Home » HP Manuals » Servers » HP Integrity Superdome 2 8/16 » Manual Viewer

HP Integrity Superdome 2 8/16 HP Integrity Superdome 2 Onboard Administrator U - Page 14

Running Onboard Administrator for the first time

View all HP Integrity Superdome 2 8/16 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 14 highlights

Onboard Administrator requires the user to log in to the web GUI or CLI with an account and password. The account can be a local account where the password is stored on Onboard Administrator, or an LDAP account. The Onboard Administrator contacts the defined LDAP server to verify the user credentials. Two-factor Authentication enables even tighter security for the user management session to Onboard Administrator. The default Administrator account from the Monarch OA is synchronized to the other OAs in the complex. Use the default credentials from the Monarch OA to access all OAs. Rather than requiring separate logins to multiple resources (once to each enclosure or once to every server management processor or both), Onboard Administrator enables single-point access. Thus, the administrator can use single sign-on to log in to a single Onboard Administrator and use the web GUI to graphically view and manage the HP Superdome 2 components in the entire complex. For example, an IT administrator can automatically propagate management commands, such as changing the enclosure power mode, throughout the complex. Running Onboard Administrator for the first time Setting up a Superdome 2 enclosure using the Onboard Administrator is simplified by using the Insight Display setup process, followed by the use of the Onboard Administrator GUI First Time Setup Wizard or Onboard Administrator CLI to complete the reset of the enclosure settings. The Onboard Administrator modules and many interconnect modules default to DHCP for the management IP address. If the user has DHCP and connects the Onboard Administrator management port to the DHCP server, then the Onboard Administrator modules and interconnect modules supporting and configured to use the Onboard Administrator internal management network automatically get DHCP addresses from the user DHCP server. If you do not have a DHCP server for assigning IP addresses to management processors, then you must configure each Onboard Administrator with a static IP address using the Insight Display, then log in to the Onboard Administrator GUI and use the First Time Setup Wizard or log in to the Onboard Administrator CLI and configure and enable EBIPA for device bays and interconnect bays. Enabling EBIPA for a bay enables that server or interconnect module to be replaced and the new module automatically gets the previously configured IP address for that bay. See "Enclosure Bay IP Addressing screen" (page 91) for more information on EBIPA. The initial credentials to log on to a new Onboard Administrator module are printed on a label on each module. The user is Administrator and the password is unique to each module. This password must be captured by the installer and communicated to the remote Administrator for the first remote logon to the Onboard Administrator GUI or Onboard Administrator CLI. The enclosure settings can be configured manually or uploaded from a configuration script or file. The web GUI offers a First Time Setup Wizard. The CLI can be accessed from the Onboard Administrator serial port, Ethernet management port, service port, or by using the Enclosure KVM - Onboard Administrator CLI button. An alternative to manual configuration is to upload a enclosure configuration file to the active Onboard Administrator using either the GUI or CLI with an HTTP, FTP or TFTP network location for the configuration file, or use the GUI, CLI or Insight Display to upload a configuration file from a USB key drive plugged into the active Onboard Administrator USB port. HP recommends creating an enclosure configuration file to use the GUI, CLI, or Insight Display USB Menu to save the existing configuration to a file. The saved configuration file is a set of CLI text commands for each configuration item. The Onboard Administrator does not save user passwords when it saves a configuration file. The user can edit the configuration file and insert the password commands for each user account-or use the Administrator local account to individually update all user passwords after restoring a previously saved enclosure configuration file. If the enclosure contains redundant Onboard Administrator modules, the remaining Onboard Administrator updates the new Onboard Administrator with all the settings. 14 Introduction

Section	Page
HP Integrity Superdome 2 Onboard Administrator User Guide	1
Contents	3
1 Introduction	8
Overview	8
Access requirements	10
Onboard Administrator overview	11
Detecting component insertion and removal	11
Identifying components	11
Managing power and cooling	12
Controlling components	12
Managing partitions	12
Interfaces	12
Onboard Administrator user interfaces	13
Onboard Administrator authentication	13
Running Onboard Administrator for the first time	14
Logging on to the Onboard Administrator GUI	15
Running the setup wizard	15
Using online help	16
Changing enclosure and device configurations	16
Recovering the administrator password	17
2 HP Integrity Superdome 2 Insight Display	18
HP Integrity Superdome 2 Insight Display components	18
Insight Display overview	18
Running the Insight Display installation	19
Navigating the Insight Display	23
Health Summary screen	24
Enclosure Settings screen	25
Enclosure Info screen	26
Blade and Port Info screen	27
Turn Enclosure UID On/Off screen	28
View User Note screen	29
Chat Mode screen	29
Insight Display errors	30
Power errors	30
Cooling errors	30
Location errors	31
Configuration errors	31
Device failure errors	31
3 HP Superdome 2 Door Status Display	32
Before running Door Display setup	32
Setting up the Door Display	32
Door Display status menu	36
Display Settings menu	38
Firmware Update menu	39
4 First Time Setup Wizard	41
Before you begin	41
Enclosure Selection screen	41
Configuration Management screen	42
Rack and Enclosure Settings screen	43
Administrator Account Setup screen	44
Local User Accounts screen	45
Enclosure Bay IP Addressing screen	47
Directory Groups screen	48
Directory Settings screen	49
Onboard Administrator Network Settings screen	50
SNMP Settings screen	50
Power Management screen	51
Finish	53
5 Navigating Onboard Administrator	55
Navigation overview	55
Tree view	55
Graphical view navigation	57
6 Complex Overview	60
Complex Overview screen	60
Compute Enclosures tab	61
Power and Thermal tab	61
Complex Information screen	63
Status tab	63
Information tab	65
Complex Logs tab	67
Complex CLI Tab	67
Complex Information: Firmware Management	67
Complex Firmware Summary screen	67
Online complex firmware update on Superdome 2	68
Introduction	68
Services unavailable	69
Management Processor access	69
IPMI	70
Event logs	70
IPMI Watchdog	70
Partition ID	70
Console	71
System Firmware Services During Boot, Shutdown, etc.	71
Affected OS Commands	72
Network Services to OA	72
Frequently asked questions:	72
Known issues:	73
hpvminfo command qualifiers fail	73
Newly created HPVM guests cannot be started	73
Serviceguard Manager performance degradation and proxy errors	74
cimserver shutdown and startup fail	74
cimauth is unable to add authorizations	74
cprop command qualifiers fail	74
SMH is unable to query memory or enclosure information	74
setboot and related commands are unable to display or modify boot variables	74
wbemassist namespace error	74
par* and vpar* commands fail	74
Firmware Update screen	74
Enclosure DVD Module screen	77
7 Configuring HP Integrity Superdome 2 compute enclosures and enclosure devices	79
Viewing the status screens	79
Enclosure settings	80
Enclosure Settings screen	80
Enclosure Information tab	82
AlertMail screen	83
Device Power Sequence Device Bays tabs	85
Device Power Sequence Interconnect Bays tab	87
Date and Time screen	87
Enclosure TCP/IP Settings screen	88
Network Access screen	89
Trusted Hosts tab	90
Anonymous Data tab	91
Link Loss Failover screen	91
Enclosure Bay IP Addressing screen	91
SNMP Settings screen	94
Configuration Scripts screen	96
Device Summary screen	97
Active to Standby screen	98
Onboard Administrator Module	98
Active Onboard Administrator screen	98
Active Onboard Administrator Status and Information tab	99
Active Onboard Administrator Virtual Buttons tab	100
TCP/IP Settings screen	101
Certificate Administration screen	102
Certificate Request tab	103
Active Onboard Administrator Certificate Upload tab	106
System log	106
Log Options tab	109
Standby Onboard Administrator screen	109
TCP/IP Settings for Standby Onboard Administrator	110
Standby Onboard Administrator Virtual Buttons tab	110
Standby Certificate Request tab	110
Standby Onboard Administrator Certificate Upload tab	110
Device bays	111
Device Bay Overview screen	111
Device Bay Information - Bay xx screen	113
Device Bay Information tab	116
Device bay virtual buttons tab	118
Interconnect bays	118
Interconnect Bay Summary screen	118
Interconnect Bay Information screen	119
Interconnect Bay Information tab	121
Interconnect Bay Virtual Buttons tab	122
Port Mapping - Interconnect Bay screen	122
XFM bays	123
XFM Bay Summary screen	123
XFM Bay Information - Bay screen	124
XFM Bay Status tab	125
XFM Bay Information tab	126
XFM Bay Virtual Buttons	126
GPSM bays	127
GPSM Bay Summary screen	127
GPSM Bay Information screen	128
GPSM Status tab	128
GPSM Bay Information tab	129
GPSM Virtual Buttons	129
Enclosure power management	129
Planning power management	129
Power and Thermal screen	130
Power Management screen	131
Enclosure Power Allocation screen	132
Enclosure Power Meter screen	133
Power Subsystem screen	133
Power Supply Information - Bay screen	135
Fans and cooling management	136
Thermal Subsystem screen	136
Thermal Subsystem Fan Zones tab	137
Superdome 2 Enclosure fan location rules	139
Fan Information - Bay screen	139
Managing users	140
Users/Authentication	140
User roles and privilege levels	141
Role-based user accounts	141
Local Users screen	142
Add Local User	142
Edit Local User	143
Edit Local User Certificate Information tab	145
Password Settings screen	145
Directory Settings screen	146
Uploading a certificate	146
Directory Certificate Upload tab	147
Directory Test Settings tab	147
Directory Groups	149
Add an LDAP Group screen	150
Edit an LDAP Group screen	151
SSH Administration screen	152
HP SIM Integration screen	153
Edit Local User Certificate Information tab	154
Two-Factor Authentication screen	154
Two-Factor Authentication Certificate Information tab	154
Two-Factor Authentication Certificate Upload tab	155
Signed In users	155
Session Options tab	156
Insight Display	156
Management network IP dependencies	156
8 HP Integrity Superdome 2 IOX Enclosures	157
IOX Enclosure Information screen	157
IOX Power and Thermal screen	159
IOX Power Subsystem screen	160
IOX Power Supply screen	161
IOX Thermal Subsystem screen	161
9 Port mapping	163
Device bay port mapping for Superdome 2 Compute Enclosures	163
Device bay port mapping tabular view for Superdome 2 compute enclosures	163
10 Using the CLI	164
Command line overview	164
11 Using the serial connection	165
Setting up Onboard Administrator using the CLI	165
Pinout signals for Onboard Administrator Serial RS232 connector	165
Using the service port connection	166
12 Using configuration scripts	167
Configuration scripts	167
Reset Factory Defaults screen	168
13 Troubleshooting	169
Onboard Administrator error messages	169
Onboard Administrator factory default settings	178
Onboard Administrator SNMP traps	179
14 Enabling LDAP Directory Services Authentication to Microsoft Active Directory	181
Certificate Services	181
Preparing the directory	181
Uploading the DC certificate (optional)	182
Creating directory groups	184
Testing the directory login solution	185
Troubleshooting LDAP on Onboard Administrator	185
15 Support and other resources	187
Before you contact HP	187
HP contact information	187
Subscription service	187
Documentation feedback	187
Installing HP Insight Remote Support Software	187
New and changed information in this edition	188
Related information	188
Typographic conventions	188
A Time zone settings	190
Africa time zone settings	190
Americas time zone settings	190
Asia time zone settings	192
Universal time zone settings	192
Oceanic time zone settings	193
Europe time zone settings	193
Polar time zone settings	194
Standard terms, abbreviations, and acronyms	195

Match case Limit results 1 per page

Onboard Administrator requires the user to log in to the web GUI or CLI with an account and

password. The account can be a local account where the password is stored on Onboard

Administrator, or an LDAP account. The Onboard Administrator contacts the defined LDAP server

to verify the user credentials. Two-factor Authentication enables even tighter security for the user

management session to Onboard Administrator.

The default Administrator account from the Monarch OA is synchronized to the other OAs in the

complex. Use the default credentials from the Monarch OA to access all OAs.

Rather than requiring separate logins to multiple resources (once to each enclosure or once to

every server management processor or both), Onboard Administrator enables single-point access.

Thus, the administrator can use single sign-on to log in to a single Onboard Administrator and use

the web GUI to graphically view and manage the HP Superdome 2 components in the entire

complex. For example, an IT administrator can automatically propagate management commands,

such as changing the enclosure power mode, throughout the complex.

Running Onboard Administrator for the first time

Setting up a Superdome 2 enclosure using the Onboard Administrator is simplified by using the

Insight Display setup process, followed by the use of the Onboard Administrator GUI First Time

Setup Wizard or Onboard Administrator CLI to complete the reset of the enclosure settings.

The Onboard Administrator modules and many interconnect modules default to DHCP for the

management IP address. If the user has DHCP and connects the Onboard Administrator management

port to the DHCP server, then the Onboard Administrator modules and interconnect modules

supporting and configured to use the Onboard Administrator internal management network

automatically get DHCP addresses from the user DHCP server.

If you do not have a DHCP server for assigning IP addresses to management processors, then you

must configure each Onboard Administrator with a static IP address using the Insight Display, then

Onboard Administrator CLI and configure and enable EBIPA for device bays and interconnect

bays. Enabling EBIPA for a bay enables that server or interconnect module to be replaced and the

new module automatically gets the previously configured IP address for that bay. See

“Enclosure

Bay IP Addressing screen” (page 91)

for more information on EBIPA.

The initial credentials to log on to a new Onboard Administrator module are printed on a label

on each module. The user is Administrator and the password is unique to each module. This

password must be captured by the installer and communicated to the remote Administrator for the

first remote logon to the Onboard Administrator GUI or Onboard Administrator CLI.

The enclosure settings can be configured manually or uploaded from a configuration script or file.

The web GUI offers a First Time Setup Wizard. The CLI can be accessed from the Onboard

Administrator serial port, Ethernet management port, service port, or by using the Enclosure KVM

- Onboard Administrator CLI button.

An alternative to manual configuration is to upload a enclosure configuration file to the active

Onboard Administrator using either the GUI or CLI with an HTTP, FTP or TFTP network location for

the configuration file, or use the GUI, CLI or Insight Display to upload a configuration file from a

USB key drive plugged into the active Onboard Administrator USB port.

HP recommends creating an enclosure configuration file to use the GUI, CLI, or Insight Display

USB Menu to save the existing configuration to a file. The saved configuration file is a set of CLI

text commands for each configuration item. The Onboard Administrator does not save user

passwords when it saves a configuration file. The user can edit the configuration file and insert the

password commands for each user account—or use the Administrator local account to individually

update all user passwords after restoring a previously saved enclosure configuration file.

If the enclosure contains redundant Onboard Administrator modules, the remaining Onboard

Administrator updates the new Onboard Administrator with all the settings.

Introduction