Enclosure Information tab	82
AlertMail screen	83
Device Power Sequence Device Bays tabs	85
Device Power Sequence Interconnect Bays tab	87
Date and Time screen	87
Enclosure TCP/IP Settings screen	88
Network Access screen	89
Trusted Hosts tab	90
Anonymous Data tab	91
Link Loss Failover screen	91
Enclosure Bay IP Addressing screen	91
SNMP Settings screen	94
Configuration Scripts screen	96
Device Summary screen	97
Active to Standby screen	98
Onboard Administrator Module	98
Active Onboard Administrator screen	98
Active Onboard Administrator Status and Information tab	99
Active Onboard Administrator Virtual Buttons tab	100
TCP/IP Settings screen	101
Certificate Administration screen	102
Certificate Request tab	103
Active Onboard Administrator Certificate Upload tab	106
System log	106
Log Options tab	109
Standby Onboard Administrator screen	109
TCP/IP Settings for Standby Onboard Administrator	110
Standby Onboard Administrator Virtual Buttons tab	110
Standby Certificate Request tab	110
Standby Onboard Administrator Certificate Upload tab	110
Device bays	111
Device Bay Overview screen	111
Device Bay Information - Bay xx screen	113
Device Bay Information tab	116
Device bay virtual buttons tab	118
Interconnect bays	118
Interconnect Bay Summary screen	118
Interconnect Bay Information screen	119
Interconnect Bay Information tab	121
Interconnect Bay Virtual Buttons tab	122
Port Mapping - Interconnect Bay screen	122
XFM bays	123
XFM Bay Summary screen	123
XFM Bay Information - Bay screen	124
XFM Bay Status tab	125
XFM Bay Information tab	126
XFM Bay Virtual Buttons	126
GPSM bays	127
GPSM Bay Summary screen	127
GPSM Bay Information screen	128
GPSM Status tab	128
GPSM Bay Information tab	129
GPSM Virtual Buttons	129
Enclosure power management	129
Planning power management	129
Power and Thermal screen	130
Power Management screen	131
Enclosure Power Allocation screen	132
Enclosure Power Meter screen	133
Power Subsystem screen	133
Power Supply Information - Bay screen	135
Fans and cooling management	136
Thermal Subsystem screen	136
Thermal Subsystem Fan Zones tab	137
Superdome 2 Enclosure fan location rules	139
Fan Information - Bay screen	139
Managing users	140
Users/Authentication	140
User roles and privilege levels	141
Role-based user accounts	141
Local Users screen	142
Add Local User	142
Edit Local User	143
Edit Local User Certificate Information tab	145
Password Settings screen	145
Directory Settings screen	146
Uploading a certificate	146
Directory Certificate Upload tab	147
Directory Test Settings tab	147
Directory Groups	149
Add an LDAP Group screen	150
Edit an LDAP Group screen	151
SSH Administration screen	152
HP SIM Integration screen	153
Edit Local User Certificate Information tab	154
Two-Factor Authentication screen	154
Two-Factor Authentication Certificate Information tab	154
Two-Factor Authentication Certificate Upload tab	155
Signed In users	155
Session Options tab	156
Insight Display	156
Management network IP dependencies	156
8 HP Integrity Superdome 2 IOX Enclosures	157
IOX Enclosure Information screen	157
IOX Power and Thermal screen	159
IOX Power Subsystem screen	160
IOX Power Supply screen	161
IOX Thermal Subsystem screen	161
9 Port mapping	163
Device bay port mapping for Superdome 2 Compute Enclosures	163
Device bay port mapping tabular view for Superdome 2 compute enclosures	163
10 Using the CLI	164
Command line overview	164
11 Using the serial connection	165
Setting up Onboard Administrator using the CLI	165
Pinout signals for Onboard Administrator Serial RS232 connector	165
Using the service port connection	166
12 Using configuration scripts	167
Configuration scripts	167
Reset Factory Defaults screen	168
13 Troubleshooting	169
Onboard Administrator error messages	169
Onboard Administrator factory default settings	178
Onboard Administrator SNMP traps	179
14 Enabling LDAP Directory Services Authentication to Microsoft Active Directory	181
Certificate Services	181
Preparing the directory	181
Uploading the DC certificate (optional)	182
Creating directory groups	184
Testing the directory login solution	185
Troubleshooting LDAP on Onboard Administrator	185
15 Support and other resources	187
Before you contact HP	187
HP contact information	187
Subscription service	187
Documentation feedback	187
Installing HP Insight Remote Support Software	187
New and changed information in this edition	188
Related information	188
Typographic conventions	188
A Time zone settings	190
Africa time zone settings	190
Americas time zone settings	190
Asia time zone settings	192
Universal time zone settings	192
Oceanic time zone settings	193
Europe time zone settings	193
Polar time zone settings	194
Standard terms, abbreviations, and acronyms	195

Match case Limit results 1 per page

14 Enabling LDAP Directory Services Authentication to

Microsoft Active Directory

Certificate Services

The Microsoft implementation of LDAP over SSL requires that the Domain Controllers install DC

certificates from the CA of the organization. This process occurs when the Enterprise Root CA

service is added to a server in Active Directory. HP strongly recommends using an Enterprise Root

CA to minimize the complexities of requesting and accepting DC certificates from a standalone

CA.

Preparing the directory

For a normal production environment, similar groups already exist in some form, but the following

group names can be used as-is if desired.

To prepare the directory:

Create an Active Directory group named OA Admins, and then put a user named Test Admin

to this group

Create a group called OA Operators, and then add a user named Test Operator to this group.

User permissions are irrelevant.

Preparing the Onboard Administrator

To prepare the Onboard Administrator:

Certificate Services

181