HP Integrity rx1600 HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed
HP Integrity rx1600 Manual
View all HP Integrity rx1600 manuals
Add to My Manuals
Save this manual to your list of manuals |
HP Integrity rx1600 manual content summary:
- HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 1
HP Integrity and HP 9000 iLO MP Operations Guide HP Part Number: 5991-6006 Published: January 2008 Edition: Fifth Edition - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 2
to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 3
Subsystem Information 19 DHCP and DNS Support...19 SNMP...19 Mirrored Console...19 Remote Power Control...20 Event Logging...20 Console Serial Port...25 iLO MP LAN Port...25 iLO MP LAN LEDs (rx4640; rp4410/4440 26 iLO MP LAN LEDs (rx1600; rx1620; rx2600; rx2620; rp3410/3440 27 iLO MP Reset Button - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 4
up Directory Security Groups 47 Login Process Using Directory Services Without Schema Extensions 47 6 Using iLO...49 Text User Interface...49 MP Command Interfaces...49 MP Main Menu ...49 MP Main Menu Commands...49 CO (Console) Leave the MP Main Menu and enter console mode 49 VFP (Virtual Front - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 5
users 68 XD: Diagnostics or reset of the iLO MP 68 Web GUI...68 System Status...69 System Status > Status Summary General 69 System Status > Status Summary > Active Users 70 System Status > Server Status > General 70 System Status > Server Status > Identification 71 System Status > System - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 6
and Configuring Directory Objects for Use with iLO MP in Active Directory...98 Directory Services Objects...102 Active Directory Snap-Ins...102 Managing HP Devices Within a Role 102 Managing Users in a Role 103 Setting Login Restrictions...104 Setting Time Restrictions...105 Defining Client - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 7
Address Restrictions...121 How Directory Login Restrictions Are Enforced 121 Roles 123 Directory Services Schema (LDAP)...124 HP Management Core LDAP MP-Specific LDAP OID Classes and Attributes 127 iLO MP Classes...127 iLO MP Attributes...128 iLO MP Class Definitions...128 hpqLOMv100...128 iLO MP - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 8
8 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 9
Page 71 6-4 System Status > Server Status Identification Page 72 6-5 System Status > System Event Log Page 73 6-6 Remote Console > Remote Serial Console 74 6-7 Remote Console > Remote Serial Console > View Console 75 6-8 Virtual Devices > Power & Reset Page 77 6-9 User Administration Page - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 10
10 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 11
1 Publishing History Details...13 2 HP-UX 11i Releases...15 1-1 Supported Systems and Required Components Matrix 21 1-2 Supported Browsers and Client Operating Systems 22 2-1 Console Serial Port Pinouts...25 2-2 iLO MP LAN Port Pinouts...26 2-3 iLO MP LAN LED Status Descriptions (rx4640 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 12
7-21 hpqLOMRightConfigureSettings 129 12 List of Tables - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 13
and instructions on how to use the HP Integrated Lights Out Management Processor (iLO MP) for HP 9000 and Integrity servers. The or new editions, you should subscribe to the appropriate product support service. See your HP sales representative for details. The latest version of this document - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 14
chapter provides information about iLO MP functionality. Ports and LEDs This chapter provides information on the server ports and LEDs. Setting Up and Connecting the Console This chapter provides instructions on setting up and connecting the console. Accessing the Host Console Use this chapter to - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 15
with the -r option returns the release identifier. This table shows the releases available for HP-UX 11i. Table 2 HP-UX 11i Releases Release Identifier B.11.11 B.11.20 Release Name HP-UX 11i v1 HP-UX 11i v1.5 Supported Processor Architecture PA-RISC Intel® Itanium® Typographic Conventions 15 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 16
23 Release Name HP-UX 11i v1.6 HP-UX 11i v2 Supported Processor Architecture Intel Itanium Intel Itanium Related Documents You can find other information on HP server hardware management, Microsoft Windows, and diagnostic support tools in the following publications. HP Technical Documentation Web - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 17
administration and troubleshooting for enterprise servers. HP servers are designed so all administrative functions that can be performed locally can also be performed remotely. iLO enables remote access to the operating system console, control over the server's power and hardware reset functionality - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 18
access rights that define a specific level of access to the server and to the iLO MP commands. The iLO MP supports LDAP directory user authentication and locally stored iLO MP user accounts. iLO MP users can have any of the following access rights: Console Access Power Control Access Local User - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 19
such as temperature, voltage, fans, and power supplies. IPMI defines a common interface for platform management hardware. With IPMI over LAN enabled, BMC functions are available to other management software applications. The iLO MP supports up to four simultaneous IPMI over LAN connections. Firmware - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 20
Control The iLO MP enables remote power cycle; power on and power off; and TOC. It also provides you with options to reset the system, the BMC, or iLO MP. Event Logging The iLO MP provides event logging, display, and keyword search of console history and system events. Advanced Features The advanced - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 21
-install or manual install instructions located on the Integrated Lights-Out Advanced Pack for HP Integrity and HP 9000 Servers; Certificate of License to Use; License Installation Card to activate your license. Supported Systems and Required Components and Cables There are several ways you can - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 22
and management agents or remote console access. Table 1-2 lists the supported browsers and operating systems on the iLO MP. Table 1-2 Supported Browsers and Client Operating Systems Browsers Java™ Plug-in 1.5.0_08 Firefox 2.0.0.4 Internet Explorer 6.0 HP Secure Web Browser 1.7.13 HP-UX 11.23/11.31 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 23
services • Reset the specific source and destination addresses. For example, you can allow inbound SNMP traffic into the host server MP> prompt. The following example shows the MP Help Main Menu: ==== MP Help: Main Menu Integrated Lights-Out for HP Integrity and HP 9000 - Management Processor (MP) MP - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 24
the command name for help on individual command TOPics : Show all MP Help topics and commands HElp : Display this screen Q : Quit help ==== MP:HE To display the Main Menu Command List, enter LI at the MP HE: prompt. To return to the MP Main Menu enter Q. Accessing Help Using the Web GUI To - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 25
and LEDs All iLO MP functions are available through the server LAN and the local and remote console serial port. This chapter describes the available iLO MP port connectors, pinouts, and LEDs. This chapter addresses the following topics: • "Console Serial Port" (page 25) • "iLO MP LAN Port" (page 25 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 26
version of the card is installed in the server, the iLO MP LAN port LEDs display differently. On some servers, the LEDs display as in Figure 2-3. Table 2-3 lists the status of the system when a specific LED condition exists: Figure 2-3 iLO MP LAN LEDs (rx4640; rp4410/4440) Card Version 1 Table - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 27
10BT link Standby power on Standby power off iLO MP Reset Button The iLO MP Reset button enables you to reset the iLO MP, and reset the user-specific values to factory default values. A momentary press causes a soft reset of the iLO MP when the button is released. A greater than four second press - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 28
with serial emulation, for example) to the iLO MP serial port. 2. Press and hold the iLO MP Reset button for > 4 seconds. The iLO MP reboots and displays a prompt that asks if you want to reset the passwords. 3. Respond to the prompt to reset local user accounts and passwords to default values. 28 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 29
default user name and password 5 Set up user accounts 6 Set up security access 7 Access the host console Advanced Activate Advanced Pack features Log in to the iLO MP from a supported web browser or command line using the default user name and password. Change the default user name and password - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 30
Setup Flowchart Use this flowchart as a guide to help set up the iLO MP. Figure 3-1 iLO MP Setup Flowchart 30 Setting Up and Connecting the Console - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 31
connection method. The iLO MP has a separate LAN port from the system LAN port. It requires a separate LAN drop, IP address, and networking information from that of the port used by the operating system. See your server installation guide for rear panel console connection port identification and - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 32
Method To access the iLO MP through the iLO MP LAN, the iLO MP must acquire an IP address. The way the iLO MP acquires an IP address is dependent upon whether DHCP is enabled or disabled on the server, and if DHCP and DNS services are available to the server. See Table 3-3. Once you have - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 33
from the server to an active network port. 3. Apply ac power to the server. 4. Open a browser, telnet, or SSH client and enter the DNS name. The iLO MP Log because anyone can access the iLO MP until you change the default user name and password. HP strongly recommends you assign user groups and - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 34
Serial Port To configure the iLO MP LAN using the Console serial port (RS-232), follow these steps: IMPORTANT: Do not configure duplicate IP addresses on different servers within the same network. The duplicate server IP addresses conflict and the server cannot connect to the network. The LC - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 35
following are supported terminal types instructions on the screen to change the DHCP status from Enabled to Disabled. c. Enter XD -R to reset the iLO MP MP To log in to the iLO MP, follow these steps: 1. Access the iLO MP using the LAN, console serial port, telnet, SSH, or web method. The iLO MP login - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 36
/Admin). TIP: For security reasons, HP strongly recommends you modify the default settings during the initial login session. See "Modifying User Accounts and Default Password" (page 36). The following example shows the MP Main Menu using the TUI: MP MAIN MENU: CO: Console VFP: Virtual Front Panel CM - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 37
and small-to-medium sized businesses. • Use the corporate directory services to manage iLO MP user access. This is ideal for environments with a large number of frequently changing users. If you plan to use directory services, HP recommends leaving at least one local account enabled as an alternate - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 38
38 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 39
Accessing the Host Console This chapter describes several ways to access the host console of the server: This chapter addresses the following topics: • "Accessing the iLO MP Using the Web GUI" (page 39) • "Accessing the Host Console Using the TUI" (page 40) • "Accessing the Graphic Console Using VGA - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 40
user account name and password at the login page. 2. To switch the console terminal from the MP Main Menu to mirrored/redirected console mode, enter the CO command at the iLO MP login prompt ( MP>). All mirrored data displays. 3. To return to the iLO MP command interface, enter Ctrl-B or Esc and - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 41
Shell or to access the iLO MP. See "Configuring the iLO MP LAN Using the Console Serial Port" (page 34). To access the graphic console using VGA, follow these steps: 1. Perform preparation tasks. 2. Connect the cables. See your user service guide for specific port information. a. Connect the monitor - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 42
42 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 43
MP host name you set through this method displays at the iLO MP command mode prompt. Its primary purpose is to identify the iLO MP LAN interface in a DNS database. NOTE: The HP request" for the new host name are sent to the DDNS server. If you change the DHCP status between Enabled and Disabled, the - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 44
confirm, or [Q] to Quit: Y -> DNS Configuration has been updated [mpserver] MP:CM> Configuring LDAP Extended Schema The following procedure shows how to configure the iLO MP to use a directory server to authenticate a user login using the iLO MP TUI. 44 Configuring DHCP, DNS, LDAP, and LDAP Lite - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 45
displays the current LDAP server port address. 8. Enter a new port number. The screen displays the current object distinguished name. This specifies the full distinguished name of the iLO MP device object in the directory service. For example, CN=RILOE2OBJECT, CN=Users, DC=HP, DC=com. Distinguished - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 46
services is available from the HP web site at: http://www.hp.com/servers/lights-out Using directory services after a user enters their login and password, the browser sends the cookie to the iLO MP. The iLO MP accesses the directory service require maintenance support on iLO MPs; typically group - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 47
distinguished name. 5. Select rights for the group. 6. Enter Y to confirm. Login Process Using Directory Services Without Schema Extensions You can control access to the iLO MP using directories without schema extensions. The iLO MP acquires the user name to determine group membership from the - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 48
48 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 49
MP command interfaces: MP Main Menu The MP Main Menu command line interface (CLI) supports the basic MP commands for server control and the iLO MP configuration, such as setting up the iLO MP LAN, retrieving events, resetting and powering on control of the server, switching to the console - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 50
the console terminal from the MP Main console path and stored for later analysis. Console data is stored in a buffer in nonvolatile memory. By default, data is displayed from the beginning of the buffer to end Reading the system event log is the only way to turn off the attention indicator of the - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 51
X: Exit iLO MP X exits you from the MP Main Menu. If the terminal is the local serial port, the login prompt appears. For Resets the default configuration Displays FRU information Disconnects the remote or LAN console Sets the DNS configuration This command is only available to authorized HP service - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 52
Configures the power restore policy Displays the power management module status Resets the BMC Resets the system through the RST signal Sets access options Configures SNMP parameters Configures security options Displays the system processor status Displays all firmware revisions Resets through TOC - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 53
MP, access the console, and send and receive commands in EFI or the operating system. NOTE: This guide is not meant as a substitute for instruction ftp, if it produces throughput statistics at the end of a file # transfer. If this causes a problem, delete these patterns or replace # them with - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 54
MP login: $" send -- "$mp_user\r" expect "MP password: $" send -- "$mp_password\r" expect "$MA_PROMPT" #Run SL command to dump logs #send "sl -forward -view text -nc\r" send -- "cm\r" expect "$CM_PROMPT" #Run PC command to power you enter -nc at the end of the command line, the command is executed without asking - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 55
set to its default value. • -? (MP command-specific help) is optional. If you enter MP configuration access CA sets the parameters for the local and the remote serial console. Input and output data rates are the same. The value returned by the stty command on HP-UX is the local serial port console - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 56
passwords by pressing the MP Reset button on the back panel of the server. After the iLO MP reboots, the local console terminal displays a message for five seconds. Responding to this message in time enables a local user to reset the passwords. NOTE: All user information (logins, passwords, and so - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 57
and version number, and manufacturer. Command line usage and scripting: DF [ -specific[ ] | -all ] [ -view ] [ -nc ] -? DI: Disconnect remote/Modem or LAN/Remote Serial Console Command access level: MP configuration access DI disconnects (hangs up) remote/modem, telnet, web SSL - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 58
: HE [ -topic | command ] [ -nc ] -? ID: Display or modify system information Command access level: MP configuration access ID displays and modifies the following: SNMP contact information SNMP server information SPU host name Name, telephone, email, and pager number. Location, rack ID, and - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 59
once you confirm the change. If you are connected through a serial console and you make any changes, the iLO MP alerts you to manually reset the iLO MP. Configurable parameters include the following: • iLO MP IP address. • DHCP status (default is enabled): - If the IP address, gateway IP address - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 60
Port: Port number for the secure LDAP service on the server. The default value for this port is 636. • Distinguished Name: Specifies where this iLO MP instance is listed in the directory tree. For example: cn=MP Server,ou=Management Devices,o=hp • User Search Contexts (1,2,3): User name contexts are - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 61
3context ] [ -change [ -dn ] [ rights ] ] [ -list ]] LDAP: LDAP group authentication for logging into the iLO MP without having to do any schema extension on the directory server or snap-in installation on the client - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 62
Login access LS displays all parameters and the current status of the iLO MP LAN connections. The LAN parameters are not modified by this command. Command line usage and scripting: LS [ -nc ] -? See also: DNS, LC, SA MR: Modem reset Command access level: MP configuration access MR makes the iLO MP - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 63
If the modem is in use by either a dial-in connection to iLO MP, a dial-in session to the OS, or a dial-out by the OS -? See also: PC PS: Power status Command access level: Login access PS displays the following: • System power state • Power supplies temperature and status • System fans temperature - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 64
See also: PC, SS RB: Reset BMC Command access level: MP configuration access RB resets the BMC by toggling the GPIO BMC reset line. Command line usage and scripting: RB [ -nc ] -? See also: PC, SS RS: Reset system through RST signal Command access level: Power control access IMPORTANT: During normal - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 65
iLO MP password reset This is the maximum time allowed to enter login name and password after the connection is established. The connection is interrupted when the timeout value is reached (local console restarts the login; for all other terminal types, the connection is closed). A timeout value - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 66
Oper user has the console access right by default. You can change the configuration of these default users with the UC command. All users have the right to log in to the iLO MP and to run status or (read-only) commands (view event logs, check system status, power status, and so on - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 67
). An iLO MP user can also have any (or all) of the following rights: • Console Access: Right to access the system console (the host OS). This does not bypass host authentication requirements, if any: Command: CO • Power Control Access: Right to power on, power off, or reset the server, and to - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 68
iLO MP connected users Command access level: Login access WHO displays the login name of the connected console reset the iLO MP. You can safely perform an iLO MP reset without affecting the operation of the server. You can also reset the iLO MP through the web GUI by pressing the iLO MP Reset button - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 69
on the web browser in order to successfully log in to the iLO MP web GUI. System Status The System Status tab enables you to access the following pages: • Status Summary: General and Active Users • Server Status: General and Identification • System Event Log System Status > Status Summary General - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 70
: LDAP directory user authentication (LDAP) or locally stored iLO MP user accounts (local). Rights control the iLO MP functions a user can perform. There are four user access rights: console access, iLO MP configuration, power control, and user administration. A user can be configured to - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 71
and descriptions. Table 6-6 Server Status General Page Description Field System Power Temperature Power Supplies Fans System Processors Description The current power state of the system and the corresponding power LED state. The temperature status. Lists the power supplies and their status and - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 72
Identification Page Table 6-7 lists the fields and descriptions. Table 6-7 Server Status Identification Page Description Field Server Host Name Location Rack ID Position Contact Person Description The default host name is mp. Enter the location. Enter the rack identifier. Enter - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 73
buttons, and descriptions. Table 6-8 System Event Log Page Description Fields and Buttons System in system state (such as firmware boot start or system power on/off), or they might be forward progress markers ( BMC from different sources throughout the server. The iLO MP polls the BMC for new events - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 74
connection to the server serial console over default port supported by the iLO MP. NOTE: Pop-up blocking applications prevent the remote serial console from running. Disable any pop-up blocking applications before starting remote serial console. The iLO MP mirrors the system console to the iLO MP - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 75
write access, enter Ctrl-Ecf. To ensure proper operation of the remote serial console, verify the following conditions: • Your emulator can run the supported terminal type. • The iLO MP terminal setting in the applet is correct. • The operating system environment settings and your client terminal - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 76
TO, at: http://h20000.www2.hp.com/bc/docs/support/SupportManual/c00263709/c00263709.pdf Virtual Devices The Virtual Devices tab enables you to access the Power & Reset page. The Power & Reset page (Figure 6-8) enables you to view and control the power state of the server. It also provides you with - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 77
Figure 6-8 Virtual Devices > Power & Reset Page Table 6-9 lists the fields, buttons, and descriptions. Table 6-9 Power & Reset Page Description Fields and Buttons System Power System Power Control Description The current power state of the system. A user with power control access can issue the - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 78
the processors are signaled to dump state on the way down. Reset iLO MP: This option enables you to reset all iLO MPs. You can safely perform an iLO MP reset without affecting the operation of the server. Only a user with configuration access right can issue this option. Submit Click this button - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 79
Administration Page There are two default users: 1. Admin: The Admin user has all four rights (console access, power control, MP configuration, user administration). 2. Oper: The Oper user has the login and console access rights by default. Table 6-10 lists the fields and descriptions. Table 6-10 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 80
Buttons Telnet SSH Description These options are used to enable or disable telnet access to the iLO MP. An industry-standard client-server connectivity protocol that provides a secure remote connection. The iLO MP supports . You must reset the iLO MP after you generate a new certificate. Submit - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 81
Table 6-12 lists the fields, buttons, and descriptions. Table 6-12 Serial Page Description Fields and Buttons Bit Rate in Bits per Second > Access Settings > Login Options The Login Options page (Figure 6-12) enables you to modify the security options of the iLO MP. Only a user with - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 82
enter -nc, no warning displays and the iLO MP reboots. If you are connected through a serial console and you make any changes to DHCP status, IP address, subnet mask, or gateway IP address, the iLO MP alerts you to manually reset the iLO MP. A warning about dropped network connections is sent prior - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 83
supplied. Auto Negotiate or 10BaseT option. Submits the information. Cancels the action. Administration > Network Settings > Domain Name Service The Domain Name Service page (Figure 6-14) enables you to configure the DNS server settings, the domain name, and up to three DNS servers either manually - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 84
-supplied DNS server list. Register with Dynamic DNS: Register its name with a DDNS server. Submit Submits the DNS information. Cancel Cancels the action. Administration > Firmware Upgrade The Firmware Upgrade page functionality is only available to authorized HP service personnel. The MP - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 85
access. • Group actions through HP Systems Insight Manager (HPSIM). • LDAP Lite The iLO MP provides a mechanism to install a MP uptime. 2. iLO MP Advanced Permanent License allows perpetual use of the advanced features. Figure 6-15 Administration > Licensing Page Table 6-16 lists the fields, buttons - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 86
Table 6-16 Licensing Page Description Fields and Buttons Licensing Key Status Licensing Key Submit Cancel Description an Evaluation license. Enter the 25-character license key used to enable the iLO MP Advanced Pack features. Fields are case sensitive. Submits the key for activation. Cancels the - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 87
service on the server. The default value for this port is 636. Distinguished Name Distinguished Name of the iLO MP. Specifies where this iLO MP instance is listed in the directory tree. Example: cn=MP Server,ou=Management Devices,o=hp user attempts to login into the iLO MP, the iLO MP reads that - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 88
to open the Group Settings page and enter information. Click the Custom 1,2,3,4 radio button and click the Edit button to open the Group Settings page and enter information. The Edit button opens the Group Settings page. Cancels the action. Administration > SNMP Settings The SNMP Settings page - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 89
, activates or deactivates the SNMP feature support on this iLO MP. Configure the community string to secure the Reset MP (XD command option R) for configuration to take effect. Click OK and reset the iLO MP. Accessing Online Help The iLO MP web GUI has a robust online help system. To launch iLO MP - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 90
Figure 6-19 Online Help Page Select any of the topics listed in the left navigation bar to access that particular help screen. 90 Using iLO - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 91
of iLO MP directory services. This chapter addresses the following topics: • "Directory Services" (page 91) • "Directory Services for Active Directory" (page 96) • "Directory Services for eDirectory" (page 107) • "User Login Using Directory Services" (page 117) • "Certificate Services" (page 118 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 92
From the Directory Settings in the iLO MP user interface, set directory server settings and the distinguished name of iLO MP objects. 4. Manage a. Create a management device object and a role object using the snap-in. (See "Directory Services Objects" (page 102)) b. Assign rights to the role object - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 93
requires specific software to extend the schema and provide snap-ins to manage the iLO MP network. An HP Smart Component that contains the schema installer and the management snap-in installer is available for download from the HP web site at: http://www.hp.com/servers/lights-out. Directory Services - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 94
added to the directory. Typically, one of these files contains core schema that is common to all the supported directory services. Additional files contain only product-specific schema. The schema installer requires the use of the .NET Framework. The schema installer includes three important screens - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 95
Write access to the schema is automatically enabled on Windows Server 2003. The Directory Login section of the Setup screen enables you to enter your login name and password. These may be required to complete whether the schema could be extended and what attributes were changed. Directory Services 95 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 96
between iLO MP objects and role objects. Directory Services for Active Directory HP provides a utility to automate much of the directory setup process. You can download the HP Directories Support for Management Processors on the HP web site at: http://h18004.www1.hp.com/support/files/lights - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 97
services for the iLO MP, an Active Directory administrator must extend the Active Directory schema. • Extending the Schema in the Microsoft Windows 2000 Server the Remote Server Administration Tools in Windows" - 314978 "How to Use Adminpak.msi to Install a Specific Server Administration Tool in - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 98
You can download the Smart Component from the HP web site at: http://www.hp.com/servers/lights-out 7. Run the schema installer application the directory service to have the appropriate objects and relationships for iLO MP management: a. Use the management snap-ins from HP to create iLO MP, Policy, - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 99
, Roles and MPs. 2. Use the Active Directory Users and Computers snap-ins provided by HP to create iLO MP objects for several iLO devices in the MP organizational unit. a. In the mpiso.com domain, right-click the MP organizational unit and select NewHPObject. Directory Services for Active Directory - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 100
of the iLO MP device, lpmp, is used as the name of the iLO MP object, and the surname is iLO MP. d. Enter and server monitors named remoteMonitors. 5. Use the Active Directory Users and Computers snap-ins provided by HP HP Devices tab and click Add. 100 Installing and Configuring Directory Services - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 101
MP object created in step 2: (lpmp in folder mpiso.com/MPs). Click OK. Figure 7-6 Select Users Dialog Box d. To save the list, click Apply. e. To add users to the role, click the Members tab, and use the Add button to the iLO MP functionality. Select the the HP Devices tab, and use the Members - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 102
or Mel Moore, in the Login Name field of the iLO MP login, and use his Active Directory password in the Password field. Directory Services Objects One of the keys to have installed the HP snap-ins. Managing HP Devices Within a Role Use the HP Devices tab (Figure 7-8) to add HP devices to be managed - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 103
of member devices, click Add. • To browse to a specific HP device and remove it from the list of member devices, click Remove. Managing Users in a Role After user objects are created, use the Members tab (Figure 7-9) to manage the users within the role. Directory Services for Active Directory 103 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 104
a user, browse to the specific user you want to add and click Add. • To remove a user from the list of valid members, highlight an existing user and click Remove. Setting Login Restrictions The Role Restrictions tab (Figure 7-10) enables you to set login restrictions for a role. These restrictions - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 105
Effective Hours button. The Logon Hours screen appears. Figure 7-11 Logon Hours Window • To select the times available for login each day of the week in half-hour increments, use the Logon Hours screen (Figure 7-11). You can change a single square by clicking it, or you can Directory Services for - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 106
the cursor across the squares to be changed, and releasing the mouse button. • Use the default setting to allow access at all times. Defining Client IP Address or DNS Name the role. Use the Lights Out Management tab (Figure 7-13) to manage rights. 106 Installing and Configuring Directory Services - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 107
This option enables users to access the system console (the host OS) Virtual Media This option is currently not supported. Server Reset and Power This option enables users to execute iLO MP power operations to remotely power on, power off, or reset the host platform, as well as configure the - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 108
and Devices Example Begin by creating organizational units in each region to contain the iLO MP devices and roles specific to that region. In this example, two organizational units are created, roles and hp devices, in each organizational unit (region1 and region2). Creating Objects To create iLO - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 109
MP device, rib-email-server, is used as the name of the iLO MP object, and the surname is RILOEII (iLO MP MP devices with the DNS names rib-nntp-server and rib-file-server-users1 in hp devices under region1, and rib-file-server-users2 and rib-app-server in hp remote server administration server - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 110
the Lights Out Management Device Rights subtab of the HP Management tab, click the Login checkbox, click Apply and click Close. Members of the remoteMonitors role are now able to authenticate and view the server status. User rights to any iLO MP device are calculated as the sum of all the rights - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 111
allowed to log in to the iLO MP. He would enter csmith (case insensitive) in the Login Name field of the iLO MP login, and use his eDirectory password in the Password field to gain access. Directory Services Objects for eDirectory Directory Services objects enable virtualization of managed devices - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 112
The Role Restrictions subtab (Figure 7-19) enables you to set login restrictions for a role. These restrictions include the following: • Time Subtab (eDirectory) Setting Time Restrictions You can manage the hours available for login by members of a role using the time grid displayed in the - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 113
section of squares by clicking and holding the mouse button, dragging the cursor across the squares to be changed, and releasing the mouse button. The default setting is to allow access at Rights subtab of the HP Management tab (Figure 7-21) to manage rights. Directory Services for eDirectory 113 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 114
This option enables users to access the system console (the host OS). Virtual Media This option is currently not supported. Server Reset and Power This option enables users to execute iLO MP power operations to remotely power on, power off, or reset the host platform, as well as configure the - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 115
jar and hpqMgmtCore.jar, to the HP directory. When the hpdsse.sh file is executed, the HP directory is automatically created and the two .sh This command displays instructions. As indicated in the instructions to extend the schema, provide the server name, admin DN, and Services for eDirectory 115 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 116
Manager from the Tools menu. All the classes related to the HP Directory Services must be present in the classes list. The classes are hpqRole, Q to Quit: -> Current Directory Server LDAP Port has been retained Distinguished Name (DN): Current -> cn=mp,o=demo Enter new value, or Q to Quit: - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 117
Using Directory Services The MP Login Name field accepts all of the following: • Directory users • LDAP Fully Distinguished Names Example: CN=John Smith,CN=Users,DC=HP,DC=COM, or @HP.com The short form of the login name by itself does not identify which domain you are trying to access. To identify - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 118
instructions for installing Certificate Services, verifying directory services, and configuring automatic certificate requests. Installing Certificate Services To install Certificate Services Server CD. 9. Click Finish to close the wizard. Verifying Directory Services Because the iLO MP communicates - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 119
network address, DNS name, host server name, or serial number. • Configure iLO MP devices Every iLO MP device that uses the directory service to authenticate and authorize users must be configured with the appropriate directory settings. For details about the specific directory settings, see "Using - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 120
way. The Admin User initially logs in through the Admin Role and is assigned admin rights such as Server Reset, Remote Console, and Login -by-step instructions on how iLO MP device MP device to compensate for leap years and minimize clock drift with respect to the host. Events such as unexpected power - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 121
server. If the name service fails or cannot be reached, DNS restrictions cannot be matched and will fail. DNS-based restrictions can limit access to a single, specific are enforced by the iLO MP firmware, based on the client manner. How Directory Login Restrictions Are Enforced Figure 7-22 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 122
account, and the directory server enforces these restrictions. See the directory service documentation for information about MP device. Network address restrictions placed on the user in the directory might not be enforced in the expected manner if the directory user logs in through a proxy server - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 123
can create another role that grants users from addresses outside the corporate network the login right, which could unintentionally grant the iLO MP administrators in the server Reset role the ability to reset the server from anywhere, provided they satisfy the time constraints of that role. The - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 124
that are specific to iLO MP. HP Management Core LDAP Object Identifier Classes and Attributes Object identifiers (OIDs) are unique numbers that are used by LDAP to identify object class, attribute, syntaxes (data types), matching rules, protocol mechanisms, controls, extended operation and supported - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 125
Table 7-6, and Table 7-7 define the HP management core classes. hpqTarget Table 7-5 providing the basis for HP products using directory-enabled providing the basis for HP products using directory-enabled objects, providing the basis for HP products using directory-enabled management. Structural - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 126
restrictions are satisfied for unexceptional network clients. If this attribute is FALSE, IP restrictions are unsatisfied for unexceptional network clients. 126 Installing and Configuring Directory Services - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 127
they should match all names that end with the specified string. For Specific LDAP OID Classes and Attributes The schema attributes and classes in Table 7-14 and Table 7-15 might depend on attributes or classes defined in the HP management core classes and attributes. iLO MP Classes Table 7-14 iLO MP - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 128
MP MP Class Definitions Table 7-16 defines the iLO MP core class. hpqLOMv100 Table 7-16 hpqLOMv100 OID Description Class Type SuperClasses Attributes Remarks 1.3.6.1.4.1.232.1001.1.8.1.1 This class defines the rights and settings used with HP 1001.1.8.2.1 Login Right for HP iLO MP products - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 129
.1001.1.8.2.2 Remote console right for iLO MP products. Meaningful only Remote Server Reset and Power Button Right for HP iLO MP products Boolean Database Administration Right for HP iLO MP products Boolean-1.3.6.1.4.1.1466.115 Settings Right for HP iLO MP products Boolean-1.3.6.1.4.1.1466.115 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 130
130 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 131
that enables users to enter executable instructions at a command prompt. The interface between the iLO MP and the server that controls basic functionality. Also known as host console. A terminal connected to the console serial port (RS-232) on the service processor. A console serial port is used to - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 132
such as www.hp.com. Machines typically acquires this information from a DNS server. A grouping of did not solicit or control. A platform-specific schema derived from the common model. An interface between the iLO MP and the server that controls basic functionality. Also known as console. Part of the - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 133
written as four numbers resets, and power on and power off capabilities), and alerting. L LDAP Lightweight Directory Access Protocol. A directory service Processor (MP console and system management. Prior to iLO, embedded remote server management was referred to as MP functionality. All legacy MP - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 134
for transmitted data. Power-On Self-Test. The series of steps that the host system CPU performs following power-on. Steps include encrypted login and execution of commands on a remote system over a non-secure network. Secure Sockets Layer. A protocol that enables client-to-server communication - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 135
the service processor, or directly with event messages sent from the host. T Telnet A telecommunications protocol providing specifications for Path (UFiP) User-Friendly instance Tag (UFiT) An external bus standard that supports data transfer rates of 450 Mb/s (USB 2.0). A USB port connects devices - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 136
136 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 137
benefits, 91 features, 92 installation prerequisites, 92 installing, 92 schema, 124-129 supported directories and operating systems, 93 user login, 117 directory services for Active Directory, 96 creating and configuring directory objects, 98 defining client IP address or DNS name access, 106 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 138
58 iLO Introduction, 17 iLO MP LAN LEDs, 27 iLO-specific object identifiers, 129 attribute definitions, 128-129 attributes, 128 class definitions, 128 classes, 127 inactivity timeout, 58 inactivity timers, modifying, 58 integrated lights-out management processor (see iLO Introduction) integrity, 23 - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 139
, 23 processors, display status, 65 PS command, 63 R RB command, 64 remote serial console disable pop-up blocking before running, 74 disconnecting, 57 ensuring proper operation, 75 view console, 74, 75 remote serial port parameters, 55 required components, 21 reset button, 27 reset password to - HP Integrity rx1600 | HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Ed - Page 140
server information login, using directory services, 117 user name, configuring, 66 user operating mode, configuring, 66 user workgroup, configuring, 66 users, displaying, 68 V VDP command, 67 VFP command, 50 VGA, using to access the graphic console, 41 view console, 75 virtual devices, power & reset
HP Integrity and HP 9000
iLO MP Operations Guide
HP Part Number: 5991-6006
Published: January 2008
Edition: Fifth Edition