Section |
Page |
HP Integrity iLO 2 Operations Guide |
1 |
Contents |
3 |
About This Document |
11 |
Intended Audience |
11 |
Publishing History |
11 |
Document Organization |
13 |
Typographic Conventions |
14 |
Related Information |
15 |
HP Contact Information |
15 |
Documentation Feedback |
16 |
1 Introduction to iLO 2 |
17 |
Features |
17 |
Standard Features |
18 |
Always-On Capability |
18 |
Virtual Front Panel |
18 |
Multiple Access Methods |
18 |
Security |
18 |
User Access Control |
18 |
Multiple Users |
19 |
IPMI over LAN |
19 |
System Management Homepage |
19 |
Firmware Upgrades |
20 |
Internal Subsystem Information |
20 |
DHCP and DNS Support |
20 |
Group Actions |
20 |
Group Actions Using HP SIM |
20 |
SNMP |
20 |
SMASH |
20 |
SM CLP |
21 |
Mirrored Console |
21 |
Remote Power Control |
21 |
Power Regulation |
21 |
Event Logging |
21 |
Advanced Features |
21 |
Virtual Media |
21 |
Integrated Remote Console |
22 |
Directory-Based Secure Authorization Using LDAP |
22 |
Schema-Free LDAP |
22 |
Power Meter Readings |
22 |
HP Insight Power Manager |
22 |
Obtaining and Activating iLO 2 Advanced Pack Licensing |
23 |
Lights-Out Advanced KVM Card |
23 |
Supported Systems and Required Components and Cables |
23 |
Integrity iLO 2 Supported Browsers and Client Operating Systems |
24 |
Security |
24 |
Protecting SNMP Traffic |
25 |
2 Ports and LEDs |
26 |
HP Integrity Server Blade Components |
26 |
Onboard Administrator |
26 |
HP Integrity rx2660 Server Components |
27 |
HP Integrity rx3600 and rx6600 Server Components |
28 |
iLO 2 MP Status LEDs |
28 |
iLO 2 MP Reset Button |
29 |
Resetting Local User Accounts and Passwords to Default Values |
29 |
Console Serial Port and Auxiliary Serial Port |
29 |
MP LAN Port |
30 |
MP LAN LEDs |
30 |
3 Getting Connected to iLO 2 |
31 |
Setup Checklist |
31 |
Setup Flowchart |
32 |
Rackmount Server Connection |
33 |
Preparing to Set Up iLO 2 |
34 |
Determining the Physical iLO 2 Access Method |
34 |
Determining the iLO 2 MP LAN Configuration Method |
34 |
Configuring the iLO 2 MP LAN Using DHCP and DNS |
35 |
Configuring the iLO 2 MP LAN Using ARP Ping |
36 |
Configuring the iLO 2 MP LAN Using the Console Serial Port |
37 |
Server Blade Connection |
39 |
Connecting to a Server Blade iLO 2 Using the Console Serial Port |
39 |
Connecting the SUV Cable to the Server Blade |
40 |
Connecting the Server Blade To iLO 2 Using the Onboard Administrator |
42 |
Auto Login |
43 |
Initiating an Auto Login Session |
44 |
Terminating an Auto Login Session |
44 |
User Account Cleanup During IPF Blade Initialization |
44 |
Auto Login Troubleshooting |
44 |
Additional Setup |
45 |
Modifying User Accounts and Default Passwords |
45 |
Setting Up Security |
46 |
Setting Security Access |
46 |
Setting iLO 2 MP LAN From EFI |
46 |
4 Logging In to iLO 2 |
47 |
Logging In to iLO 2 Using the Web GUI |
47 |
Logging In to iLO 2 Using the Command Line Interface |
47 |
Network Port Usage |
47 |
5 Adding Advanced Features |
49 |
Lights-Out Advanced KVM Card for sx2000 Servers |
49 |
Lights-Out Advanced KVM card Requirements |
50 |
Configuring the Lights-Out Advanced KVM Card |
52 |
Lights-Out Advanced KVM Card IRC Feature |
52 |
Lights-Out Advanced KVM Card vMedia Feature |
52 |
Installing the Lights-Out Advanced KVM Card in a Server |
53 |
Lights-Out Advanced KVM Card Quick Setup Steps |
55 |
Using Lights-Out Advanced KVM Features |
56 |
Mid Range PCI Backplane Power Behavior |
57 |
Troubleshooting the Lights-Out Advanced KVM Card |
57 |
Core I/O Card Configurations |
58 |
Supported PCI-X Slots |
59 |
Upgrading the Lights-Out Advanced KVM Card Firmware |
59 |
6 Accessing the Host (Operating System) Console |
61 |
Accessing a Text Host Console through iLO 2 Virtual Serial Console |
61 |
Accessing Online Help |
62 |
Accessing a Text Host Console Using the TUI |
62 |
Help System |
62 |
Accessing a Graphic Host Console Using the Integrated Remote Console |
63 |
Accessing a Text Host Console Using SMASH SM CLP |
63 |
7 Configuring DHCP, DNS, LDAP, and Schema-Free LDAP |
64 |
Configuring DHCP |
64 |
Configuring DNS |
65 |
Configuring LDAP Extended Schema |
65 |
Login Process Using Directory Services with Extended LDAP |
66 |
Configuring Schema-Free LDAP |
67 |
Setting Up Directory Security Groups |
68 |
Login Process Using Directory Services Without Schema Extensions |
68 |
LDAP and MP Login for Integrity Cell-Based Servers |
69 |
User Accounts |
69 |
Commands |
69 |
Access Rights |
71 |
Partition User Support Options |
73 |
8 Using iLO 2 |
75 |
Text User Interface |
75 |
MP Command Interfaces |
75 |
MP Main Menu |
76 |
MP Main Menu Commands |
76 |
CO (Console): Leave the MP Main Menu and enter console mode |
77 |
VFP (Virtual Front Panel): Simulate the display panel |
77 |
CM (Command Mode): Enter command mode |
77 |
SMCLP (Server Management Command Line Protocol): Switch to the SMASH SMCLP |
77 |
CL (Console Log): View the history of the console output |
77 |
SL (Show Logs): View events in the log history |
77 |
SL Command for Integrity Cell-Based Servers |
79 |
HE (Help): Display help for the menu or command in the MP Main Menu |
81 |
X (Exit): Exit iLO 2 |
81 |
Command Menu |
81 |
Command Line Interface Scripting |
82 |
Expect Script Example |
83 |
Command Menu Commands and Standard Command Line Scripting Syntax |
85 |
BP: Reset BMC passwords |
85 |
BLADE: Display BLADE parameters |
85 |
CA: Configure asynchronous local serial port |
86 |
DATE: Display date |
87 |
DC (Default Configuration): Reset all parameters to default configurations |
87 |
DF: Display FRU information |
88 |
DI: Disconnect LAN, WEB, SSH, or Console |
88 |
DNS: DNS settings |
88 |
FW: Upgrade the MP firmware |
88 |
HE: Display help for menu or command in command menu interface |
89 |
ID: System information settings |
89 |
IT: Inactivity timeout settings |
89 |
LC: LAN configuration usage |
90 |
LDAP: LDAP directory settings |
91 |
LDAP: LDAP group administration |
92 |
LDAP: Schema-Free LDAP |
93 |
LM: License management |
93 |
LOC: Locator UID LED configuration |
93 |
LS: LAN status |
93 |
PC: Power control access |
93 |
PM: Power regulator mode |
94 |
PR: Power restore policy configuration |
95 |
PS: Power status |
95 |
RB: Reset BMC |
95 |
RS: Reset system through the RST signal |
95 |
SA: Set access LAN/WEB/SSH/IPMI over LAN ports |
96 |
SNMP: Configure SNMP parameters |
96 |
SO: Security option help |
97 |
SS: System Status |
97 |
SYSREV: Firmware revisions |
97 |
TC: System reset through INIT or TOC signal |
98 |
TE: Send a message to other mirroring terminals |
98 |
UC: User Configuration (users, passwords, and so on) |
98 |
WHO: Display a list of iLO 2 connected users |
100 |
XD: iLO 2 Diagnostics or reset |
100 |
Web GUI |
100 |
System Status |
101 |
Status Summary > General |
101 |
Status Summary > Active Users |
102 |
Status Summary > FW Revisions |
103 |
Server Status > General |
104 |
Server Status > Identification |
104 |
System Event Log |
105 |
Events |
106 |
Remote Serial Console |
107 |
Virtual Serial Port |
109 |
Integrated Remote Console |
109 |
IRC Requirements and Usage |
110 |
Limitations of the IRC Mouse and Keyboard |
110 |
Browsers and Client Operating Systems that Support the IRC |
111 |
IRC-Supported Resolutions and Browser Configurations |
111 |
Microsoft Windows Server 2003 and HP-UX Graphics Resolution Settings for the IRC |
111 |
Server Display Properties |
111 |
Server Mouse Properties |
111 |
Console Settings |
111 |
Enabling X Windows on HP-UX |
112 |
Accessing the IRC |
112 |
Integrated Remote Console Fullscreen |
114 |
Virtual Media |
115 |
Using iLO 2 Virtual Media Devices |
115 |
Virtual CD/DVD |
116 |
Virtual Media CD/DVD Operating System |
118 |
Creating the iLO 2 Disk Image Files |
118 |
Virtual Floppy/USB Key |
120 |
Virtual Media Applet Timeout |
121 |
Supported Operating Systems and USB Support for vMedia |
121 |
Java Plug-in Version |
122 |
Client Operating System and Browser Support for vMedia |
122 |
Power Management |
122 |
Power & Reset |
122 |
Power Meter Readings |
124 |
Power Regulator |
125 |
Administration |
127 |
Firmware Upgrade |
127 |
Licensing |
128 |
User Administration > Local Accounts |
129 |
Group Accounts |
130 |
Access Settings |
131 |
LAN |
131 |
Serial Page |
132 |
Login Options Page |
133 |
Current LDAP Parameters |
134 |
Network Settings |
136 |
Network Settings > Standard |
136 |
Domain Name Server |
137 |
SNMP Settings |
138 |
BL c-Class |
139 |
Help |
140 |
SMASH Server Management Command Line Protocol |
141 |
SM CLP Features and Functionality Overview |
141 |
SM CLP Session |
142 |
Accessing the SM CLP Interface |
142 |
Exiting the SM CLP Interface |
142 |
Changing the iLO 2 Default Interface to SM CLP |
142 |
Using the SM CLP Interface |
143 |
SM CLP Syntax |
144 |
Command Line Terms |
144 |
Command Verbs |
144 |
Command Targets |
145 |
Command Target Properties |
145 |
Command Options |
146 |
Level Option |
146 |
Display Option |
146 |
Character Set, Delimiters, Special, and Reserved Characters |
147 |
System1 Target |
148 |
Target: SYSTEM1 |
148 |
System Reset Power Status and Power Control |
148 |
Resetting the System |
148 |
Displaying Power Status |
149 |
Powering Off the System |
149 |
Powering On the System |
149 |
Map1 (iLO 2) Target |
149 |
Target: map1 |
149 |
Map1 Example |
150 |
Resetting iLO 2 |
150 |
Text Console Services |
150 |
Opening the MP Main Menu from SM CLP |
150 |
Target: map1/textredirectsap1 |
150 |
Opening the System Console Interface from SM CLP |
151 |
Target: system1/consoles1/textredirectsap1 |
151 |
Switching Between the System Console and the SM CLP |
151 |
Starting a System Console Session |
152 |
Determining the Session Termination Character Sequence for the System Console |
152 |
Exiting the System Console Session and Returning to SM CLP |
152 |
Entering the MP Main Menu Interface From SM CLP |
152 |
Exiting the MP Main Menu Session and Returning to SM CLP |
152 |
Firmware Revision Display and Upgrade |
152 |
SM CLP Firmware Targets |
152 |
Target: map1/swinstallsvc1 |
152 |
Target: map1/swinventory1 |
153 |
Target: map1/swinventory1/swid# |
153 |
Displaying Firmware Revisions |
153 |
Firmware Upgrade |
154 |
Remote Access Configuration |
154 |
Telnet SM CLP Targets |
155 |
Target: map1/telnetsvc1 |
155 |
Telnet Examples |
155 |
SSH |
155 |
Target: map1/sshsvc1 |
155 |
SSH Examples |
156 |
Network Configuration |
156 |
SM CLP Network Targets, Properties, and Verbs |
156 |
Target: map1/enetport1 |
156 |
Target: map1/enetport1/lanendpt1 |
156 |
Target: map1/enetport1/lanendpt1/ipendpt1 |
157 |
Target: map1/dhcpendpt1 |
157 |
Target: map1/dnsendpt1 |
158 |
Target: map1/enetport1/lanendpt1/ipendpt1/gateway1 |
158 |
Target: map1/dnsserver1, map1/dnsserver2, map1/dnsserver3 |
158 |
Target: map1/settings1/dnssettings1 |
159 |
SM CLP Network Command Examples |
159 |
vMedia |
160 |
Setting Up IIS for Scripted vMedia |
161 |
vMedia Functionality on Server Blades and Rack-Mounted Servers |
162 |
Target: map1/oemhp_vm1/cddr1 |
162 |
Using Scriptable vMedia on Server Blades and Rack-Mounted Servers |
162 |
Using Scriptable vMedia on Server Blades Only |
163 |
User Accounts Configuration |
166 |
Target: map1/group1 |
166 |
Target: map1/group1/account# |
166 |
User Account Examples |
167 |
LDAP Configuration |
167 |
Target: map1/settings1/oemhp_ldapsettings1 |
167 |
LDAP Configuration Examples |
168 |
9 Installing and Configuring Directory Services |
169 |
Directory Services |
169 |
Features Supported by Directory Integration |
169 |
Directory Services Installation Prerequisites |
170 |
Installing Directory Services |
170 |
Schema Documentation |
170 |
Directory Services Support |
171 |
eDirectory Installation Prerequisites |
171 |
Required Schema Software |
172 |
Schema Installer |
172 |
Schema Preview Screen |
172 |
Setup Screen |
172 |
Results Screen |
173 |
Management Snap-In Installer |
174 |
Directory Services for Active Directory |
174 |
Active Directory Installation Prerequisites |
174 |
Preparing Directory Services for Active Directory |
175 |
Installing and Initializing Snap-Ins for Active Directory |
176 |
Example: Creating and Configuring Directory Objects for Use with iLO 2 in Active Directory |
176 |
Directory Services Objects |
179 |
Active Directory Snap-Ins |
180 |
Managing HP Devices In a Role |
180 |
Managing Users In a Role |
180 |
Setting Login Restrictions |
181 |
Setting Time Restrictions |
182 |
Defining Client IP Address or DNS Name Access |
182 |
Setting User or Group Role Rights |
183 |
Directory Services for eDirectory |
184 |
Installing and Initializing Snap-In for eDirectory |
184 |
Example: Creating and Configuring Directory Objects for Use with iLO 2 Devices in eDirectory |
185 |
Creating Objects |
185 |
Creating Roles |
186 |
Directory Services Objects for eDirectory |
188 |
Adding Role Managed Devices |
188 |
Adding Members |
188 |
Setting Role Restrictions |
189 |
Setting Time Restrictions |
190 |
Defining Client IP Address or DNS Name Access |
190 |
Setting Lights-Out Management Device Rights |
191 |
Installing Snap-Ins and Extending Schema for eDirectory on a Linux Platform |
191 |
Installing the Java Runtime Environment |
192 |
Installing Snap-Ins |
192 |
Extending Schema |
192 |
Verifying Snap-In Installation and Schema Extension |
193 |
Using the LDAP Command to Configure Directory Settings in iLO 2 |
193 |
User Login Using Directory Services |
194 |
Certificate Services |
195 |
Installing Certificate Services |
195 |
Verifying Directory Services |
195 |
Configuring an Automatic Certificate Request |
195 |
Directory-Enabled Remote Management |
196 |
Using Existing Groups |
196 |
Using Multiple Roles |
196 |
Creating Roles that Follow Organizational Structure |
197 |
Restricting Roles |
197 |
Role Time Restrictions |
198 |
IP Address Range Restrictions |
198 |
IP Address and Subnet Mask Restrictions |
198 |
DNS-Based Restrictions |
198 |
Role Address Restrictions |
198 |
Enforcing Directory Login Restrictions |
199 |
Enforcing User Time Restrictions |
199 |
User Address Restrictions |
200 |
Creating Multiple Restrictions and Roles |
200 |
Directory Services Schema (LDAP) |
201 |
HP Management Core LDAP Object Identifier Classes and Attributes |
201 |
Core Classes |
202 |
Core Attributes |
202 |
Core Class Definitions |
202 |
hpqTarget |
202 |
hpqRole |
203 |
hpqPolicy |
203 |
Core Attribute Definitions |
203 |
hpqPolicyDN |
203 |
hpqRoleMembership |
203 |
hpqTargetMembership |
204 |
hpqRoleIPRestrictionDefault |
204 |
hpqRoleIPRestrictions |
204 |
hpqRoleTimeRestriction |
204 |
iLO 2-Specific LDAP OID Classes and Attributes |
205 |
iLO 2 Classes |
205 |
iLO 2 Attributes |
205 |
iLO 2 Class Definitions |
205 |
hpqLOMv100 |
205 |
iLO 2 Attribute Definitions |
206 |
hpqLOMRightLogin |
206 |
hpqLOMRightRemoteConsole |
206 |
hpqLOMRightRemoteConsole |
206 |
hpqLOMRightServerReset |
206 |
hpqLOMRightLocalUserAdmin |
207 |
hpqLOMRightConfigureSettings |
207 |
Glossary |
208 |