Section |
Page |
HP Integrity iLO 2 Operations Guide |
1 |
Table of Contents |
3 |
About This Document |
15 |
Intended Audience |
15 |
New and Changed Information in This Edition |
15 |
Publishing History |
15 |
Document Organization |
17 |
Typographic Conventions |
18 |
Related Information |
18 |
HP Contact Information |
19 |
Documentation Feedback |
19 |
1 Introduction to iLO 2 |
21 |
Features |
21 |
Standard Features |
22 |
Always-On Capability |
22 |
Virtual Front Panel |
22 |
Multiple Access Methods |
22 |
Security |
22 |
User Access Control |
22 |
Multiple Users |
23 |
IPMI over LAN |
23 |
System Management Homepage |
23 |
Firmware Upgrades |
24 |
Internal Subsystem Information |
24 |
DHCP and DNS Support |
24 |
Group Actions |
24 |
Group Actions Using HP SIM |
24 |
SNMP |
24 |
SMASH |
24 |
SM CLP |
25 |
Mirrored Console |
25 |
Remote Power Control |
25 |
Power Regulation |
25 |
Event Logging |
25 |
Advanced Features |
25 |
Virtual Media |
25 |
Integrated Remote Console |
26 |
Directory-Based Secure Authorization Using LDAP |
26 |
Schema-Free LDAP |
26 |
Power Meter Readings |
26 |
HP Insight Power Manager |
26 |
Obtaining and Activating iLO 2 Advanced Pack Licensing |
27 |
Lights-Out Advanced KVM Card |
27 |
Supported Systems and Required Components and Cables |
27 |
Integrity iLO 2 Supported Browsers and Client Operating Systems |
28 |
Security |
28 |
Protecting SNMP Traffic |
29 |
2 Ports and LEDs |
31 |
HP Integrity Server Blade Components |
31 |
Onboard Administrator |
31 |
HP Integrity rx2660 Server Components |
33 |
HP Integrity rx3600 and rx6600 Server Components |
33 |
iLO 2 MP Status LEDs |
34 |
iLO 2 MP Reset Button |
35 |
Resetting Local User Accounts and Passwords to Default Values |
35 |
Console Serial Port and Auxiliary Serial Port |
35 |
MP LAN Port |
36 |
MP LAN LEDs |
36 |
3 Getting Connected to iLO 2 |
37 |
Setup Checklist |
38 |
Setup Flowchart |
39 |
Rackmount Server Connection |
40 |
Preparing to Set Up iLO 2 |
40 |
Determining the Physical iLO 2 Access Method |
40 |
Determining the iLO 2 MP LAN Configuration Method |
41 |
Configuring the iLO 2 MP LAN Using DHCP and DNS |
41 |
Configuring the iLO 2 MP LAN Using ARP Ping |
42 |
Configuring the iLO 2 MP LAN Using the Console Serial Port |
43 |
Server Blade Connection |
45 |
Connecting to a Server Blade iLO 2 Using the Console Serial Port |
45 |
Connecting the SUV Cable to the Server Blade |
46 |
Connecting the Server Blade To iLO 2 Using the Onboard Administrator |
48 |
Auto Login |
49 |
Initiating an Auto Login Session |
50 |
Terminating an Auto Login Session |
50 |
User Account Cleanup During IPF Blade Initialization |
50 |
Auto Login Troubleshooting |
50 |
Additional Setup |
51 |
Modifying User Accounts and Default Passwords |
51 |
Setting Up Security |
52 |
Setting Security Access |
52 |
Setting iLO 2 MP LAN From EFI |
52 |
4 Logging In to iLO 2 |
55 |
Logging In to iLO 2 Using the Web GUI |
55 |
Logging In to iLO 2 Using the Command Line Interface |
55 |
Network Port Usage |
55 |
5 Adding Advanced Features |
57 |
Lights-Out Advanced KVM Card for sx2000 Servers |
57 |
Lights-Out Advanced KVM card Requirements |
58 |
Configuring the Lights-Out Advanced KVM Card |
59 |
Lights-Out Advanced KVM Card IRC Feature |
60 |
Lights-Out Advanced KVM Card vMedia Feature |
60 |
Installing the Lights-Out Advanced KVM Card in a Server |
61 |
Lights-Out Advanced KVM Card Quick Setup Steps |
63 |
Using Lights-Out Advanced KVM Features |
64 |
Mid Range PCI Backplane Power Behavior |
65 |
Troubleshooting the Lights-Out Advanced KVM Card |
65 |
Core I/O Card Configurations |
66 |
Supported PCI-X Slots |
67 |
Upgrading the Lights-Out Advanced KVM Card Firmware |
67 |
6 Accessing the Host (Operating System) Console |
69 |
Accessing a Text Host Console through iLO 2 Virtual Serial Console |
69 |
Accessing Online Help |
70 |
Accessing a Text Host Console Using the TUI |
70 |
Help System |
70 |
Accessing a Graphic Host Console Using the Integrated Remote Console |
71 |
Accessing a Text Host Console Using SMASH SM CLP |
71 |
7 Configuring DHCP, DNS, LDAP, and Schema-Free LDAP |
73 |
Configuring DHCP |
73 |
Configuring DNS |
74 |
Configuring LDAP Extended Schema |
74 |
Login Process Using Directory Services with Extended LDAP |
75 |
Configuring Schema-Free LDAP |
76 |
Setting Up Directory Security Groups |
77 |
Login Process Using Directory Services Without Schema Extensions |
77 |
LDAP and MP Login for Integrity Cell-Based Servers |
78 |
User Accounts |
78 |
Commands |
78 |
Access Rights |
79 |
Partition User Support Options |
82 |
8 Using iLO 2 |
83 |
Text User Interface |
83 |
MP Command Interfaces |
83 |
MP Main Menu |
84 |
MP Main Menu Commands |
84 |
CO (Console): Leave the MP Main Menu and enter console mode |
85 |
VFP (Virtual Front Panel): Simulate the display panel |
85 |
CM (Command Mode): Enter command mode |
85 |
SMCLP (Server Management Command Line Protocol): Switch to the SMASH SMCLP |
85 |
CL (Console Log): View the history of the console output |
85 |
SL (Show Logs): View events in the log history |
85 |
SL Command for Integrity Cell-Based Servers |
87 |
HE (Help): Display help for the menu or command in the MP Main Menu |
89 |
X (Exit): Exit iLO 2 |
89 |
Command Menu |
89 |
Command Line Interface Scripting |
91 |
Expect Script Example |
91 |
Command Menu Commands and Standard Command Line Scripting Syntax |
93 |
BP: Reset BMC passwords |
93 |
BLADE: Display BLADE parameters |
94 |
CA: Configure asynchronous local serial port |
94 |
DATE: Display date |
95 |
DC (Default Configuration): Reset all parameters to default configurations |
95 |
DF: Display FRU information |
96 |
DI: Disconnect LAN, WEB, SSH, or Console |
96 |
DNS: DNS settings |
96 |
FW: Upgrade the MP firmware |
97 |
HE: Display help for menu or command in command menu interface |
97 |
ID: System information settings |
97 |
IT: Inactivity timeout settings |
98 |
LC: LAN configuration usage |
98 |
LDAP: LDAP directory settings |
99 |
LDAP: LDAP group administration |
100 |
LDAP: Schema-Free LDAP |
101 |
LM: License management |
101 |
LOC: Locator UID LED configuration |
101 |
LS: LAN status |
101 |
PC: Power control access |
101 |
PM: Power regulator mode |
102 |
PR: Power restore policy configuration |
103 |
PS: Power status |
103 |
RB: Reset BMC |
103 |
RS: Reset system through the RST signal |
103 |
SA: Set access LAN/WEB/SSH/IPMI over LAN ports |
104 |
SNMP: Configure SNMP parameters |
104 |
SO: Security option help |
105 |
SS: System Status |
105 |
SYSREV: Firmware revisions |
106 |
TC: System reset through INIT or TOC signal |
106 |
TE: Send a message to other mirroring terminals |
106 |
UC: User Configuration (users, passwords, and so on) |
106 |
WHO: Display a list of iLO 2 connected users |
108 |
XD: iLO 2 Diagnostics or reset |
108 |
Web GUI |
110 |
System Status |
110 |
Status Summary > General |
110 |
Status Summary > Active Users |
111 |
Status Summary > FW Revisions |
112 |
Server Status > General |
113 |
Server Status > Identification |
114 |
System Event Log |
115 |
Events |
116 |
Remote Serial Console |
116 |
Virtual Serial Port |
119 |
Integrated Remote Console |
119 |
IRC Requirements and Usage |
119 |
Limitations of the IRC Mouse and Keyboard |
120 |
Browsers and Client Operating Systems that Support the IRC |
121 |
IRC-Supported Resolutions and Browser Configurations |
121 |
Microsoft Windows Server 2003 and HP-UX Graphics Resolution Settings for the IRC |
121 |
Server Display Properties |
121 |
Server Mouse Properties |
121 |
Console Settings |
121 |
Enabling X Windows on HP-UX |
122 |
Accessing the IRC |
122 |
Integrated Remote Console Fullscreen |
124 |
Virtual Media |
125 |
Using iLO 2 Virtual Media Devices |
125 |
Virtual CD/DVD |
126 |
Virtual Media CD/DVD Operating System |
128 |
Creating the iLO 2 Disk Image Files |
128 |
Virtual Floppy/USB Key |
130 |
Virtual Media Applet Timeout |
131 |
Supported Operating Systems and USB Support for vMedia |
131 |
Java Plug-in Version |
132 |
Client Operating System and Browser Support for vMedia |
132 |
Power Management |
132 |
Power & Reset |
132 |
Power Meter Readings |
133 |
Power Regulator |
135 |
Administration |
137 |
Firmware Upgrade |
137 |
Licensing |
138 |
User Administration > Local Accounts |
139 |
Group Accounts |
140 |
Access Settings |
141 |
LAN |
142 |
Serial Page |
143 |
Login Options Page |
143 |
Current LDAP Parameters |
144 |
Network Settings |
146 |
Network Settings > Standard |
146 |
Domain Name Server |
147 |
SNMP Settings |
148 |
BL c-Class |
149 |
Help |
150 |
SMASH Server Management Command Line Protocol |
152 |
SM CLP Features and Functionality Overview |
152 |
SM CLP Session |
152 |
Accessing the SM CLP Interface |
152 |
Exiting the SM CLP Interface |
153 |
Changing the iLO 2 Default Interface to SM CLP |
153 |
Using the SM CLP Interface |
154 |
SM CLP Syntax |
154 |
Command Line Terms |
154 |
Command Verbs |
155 |
Command Targets |
156 |
Command Target Properties |
156 |
Command Options |
156 |
Level Option |
156 |
Display Option |
157 |
Character Set, Delimiters, Special, and Reserved Characters |
157 |
System1 Target |
158 |
Target: SYSTEM1 |
158 |
System Reset Power Status and Power Control |
159 |
Resetting the System |
159 |
Displaying Power Status |
159 |
Powering Off the System |
159 |
Powering On the System |
159 |
Map1 (iLO 2) Target |
160 |
Target: map1 |
160 |
Map1 Example |
160 |
Resetting iLO 2 |
161 |
Text Console Services |
161 |
Opening the MP Main Menu from SM CLP |
161 |
Target: map1/textredirectsap1 |
161 |
Opening the System Console Interface from SM CLP |
161 |
Target: system1/consoles1/textredirectsap1 |
161 |
Switching Between the System Console and the SM CLP |
162 |
Starting a System Console Session |
162 |
Determining the Session Termination Character Sequence for the System Console |
162 |
Exiting the System Console Session and Returning to SM CLP |
162 |
Entering the MP Main Menu Interface From SM CLP |
162 |
Exiting the MP Main Menu Session and Returning to SM CLP |
162 |
Firmware Revision Display and Upgrade |
163 |
SM CLP Firmware Targets |
163 |
Target: map1/swinstallsvc1 |
163 |
Target: map1/swinventory1 |
163 |
Target: map1/swinventory1/swid# |
163 |
Displaying Firmware Revisions |
164 |
Firmware Upgrade |
165 |
Remote Access Configuration |
165 |
Telnet SM CLP Targets |
165 |
Target: map1/telnetsvc1 |
165 |
Telnet Examples |
166 |
SSH |
166 |
Target: map1/sshsvc1 |
166 |
SSH Examples |
166 |
Network Configuration |
166 |
SM CLP Network Targets, Properties, and Verbs |
166 |
Target: map1/enetport1 |
166 |
Target: map1/enetport1/lanendpt1 |
167 |
Target: map1/enetport1/lanendpt1/ipendpt1 |
167 |
Target: map1/dhcpendpt1 |
168 |
Target: map1/dnsendpt1 |
168 |
Target: map1/enetport1/lanendpt1/ipendpt1/gateway1 |
169 |
Target: map1/dnsserver1, map1/dnsserver2, map1/dnsserver3 |
169 |
Target: map1/settings1/dnssettings1 |
169 |
SM CLP Network Command Examples |
170 |
vMedia |
171 |
Setting Up IIS for Scripted vMedia |
171 |
vMedia Functionality on Server Blades and Rack-Mounted Servers |
172 |
Target: map1/oemhp_vm1/cddr1 |
172 |
Using Scriptable vMedia on Server Blades and Rack-Mounted Servers |
173 |
Using Scriptable vMedia on Server Blades Only |
173 |
User Accounts Configuration |
176 |
Target: map1/group1 |
176 |
Target: map1/group1/account# |
176 |
User Account Examples |
177 |
LDAP Configuration |
177 |
Target: map1/settings1/oemhp_ldapsettings1 |
177 |
LDAP Configuration Examples |
178 |
9 Installing and Configuring Directory Services |
179 |
Directory Services |
179 |
Features Supported by Directory Integration |
179 |
Directory Services Installation Prerequisites |
180 |
Installing Directory Services |
180 |
Schema Documentation |
180 |
Directory Services Support |
181 |
eDirectory Installation Prerequisites |
181 |
Required Schema Software |
181 |
Schema Installer |
182 |
Schema Preview Screen |
182 |
Setup Screen |
182 |
Results Screen |
183 |
Management Snap-In Installer |
184 |
Directory Services for Active Directory |
184 |
Active Directory Installation Prerequisites |
184 |
Preparing Directory Services for Active Directory |
185 |
Installing and Initializing Snap-Ins for Active Directory |
186 |
Example: Creating and Configuring Directory Objects for Use with iLO 2 in Active Directory |
186 |
Directory Services Objects |
189 |
Active Directory Snap-Ins |
190 |
Managing HP Devices In a Role |
190 |
Managing Users In a Role |
190 |
Setting Login Restrictions |
191 |
Setting Time Restrictions |
192 |
Defining Client IP Address or DNS Name Access |
192 |
Setting User or Group Role Rights |
193 |
Directory Services for eDirectory |
194 |
Installing and Initializing Snap-In for eDirectory |
194 |
Example: Creating and Configuring Directory Objects for Use with iLO 2 Devices in eDirectory |
195 |
Creating Objects |
195 |
Creating Roles |
196 |
Directory Services Objects for eDirectory |
198 |
Adding Role Managed Devices |
198 |
Adding Members |
198 |
Setting Role Restrictions |
199 |
Setting Time Restrictions |
200 |
Defining Client IP Address or DNS Name Access |
200 |
Setting Lights-Out Management Device Rights |
200 |
Installing Snap-Ins and Extending Schema for eDirectory on a Linux Platform |
201 |
Installing the Java Runtime Environment |
201 |
Installing Snap-Ins |
202 |
Extending Schema |
202 |
Verifying Snap-In Installation and Schema Extension |
203 |
Using the LDAP Command to Configure Directory Settings in iLO 2 |
203 |
User Login Using Directory Services |
204 |
Certificate Services |
205 |
Installing Certificate Services |
205 |
Verifying Directory Services |
205 |
Configuring an Automatic Certificate Request |
205 |
Directory-Enabled Remote Management |
205 |
Using Existing Groups |
206 |
Using Multiple Roles |
206 |
Creating Roles that Follow Organizational Structure |
207 |
Restricting Roles |
207 |
Role Time Restrictions |
207 |
IP Address Range Restrictions |
208 |
IP Address and Subnet Mask Restrictions |
208 |
DNS-Based Restrictions |
208 |
Role Address Restrictions |
208 |
Enforcing Directory Login Restrictions |
208 |
Enforcing User Time Restrictions |
209 |
User Address Restrictions |
210 |
Creating Multiple Restrictions and Roles |
210 |
Directory Services Schema (LDAP) |
211 |
HP Management Core LDAP Object Identifier Classes and Attributes |
211 |
Core Classes |
211 |
Core Attributes |
211 |
Core Class Definitions |
212 |
hpqTarget |
212 |
hpqRole |
212 |
hpqPolicy |
212 |
Core Attribute Definitions |
212 |
hpqPolicyDN |
213 |
hpqRoleMembership |
213 |
hpqTargetMembership |
213 |
hpqRoleIPRestrictionDefault |
213 |
hpqRoleIPRestrictions |
213 |
hpqRoleTimeRestriction |
214 |
iLO 2-Specific LDAP OID Classes and Attributes |
214 |
iLO 2 Classes |
214 |
iLO 2 Attributes |
214 |
iLO 2 Class Definitions |
215 |
hpqLOMv100 |
215 |
iLO 2 Attribute Definitions |
215 |
hpqLOMRightLogin |
215 |
hpqLOMRightRemoteConsole |
215 |
hpqLOMRightRemoteConsole |
216 |
hpqLOMRightServerReset |
216 |
hpqLOMRightLocalUserAdmin |
216 |
hpqLOMRightConfigureSettings |
216 |
Glossary |
217 |