Home » HP Manuals » Servers » HP Integrity Superdome 2 8-socket » Manual Viewer

HP Integrity Superdome 2 8-socket HP Integrity Superdome 2 Onboard Administrat - Page 154

Edit Local User Certificate Information tab, Two-Factor Authentication screen

View all HP Integrity Superdome 2 8-socket manuals

Add to My Manuals
Save this manual to your list of manuals

Page 154 highlights

Edit Local User Certificate Information tab When Two-Factor Authentication is enabled, a user must have a user certificate to log on to the Onboard Administrator. Users with administrator privileges can upload or map a valid certificate to a selected user. Upload certificates for use in HP Superdome 2 Onboard Administrator in the following ways: • Paste certificate contents into the text box, and then click the Upload button. • Paste the URL of the certificate into the URL box, and then click the Apply button. When the certificate is successfully uploaded, the SHA1 fingerprint of the user certificate appears. If a user already has a certificate mapped to an account, the SHA1 fingerprint of the certificate appears. Any user with administrator privileges can delete their certificate and upload a new user certificate. Two-Factor Authentication screen Two-Factor Authentication Settings tab NOTE: Onboard Administrator must be configured in Virtual Connect mode before enabling Two-Factor Authentication when using Virtual Connect Manager and Two-Factor Authentication. When Two-Factor Authentication is enabled, only users with a valid user certificate are allowed to log on to Onboard Administrator. A valid user certificate is signed by a trusted Certificate Authority and is mapped to the respective user on the Onboard Administrator. To enable Two-Factor Authentication for user authentication during log on, select Enable Two-Factor Authentication. When Two-Factor Authentication is enabled, Secure Shell and Telnet access is disabled by default. Disabling Two-Factor Authentication does not automatically re-enable Secure Shell and Telnet. You must go to the Network Access screen, and then select Enable Secure Shell and Enable Telnet. To enable the Onboard Administrator to verify with the Certifying Authority that the certificate being used has been added to the certificate revocation list (CRL), select Check for Certificate Revocation. If the certificate is on the CRL, the log on is denied. Certificate Owner Field You can configure the Onboard Administrator to use the user principle name in the SAN by selecting SAN or to use the certificate subject name by selecting Subject when authenticating directory users with a directory server. To save settings, click the Apply button. Two-Factor Authentication Certificate Information tab This screen displays all Certificate Authorities trusted by the Onboard Administrator. Any user certificates uploaded to the Onboard Administrator must be signed by one of these Certificate Authorities. A maximum of three Certificate Authority certificates can be uploaded to the Onboard Administrator. Row Description Certificate Version Version number of current certificate Issuer Organization Name of the organization that issued the certificate Issuer Organization Unit Name of the organizational unit that issued the certificate Issued By The authority that issued the certificate 154 Configuring HP Integrity Superdome 2 compute enclosures and enclosure devices

Section	Page
HP Integrity Superdome 2 Onboard Administrator User Guide	1
Contents	3
1 Introduction	8
Overview	8
Access requirements	10
Onboard Administrator overview	11
Detecting component insertion and removal	11
Identifying components	11
Managing power and cooling	12
Controlling components	12
Managing partitions	12
Interfaces	12
Onboard Administrator user interfaces	13
Onboard Administrator authentication	13
Running Onboard Administrator for the first time	14
Logging on to the Onboard Administrator GUI	15
Running the setup wizard	15
Using online help	16
Changing enclosure and device configurations	16
Recovering the administrator password	17
2 HP Integrity Superdome 2 Insight Display	18
HP Integrity Superdome 2 Insight Display components	18
Insight Display overview	18
Running the Insight Display installation	19
Navigating the Insight Display	23
Health Summary screen	24
Enclosure Settings screen	25
Enclosure Info screen	26
Blade and Port Info screen	27
Turn Enclosure UID On/Off screen	28
View User Note screen	29
Chat Mode screen	29
Insight Display errors	30
Power errors	30
Cooling errors	30
Location errors	31
Configuration errors	31
Device failure errors	31
3 HP Superdome 2 Door Status Display	32
Before running Door Display setup	32
Setting up the Door Display	32
Door Display status menu	36
Display Settings menu	38
Firmware Update menu	39
4 First Time Setup Wizard	41
Before you begin	41
Enclosure Selection screen	41
Configuration Management screen	42
Rack and Enclosure Settings screen	43
Administrator Account Setup screen	44
Local User Accounts screen	45
Enclosure Bay IP Addressing screen	47
Directory Groups screen	48
Directory Settings screen	49
Onboard Administrator Network Settings screen	50
SNMP Settings screen	50
Power Management screen	51
Finish	53
5 Navigating Onboard Administrator	55
Navigation overview	55
Tree view	55
Graphical view navigation	57
6 Complex Overview	60
Complex Overview screen	60
Compute Enclosures tab	61
Power and Thermal tab	61
Complex Information screen	63
Status tab	63
Information tab	65
Complex Logs tab	67
Complex CLI Tab	67
Complex Information: Firmware Management	67
Complex Firmware Summary screen	67
Online complex firmware update on Superdome 2	68
Introduction	68
Services unavailable	69
Management Processor access	69
IPMI	70
Event logs	70
IPMI Watchdog	70
Partition ID	70
Console	71
System Firmware Services During Boot, Shutdown, etc.	71
Affected OS Commands	72
Network Services to OA	72
Frequently asked questions:	72
Known issues:	73
hpvminfo command qualifiers fail	73
Newly created HPVM guests cannot be started	73
Serviceguard Manager performance degradation and proxy errors	74
cimserver shutdown and startup fail	74
cimauth is unable to add authorizations	74
cprop command qualifiers fail	74
SMH is unable to query memory or enclosure information	74
setboot and related commands are unable to display or modify boot variables	74
wbemassist namespace error	74
par* and vpar* commands fail	74
Firmware Update screen	74
Enclosure DVD Module screen	77
7 Configuring HP Integrity Superdome 2 compute enclosures and enclosure devices	79
Viewing the status screens	79
Enclosure settings	80
Enclosure Settings screen	80
Enclosure Information tab	82
AlertMail screen	83
Device Power Sequence Device Bays tabs	85
Device Power Sequence Interconnect Bays tab	87
Date and Time screen	87
Enclosure TCP/IP Settings screen	88
Network Access screen	89
Trusted Hosts tab	90
Anonymous Data tab	91
Link Loss Failover screen	91
Enclosure Bay IP Addressing screen	91
SNMP Settings screen	94
Configuration Scripts screen	96
Device Summary screen	97
Active to Standby screen	98
Onboard Administrator Module	98
Active Onboard Administrator screen	98
Active Onboard Administrator Status and Information tab	99
Active Onboard Administrator Virtual Buttons tab	100
TCP/IP Settings screen	101
Certificate Administration screen	102
Certificate Request tab	103
Active Onboard Administrator Certificate Upload tab	106
System log	106
Log Options tab	109
Standby Onboard Administrator screen	109
TCP/IP Settings for Standby Onboard Administrator	110
Standby Onboard Administrator Virtual Buttons tab	110
Standby Certificate Request tab	110
Standby Onboard Administrator Certificate Upload tab	110
Device bays	111
Device Bay Overview screen	111
Device Bay Information - Bay xx screen	113
Device Bay Information tab	116
Device bay virtual buttons tab	118
Interconnect bays	118
Interconnect Bay Summary screen	118
Interconnect Bay Information screen	119
Interconnect Bay Information tab	121
Interconnect Bay Virtual Buttons tab	122
Port Mapping - Interconnect Bay screen	122
XFM bays	123
XFM Bay Summary screen	123
XFM Bay Information - Bay screen	124
XFM Bay Status tab	125
XFM Bay Information tab	126
XFM Bay Virtual Buttons	126
GPSM bays	127
GPSM Bay Summary screen	127
GPSM Bay Information screen	128
GPSM Status tab	128
GPSM Bay Information tab	129
GPSM Virtual Buttons	129
Enclosure power management	129
Planning power management	129
Power and Thermal screen	130
Power Management screen	131
Enclosure Power Allocation screen	132
Enclosure Power Meter screen	133
Power Subsystem screen	133
Power Supply Information - Bay screen	135
Fans and cooling management	136
Thermal Subsystem screen	136
Thermal Subsystem Fan Zones tab	137
Superdome 2 Enclosure fan location rules	139
Fan Information - Bay screen	139
Managing users	140
Users/Authentication	140
User roles and privilege levels	141
Role-based user accounts	141
Local Users screen	142
Add Local User	142
Edit Local User	143
Edit Local User Certificate Information tab	145
Password Settings screen	145
Directory Settings screen	146
Uploading a certificate	146
Directory Certificate Upload tab	147
Directory Test Settings tab	147
Directory Groups	149
Add an LDAP Group screen	150
Edit an LDAP Group screen	151
SSH Administration screen	152
HP SIM Integration screen	153
Edit Local User Certificate Information tab	154
Two-Factor Authentication screen	154
Two-Factor Authentication Certificate Information tab	154
Two-Factor Authentication Certificate Upload tab	155
Signed In users	155
Session Options tab	156
Insight Display	156
Management network IP dependencies	156
8 HP Integrity Superdome 2 IOX Enclosures	157
IOX Enclosure Information screen	157
IOX Power and Thermal screen	159
IOX Power Subsystem screen	160
IOX Power Supply screen	161
IOX Thermal Subsystem screen	161
9 Port mapping	163
Device bay port mapping for Superdome 2 Compute Enclosures	163
Device bay port mapping tabular view for Superdome 2 compute enclosures	163
10 Using the CLI	164
Command line overview	164
11 Using the serial connection	165
Setting up Onboard Administrator using the CLI	165
Pinout signals for Onboard Administrator Serial RS232 connector	165
Using the service port connection	166
12 Using configuration scripts	167
Configuration scripts	167
Reset Factory Defaults screen	168
13 Troubleshooting	169
Onboard Administrator error messages	169
Onboard Administrator factory default settings	178
Onboard Administrator SNMP traps	179
14 Enabling LDAP Directory Services Authentication to Microsoft Active Directory	181
Certificate Services	181
Preparing the directory	181
Uploading the DC certificate (optional)	182
Creating directory groups	184
Testing the directory login solution	185
Troubleshooting LDAP on Onboard Administrator	185
15 Support and other resources	187
Before you contact HP	187
HP contact information	187
Subscription service	187
Documentation feedback	187
Installing HP Insight Remote Support Software	187
New and changed information in this edition	188
Related information	188
Typographic conventions	188
A Time zone settings	190
Africa time zone settings	190
Americas time zone settings	190
Asia time zone settings	192
Universal time zone settings	192
Oceanic time zone settings	193
Europe time zone settings	193
Polar time zone settings	194
Standard terms, abbreviations, and acronyms	195

Match case Limit results 1 per page

Edit Local User Certificate Information tab

When Two-Factor Authentication is enabled, a user must have a user certificate to log on to the

Onboard Administrator. Users with administrator privileges can upload or map a valid certificate

to a selected user.

Upload certificates for use in HP Superdome 2 Onboard Administrator in the following ways:

•

Paste certificate contents into the text box, and then click the

Upload

button.

•

Paste the URL of the certificate into the URL box, and then click the

Apply

button.

When the certificate is successfully uploaded, the SHA1 fingerprint of the user certificate appears.

If a user already has a certificate mapped to an account, the SHA1 fingerprint of the certificate

appears. Any user with administrator privileges can delete their certificate and upload a new user

certificate.

Two-Factor Authentication screen

Two-Factor Authentication Settings tab

NOTE:

Onboard Administrator must be configured in Virtual Connect mode before enabling

Two-Factor Authentication when using Virtual Connect Manager and Two-Factor Authentication.

When Two-Factor Authentication is enabled, only users with a valid user certificate are allowed

to log on to Onboard Administrator. A valid user certificate is signed by a trusted Certificate

Authority and is mapped to the respective user on the Onboard Administrator.

To enable Two-Factor Authentication for user authentication during log on, select

Enable Two-Factor

Authentication

. When Two-Factor Authentication is enabled, Secure Shell and Telnet access is

disabled by default. Disabling Two-Factor Authentication does not automatically re-enable Secure

Shell and Telnet. You must go to the Network Access screen, and then select

Enable Secure Shell

and

Enable Telnet

To enable the Onboard Administrator to verify with the Certifying Authority that the certificate

being used has been added to the certificate revocation list (CRL), select

Check for Certificate

Revocation

. If the certificate is on the CRL, the log on is denied.

Certificate Owner Field

You can configure the Onboard Administrator to use the user principle name in the SAN by selecting

SAN or to use the certificate subject name by selecting Subject when authenticating directory users

with a directory server.

To save settings, click the

Apply

button.

Two-Factor Authentication Certificate Information tab

This screen displays all Certificate Authorities trusted by the Onboard Administrator. Any user

certificates uploaded to the Onboard Administrator must be signed by one of these Certificate

Authorities. A maximum of three Certificate Authority certificates can be uploaded to the Onboard

Administrator.

Description

Row

Version number of current certificate

Certificate Version

Name of the organization that issued the certificate

Issuer Organization

Name of the organizational unit that issued the certificate

Issuer Organization Unit

The authority that issued the certificate

Issued By

154

Configuring HP Integrity Superdome 2 compute enclosures and enclosure devices