FUJITSU M4000 User Manual

Download

SPARC® Enterprise

M4000/M5000/M8000/M9000

Servers XSCF User’s Guide

Manual Code C120-E332-06EN Part No. 819-7889-13 April 2008, Revision A

Sun Microsystems, Inc. provided technical input and review on po rtions of this material. Sun Microsystems, Inc. and Fujitsu Limited each own or control intellectual property rights relating to products and tec hnology described in

this document, and such products, technology and this document are protec ted by copyright laws, patents and other intellectual property laws and international treaties. The intellectual property rights of Sun Microsystems, Inc. and Fujitsu Limited in such products, technology and this document include, without limitation, one or more of the United States patents listed at http://www.sun.com/patents and one or more additional patents or patent applications in the United States or other countries.

This document and the produc t and technology to whic h it pertains are distributed under licenses restricting their use, copying, distribution, and decompilation. No part of such product or technology, or of this document, may be r eproduced in any form by any means without prior written authorization of Fujitsu Limited and Sun Microsystems, Inc., and their applicable licensors, if any. The furnishing of this document to you does not give you any rights or licenses, express or implied, with respect to the product or technology to which it pertains, and this document does not contain or represent any com mitment of any kind on the part o f Fujitsu Limited or Sun Microsystems, Inc., or any affiliate of either of them.

This document and the produc t and technology descri bed in this document may incorporate third-party intellectual property copyrighted by and/or licensed from suppliers to Fujitsu Limited and/or Sun Microsystems, Inc., including software and font technology .

Per the terms of the GPL or LGPL, a copy of the source code governed by the GPL or LGPL, as applicable, is available upon request by the End User. Please contact Fujitsu Limited or Sun Microsystems, Inc

This distribution may include materials developed by third parties. Parts of the product may be derived from Berkeley BSD systems, licensed from the University of California. UNIX is a registered trademark

in the U.S. and in other countries, exclusively licensed through X/Open Company, Ltd. Sun, Sun Microsystems, the Sun logo, Java, Netra, Solaris, Su n Ray, Answerbook2, docs.sun.com, OpenBoot, and Sun Fire are trademarks or

registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. Fujitsu and the Fujitsu logo are registered trademarks of Fujitsu Limited. All SPARC trademarks are used under license and are registered trademarks of SPARC International, Inc. in the U.S. and other countries.

Products bearing SPARC trademarks are based upon architecture developed by Sun Microsystems, Inc. SPARC64 is a trademark of SPARC International, Inc., used under license by Fujitsu Microelectronics, Inc. and Fujitsu Limited. The OPEN LOOK and Sun™ Graphi cal User Interf ace wa s devel oped by Sun Microsystems, Inc. for its users and licensees. Sun acknowledges

the pioneering efforts of Xer ox in r ese ar chi ng and de velopin g the concept of v isual or graphical user interfaces for the computer industry. Sun holds a non-exclusive license from Xerox to the Xerox Graphical User Interface, wh ich license also cov ers Sun’s licensees who implement OPEN LOOK GUIs and otherwise comply with Sun’s written license agreements.

United States Government Rights - Commercial use. U.S. Government users are subject to the standard government user license agreements of Sun Microsystems, Inc. and Fujitsu Limited and the applicable provisions of the FAR and its supplements.

Disclaimer: The only warranties granted by Fujitsu Limited, Sun Microsystems, Inc. or any affiliate of either of them in connection with this document or any product or technology described herein are those expressly set forth in the license agreement pursuant to which the product or technology is provided. EXCEPT AS EXPRESSLY SET FORTH IN SUCH AGREEMENT, FUJITSU LIMITE D, SUN MICROSYSTEMS, INC. AND THEIR AFFILIATES MAKE NO REPRESENT A TIONS OR WARRANTIES OF ANY KIND (EXPRESS OR IMPLIED) REGARDING SUCH PRODUCT OR TECHNOLOGY OR THIS DOCUMENT, WHICH ARE ALL PROVIDED AS IS, AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. Unless otherwise expressly set forth in such agreement, to the extent allowed by applicable law, in no event shall Fujitsu Limited, Sun Microsystems, Inc. or any of their affiliates have any liability to any third party under any le ga l t heor y for any l o ss of revenues or profits, loss of u se o r da ta , or bu sin ess inter r up t ion s, or for any indire ct, special, incidental or consequential damages, even if advised of the possibility of such damages.

DOCUMENTAT ION IS PROVIDED “AS IS” AND ALL EX PRESS OR IMPLIED CONDITIONS, REPRES ENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANT ABILITY, FITNESS FOR A PAR TICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID.

Please

Recycle

Entrée et revue tecnical fournies par Sun Microsystems, Incl sur des parties de ce matériel. Sun Microsystems, Inc. et Fujitsu Limited détiennent et cont rôlent tout es deux des droits de propriété intellectuelle relatifs aux produits et

technologies décrits dans ce document. De même, ces produits, technologies et ce document sont protégés par des lois sur le copyright, des brevets, d’autres lois sur la propriété intellectuelle et des traités internati onaux. Les droits de pr opriété intellectuelle de Sun Microsystems, Inc. et Fujitsu Limited concernant ces produits, ces technologies et ce document comprennent, sans que cette liste soit exhaustive, un ou plusieurs des brevets déposés aux États-Unis et indiqués à l’adresse http://www.sun.com/patents de même qu’un ou plusieurs brevets ou applications brevetées supplémentaires aux États-Unis et dans d’autres pays.

Ce document, le produit et les te chnologies afférents sont exclusivement distribués avec des licences qui en restreignent l’utilisation, la copie, la distribution et la décompilation. Aucune partie de ce produit, de ces technologies ou de ce document ne peut être reproduite sous quelque forme que ce soit, par quelque moyen que ce soit, sans l’autorisation écrite préalable de Fujitsu Limited et de Sun Microsystems, Inc., et de leurs éventuels bailleurs de licence. Ce document, bien qu’il vous ait été fourni, ne vous confère aucun droit et aucune licence, expresses ou tacites, concernant le produit ou la technologie auxquels il se rapporte. Par ailleurs, il ne contient ni ne représente aucun engagement, de quelque type que ce soit, de la part de Fujitsu Limited ou de Sun Mi crosystems, Inc., ou des sociétés affiliées.

Ce document, et le produit et les technologies qu’il décrit, peuvent inclure des droits de propriété intellectuelle de parties tierces protégés par copyright et/ou cédés sous licence par des fournisseurs à Fujitsu Limited et/ou Sun M icrosystems, Inc., y compris des logiciels et des technologies relatives aux polices de caractères.

Par limites du GPL ou du LGPL, une copie du code source régi par le GPL ou LGPL, comme applicable, est sur demande vers la fin utilsateur disponible; veuillez contacter Fujitsu Limted o u Sun Microsystems, Inc.

Cette distribution peut comprendre des composants développés par des tierces parties. Des parties de ce produit pourront être dérivées des systèmes Berkeley BSD licenciés par l’Université de Californie. UNIX est une marque

déposée aux Etats-Unis et dans d’autres pays et licenciée exclusivement par X/Open Company, Ltd. Sun, Sun Microsystems, le logo Sun, Java, Netra, Solaris, Sun Ray, Answerbook2, docs.sun.com, OpenBoot, et Sun Fire sont des marques de

fabrique ou des marques déposées de Sun Microsystems, Inc. aux Etats-Unis et dans d’autres pays. Fujitsu et le logo Fujitsu sont des marques déposées de Fujitsu Limited. Toutes les marques SPARC sont utilisées sous licence et sont des marques de fabrique ou des marques déposées de SPARC International, Inc.

aux Etats-Unis et dans d’autres pays. Les produits portant les marques SPARC sont basés sur une architecture développée par Sun Microsystems, Inc.

SPARC64 est une marques déposée de SPARC International, Inc., utilisée sous le permis par Fujitsu Microelectronics, Inc. et Fujitsu Limited. L’interface d’utilisation graphique OPEN LOOK et Sun™ a été développée par Sun Microsystems, Inc. pour ses utilisateurs et licenciés. Sun

reconnaît les efforts de pionniers de Xerox pour la recherche et le développement du concept des interfaces d’utilisation visuelle ou graphique pour l’industrie de l’informatique. Sun détient une license non exclusive de Xerox sur l’interface d’utilisation graphique Xerox, cette licence couvrant également les licenciés de Sun qui mettent en place l’interface d’utilisation graphique OPEN LOOK et qui, en outre, se conforment aux licences écrites de Sun.

Droits du gouvernement américain - logiciel commercial. Les utilisateurs du gouvernement américain sont soumis aux contrats de licence standard de Sun Microsystems, Inc. et de Fujitsu Limited ainsi qu’aux clauses applicables stipulées dans le FAR et ses suppléments.

A vis de non-responsabilité: les seules garanties octroyées par Fujitsu Lim ited, Sun Micros ystems, Inc. ou toute société af filiée de l’une ou l’autre entité en rapport avec ce document ou tout produit ou toute technologie décrit(e) dans les présentes correspondent aux garanties expressément stipulées dans le contrat de licence régissant le produit ou la technologie fourni(e). SAUF MENTION CONTRAIRE EXPRESSÉMENT STIPULÉE DANS CE CONTRAT, FUJITSU LIMITED, SUN MICROSYSTEMS, INC. ET LES SOCIÉTÉS AFFILIÉES REJETTENT TOUTE REPRÉSENTATION OU TOUTE GARANTIE, QUELLE QU’EN SOIT LA NATURE (EXPRESSE OU IMPLICITE) CONCERNANT CE PRODUIT, CETTE TECHNOLOGIE OU CE DOCUMENT , LESQUELS SONT FOURNIS EN L’ÉT AT. EN OUTRE, TOUTES LES CONDITIONS, REPRÉSENTA TIONS ET GARANTIES EXPRESSES OU TACITES, Y COMPRIS NOT AMMENT TOUTE GARANTIE IMPLICITE RELATIVE À LA QUALITÉ MARCHANDE, À L’APTITUDE À UNE UTILISATION PARTICULIÈRE OU À L’ABSENCE DE CONTREFAÇON, SONT EXCLUES, DANS LA MESURE AUTORISÉE PAR LA LOI APPLICABLE. Sauf mention contraire expr essémen t stipulée dans ce cont rat, dan s la mesure autorisée par la loi applicable, en aucun cas Fujitsu Limited, Sun Microsystems, Inc. ou l’une de leurs filiales ne sauraient être tenues responsables envers une quelconque partie tierce, sous quelque théorie juridique que ce soit, de tout manque à gagner ou de perte de profit, de problèmes d’utilisation ou de perte de données, ou d’interruptions d’activités, ou de tout dommage indirect, spécial, secondaire ou consécutif, même si ces entités ont été préalablement informées d’une telle éventualité.

LA DOCUMENTATION EST FOURNIE “EN L’ETAT” ET TOUTES AUTRES CONDITIONS, DECLARATIONS ET GARANTIES EXPRESSES OU TACITES SONT FORMELLEMENT EXCLUES, DANS LA MESURE AUTORISEE P AR LA LOI APPLICABLE, Y COMPRIS NOTAMMENT TOUTE GARANTIE IMPLICITE RELATIVE A LA QUALITE MARCHANDE, A L’APTITUDE A UNE UTILISATION PARTICULIERE OU A L’ABSENCE DE CONTREFACON.

Contents v

Figures xiii

Tables xv

Preface xix

Audience xx Glossary xx Structure and Contents of this Manual xx SPARC Enterprise Mx000 Servers Documentation xxii Abbreviated References to Other Documents xxv Models xxvi Text Conventions xxvi Prompt Notations xxvii Syntax of the Command Line Interface (CLI) xxvii

Command syntax xxvii Conventions for Important Messages xxviii Software License xxviii Limitations and Notes xxviii

About Remote Maintenance xxviii

Fujitsu Welcomes Your Comments xxix

Reader's Comment Form xxx

1. XSCF Overview 1–1

1.1 XSCF Features 1–1

1.2 XSCF Functions 1–7

1.3 Types of Connection to XSCF 1–12

1.3.1 Examples of LAN Connection Operations 1–13

1.3.2 NTP Configuration and Time Synchronization 1–17

1.3.3 About the CD-RW/DVD-RW Drive Unit and Tape Drive Unit 1–

1.4 XSCF User Interfaces 1–18

1.4.1 User Accounts and User Privileges 1–20

2. Setting Up XSCF 2–1

2.1 XSCF Setup Summary 2–1

2.1.1 Setup Summary by the XSCF Shell 2–2

2.1.2 Setup Summary Using the XSCF Web 2–11

2.2 Specifying the XSCF Settings 2–14

2.2.1 Network Configuration 2–15

2.2.2 User Account Administration 2–29

2.2.3 LDAP Administration 2–35

2.2.4 Time Administration 2–40

2.2.5 SSH/Telnet Administration 2–48

2.2.6 Https Administration 2–54

2.2.7 Audit Administration 2–61

2.2.8 Log Archiving Administration 2–68

2.2.9 SNMP Administration 2–73

2.2.10 Mail Administration 2–84

2.2.11 Domain Configuration 2–87

vi SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

2.2.12 System Board Configuration 2–113

2.2.13 Domain Mode Configuration 2–116

2.2.14 Locale Administration 2–126

2.2.15 Altitude Administration 2–127

2.2.16 DVD Drive/Tape Drive Unit Administration 2–128

2.2.17 COD Administration 2–131

3. Connecting to the XSCF and the Server 3–1

3.1 Connect Terminals to the XSCF 3–1

3.1.1 Terminal Operating Modes for Connection to XSCF 3–2

3.1.2 Port and Terminal Types Connected to the XSCF 3–2

3.1.3 About the XSCF-LAN/the DSCP Link Port Number and the Function and the Firewall 3–5

3.1.4 Connecting to XSCF via the Serial Port 3–6

3.1.5 Connecting to XSCF Using SSH via the LAN Port 3–8

3.1.6 Connecting to XSCF Using Telnet via the LAN Port 3–9

3.1.7 Switching Between the XSCF Shell and the Domain Console 3–10

3.2 Types of XSCF Connections 3–11

3.2.1 Connecting XSCF via the XSCF-LAN Port Or the Serial Port 3–11

3.2.2 XSCF-LAN and Serial Connection Purposes 3–14

4. Operation of the Server 4–1

4.1 Display Server Hardware Environment 4–1

4.1.1 Displaying System Information 4–1

4.1.2 Display Server Configuration/Status Information 4–4

4.2 Display Domain Information 4–6

4.2.1 Domain Information 4–6

4.3 Adding or Removing Domains 4–8

4.4 Server and Domain Power Operations 4–8

4.4.1 System Power On 4–9

Contents vii

4.4.2 System Power Off 4–10

4.4.3 Domain Power On 4–11

4.4.4 Domain Power Off 4–12

4.4.5 Sending a Domain Panic Request 4–14

4.4.6 Domain Reset 4–15

4.4.7 Sending a Break Signal to a Domain 4–16

4.4.8 Air-Conditioning Wait Time Administration 4–17

4.4.9 Warm-Up Time Administration 4–18

4.4.10 Shutdown Wait Time Administration 4–19

4.4.11 Dual Power Feed Administration 4–19

4.5 Identifying the Location of the System 4–21

4.6 Managing Fault Degradation 4–21

4.6.1 Displaying the Degraded Component 4–21

4.6.2 Clearing the Fault/Degradation Information 4–23

4.7 Changing the Time 4–23

4.8 Switching the XSCF Unit 4–23

4.9 Displaying State of an External I/O Expansion Unit and Administration 4–24

5. Overview of the XSCF Shell 5–1

5.1 Overview of the XSCF Command Shell 5–1

5.2 Login to XSCF User Accounts 5–7

5.2.1 Before Logging In 5–7

5.2.2 Operation From a Terminal Connected to the Serial Port 5–7

5.2.3 Operation for Connecting Via the XSCF-LAN (SSH) 5–8

5.2.4 Operation For Connecting Via the XSCF-LAN (Telnet) 5–9

5.3 View Server Status and Control Commands 5–10

5.4 Server Configuration Information Commands 5–12

5.5 Domain Control and Maintenance Commands 5–13

viii SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

5.6 View and Archive the XSCF Logs 5–15

5.7 User Management and Security Commands 5–15

5.8 Use the XSCF Other Commands 5–16

5.9 View XSCF Shell Error Messages 5–17

6. XSCF Mail Function 6–1

6.1 Overview of XSCF Mail Function 6–1

6.2 Setting Up the Mail Function 6–3

6.3 Contents of Parts Fault Notification 6–5

6.4 Test Mail 6–6

7. XSCF SNMP Agent Function 7–1

7.1 Overview of the XSCF SNMP Agent 7–1

7.2 MIB Definition File 7–3

7.3 About TRAP 7–5

7.4 Setting Up the XSCF SNMP Agent Function 7–8

8. Upgrade of XSCF Firmware and Maintenance 8–1

8.1 Update the XSCF Firmware 8–1

8.1.1 Firmware Update Overview 8–1

8.1.2 Firmware Update Conditions and Environment 8–3

8.1.3 Method of Delivering Firmware 8–4

8.1.4 Method of Checking the Firmware Version 8–4

8.1.5 Three Steps of the Firmware Update 8–5

8.1.6 Features of XSCF Firmware Update 8–6

8.1.7 Firmware Update Types and Timing 8–7

8.1.8 Firmware Update for Redundant XSCF Units 8–8

8.1.9 Ensuring Proper Operation After a Firmware Update 8–8

8.1.10 Firmware Update Procedure 8–9

8.1.11 If an Error Occurs During XSCF Firmware Update 8–18

Contents ix

8.1.12 Frequently Asked Questions 8–18

8.2 Collecting XSCF Logs 8–19

8.2.1 Log Types and Reference Commands 8–19

8.2.2 Method of Collecting the Log Information 8–22

9. How to Use the XSCF Web 9–1

9.1 Overview of the XSCF Web 9–1

9.2 Start the XSCF Web 9–5

9.2.1 Prerequisites 9–6

9.2.2 Supported Browsers 9–6

9.2.3 Functions to be Enabled on the Browser 9–6

9.2.4 Specifying the URL 9–7

9.3 Logging In and Out of the XSCF Web 9–7

9.3.1 Logging in to XSCF 9–7

9.3.2 Access Status Monitoring 9–7

9.3.3 Logging Out From XSCF 9–8

9.4 XSCF Web Pages 9–9

9.5 XSCF Web Error Messages 9–26

A. Warning and Information Messages A–1

A.1 Message Types A–1 A.2 Messages in Each Function A–3

B. XSCF Log Information B–1

B.1 XSCF Error Log B–1 B.2 Power Log B–5 B.3 Event L og B–7 B.4 Usi ng the showlogs Command to Display Other Logs B–8

B.4.1 Monitoring Log B–8 B.4.2 Temperature and Humidity History Log B–8

x SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

B.4.3 Console Log B–9 B.4.4 Panic Log B–9 B.4.5 IPL Log B–10

B.5 Audit L og B–10

C. XSCF MIB C–1

C.1 MIB Object Identifiers C–1 C.2 Standard MIB C–3 C.3 Extende d MIB C–3 C.4 Trap C–5

D. Troubleshooting D–1

D.1 Troubleshooting XSCF and FAQ D–1 D.2 Troubleshooting the Server While XSCF Is Being Used D–7

E. Software License Conditions E–1

Index Index–1

Contents xi

xii SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

Figures

FIGURE 1-1 Outline Drawing of the XSCF Unit Front Panel (An Example of the Midrange Systems) 1–3 FIGURE 1-2 Outline Drawing of Front Panels on the XSCF Unit for Base Cabinet and the XSCF Unit for

Expansion Cabinet (In High-End Systems) 1–6

FIGURE 1-3 Connections to XSCF (In the Midrange Systems) 1–12 FIGURE 1-4 XSCF-LAN Redundancy (In Midrange Systems) 1–15 FIGURE 1-5 Two XSCF-LANs and Two XSCF Units Configuration 1–16 FIGURE 2-1 Network Interface Required for XSCF Network Configuration (In the High-End Systems) 2–

FIGURE 2-2 Domain Component Hardware 2–94 FIGURE 2-3 XSCF-Domain Correlation Diagram 2–95 FIGURE 2-4 XSB Configuration Diagram (Uni-XSB) (In the Midrange Systems) 2–96 FIGURE 2-5 XSB Configuration Diagram (Quad-XSB) (In the Midrange Systems) 2–97 FIGURE 2-6 XSB Configuration Diagram (Uni-XSB) (In the High-End Systems) 2–98 FIGURE 2-7 XSB Configuration Diagram (Quad-XSB) (In the High-End Systems) 2–99 FIGURE 2-8 CPUs on CPU/Memory Board Unit (CMU) and Domain Configuration 2–119 FIGURE 3-1 Operating Modes for Connection to XSCF (In Midrange Systems) 3–2 FIGURE 3-2 Example of Terminal Software Settings 3–7 FIGURE 3-3 Example of Starting the Terminal Emulator 3–9 FIGURE 3-4 Intranet Connection (In a High-End System) 3–12 FIGURE 3-5 Connection of External Internet Using VPN Communication (In High-End System) 3–13 FIGURE 3-6 Example of LAN Port Connections Made Redundant 3–16

xiii

FIGURE 3-7 Example of LAN Port Connections Not Made Redundant 3–17 FIGURE 3-8 Example of a Connection With One LAN Port 3–18 FIGURE 6-1 XSCF Mail Function 6–2 FIGURE 6-2 XSCF Fault Notification 6–3 FIGURE 6-3 Mail Sent for an XSCF Parts Fault That Occurred 6–5 FIGURE 7-1 Example of a Network Management Environment 7–2 FIGURE 7-2 TRAP Issuance 7–7 FIGURE 8-1 Conceptual Diagram of the Firmware Update 8–2 FIGURE 9-1 Example of the Login Page 9–3 FIGURE 9-2 Example of the Tree Frame 9–4 FIGURE 9-3 Example of the Tree Frame and Main Page 9–5

xiv SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

Tables

TABLE 1-1 XSCF-LAN Operation Examples 1 1–14 TABLE 1-2 XSCF-LAN Operation Examples 2 1–14 TABLE 1-3 XSCF-LAN Operation Examples 3 1–14 TABLE 1-4 XSCF Unit and Domain Time Synchronization 1–17 TABLE 1-5 XSCF Functions and Connection Ports 1–20 TABLE 1-6 User Privilege Names and Descriptions 1–21 TABLE 2-1 Network Configuration Terms 2–15 TABLE 2-2 Network Configuration 2–16 TABLE 2-3 User Account Administration Term 2–29 TABLE 2-4 User Account Administration 2–30 TABLE 2-5 LDAP Administration Terms 2–36 TABLE 2-6 LDAP Administration 2–36 TABLE 2-7 Setting Time and Date 2–41 TABLE 2-8 SSH/Telnet Administration Terms 2–48 TABLE 2-9 SSH/Telnet Administration 2–49 TABLE 2-10 https Administration Term 2–55 TABLE 2-11 https Administration 2–56 TABLE 2-12 Audit Admini stration Terms 2–61 TABLE 2-13 Audit Admini stration 2–62 TABLE 2-14 Log Archiving Admini stration Terms 2–68

TABLE 2-15 Log Archiving Administration 2–68 TABLE 2-16 SNMP Administration Terms 2–73 TABLE 2-17 SNMP Administration 2–74 TABLE 2-18 Mail Administration 2–84 TABLE 2-19 Domain Configur ation Terms 2–87 TABLE 2-20 Number of Domains and XSBs for Each System 2–90 TABLE 2-21 PSB, XSB, and LSB Numbers to be Assigned (Decimal) 2–90 TABLE 2-22 DCL Information 2–91 TABLE 2-23 XSB Status Information 2–92 TABLE 2-24 Domain Configur ation 2–100 TABLE 2-25 System Board Configuration Term 2–113 TABLE 2-26 System Board Configuration 2–113 TABLE 2-27 Domain Mode Configuration Terms 2–117 TABLE 2-28 Domain Mo de Configuration 2–118 TABLE 2-29 Locale Admini stration 2–126 TABLE 2-30 Altitude Administration 2–127 TABLE 2-31 DVD Drive/Tape Drive Unit Administration Terms 2–128 TABLE 2-32 DVD Drive/Tape Driv e Unit Configuration 2–129 TABLE 2-33 COD Administration 2–131 TABLE 3-1 Types of Terminals Connected With XSCF 3–4 TABLE 3-2 XSCF-LAN Port Numbers and Connection Directions for Functions 3–5 TABLE 3-3 DSCP Link Port Numbers and Connection Directions for Functions 3–6 TABLE 4-1 External I/O Expansion Unit Administration Terms 4–25 TABLE 4-2 External I/O Expansion Unit Administration 4–26 TABLE 5-1 XSCF Commands 5–2 TABLE 5-2 Error Messages of XSCF Shell Commands 5–17 TABLE 8-1 Firmware Update Types and Timing 8–7 TABLE 8-2 Firmware Update Tasks 8–10 TABLE 8-3 Logs Containing Fault Information 8–20 TABLE 8-4 Other Logs 8–21

xvi SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

TABLE 9-1 XSCF Web Pages 9–2 TABLE 9-2 Supported Browsers 9–6 TABLE 9-3 System Status Display 9–11 TABLE 9-4 Domain Status Display 9–11 TABLE 9-5 Device Status Display 9–12 TABLE 9-6 System and Domain Operation 9–13 TABLE 9-7 Domain Mode Configuration 9–13 TABLE 9-8 System Board Configuration 9–14 TABLE 9-9 Domain Configuration 9–15 TABLE 9-10 Network Configuration 9–16 TABLE 9-11 Time Settings 9–17 TABLE 9-12 SSH/telnet Se ttings 9–17 TABLE 9-13 LDAP Configuration 9–18 TABLE 9-14 User Management Configuration 9–18 TABLE 9-15 Audit Con figuration 9–19 TABLE 9-16 Mail Confi guration (SMTP) 9–20 TABLE 9-17 Mail Confi guration (Email Reporting) 9–20 TABLE 9-18 SNMP Configuration 9–21 TABLE 9-19 SNMP Configuration (Security Access) 9–21 TABLE 9-20 Log Archiving Configuration 9–22 TABLE 9-21 COD Configuration 9–23 TABLE 9-22 Auto Logout Configura tion (XSCF Web) 9–23 TABLE 9-23 Firmwa re Updating 9–24 TABLE 9-24 Log Collection 9–25 TABLE 9-25 Error Messages of XSCF Web 9–26 TABLE C-1 MIB Object Identifiers C–1

Tables xvii

xviii SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

Preface

This manual describes the system monitor and control facility (eXtended System Control Facility, or XSCF, hereafter) used to control, monitor, operate, and service SPARC Enterprise series servers and domains. XSCF may also be referred to as the System Control Facility (SCF). Unless otherwise stated in this manual, the SPARC Enterprise system is described as“the server” or “the system”.

Before reading this manual, it is necessary to have read the SPARC Enterprise

M8000/M9000 Servers Overview Guide and the SPARC Enterprise M4000/M5000 Servers Overview Guide, and the SPARC Enterprise M4000/M5000/M8000/M9000 Servers Administration Guide.

In addition, be sure to also read the SPARC Enterprise M4000/M5000/M8000/M9000 Servers XSCF Reference Manual and other manuals referenced in this manual.

This section includes:

■ “Audience” on page xx

■ “Glossary” on page xx

■ “Structure and Contents of this Manual” on page xx

■ “SPARC Enterprise Mx000 Servers Documentation” on page xxii

■ “Abbreviated References to Other Documents” on page xxv

■ “Models” on page xxvi

■ “Text Conventions” on page xxvi

■ “Prompt Notations” on page xxvii

■ “Syntax of the Command Line Interf ace (CLI)” on page xxvii

■ “Conventions for Important Messages” on page xxviii

■ “Software License” on page xxviii

■ “Limitations and Notes” on page xxviii

■ “Fujitsu Welcomes Your Comments” on page xxix

Preface xix

Audience

This manual is intended for users, specifically SPARC Enterprise system management/maintenance administrators. Moreover, the system administrator is required to have the following knowledge:

■ Solaris

■ SPARC Enterprise system and basic knowledge of XSCF

Operating System and Unix command

Glossary

For the terms used in the “SPARC Enterprise Mx000 Servers Documentation” on

page xxii, refer to the SPARC Enterprise M4000/M5000/M8000/M9000 Servers Glossary

Structure and Contents of this Manual

This manual is organized as described below:

■ Chapter 1

This chapter provides an overview of the system monitor and control facility (eXtended System Control Facility, or XSCF).

■ Chapter 2

This chapter explains how to set up XSCF.

■ Chapter 3

This chapter describes how to connect consoles and terminals to this system in order to use XSCF.

■ Chapter 4

This chapter describes server hardware operation.

■ Chapter 5

This chapter describes how to use the XSCF Shell. The chapter describes how to use commands and log in with an XSCF user account, and it explains command errors.

xx SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

■ Chapter 6

This chapter describes the XSCF mail function.

■ Chapter 7

This chapter explains the XSCF SNMP agent function.

■ Chapter 8

This chapter explains how to update firmware and how to collect dump and log data.

■ Chapter 9

This chapter describes how to use the XSCF Web.

■ Ap pe ndix A

This appendix explains the error and informational messages output by XSCF during operation with the console, mail, or SNMP function of this system.

■ Ap pe ndix B

This appendix describes th e following XSCF log informa tion, which can be viewed on the XSCF console using XSCF commands.

■ Ap pe ndix C

This appendix explains Management Information Base (MIB), which is supported by the XSCF SNMP agent function.

■ Ap pe ndix D

This chapter describes problems that can occur during use of the XSCF console or during operation of the system and provides solutions for them.

■ Ap pe ndix E

The license of the software of building in LinuxV4.0, GPL, and LGPL condition has been described.

■ Index

The index lists key items used in the manual and corresponding page numbers for q uic k ref eren ce.

Preface xxi

SPARC Enterprise Mx000 Servers Documentation

The manuals listed below are provided for reference.

Book Titles Manual Codes

SPARC Enterprise M4000/M5000 Servers Site Planning Guide C120-H015 SPARC Enterprise M8000/M9000 Servers Site Planning Guide C120-H014 SPARC Enterprise Equipment Rack Mounting Guide C120-H016 SPARC Enterprise M4000/M5000 Servers Getting Started Guide C120-E345 SPARC Enterprise M8000/M9000 Servers Getting Started Guide C120-E323 SPARC Enterprise M4000/M5000 Servers Overview Guide C120-E346 SPARC Enterprise M8000/M9000 Servers Overview Guide C120-E324 Important Safety Informatio n for Hardware Systems C120-E391 SPARC Enterprise M4000/M5000 Servers Safety and Compliance Guide C120-E348 SPARC Enterprise M8000/M9000 Servers Safety and Compliance Guide C120-E326 External I/O Expansion Unit Safety and Compliance Guide C120-E457 SPARC Enterprise M4000 Server Unpacking Guide C120-E349 SPARC Enterprise M5000 Server Unpacking Guide C120-E350 SPARC Enterprise M8000/M9000 Servers Unpacking Guide C120-E327 SPARC Enterprise M4000/M5000 Servers Installation Guide C120-E351 SPARC Enterprise M8000/M9000 Servers Installation Guide C120-E328 SPARC Enterprise M4000/M5000 Servers Service Manual C120-E352 SPARC Enterprise M8000/M9000 Servers Service Manual C120-E330 External I/O Expansion Unit Installation and Service Manual C120-E329 SPARC Enterprise M4000/M5000/M8000/M9000 Servers RCI Build

Procedure SPARC Enterprise M4000/M5000/M8000/M9000 Servers Administration

Guide SPARC Enterprise M4000/M5000/M8000/M9000 Servers XSCF Us er ’s

Guide

C120-E361

C120-E331

C120-E332

xxii SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

Book Titles Manual Codes

SPARC Enterprise M4000/M5000/M8000/M9000 Servers XSCF Reference

C120-E333

Manual SPARC Enterprise M4000/M5000/M8000/M9000 Servers Dynamic

C120-E335

Reconfiguration (DR) User’s Gu ide SPARC Enterprise M4000/M5000/M8000/M9000 Servers Capa icty on

C120-E336

Demand (COD) User’s Guide SPARC Enterprise M4000/M5000/M8000/M9000 Servers RCI User’s Guide C120-E360 SPARC Enterprise M4000/M5000 Servers Product Notes Go to the

Web

SPARC Enterprise M8000/M9000 Servers Product Notes Go to the

Web External I/O Expansion Unit Product Notes C120-E456 SPARC Enterprise Server UPC Connector Supplement C120-E455 SPARC Enterprise M4000/M5000/M8000/M9000 Servers Glossary C120-E514

1. Manuals on the Web

The latest versions of all the SPARC Enterprise Series manuals are available at the following websites.

Global Site

http://www.fujitsu.com/sparcenterprise/manual/

Japanese Site

http://primeserver.fujitsu.com/sparcenterprise/manual/

Note – Product Notes are available on the website only. Please check for the most

recent update on your product.

2. Documentation CD

For the Documentation CD, please contact your local sales representative.

■ SPARC Enterprise M4000/M5000 Servers Documentation CD (C120-E365)

■ SPARC Enterprise M8000/M9000 Servers Documentation CD (C120-E364)

3. Manual on the Enhanced Support Facility x.x CD-ROM disk

■ Remote maint enance service

Book Title Manual Code

Enhanced Support Facility User's Guide for REMCS C112-B067

Preface xxiii

4. Manual (man page) provided in the system XSCF man page

Note – The man page can be referenced on the XSCF Shell, and it provides the same

content as the SPARC Enterprise M4000/M5000/M8000/M9000 Servers XSCF Reference Manual.

5. Documentation and Support on the Web The latest information about other documents and the support for your server are

provided on the websites. a. Message

Global Site

http://www.fujitsu.com/sparcenterprise/msg/

Japanese Site

http://primeserver.fujitsu.com/sparcenterprise/msg/

b. Firmware program

You can download the latest files of firmware at the following websites. Global Site

http://www.fujitsu.com/sparcenterprise/firmware/

Japanese Site

http://primeserver.fujitsu.com/sparcenterprise/download/firm ware/

The following files or document are provided.

i. Firmware program file (XSCF Control Package (XCP) file)

ii. XSCF extension MIB definition file

Note – XSCF Control Package (XCP) : XCP is a package which has the control

programs of hardware that configures a computing system. The XSCF firmware and the OpenBoot PROM firmware are included in the XCP file.

c. Fault Management MIB (SUN-FM-MIB) definition file

http://src.opensolaris.org/source/xref/onnv/onnvgate/usr/src/lib/fm/libfmd_snmp/mibs/

6. Solaris Operating System Related Manuals

http://docs.sun.com

xxiv SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

7. Provided In firmware program CD (For maintenance service <for FEs>) i. Firmware program file (XSCF Control Package (XCP) file)

ii. XSCF extension MIB definition file

8. Information on Using the RCI function

The manual does not contain an explanation of the RCI build procedure. For information on using the RCI function, refer to the SPARC Enterprise

M4000/M5000/M8000/M9000 Servers RCI Build Procedure and the SPARC Enterprise M4000/M5000/M8000/M9000 Servers RCI User’s Guide available on the website.

Abbreviated Refer ences to Other Documents

In this manual, the following abbreviated titles may be used when referring to a systems manual. The following table lists the abbreviations used in this manual.

Abbreviated Title Full Title

Overview Guide SPARC Enterprise M4000/M5000 Servers Overview Guide

SPARC Enterprise M8000/M9000 Servers Overview Guide

Service Manual SPARC Enterprise M4000/M5000 Servers Service Manual

SPARC Enterprise M8000/M9000 Servers Service Manual

Installation Guide SPARC Enterprise M4000/M5000 Servers Installation Guide

SPARC Enterprise M8000/M9000 Servers Installation Guide

Administration Guide SPARC Enterprise M4000/M5000/M8000/M9000 Servers

Administration Guide

XSCF Reference Manual SPARC Enterprise M4000/M5000/M8000/M9000 Servers XSCF

Reference Manual

Dynamic Reconfiguration User ’s Guide

or DR User’s Guide COD User’s Guide SPARC Enterprise M4000/M5000/M8000/M9000 Server s

Glossary SPARC Enterprise M4000/M5000/M8000/M9000 Server s

SPARC Enterprise M4000/M5000/M8000/M9000 Server s Dynamic Reconfiguration (DR) User’s Guide

Capaicty on Demand (COD) User’s Guide

Glossary

Preface xxv

Models

The model names used in this manual are as follows.

Server class Model name

Midrange SPARC Enterprise M4000

SPARC Enterprise M5000

High-end SPARC Enterprise M8000

SPARC Enterprise M9000

Text Conventions

This manual uses the following fonts and symbols to express specific types of information.

Fonts/symbols Meaning Examples

AaBbCc123 What you type, when contrasted

with on-screen computer output. This font represents the example of

command input in the frame.

AaBbCc123 The names of commands, files, and

directories; on-screen computer output.

This font represents the example of command input in the frame.

Italic font Indicates the name of a reference

manual

" " Indicates names of chapters,

sections, items, buttons, or menus.

XSCF> adduser jsmith

XSCF> showuser -p User Name: jsmith Privileges: useradm auditadm

See the XSCF Reference Manual

See Chapter 1, "XSCF Ove rview"

xxvi SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

Prompt Notations

The prompt notations used in this manual are as follows.

Shell Prompt Notations

XSCF XSCF> C shell machine-name% C shell super user machine-name# Bourne shell and Korn shell $ Bourne shell and Korn shell

super user OpenBoot PROM ok

Syntax of the Command Line Interface (CLI)

The command syntax is described below.

Command syntax

The command syntax is as follows:

■ A variable that requires input of a value must be enclosed in <>.

■ An optional element m ust be enclosed in [].

■ A group of options for an optional keyword must be enclosed in [] and delimited

by |.

■ A group of options for a mandatory keyword must be enclosed in {} and

delimited by |.

■ The command syntax is shown in a frame such as this one.

Example:

XSCF> showuser -l

Preface xxvii

Conventions for Important Messages

This manual uses the following conventions to show the important messages.

Caution-IMPORTANT- This indicates information that could help the user to use the

product more effectively

Software License

The function to explain in this manual uses the softwares of GPL,LGPL and others. For the information of the license, see

Appendix E.

Limitations and Notes

About Remote Maintenance

■ The remote maintenance service setting is a setting to do the remote maintenance

by using the REMCS agent function. When the REMCS agent function is used, it is set by the XSCF Web in this system. Enable https using the XSCF Shell, then use the XSCF Web, instead of the XSCF Shell, for the settings in

Summary by the XSCF Shell” on page 2-2.

■ Enabling and Disabling the REMCS Agent function

■ The REMCS agent uses the current server timezone. So when you change the

server timezone by XSCF, the following setting is required again for updating the information of the REMCS center:

■ The “Periodical Connection Schedule“

Section 2.1.1, “Setup

For details on making settings and using the remote maintenance service, see the manuals about the remote maintenance service in the Enhanced Support Facility User’s Guide for REMCS.

xxviii SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

Fujitsu Welcomes Your Comments

We would appreciate your comments and suggestions to improve this document. You can submit your comments by using

“Reader's Comment Form” on page xxx.

Preface xxix

Reader's Comment Form

xxx SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

FOLD AND TAPE

NO POSTAGE

NECESSARY

IF MAILED

IN THE

UNITED STATES

BUSINESS REPLY MAIL

FIRST-CLASS MAIL PERMIT NO 741 SUNNYVALE CA

POSTAGE WILL BE PAID BY ADDRESSEE

FUJITSU COMPUTER SYSTEMS AT T E NT IO N ENGINEERING OPS M/S 249 1250 EAST ARQUES AVENUE P O BOX 3470 SUNNYVALE CA 94088-3470

FOLD AND TAPE

Preface xxxi

xxxii SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

CHAPTER

XSCF Overview

This chapter provides an overview of the system monitoring and control facility (eXtended System Control Facility, or XSCF).

1.1 XSCF Features

The XSCF firmware (Note 1) is a system monitoring and control facility consisting of a dedicated processor that is independent from the system processor. While input power is supplied to the server, the XSCF constantly monitors the server even if no domain is active. The XSCF provides an interface between the user and the server.

The XSCF uses different functions to achieve high system availability. The XSCF firmware is a single centralized point for the management of hardware configuration, control of hardware monitoring, cooling system (fan units), domain status monitoring, power on and power off of peripheral devices (Note 2), and error monitoring. The XSCF centrally controls and monitors the server. The XSCF also has a partitioning function to configure and control domains, and it has a function to monitor the server through an Ethernet connection so that the user can control the server remotely. Another function is to report failure information to the system administrator and a remote control input/output function.

Note – (1) XSCF is the firmware running on the Service Processor in the server. In

the rest of this chapter, although XSCF firmware programs are called XSCF firmware, or XSCF, they all have the same meaning. The board with the installed XSCF firmware is called the XSCFU (also referred to as the "XS CF Unit") or Service Processor. Processors on server boards are called CPUs.

1-1

Note – (2) Only the system model with a spec ial interface can power on and off the

peripheral devices. (See Remote Cabinet Interface (RCI) in External Interfaces.)

Redundant XSCFs (High-End Systems Only)

The high-end systems use a redundant configuration of XSCF Units, thereby providing a high-reliability with the system. The XSCF that controls the server is called the Active XSCF or Active XSCF Unit, while the other XSCF acts as a backup and is called the Standby XSCF or Standby XSCF Unit. The Active XSCF and the Standby XSCF monitor each other, and if an error is detected, they determine when a failover switching to Active or Standby should be performed.

External Interfaces

The following connectors (ports) and LEDs act as the external interface of the XSCF Unit. The user, system administrator, and field engineer (FE) can use these ports for server monitoring and XSCF firmware operations:

■ One Serial port that can be used for the command line interface (CLI) (Note 1)

■ Two Ethernet ports (XSCF-LAN ports) (10/100BASE-T)

CLI and the browser user interface (BUI) can be used with these ports for server monitoring and operations. (Note 1)

■ USB port that an FE or a system administrator can use to download hardware

information

■ Two Uninterruptible Power Control (UPC) ports to connect the entire system with

an Uninterruptible Power Supply Unit (UPS) (Note 2)

■ Remote Cabine t Interface (RCI) port to perform power supply interlock by

connecting a system and an I/O device with a RCI device (Note 3)

■ Three LEDs (ACTIVE LED, READY LED, and CHECK LED) that indicate the

XSCF Unit status

Note – (1) In this manual, XSCF CLI functions are called “XSCF Shell,” and XSCF

BUI functions are called "XSCF Web.”

Note – (2) An uninterruptible power supply unit is connected for backup power

control purposes in the event of a power outage. In the high-end system, the UPC interface ports are in the cabinet.

1-2 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

Note – (3) The RCI is the power and system control interface that interconnects I/O

units with the server, including processors and expansion file units, and performs such functions as power supply interlock and alarm notification and recognition.

XSCF Unit Panel (Front) on the Midrange Systems

FIGURE 1-1 is an outline drawing of the XSCF Unit front panel on the midrange

systems.

FIGURE 1-1 Outline Drawing of the XSCF Unit Front Panel (An Example of the Midrange

Systems)

XSCF Unit (Front)

67 11

12345 8 910

Number Description Number Description

1 RCI port 7 ACT LED 2 Serial port 8 UPC#1 3 USB port 9 UPC#0 4 ETHERNET#1 port

(XSCF-LAN1 port)

5 ETHERNET#0 port

(XSCF-LAN0 port)

6 Link Speed LED

10 CHECK LED

11 READY LED

Chapter 1 XSCF Overview 1-3

RCI Port (Note)

When connecting a peripheral device (devices with an RCI connector) to the system, the RCI port is used for interlocking with a power supply and error monitoring.

Note – To use the RCI function, the server or I/O devices must have a RCI port.

Serial Port

The serial port uses an RJ-45 connector. The serial port is used with the XSCF Shell to configure server settings and display the server status. A cross cable is used in the serial port. The connection between the serial port (RS-232C port) and a PC requires an RJ-45 / RS-232C conversion cable or a conversion connector. For details on serial port connections, see

Chapter 3 and the Installation Guide for your server.

USB Port

The USB port (type A) is used to connect a USB device. The port is compatible with USB 1.1. The port can be used by a system administrator or an FE to download the hardware information. For the USB handling, see

Chapter 8.

XSCF-LAN Port (Ethernet Port)

There are two XSCF-LAN ports. Both use an RJ-45 connector and are compatible with 10BASE-T/100BASE-T (TX). The XSCF-LAN ports are used with the XSCF Shell and XSCF Web to perform system administrator operations, output the system status, perform domain operations, and display the console. With a connection between the PC/workstation and LAN, the XSCF-LAN ports are used with the XSCF Shell and XSCF Web by system administrators or FEs to configure the system settings, display the system status, and perform component replacement tasks. For details on using the LAN ports, see

page 1-12 and Chapter 3.

Section 1.3, “Types of Connection to XSCF” on

Link Speed LED

Located on each of the LAN ports, the Link Speed LED is a LAN LED that lights up in green. The Link Speed LED is turned on when a 100-Mbps LAN connection is established, and it is not turned on when a 10-Mbps LAN connection is established.

1-4 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

ACT LED

Located on each of the LAN ports, the ACT LED is a LAN LED that lights up in green. When the communication state is Link up, the ACT LED lights up. When the communication state is Link down, the ACT LED lights off. The ACT LED lights off while data is being sent/received though the associated LAN connection. So, the ACT LED looks like it is blinking by lighting on and off.

UPC Port (Note)

There are two Uninterruptible Power Control (UPC) ports. These ports are connectors for a connection between the XSCF Unit and the Uninterruptible Power Supply Unit (UPS) for the system. For details on the connectors, see the midrange system’s Service Manual.

Note – The UPC port is used only when a UPS is connected.

Note – In the midrange systems, for details on mounting the XSCF Unit, see the

midrange systems’s Service Manual.

CHECK LED

The CHECK LED lights up in orange. If an abnormality occurs in the XSCF Unit, the CHECK LED turns on. While the XSCF is operating normally, the LED remains off. The CHECK LED can set to blink using an XSCF Shell command. This can be used to identify the XSCF Unit even if there is no failure. For details on the LED-related commands of the XSCF Shell, see

Chapter 5 and the XSCF Reference Manual.

Note – The Check LED turns on immediately after the server input power is turned

on.

READY LED

The READY LED lights up in green. When the power supply is turned on, the READY LED blinks. This blinking LED state indicates that the XSCF has been started and is being initialized. When XSCF initialization is completed, the LED stays lit.

Chapter 1 XSCF Overview 1-5

XSCF Unit Front Panels on the High-End Systems

FIGURE 1-2 includes an outline drawing of the XSCF Unit front panel on the high-en d

systems. For connections between the model and an expansion cabinet, an XSCF Unit as shown at the bottom of

FIGURE 1-2 Outline Drawing of Front Panels on the XSCF Unit for Base Cabinet and the XSCF Unit for

Expansion Cabinet (In High-End Systems)

FIGURE 1-2 is mounted in the expansion cabinet.

XSCF Unit (Front)

34 5 6 7

8910 11

XSCF Unit (Front; in Expansion cabinet)

Number Description Number Description

1 Link Speed LED 7 RCI port 2 ACT LED 8 ACTIVE LED 3 ETHERNET#0 port

(XSCF-LAN#0 port)

4 ETHERNET#1 port

(XSCF-LAN#1 port)

5 USB port 11 Connector that connects the XSCF

6 Serial port

1-6 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

9 READY LED

10 CHECK LED

Unit for base cabinet with th e XSCF Unit for expansion cabinet

The Link Speed LED, ACT LED, XSCF-LAN port, USB port, serial port, RCI port, READY LED, and CHECK LED shown in midrange systems shown in FIGURE 1-2. For descriptions of their functions, see the explanation of FIGURE 1-2.

ACTIVE LED

The ACTIVE LED lights up in green. If the XSCF Unit is in a redundant configuration, the ACTIVE LED in dicates the active XSCF Uni t.

Connector That Connects the XSCF Unit for the Base Cabinet With the XSCF Unit for the Expansion Cabinet

The Connector for connecting between XSCF Units is used to connect the Base cabinet to an Expansion cabinet. Field engineers should connect this connector.

1.2 XSCF Functions

This section describes XSCF functions.

have the same functions as those of the

Monitoring the Server Status and RAS Function (Fault Management)

XSCF constantly monitors the server status, so the system can operate stably. If XSCF detects a system abnormality, it collects a hardware log immediately and analyzes it to locate the fault and determine the failure status by using the Fault Management Architecture (FMA). XSCF displays the status and, if necessary, degrades the faulty parts, degrades the faulty domains, or resets the system to prevent another problem from occurring. XSCF thereby maintains high system reliability, availability, and serviceability (RAS).

XSCF Shell and XSCF Web

XSCF provides the XSCF Shell and XSCF Web that enable the user to display the server status, operate the system, operate domains, and display the console.

Chapter 1 XSCF Overview 1-7

XSCF Unit Diagnosis

When the input power is turned on or the XSCF is rebooted, XSCF performs initial diagnostics for the XSCF itself, checks for abnormalities, displays any detected abnormality, and reports it to the user. While the system is operating, the error detection facility of the XSCF Unit continues to monitor itself, and if any errors are detected, it will report them.

Initial System Configuration Function

XSCF configures the initial hardware settings of the XSCF Unit and initializes hardware as required to start the OS. XSCF also controls the initial system configuration information.

XSCF User Account Control

XSCF controls the user accounts for XSCF operations. The basic types of user account privileges controlled by XSCF are listed below. The

server provides the XSCF Shell and XSCF Web, but their privileges depend on the user privilege (type).

■ Syst em administrator

■ Domain administrator

■ Operator

■ Field engineer

For details on the user privileges, see the Administration Guide.

Security

XSCF provides an encryption function using Secure Shell (SSH) or Secure Sockets Layer (SSL). Any operation error or unauthorized attempt to access X SCF functionality is recorded in a log. The system administrator can use this information for troubleshooting system errors and unauthorized login attempts.

Power Control for the Server System and Domains

XSCF has power-on and power-off control of the server and temperature control by the FAN operation. The user can press the power switch button on the operator panel to turn on or off the whole system, or the user can use XSCF to turn on and off the supply of power to the whole system or individual domains.

1-8 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

The user can power on and off the server by using XSCF as follows:

■ Power on/off the server or a domain

The user can turn on, turn off, or reset the server by using the XSCF Shell command from a remote terminal, which is connected to XSCF over a LAN or serial connection. When the user instructs power off, the OS is automatically shut down, and then power will be turned off.

■ Cancelling power on when an error is detected

If a system abnormality occurs, the OS is automatically shut down, and the subsequent power on will not be started. This can minimize damage to the system.

■ OS startup control for power failure

XSCF performs the operations below if a power failure that causes the system to turn off occurs:

■ When a power failure occurs:

XSCF performs emergency power off when the power failure occurs. In a model connected to a UPS, any running domains may also be shut down automatically. For a momentary power failure, XSCF may allow the system to continue working without any shutting down.

■ When power is restored:

The system can be set up such that XSCF automatically turns on the power to the server, then starts up the domains, relieving the system administrator of extra work.

Note – For details on operation settings for a power failure, see Section 4.4.10,

“Shutdown Wait Time Administration” on page 4-19.

Support of Hot-Swapping of Components Such as the Power Supply Unit and the FAN Unit

XSCF supports maintenance work with the XSCF Shell during hot-swapping. For details on the XSCF Shell, see

Chapter 5.

Chapter 1 XSCF Overview 1-9

Component Configuration Recognition and Temperature/Voltage Monitoring

XSCF monitors component information such as the configuration status and the serial numbers of component s in the server. If an abnormality is detected in the component configuration, it is display ed and reported to the user. XSCF periodically monitors and displays the temperature inside the server, the ambient temperature, component temperatures, voltage levels, and FAN speeds (rpm).

Internal Cabinet Configuration, Recognition, and Domain Configuration Control Functions

XSCF displays the system configuration status, and it creates and changes domain configuration definitions. It also provides domain start and stop functions, mainly for its own use. In the server, the user can configure a domain as a single physical system board (PSB) or a physical system board (PSB) logically divided (eXtended System Boards: XSBs). The user assigns a domain and the Logical System Boards (LSBs) number that can be referenced from the domain to the XSBs for control of the domain configuration. The type of the physical system board (PSB) not logically divided is called Uni-XSB and the type of the physical system board (PSB) logically divided into four is called Quad-XSB.

For details on domain configuration, see the Overview Guide for your server and

Chapter 2. Also, for each term, see Glossary.

Dynamic Reconfiguration Function

XSCF supports dynamic system board configuration change operations while the domains are operating. Dynamic reconfiguration (DR) of a domain can be achieved using XSCF. For details on DR, see the Dynamic Reconfiguration User’s Guide.

Console Redirection Function

XSCF provides a function that displays the OS console of the Solaris™ Operating System (Solaris OS) of each domain. With an SSH (Secure Shell) or telnet connection to XSCF, the user can access the console of any domain in the system. For details on the console, see

1-10 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

Chapter 3.

Functions for Monitoring and Notification During Operation

XSCF constantly monitors the system operating status, FAN status, ambient temperature, etc. Using the network function of the cabinet, XSCF accesses the server to provide the following services:

■ Monitoring the server even when the OS is inactive.

■ Enabling remote operation of the server.

■ Reporting error messages by email to specified addresses. For details, see

Chapter 6.

■ Trapping notification with the SNMP Agent functions. For details, see Chapter 7.

Hardware Fault Information Collection (Hardware Log Collection)

XSCF collects hardware fault information and saves it on the XSCF itself. The XSCF hardware failure log makes it possible to identify the location of a failure. The log also provides assistance in anticipating failures on the server and immediately reports precise information about failures to the user. For details on error messages and their contents, see Appendix A and Appendix B . The displayed messages types are as follow:

■ An initial diagnostic message is displayed at system startup.

■ XSCF monitors the network configuration. If an error is detected, an error

message is generated and displayed.

■ XSCF monitors the status of the powe r supply, FAN, voltage, system board,

memory, CPU, and other components. If an error is detected in a component, an error message is generated and displayed. Based on the error message, the system administrator can easily identify the component that needs to be replaced.

■ XSCF monitors the temperatures of the cabinet and CPU. If an abnormal

temperature is detected, an error message is generated and displayed. The error messages make it possible to prevent the system from rising to a higher temperature and to prevent system instability.

Firmware Update Function

The web browser and commands can be used to download new firmware (XSCF firmware or OpenBoot PROM firmware) without stopping the domain and to update firmware without stopping other domains. For details on updating firmware, see

Chapter 8.

Chapter 1 XSCF Overview 1-11

1.3 Types of Connection to XSCF

This section outlines types of connection to the XSCF. XSCF enables access to the server over a serial port or from networks connected to

XSCF-LAN.

FIGURE 1-3 Connections to XSCF (In the Midrange Systems)

FIGURE 1-3 outlines the connections to the XSCF.

User LAN

Terminal

Server

Domain

SSH/telnet/ https connection

Router

XSCF

SSH/telnet/ https connection

Terminal

XSCF-LAN Ethernet connection

Connection to the serial port

Terminal

Note – In the systems with two XSCF Units, the XSCF Unit is in a redundant

configuration, and there are physically twice as many XSCF-LAN ports and serial ports.

The following connections in the XSCF Unit connection configuration shown in

FIGURE 1-3 are described below:

1-12 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

■ Serial port connection

■ XSCF-LAN Ethernet connection

Serial Port Connection

The serial port enables workstations, PCs, and ASCII terminals to connect to the XSCF through the serial (RS-232C) port. The user can use the XSCF Shell and access the domain console.

XSCF-LAN Ethernet Connection

XSCF-LAN Ethernet enables workstations and PCs to connect to the XSCF through the XSCF-LAN port. The following can be used with XSCF-LAN Ethernet:

■ XSCF Shell via a SSH or telnet connection

■ XSCF Web from a Web browser running on the terminal

■ Domain console access

■ Mail reports

■ SNMP notification

For details on these XSCF functions, see the following chapters:

■ Setting s for each function: Chapter 2

■ Shell terminal and console connections: Chapter 3

■ XSCF Shell: Cha pte r 5

■ XSCF mail funct ions: Chapter 6

■ XSCF SNMP Agent functions: Chapter 7

■ XSCF Web: Chapter 9

1.3.1 Examples of LAN Connection Operations

The XSCF Unit has two 10/100 Mbps XSCF LAN two ports. TABLE 1-1 to TABLE 1-3 outlines three XSCF-LAN operation examples.

Chapter 1 XSCF Overview 1-13

TABLE 1-1 XSCF-LAN Operation Examples 1

LAN Name Operation

XSCF-LAN0 port • For system administrator operation

The system administrator can control the server, control domains, and display the console using the XSCF Shell.

XSCF-LAN1 port • For field engineer operation

Field engineers can configure the server and perform maintenance tasks using the XSCF Shell.

• For remote maintenance service operation

TABLE 1-2 XSCF-LAN Operation Examples 2

LAN Name Operation

XSCF-LAN0 port • For system administrator operation

• For remote maintenance service operation

XSCF-LAN1 port Not used

Note – The serial port is used by maintenance engineers.

TABLE 1-3 XSCF-LAN Operation Examples 3

LAN Name Operation

XSCF-LAN0 port • For system administrator operation

• For maintenance operation

• For remote maintenance service operation

XSCF-LAN1 port Same as above

Caution – IMPORTANT - The IP address of XSCF-LAN#0 and the IP address of

XSCF-LAN#1 must be specified in different subnet addresses.

Note – The two XSCF-LAN ports are used for the same purpose (alternate path

configuration). For details on these connections, see Chapter 3.

1-14 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

XSCF-LAN Redundancy

In the midrange systems, the XSCF-LAN paths can be made redundant (duplicated). If a LAN failure occurs, it contributes significantly to reducing system availability. However, in a system equipped with a duplicate LAN, the routes (paths) in the remaining network can be used even if one subnetwork is faulty. In this way, high system availability can be achieved.

FIGURE 1-4 shows configurations with a single mounted XSCF Unit: one where the

LAN is not redundant, and the other with a redundant L AN. (In FIGURE 1-4 and

FIGURE 1-5, the ordinary lines represent subnetwork connections and the thick lines

represent network connections.)

FIGURE 1-4 XSCF-LAN Redundancy (In Midrange Systems)

a) No redundant LAN

Failure of path or XSCF

XSCF

System

In the configuration with a single XSCF Unit, XSCF-LAN cannot be used by any XSCF Unit failure even if the XSCF-LANs are redundant (duplicated). In the configuration example shown i n XSCF Unit is in a redundant configuration. If one subnetwork is faulty, the remaining path can be used ( initiates failover (FIGURE 1-5-d). Therefore, high network availability can be achieved.

b) Redundant LAN

Failure of a path

XSCF

System

FIGURE 1-5, the XSCF-LANs are redundant and the

FIGURE 1-5-c). If the active XSCF Unit is faulty, XSCF

Chapter 1 XSCF Overview 1-15

FIGURE 1-5 Two XSCF-LANs and Two XSCF Units Configuration

c) A subnet failed

Failure of a path

Active XSCF

Standby XSCF

System

d) XSCF failed

Active XSCF

XSCF failed

For details on LAN configurations and connections, see Chapter 3. For details on specifying IP addresses, see Chapter 2.

Failover

Standby XSCF

System

1-16 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

1.3.2 NTP Configuration and Time Synchronization

The system uses the XSCF Unit clock for the system standard time. The domains in the server synchronize their times based on the XSCF Unit clock

when the domains are started. The XSCF Unit clock can be adjusted to the exact time through a network connection to an external NTP server. In that way, the XSCF Unit becomes the NTP server and an NTP client.

Only domains may specify XSCF as an NTP server.

Note – Alternatively, the domains can synchronize their times through a connection

to an external NTP server. However, there is a possibility that time differences exist between the XSCF and the domain. If you connect the domain to an external NTP, please connect the high rank NTP server that supplies the time of the same accuracy as the domain as for XSCF. For details about NTP server setting, see Chapter 2.

TABLE 1-4 outlines XSCF and domain time synchronization methods.

TABLE 1-4 XSCF Unit and Domain Time Synchronization

Client Primary NTP Server Time Synchronization Method

Domain XSCF Unit The domain time is adjust ed to the XSCF Unit clock time.

External NTP server The domain time is adjusted to the standard time of the external NTP

XSCF No connection The XSCF Unit time is the time in initial system settings or the time

External NTP server The XSCF Unit time is adjusted to the standard time of the external

XSCF Unit operates as the NTP server.

server.

set by the setdate (8) command. (Note)

NTP server.

Note – For details on the setdate (8) command, see the XSCF Reference Manual.

Chapter 1 XSCF Overview 1-17

1.3.3 About the CD-RW/DVD-RW Drive Unit and Tape Drive Unit

A basic cabinet and an expansion cabinet contain one CD-RW/DVD-RW drive unit and tape drive unit (hereafter collectively called DVD drive/tape drive unit) respectively, and they are assigned to a single operating domain of each cabinet. In the midrange system, the domain that uses a minimum XSB number of number 0 of the MotherBoard Unit (MBU#0) can use the DVD/tape drive unit.

In the high-end systems, the DVD drive / tape drive unit can be used by assignin g it to a specific card port on the I/O unit. To assign a different port, specify the unit by using the XSCF Shell. For details on this DVD drive / tape drive unit setting, see

Chapter 2.

1.4 XSCF User Interfaces

This section describes the XSCF user interfaces.

1. XSCF Shell (Ethernet Connection): A set of shell commands you can use from a PC or a terminal connected to the XSCF

over an XSCF-LAN Ethernet connection using SSH or telnet. In the XSCF Shell (Ethernet connection) terminal, the console for each running

domain can also be used.

2. XSCF Shell (Serial Connection): A set of shell commands you can use from a PC or terminal directly connected to the

XSCF by a serial cable. In the XSCF Shell (Serial connection) terminal, the console for each running domain

can also be used.

3. XSCF Web: A set of browser user interface (BUI) operations you can use from a web browser

connected to the XSCF over the XSCF-LAN Ethernet.

4. XSCF SNMP Agent functions: SNMP manager commands used to monitor the operation of the server's network

functions.

5. XSCF mail functions:

1-18 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

Sends email reports of the system status.

Caution – IMPORTANT – To use the function as explained above, you must create

your XSCF account. Please create your account before you start using the XSCF functionality. In addition, please create an account for your field engineer (FE) with the privilege of fieldeng during initial setup.

Note – For details about connecting to XSCF consoles, see Chapter 3.

To use these XSCF interfaces, users need to log in to XSCF with an XSCF user account, and then enter a password. When a user successfully logs into XSCF but the user leaves the session without any activity for a specified length of time, XSCF automatically logs the user out. XSCF monitors user operations and keeps a detailed access record containing the names of users who logged in and login times. For details on the user privilege required for co ntro l o f th is a cce ss re cord, se e

Section 1.4.1, “User Accounts and User Privileges” on page 1-20.

For details on login, see Chapter 5. For details on authentication and Web functions, see Chapter 9. For details on user account registration and mail function settings, see

Chapter 2.

TABLE 1-5 outlines XSCF Functions and Connection Ports.

Chapter 1 XSCF Overview 1-19

TABLE 1-5 XSCF Functions and Connection Ports

Functions Contents Serial port

XSCF Shell • Monitors the server

The status of the system can be checked.

• System power can be controlled from a remote location The system power can be turned on and off and the system can

be rebooted from a remote location.

• Displays the server configuration The internal configuration o f the server can be che cked.

• Set up the server Many server settings can be set.

• Supports system maintenance Issues instructions for firmware update operation and

component replacement.

• OS console function You can access to the OS console and/or OpenBoot PROM

prompt.

XSCF Web Provides the same functions as the func tio ns of the X SCF Shel ls ,

but provides graphical displays for easier operation.

Mail report Mail notification in the event of a failure enables prompt action

to be taken.

SNMP trap report

Enables consolidated control for system administration in conjunction with SNMP manager.

S S

- S

XSCF LAN Ethernet

Note – Symbols: S: Supported. — : Not supported.

1.4.1 User Accounts and User Privileges

The system administrator and field engineers log in to XSCF with XSCF user accounts that allow them to refer to the status of any part of the entire system and work on all parts of the system. Each domain administrator uses an XSCF user account that enables system control of one domain.

For the server, the system administrator must consider both a user account that controls the whole system and a user account that administers each domain. When a user is registered, the user is assigned a privilege that controls the XSCF operations available to that user. This is referred to as the user privilege of the registered user account.

1-20 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

For example, to set up a domain administrator, the user privilege for the domain is specified. Moreover, you can provide system monitoring privileges, for instance, without system operation privileges. You can also limit privileges to specific domains.

TABLE 1-6 lists user privilege names and outlines the user privileges.

TABLE 1-6 User Privilege Names and Descriptions

User privilege Outline Description of Defined Contents

domainop@n Reference of the status of any

part of one entire domain_n

domainmgr@n Power supply operations and

reference of the status of only one domain_n

domainadm@n Control of only one

domain_n

platop Reference of the status of any

part of the entire system

platadm Control of the entire system • Can operate all hardware in the system.

useradm User account control • Can create, delete, invalidate, and validate user

• Can refer to the status of any hardware mounted in a domain_n.

• Can refer to the status of any part of a domain_n.

• Can refer to the information of all system boards mounted.

• Can power on, power off, and reboot a domain_n.

• Can refer to the status of any hardware mounted in a domain_n.

• Can refer to the status of any part of a domain_n.

• Can refer to the information of all system boards mounted.

• Can operate all hardware mounted in a domain_n.

• Can refer to the status of any hardware mounted in a domain_n.

• Can operate all of a domain.

• Can refer to the status of any part of a domain_n.

• Can refer to the information of all system boards mounted.

• Can refer to the status of any part of the entire server but cannot change it.

• Can configure all XSCF settings except the useradm and auditadm privilege settings.

• Can add and delete hardware in a domain.

• Can do the power operation of a domain.

• Can refer to the status of any part of the entire server.

accounts.

• Can change user passwords and password profiles.

• Can change user privileges.

Chapter 1 XSCF Overview 1-21

TABLE 1-6 User Privilege Names and Descriptions (Continued)

User privilege Outline Description of Defined Contents

auditop Reference of the Audit status • Can refer to the XSCF access monitoring status

and monitoring methods.

auditadm Audit control (Note) • Can monitor and control XSCF access.

• Can delete an XSCF access monitoring method.

fieldeng Field engineer operations • Allows field engineers to perform the maintenance

tasks or change the server configu ration.

none None • When the local privilege for a user is set to none,

that user has no privileges, even if the privileges for that user are defined in LDAP.

• Setting a user ’s privilege to none prevents the user’s privileges from being looked up in LDAP.

Note – The Audit function monitors user operations and keeps a detailed access

record containing the names of users who logged in and login times.

Note – (@n) "@domain number" is added behind the privilege name for the target

domain privilege. (Example: The domainadm for domain ID 1 is domainadm@1). Also, a user account can have privileges over multiple domains, and not just the target domain.

For details on user privileges, see the Administration Guide. For details on setting up user accounts and setting user privileges, see

Section 2.2.2, “User Account

Administration” on page 2-29.

1-22 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

CHAPTER

Setting Up XSCF

This chapter explains how to set up XSCF.

2.1 XSCF Setup Summary

Each XSCF function must be configured before it can be used. Make the following settings:

■ User Account Administration (required)

■ Network Configuration (required)

■ Time Administration (required)

■ SSH/telnet Administration (optional)

■ Mail Administration (optional)

■ LDAP Administration (optional)

■ Https Administration (optional)

■ Log Archiving Administration (optional)

■ Audit Administrat ion (optional)

■ SNMP Administration (optional)

■ Remote Maintenance Se rvice Setting (see the following note) (optional)

■ Domain Configuration (required)

■ System Board Configuration (required)

■ Domain Mode Configuration (optional)

■ Locale Administration (optional)

■ Altitude Administration (required)

■ DVD Drive/Tape Drive Unit Administration (optional)

2-1

■ COD A dministration (optional)

Note – This document does not provide details on the remote maintenance service

function. For details on making settings and using the remote maintenance service, refer to the manual describing the remote maintenance service in the

Enterprise Mx000 Servers Documentation” on page xx.

“SPARC

Note – After the XSCF is set up, the settings are automatically saved in XSCF

internally and in the operator panel. Once you have configured the XSCF, it requires no day-to-day management. You don’t need to save or restore the XSCF setup information.

About Setup Flow

The XSCF Shell or XSCF Web can be used to set up XSCF. Each setting items and the step summary are explained in Section 2.1.1, “Setup

Summary by the XSCF Shell” on page 2-2 and Section 2.1.2, “Setup Summary Using the XSCF Web” on page 2-11. Details on each step in Section 2.1.1, “Setup Summary by the XSCF Shell” on page 2-2 and Section 2.1.2, “Setup Summary Using the XSCF We b ” o n pa g e 2-11 are provided in Section 2.2, “Specifying the XSCF Settings” on page 2-14.

2.1.1 Setup Summary by the XSCF Shell

This section describes the step summary of setup using the XSCF Shell. This procedure contains examples of command usage and setting items. For details on settings, see the corresponding parts of

on page 2-14.

Note – Establish one-to-one communication between the PC and XSCF during the

initial setup.

1. Connect to XSCF (serial) and log in.

To configure XSCF, the system administrator or a field e ngineer first uses the XSCF default user account. Before an appropriate user account for the user environment is created, log in with the following default user account and password:

2-2 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

Section 2.2, “Specifying the XSCF Settings”

■ Default user account: default

The user privileges are useradm, platadm.

■ Default password:

The default password is not input directly on the keyboard. Instead, after the default user account is input, the mode switch of the operator panel is operated as follows.

If Locked -> Change to Service -> Press return -> Keep the status for more than 5 seconds. -> Change to Locked -> Press return

(Or if Service -> Change to Locked -> Press return -> Keep the status for more than 5 seconds. -> Change to Service -> Press return)

This mode switch operation is done within one minute. When one minute is passed, the authentication timeout occurs.

■ To begin the configuration, connect the XSCF Shell over a serial connection

using any terminal software. The shell can be used immediately following connection to the serial port.

■ Log in with the default user account. Follow the instructions to change the

mode switch of the operator panel, and operate the mode switch within one minute.

(Operation : Locked state -> Service -> Return)

Leave it in that position for at least 5 seconds. Change the panel mode switch to Locked, and press return...

(Operation : Wait more than 5 seconds -> Service state ->

Locked -> Return)

XSCF>

Note – When the server is running normally, the mode switch is set to the Locked

position.

Chapter 2 Setting Up XSCF 2-3

2. Set the password policy.

• Display and set a password policy. showpasswordpolicy(8) setpasswordpolicy(8)

(See Section 2.2.2, “ User Account

Administration” on page 2-29)

(This table includes the example of setting items and command used. It is similar thereafter.)

3. Create an XSCF user account, password and privileges.

■ Create at least one user account with th e user privileges of platadm and useradm:

(Note)

XSCF> adduser yyyy (Note) XSCF> password yyyy XSCF> setprivileges xxxxxx (See Section 2.2.2, “User Account Administration” on page 2-29)

(The screen is an operating procedure image.)

Note – In preparation for maintenance work, please create an account for a field

engineer (FE) with the privilege of fieldeng during the initial set up. The default user account is publicly available information. When installation is completed, create an appropriate user account for the user environment and log in again with the new user account. For details on the user privileges, see the Administration Guide.

Note – When you add the user account, use the showuser (8) command with -l

option to confirm that there is no illegal user account in the user account list.

2-4 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

4. Set the time.

• Set and display the time zone.

• Set and display the XSCF time.

• Reset the time subtraction between the XSCF and the domain.

■ When the system time is updated, the XSCF reset is done and the XSCF session is

showtimezone(8) settimezone(8) showdate(8), setdate(8)

resetdateoffset(8)

(See Section 2.2.4, “Time Administration”

on page 2-40)

disconnected. Please log in again to the XSCF using the new user account.

Note – NTP settings (setntp(8)) are done after the Network settings or the Domain

Configuration.

5. Configure the SSH/tel net settings.

• Select SSH or telnet.

• Display and specify the timeout monitoring period.

setssh(8), settelnet(8), showautologout(8), setautologout(8),

(See Section 2.2.5, “SSH/Telnet

Administration” on page 2-48)

Note – XSCF reset is required to enable SSH and to disable telnet. Go to the next

step when you reset it later.

If you want to reset XSCF immediately, use the rebootxscf (8) command. After the XSCF reset, the XSCF session is disconnected. Log in again to the XSCF.

Note – You can enable SSH and telnet at the same time. However, the telnet

connection is not a secure connection protocol. We recommend that when you enable SSH that you disable telnet.

6. Confirm the XSCF host public key.

■ Before using SSH for XSCF-LAN connection, record the fingerprint. Or, copy the

text data of the host public key and save the data to a specific directory of the client. (The following screen is an example.)

Chapter 2 Setting Up XSCF 2-5

XSCF> showssh SSH status: enabled RSA key: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArmf46B4xSvunUNZPWOi4mRbqO9hsunxHitwR/ 0P6NTQbNK8BqCpCsyzK6nfjrARztO1rgXIdFfXLDEIY2hudEkuMCjyorX1HK+d8WH C7eydTCM8Edwwtwm0Q4o66peB/QwI/OL4lDCNRg+4aGyWUHZBwmiwahum+7MJDCKs fKKM= Fingerprint: 1024 14:75:fd:5c:e1:68:79:f6:db:cb:a7:36:25:53:25:9a DSA key: ssh-dss AAAAB3NzaC1kc3MAAACBAMMG1ewTyceFX7EnKuDIp1BVnuxf+UTtALVinkfXLQbUn gn84G8xp9GPnWOpNqiWXxAL8wInQrpz9wFd7n4sZk74HALM+gIhpjbpdXR76FpEvO MzCi6qYuv4yQ/0+uKCHmJEfzIOvQnDoofVElXYRKxTIyQY5+mtsf+44IoGzJbxAAA AFQCTNSxe0+5hbDziCOlgvch7FdUM3QAAAIBKGSbFr3XMYxubT7ViDHHIFgFpjEMw DREJD05g7XwlslgFX4Ff2nqItepyfnok/CeDi1bv1Xs0JGAGsbcwpBeKe7YcSepM3 xe8vGXSIdVqGbfDvqbO9P1q1n58qEKTA2Cj5L9a+6usSYfKHOSDhnvX3R8/Hk+Iiy 6EUaVSaJUHjgAAAIAZ+qQahRLAMuOq5FCuQ000xgfZzExRBIa1Q7sBhMTrg1dksKP +yPN9YjIw6QJXUD69acCWHD+nIKBTnSdO/NdwxDRKU2+9cOvNriUpbs5RoZgiCNCd 7nMMQUMFTzc78nd3w+pcjD5mBB6kELKuQurWbIDELTgYJcfm52C9TlR5WA== Fingerprint: 1024 e2:66:1a:c8:8f:37:6f:ec:6c:2a:d4:93:a7:6f:dc:5c

7. Installing the user public key.

■ Before using the SSH user key for an XSCF-LAN connection, generate a user

private key and a user public key for a created XSCF user account with your client software. Then install the user public key to XSCF.

• Generate the SSH user key. (Set in client)

• Display, Install, and Delete the SSH user public key.

2-6 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

showssh(8), setssh(8) (See Section 2.2.5, “SSH/Telnet

Administration” on page 2-48 )

8. Configure the network.

• Display and set the DSCP.

• Display XSCF network settings (enable/disable, IP address, netmask) and configure an XSCF network.

• Display and set XSCF host name. showhostname(8),

• Display XSCF route settings (destination IP address, gateway, netmask, interface) and configure an XSCF route.

• Display and make the DNS settings (enable/disable, IP address, add/delete).

• Apply network settings. applynetwork(8)

■ Perform the applynetwork (8) command to apply the network settings. To

showdscp(8), setdscp(8), shownetwork(8),

setnetwork(8)

sethostname(8) showroute(8), setroute(8)

shownameserver(8) , setnameserver(8)

(See Section 2.2.1, “ Network

Configuration” on page 2-15)

complete the network settings, the XSCF reset is required. Go to the next step when you reset it later. When you want to reset it now, perform the rebootxscf (8) command to apply the settings. Then, the XSCF reset is done and the XSCF session is disconnected. Please connect the XSCF and log in to the XSCF again.

■ Here, when you set up the XSCF by the XSCF-LAN connection, please change the

cable from the serial port to the XSCF-LAN port. (Change the serial cable to the LAN cable.) When you use the controller that converts the RS-232C interface and LAN interface, you do not need to change the cable. Reconnect to the XSCF using the new user account and the new IP address and login to the XSCF again.

For details on connecting the SSH, telnet, and serial port, and login to the XSCF,

Chapter 3. Moreover, the telnet connection is not a secure connection

see protocol. We recommend that you use SSH.

During login using SSH on XSCF Shell (Ethernet connection), you are prompted to confirm the authenticity of the fingerprint of the host public key. The reply is "yes" if the fingerprint is the same as the memo in

Step 6. If the reply is not the

same, please confirm that the IP address is correct and not duplicated. There is a possibility that IP address spoofing has occurred.

RSA key fingerprint is xxxxxx Connecting? [yes|no] : yes

Type the passphrase you have already set in the case that you would be using SSH with user key authentication.

Chapter 2 Setting Up XSCF 2-7

Enter passphrase for key ’/home/nana/.ssh/id_rsa’ :xxxxxxxx Warning: No xauth data; using fake authentication data for X11 forwarding. Last login: Fri Sep 1 10:19:37 2006 from client

9. Configure the mail settin gs.

• Display mail notification settings, and configure and test mail notification.

showsmtp(8), setsmtp(8), showemailreport(8), setemailreport(8)

(See Sectio n 2.2.10, “Mail

Administration” on page 2-84)

10. Configure the LD AP settings.

■ Configure XSCF as an LDAP client (Note).

• Display and set LDAP client information. showldap(8), setldap(8)

(See Section 2.2.3, “ LDAP Administration”

on page 2-35)

Note – Lightweight Directory Access Protocol (LDAP): Protocol used to access

directories and databases in TCP/IP networks. Before using an LDAP server, download a certificate, create a public key, and perform user registration in the applicable directory in the user environment. This manual doe s not provide details on LDAP, so see the available LDAP manuals.

11. Configure the user account settings.

• Add or delete a user account.

• Change a user account password.

• Display user account information.

• Enable or disable a user account.

• Specify a user privilege.

2-8 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

adduser(8), deleteuser(8), password(8), showuser(8), enableuser(8), disableuser(8), setprivileges(8)

(See Section 2.2.2, “ User Account

Administration” on page 2-29)

12. Configure the log archiving set tings.

• Display log archiving settings and configure log archiving.

showarchiving(8), setarchiving(8) (See Section 2.2.8, “ Log Archiving

Administration” on page 2-68)

13. Configure the audi t settings.

• Display audit settings and configure auditing.

showaudit(8), setaudit(8) (See Section 2.2.7, “ Audit Administration”

on page 2-61)

Note – The auditadm privilege is required for the audit settings.

14. Configure the SN MP settings.

• Display Agent settings and configure Agent.

• Display and specify the notification destination server.

showsnmp(8), setsnmp(8), showsnmpusm(8), setsnmpusm(8), showsnmpvacm(8), setsnmpvacm(8)

(See Section 2.2.9, “ SNMP Administration”

on page 2-73)

15. Make the settings for using the r emote maintenance service.

Note – This document does not provide details on the remote maintenance service

functions. For details on making settings and using the remote maintenance service, refer to the manual describing the remote maintenance service listed in

“SPARC

Enterprise Mx000 Servers Documentation” on page xx.

16. Configure the syst em board settings.

• Display and set a memory mirror mode.

• Display and specify system boards separately from the XSB. (Uni-XSB or Quad-XSB displaying and settings.)

showfru(8), setupfru(8)

(See Section 2.2.12 , “System Board

Configuration” on page 2-113)

Chapter 2 Setting Up XSCF 2-9

17. Configure the domain settings.

• Display domain information and specify the domain configuration. (DCL displaying and settings (Note 1), configuration policy settings (Note 2), System board settings)

• Add or delete a system board. addboard(8), deleteboard(8)

showboards(8), showdcl(8), setdcl(8)

(See Section 2.2.11, “Domain Configuration”

on page 2-87)

Note – (1) The Domain Component List (DCL) is definition data for the hardware

resources that constitute a domain. There is one DCL per the logical system board. Each domain has up to 16 logical system boards. The DCL is used to add a hardware resource that constitutes a domain and to display resource configuration information. For details on the DCL, see

Section 2.2.11, “Domain Configuration” on

page 2-87, the Administration Guide, and the Dynamic Reconfiguration User’s Guide.

Note – (2) In the configuration policy settings, a degradation range applicable to

errors detected during initial hardware diagnosis can be specified.

18. Configure the domain mode settings.

• Display and make the domain mode settings. (Break signal sending on/off, enable/disable Host watchdog monitoring, automatic boot setting, CPU operational mode)

showdomainmode(8), setdomainmode(8) (See Section 2.2.13 , “Domain Mode

Configuration” on page 2-116)

Note – The automatic boot setting enables you to specify whether to boot the Solaris

OS, and sets the auto-boot? OpenBoot PROM variable to be either true or false.

19. Configure the Locale settings.

• Display and set the Locale. showlocale(8), setlocale(8)

(See Section 2.2.14, “Locale Adminis tration”

on page 2-126)

2-10 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

20. Configure the Alti tude Administration settings.

• Make the Altitude Administration. showaltitude(8), setaltitude(8) (See Section 2.2.15 , “Altitude

Administration” on page 2-127)

Note – Normally, the Altitude Administration is set up by FE. Also, the privilege of

fieldeng is required.

21. Configure the D VD drive/tape drive unit settings.

• Display DVD drive/tape drive unit

information, including connection information, and configure the devices.

cfgdevice(8) (See Section 2.2.16, “DVD Drive/Tape Drive

Unit Administration” on page 2-128)

22. Configure the capacity on demand (COD) settings.

• Display and set the COD. showcodlicense(8), addcodlicense(8), deletecodlicense(8), showcod(8), setcod(8), showcodusage(8)

(See Section 2.2.17 , “COD Administration”

on page 2-131)

2.1.2 Setup Summary Using the XSCF Web

This section describes the setup summary using the XSCF Web. This procedure contains examples of the windows that are used. For details on settings, see the corresponding parts of

Before attempting to establish a connection to the XSCF and log in from the web browser window of the XSCF Web, perform Step 1 - Step 8 in Section 2.1.1, “Setup

Summary by the XSCF Shell” on page 2-2, and enable https in Section 2.2.6, “Https Administration” on page 2-54. If you have already performed Step 1 to Step 8 in Section 2.1.1, “Setup Summary by the XSCF Shell” on page 2-2, start the procedure

in this section at Step 9.

Section 2.2, “Specifying the XSCF Settings” on page 2-14.

In addition, establish one-to-one communication between the PC and the XSCF during initial setup.

Chapter 2 Setting Up XSCF 2-11

1. Connect to and log in to XSCF (serial). (Same as Step 1 in Section 2.1.1, “Setup

Summary by the XSCF Shell” on page 2-2.)

2. Set the password policy. (Same as Step 2 in Section 2.1.1, “Setup Summary by

the XSCF Shell” on page 2-2.)

3. Create an XSCF user account, password and privileges. (Same as Step 3 in

Section 2.1.1, “Setup Summary by the XSCF Shell” on page 2-2.)

4. Set the time. (Same as Step 4 in Section 2.1.1, “Set up Summary by the XSCF

Shell” on page 2-2.)

5. Make the SSH/telnet settings. (Same as Step 5 in Section 2.1.1, “Setup Summary

by the XSCF Shell” on page 2-2.)

6. Confirm the XSCF host public key. (Same as Step 6 in Section 2.1.1, “Setup

Summary by the XSCF Shell” on page 2-2.)

7. Install the user public key. (Same as Step 7 in Section 2.1.1, “Setup Summary by

the XSCF Shell” on page 2-2.)

8. Configure th e netw ork. (Sam e a s S tep 8 in Section 2.1.1, “Setup Summary by the

XSCF Shell” on page 2-2.)

9. Make the https settings.

• Enable or disable the https.

• Import the web certificate.

sethttps(8) (See Section 2.2.6, “ Https Administration”

on page 2-54)

Note – To enable https, the XSCF reset is required. Reset the XSCF by using the

rebootxscf (8) command. After the XSCF reset, the XSCF session is disconnected. Log in again to the XSCF.

■ Change to the XSCF-LAN connection when you connect the serial cable.

10. Establish a connection to XSCF and log in from a web browser.

■ Specify the host name or the IP address of the XSCF during the network

configuration, in a web browser running on a PC with an XSCF-LAN port used to establish a connection to the XSCF.

2-12 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

<Web browser screen image> URL https://192.168.111.111/ (The IP address of XSCF is input by number) Alternatively: https://XSCF-host-name/ (Not the host name of a domain)

(This screen image is an example and differs from the actual screen display.)

Note – The web browser window for the XSCF Web is called the XSCF Web console.

■ Log in.

(This screen image is an example and differs from the actual screen display.)

Note – When connecting using https, a warning message appears in the web

browser until the certificate is installed.

11. Open the XSCF Administration window.

XSCF Web console

- Remote Maintenance Service Administration

- Firmware Update

(This screen image is an example and differs from the actual screen display.)

■ The remainin g setting items are the same as those applicable to setup using the

XSCF Web. Referring to the setup flow, proceed to

Step 9 and later steps in Section 2.1.1, “Setup Summary by the XSCF Shell” on page 2-2. For details on the

commands used to make settings, see the corresponding parts of Section 2.2,

“Specifying the XSCF Settings” on page 2-14.

Chapter 2 Setting Up XSCF 2-13

2.2 Specifying the XSCF Settings

This section describes the XSCF settings in detail. XSCF settings can be made in the following ways:

■ On the PC connected to the serial port, or you can specif y the IP address of the

XSCF to establish a connection to the XSCF, and then use the XSCF Shell over an Ethernet or a user LAN connection.

■ Specify the host name or the IP address of the XSCF in a web browser running on

a PC with an XSCF-LAN connection in order to establish a connection to the XSCF, and then use the XSCF Web (see the following note).

Note – If the XSCF Web is not supported, or you want to set a function that is not

supported on the XSCF Web, use the XSCF Shell to make these settings. For the support information, see the related documentation.

To describe the XSCF settings, each subsequent section is format ted as follows:

1. Each section first uses tables to explain terms, setting items, functions, and XSCF Shell commands.

2. Each section the n provides setting examples. Wh en you set up by using XSCF Web, see the "Web browser operation" sections. When you set up by using XSCF Shell, see the "Command operation" sections.

■ For details on individual XSCF Shell commands, options, and privileges, see

the XSCF Reference Manual or the man page.

■ For details on the screen layout, start procedure, and operation of the XSCF

We b , see

■ For details the connection between a PC and XSCF, the connection to a

terminal, or how to log in to XSCF, see

Chapter 9.

Chapter 3.

2-14 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

2.2.1 Network Configuration

Network Configuration is used to specify items relating to network interfaces, routing, and DNS.

TABLE 2-1 lists terms used in Initial Configuration.

TABLE 2-1 Network Configuration Terms

Term Explanation

XSCF network interface

ISN Abbreviation for Inter SCF Network.

Takeover IP address A takeover IP address (virtual IP address) is set between each XSCF#x-LAN#0’s Unique

DSCP Domain-SP Communication Protocol. This interface protocol is used between XSCF and

General term for an interface required in XSCF network configuration. Such interfaces include the following:

[First XSCF Unit]

• XSCF-LAN#0 (Active s ide)

• XSCF-LAN#1 (Active s ide)

• ISN (Active side) (If the XSCF Unit is redundant) [Second XSCF Unit] (If the XSCF Unit is redundant)

• XSCF-LAN#0 (Standby side)

• XSCF-LAN#1 (Standby side)

• ISN (Standby side) Takeover IP address (If the XSCF Unit is redundant)

• XSCF-LAN#0s

• XSCF-LAN#1s DSCP:

• XSCF side (One IP address is required.)

• Domain side (One IP address is required for each domain, therefore, the IP addresses for the maximum number of domains are required.)

This network is between two XSCF Units (active and standby). ISN is used for a system with a redundant XSCF configuration.

addresses of two XSCF Units. The XSCF#x-LAN#1s are also the same. Even if the active XSCF and the standby XSCF are switched, the IP address takeover can be done at each "LANs".

a domain. DSCP settings are made with XSCF. The network of the domains and the XSCF connected by DSCP might be called DSCP links.

Note – Systems with two XSCF Units can only be high-end units.

TABLE 2-2 lists setting items and the corresponding shell commands.

Chapter 2 Setting Up XSCF 2-15

TABLE 2-2 Network Configuration

Item Description Shell Command Remarks

Display network Displays XSCF network interfaces.

Also, displays the following network status:

• Number of bytes of the receive queue buffer.

• Number of bytes of the send queue buffer.

shownetwork showdscp

If the XSCF Unit is redund ant , the connection status of the other side is not displayed.

• Local address and port.

• Host address and Socket port number.

Enable/disable network

IP address (Note)

netmask Sets a netmask for an XSCF network interface.

Display host name

Enables or disables an XSCF network interface (see

TABLE 2-1).

Specifies the following IP address of the XSCF network interfaces (see

TABLE 2-1).

• One or both of the XSCF-LAN ports

• DSCP

• ISN, Takeover IP address (if a redundant XSCF Unit is used)

If this item is omitted, a netmask corresponding to the IP address is set.

• Class A: 255.0.0.0

• Class B: 255.255.0.0

• Class C: 255.255.255.0

Displays a host name and the host name informations.

setnetwork setdscp

showhostname

• When the XSCF Unit is a redundant model, Defaults of IP address of ISN are the following:

XSCF#0:192.168.1.1 XSCF#1:192.168.1.2

• No default setting has been specified for the other interfaces.

• You can use a single LAN port for XSCFLAN. For network connection examples, see

A Fully Qualified Domain Name (FQDN) can be displayed

Host name/domain name

Sets a host name and a domain name for the XSCF Unit.

FQDN cannot be specified for the host name.

sethostname No default setting has

been specified.

A host name can be specified up to 64 characters.

A domain name can be specified up to 254 characters with the host n ame included, wi th label elements delimited by a period(.).

A label element can contain alphanumeric characters (a to z, A to Z, 0 to 9), hyphens (-), and period (.). Each label element must always begin with an alphabetic character and end with an alphanumeric character. However, you cannot use a period (.) in a host name.

Chapter 3.

2-16 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

TABLE 2-2 Network Configuration (Continued)

Item Description Shell Command Remarks

Display route Displays the XSCF routing environment as

follows: Network interface (see TABLE 2-1),

Destination IP address, Gateway, netmask, Flags. The meanings of the Flags are as follows: U : route is up H : target is a host G : use gateway R : rein stat e rou te fo r dy nami c rou ting C : cache entry ! : reje ct rou te

Add/delete route

Adds a route to or deletes a route from an XSCF network interface.

Specify the following:

• Network interface

• Destination IP address (Destination)

• Gateway

• netmask

showroute

setroute The setting of routing

information in each interface can be set up to eight respectively.

Display DNS Displays XSCF na me servers. shownameserver Add/delete DNS Add or delete the IP address of a name server.

Up to three name servers can be registered. Names can be solved in the order specified.

Apply network Apply network settings. applynetwork

setnameserver No default setting has

Note – To complete the network settings, the XSCF reset is required. Reset the XSCF

by using the rebootxscf (8) command. After the XSCF is reset, the XSCF session is disconnected. Please log in again to the XSCF.

Chapter 2 Setting Up XSCF 2-17

been specified. If the DNS connection is

necessary, this setting is done.

Note – In systems with two XSCF Units (the high-end systems), the two XSCF Units

are connected by system internal ports, which are the RS-232C (serial) ports and the LAN ports. Each XSCF Unit monitors the status of the other one and they exchange system information through these communication paths. When the system is initially set up, the user must specify the IP address for internal LAN routes.

Note – In the high-end systems, up to 33 IP addresses are usually specified: four for

XSCF-LAN ports, two for the ISN, two for the Takeover IP addresses, and up to 25 for DSCP on both the XSCF and domain sides. In the midrange system, up to seven IP addresses are usually specified: two for XSCF-LAN ports and up to five for DSCP on both the XSCF and domain sides.

Caution – IMPORTANT – If the XSCF Unit is redundant, issue the commands to

setup all XSCF on only the Active XSCF Unit. The command need not be executed on both (Active and Standby) XSCF Units. The XSCF setting cannot be performed on the standby side.

XSCF network interface configuration

The XSCF network interface includes the following.

■ LAN (XSCF-LAN) for users to access to XSCF

■ LAN (ISN) for the communication between XSCF Units (high-end systems only)

■ LAN (DSCP) for the communication between XSCF and each domain

FIGURE 2-1 shows the network interface which is required for the XSCF and domain

network configuration.

2-18 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

FIGURE 2-1 Network Interface Required for XSCF Network Configuration (In the High-

End Systems)

Server

DomainID 0

XSCFU#0

DomainID 1

DomainID X

11 10+X

XSCFU#1

Ethernet

1-6; Addresses of XSCF-LAN

Inside LAN

7,8; Addresses of Inter SCF Network(ISN)

9,10,..,10+X; Addresses of DSCP links

Chapter 2 Setting Up XSCF 2-19

Number Description Number Description

1 XSCF-LAN#0 address

(XSCFU#0 side)

2 XSCF-LAN#0 address

(XSCFU#1 side)

3 Takeover address

between XSCF-LAN#0s

4 XSCF-LAN#1 address

(XSCFU#0 side)

5 XSCF-LAN#1 address

(XSCFU#1 side)

6 Takeover address

between XSCF-LAN#1s

7 ISN address

(XSCFU#0 side)

8 ISN address

(XSCFU#1 side)

9 DSCP link address

(XSCF side)

10 or later

DSCP link addresses (Domains side)

XSCF network configuration procedure and the reference

The procedure to set up the XSCF network is as follows. Each step offers the detailed procedure reference.

Note – You must set XSCF-LAN, ISN, and DSCP in different subnet addresses. The

ISN address has been set up with the default value (see TABLE 2-2).

1. Specify the IP address of Ethernet (XSCF-LAN ).

You can use two XSCF-LAN ports in accordance with the network configuration. In the midrange system, specify the either or both of the following IP addresses:

■ XSCF-LAN#0 of XSCFU#0 (See "1" in FIGURE 2-1 )

■ XSCF-LAN#1 of XSCFU#0 (See "4" in FIGURE 2-1)

In the high-end system, subsequently to the XSCFU#0 side, specify the IP address of XSCF-LAN of the XSCFU#1 side (see "2" and "5" in FIGURE 2-1). (See shownetwork (8), setnetwork (8).)

Use the same subnet address to specify the LAN ports which share the same number in each XSCF unit so that you can connect to both of the XSCF in case the XSCF failover generated.

2-20 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

To make the IP address redundant, specify the same subnet address to the LAN port of XSCFU#0 side and to the LAN port of XSCFU#1 side which share the same LAN port number. Also, The IP address of XSCF-LAN#0 and the IP address of XSCFLAN#1 must be specified in different subnet addresses.

2. Perform the following setting to specify the takeover IP address in the highend system.

When you specify the takeover IP address, in case the XSCF failover occurred, the control switching between the act ive side and the standby side performed, and then the IP address will be taken over. The user who accesses the takeover IP address can always connect to the active side XSCF, without being aware of the XSCF switching.

Sets IP address respectively of XSCF-LAN#0 and XSCF-LAN#1. In addition, on each LAN port of XSCF-LAN#0 and XSCF-LAN#1 in the redundant system, specify the takeover IP address one by one (see "3" and "6" in

FIGURE 2-1). (See shownetwork

(8), setnetwork (8).)

3. In the high-end system, specify the two IP addresses of ISN.

Since ISN is a network for the communication between the redundant XSCF Units, it is necessary to specify the IP address. The ISN address has been set up with the default value (see

TABLE 2-2).

If the IP address of XSCF-LAN conflicts with the default subnet address of ISN, you must specify the IP address of ISN (see "7" and "8" in

FIGURE 2-1). Also, both ISN

addresses must be in the same network subnet. Users cannot access this network. (See shownetwork (8), setnetwork (8).)

4. Specify the DSCP address.

After configured the domain (see Section 2.2.11, “Domain Configuration” on

page 2-87), specify the DSCP address.

Specify one DSCP IP address in the XSCF-side, and one for each of the domains (See "9," "10" or later in

FIGURE 2-1). By specifying the option, you can specify one DSCP

address which is used in all of the DSCP links. In this case, the IP addresses used by the XSCF and each domain-specific DSCP link are automatically selected from within the range of addresses indicated by the DSCP network address.

All DSCP addresses must be in the same network subnet. Since the DSCP is the network for the communication between domain and XSCF, users can't access to this network. (See showdscp (8), setdscp (8).)

5. Specify the host name, routing, and DNS.

(See showhostname (8), sethostname (8), showroute (8), setroute (8), shownameserver (8), and setnameserver (8).)

6. Apply network settings.

Chapter 2 Setting Up XSCF 2-21

(See applynetwork (8), rebootxscf (8).)

Note – While any of the setting commands concerning the XSCF are in execution, if

the XSCF failover is generated, the setting may not be completed. Log in to the active side XSCF again to confirm whether or not the setting is applied. If the setting is not applied, perform the setting again.

Enabling or Disabling the XSCF Network and Specifying an IP Address and Netmask for the Network and DSCP

■ Command operation

1. Use the shownetwork (8) command to display network interface information.

<Example 1> Display information on all network interfaces of XSCF.

XSCF> shownetwork -a

<Example 2> Display information on network interfaces of LAN#1 in the XSCF Unit #0 (XSCFU#0).

XSCF> shownetwork xscf#0-lan#1 xscf#0-lan#1 Link encap:Ethernet HWaddr 00:0A:48:09:C9:0E inet addr:192.168.10.11 Bcast: 192.168.10.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:54424 errors:0 dropped:0 overruns:0 frame:0 TX packets:14369 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:20241827 (19.3 MiB) TX bytes:2089769 (1.9 MiB) Base address:0xe000

<Example 3> Display the ISN information on network interfaces of XSCFU#0

XSCF> shownetwork xscf#0-if xscf#0-if Link encap:Ethernet HWaddr 00:0A:48:09:C9:1E inet addr:192.168.10.128 Bcast:192.168.10.255 Mask: 255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:54424 errors:0 dropped:0 overruns:0 frame:0 TX packets:14369 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:17010 (16.6 KiB) Base address:0xe000

<Example 4> Display the takeover IP address information of the XSCF-LAN#0

XSCF> shownetwork lan#0 lan#0 Link encap:Ethernet HWaddr 00:00:00:12:34:56 inet addr:192.168.1.10 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Base address:0xe000

2-22 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

2. Use the showdscp (8) command to display DSCP information.

<Example> Display DSCP information.

XSCF> showdscp

DSCP Configuration:

Network: 192.168.244.0 Netmask: 255.255.255.0

Location Address

---------- --------XSCF 192.168.244.1 Domain #00 192.168.244.2 Domain #01 192.168.244.3 Domain #02 192.168.244.4 Domain #03 192.168.244.5

3. Use the setnetwork (8) command to specify network interface informat ion.

<Example 1> Specify IP address 192.168.1.10 and netmask

255.255.255.0 for XSCF-LAN#0 in the XSCFU#0 to enable it.

XSCF> setnetwork xscf#0-lan#0 -m 255.255.255.0 192.168.1.10

<Example 2> Specify IP address 192.168.12.10 for the ISN in the XSCFU#0 to enable it.

XSCF> setnetwork xscf#0-if 192.168.12.10

<Example 3> Specify IP address 192.168.11.10 and netmask

255.255.255.0 for the ISN in the XSCF-LAN#0.

XSCF> setnetwork lan#0 -m 255.255.255.0 192.168.11.10

<Example 4> Disable XSCF-LAN#1 in the XSCFU#0.

XSCF> setnetwork xscf#0-lan#1 -c down

Note – The setting values by setnetwork (8), sethostname (8), setroute (8),

and setnameserver (8) commands are applied by performing the applynetwork

(8) and the rebootxscf (8) commands. Also, if you perform the

applynetwork (8) command with the “down” option, the IP address, and so on,

changed after previous applynetwork (8) is performed, are all cleared. So, when you do “up”, you should set the network interface again.

Note – You cannot set the routing to the takeover IP address.

Chapter 2 Setting Up XSCF 2-23

4. Use the setdscp (8) command (see Note) to specify network interface information.

< Example 1> Specify the entire DSCP network IP address 192.168.2.0 and netmask 255.255.255.0.

XSCF> setdscp -i 192.168.2.0 -m 255.255.255.0

<Example 2> Specify IP address 192.168.2.1 for the XSCF.

XSCF> setdscp -s -i 192.168.2.1

<Example 3> Specify the IP address of 192.168.2.2 to domain ID 1.

XSCF> setdscp -d 1 -i 192.168.2.2

<Example 4> Setting DSCP addresses using Interactive mode.

XSCF> setdscp DSCP network [192.168.244.0 ] > 192.168.2.0

DSCP netmask [255.255.255.0 ] > 255.255.255.0

XSCF address [192.168.2.1 ] > 192.168.2.1 Domain #00 address [192.168.2.2 ] > 192.168.2.2 : Commit these changes to the database? [y|n]:y

Note – It is necessary to configure DSCP to enable it for the domains. For details

about the Domain Configuration, see

Section 2.2.11, “Domain Configuration” on

page 2-87.

Note – Setting DSCP addresses can only be done when affected domains are not

running. Use of the -i and -m options to set all DSCP addresses can only be done when no domains are running. Setting the XSCF address can only be done when no domains are running, since this would affect the XSCF's communication to running domains. Setting individual domain addresses can be done only if the specified domain is not running.

Note – You can specify a network address for use by all of the DSCP links using the

-i and -m options. In this mode of operation, the IP addresses used by the XSCF and

each domain-specific DSCP link are automatically selected from within the range of addresses indicated by the network address.

2-24 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

Note – If you set a netmask using the -m option, this netmask value shows the

mask value in the XSCF network. A netmask value when you display the DSCP network on the domain is not the netmask value in the XSCF network. The netmask value for the domain DSCP address, which is displayed on the domain by using ifconfig(1M), is a value set according to the setting of the network on the domain side.

Note – All DSCP addresses must be in the same network subnet.

Specifying a Host Name for XSCF

■ Comm and operation

1. Use the showhostname (8) command to display host names.

XSCF> showhostname -a xscf#0: scf-hostname0.company.com xscf#1: scf-hostname1.company.com

2. Use the sethostname (8) command to specify a host name.

<Example 1> Specify the host name scf0-hostname for XSCFU#0.

XSCF> sethostname xscf#0 scf0-hostname

<Example 2> Specify the domain name com for XSCFU#0.

XSCF> sethostname -d company.com

Chapter 2 Setting Up XSCF 2-25

Configuring XSCF Routing

XSCF Unit 0 XSCF Unit 1 xscf#0 [192.168.1.10] xscf#2 [192.168.1.20] +------------------------------+ XSCF-LAN#0 XSCF-LAN#0

XSCF Unit 0 XSCF Unit 1 xscf#1 [10.12.108.10] xscf#3 [10.12.108.20] +------------------------------+ XSCF-LAN#1 XSCF-LAN#1

Destination Gateway Netmask Interface [192.168.1.0] - [255.255.255.0] xscf#0 [default] [192.168.1.1] [0.0.0.0] xscf#0

[192.168.1.0] - [255.255.255.0] xscf#2 [default] [192.168.1.1] [0.0.0.0] xscf#2

[10.12.108.0] - [255.255.255.0] xscf#1 [default] [10.12.108.1] [0.0.0.0] xscf#1

[10.12.108.0] - [255.255.255.0] xscf#3 [default] [10.12.108.1] [0.0.0.0] xscf#3

Note – The method of determining the routing for an XSCF interface depends on

the network environment at the installation site. The network environment for system operation must have a suitable configuration.

■ Command operation

1. Use the showroute (8) command to display the routing environment.

XSCF> showroute -a Destination Gateway Netmask Flags Interface

10.12.108.0 * 255.255.255.0 U xscf#0-lan#0 default 10.12.108.1 0.0.0.0 UG xscf#0-lan#0 :

2-26 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

2. Use the setroute (8) command to specify the routing environment for a network interface.

<Example 1> Add routing with Destination 192.168.1.0 and Netmask

255.255.255.0 to XSCF-LAN#0 in the XSCFU#0.

XSCF> setroute -c add -n 192.168.1.0 -m 255.255.255.0 xscf#0-lan#0

<Example 2> Add routing with the default network for Destination and Gateway 192.168.1.1 to XSCF-LAN#1 in the XSCFU#0.

XSCF> setroute -c add -n 0.0.0.0 -g 192.168.1.1 xscf#0-lan#1

<Example 3> Delete routing with destination 10.12.108.0 and the default netmask 255.255.255.0 to XSCF-LAN#0 in the XSCFU#0.

XSCF> setroute -c del -n 10.12.108.0 -m 255.255.255.0 xscf#0-lan#0

Making XSCF DNS Settings

■ Command operation

1. Use the shownameserver (8) command to display the name server. If multiple name servers are added, they are displayed on separate lines.

<Example 1> Confirm that three name servers are added.

XSCF> shownameserver nameserver 10.0.0.2 nameserver 172.16.0.2 nameserver 192.168.0.2

<Example 2> Confirm that no name server is added.

XSCF> shownameserver

---

2. Use the setnameserver (8) command to specify the name server.

<Example 1> Add the three IP addresses 10.0.0.2, 172.16.0.2, and

192.168.0.2 as name servers.

XSCF> setnameserver 10.0.0.2 172.16.0.2 192.168.0.2

<Example 2> Delete all available name servers.

XSCF> setnameserver -c del -a

Chapter 2 Setting Up XSCF 2-27

Applying the XSCF Network Settings

■ Command operation

1. After performing the setnetwork (8), sethostname (8), setroute (8), and setnameserver (8) commands, apply these Network settings.

2. Perform the applynetwork (8) command on the XSCF Shell. When performing the command, the network settings are displayed and you can confirm whether the settings should be applied.

XSCF> applynetwork The following network settings will be applied: xscf#0 hostname :scf0-hostname DNS domain name :company.com nameserver :10.0.0.2

interface :xscf#0-lan#0 status :up IP address :192.168.1.10 netmask :255.255.255.0 route :-n 192.168.1.0 -m 255.255.255.0 -g 192.168.1.1

interface :xscf#0-lan#1 status :down IP address : netmask : route :

Continue? [y|n] :y

Note – When the XSCF Unit is in redundant conf iguration, ISN addresses must be

in the same network subnet.

3. Use the rebootxscf (8) command to reset the XSCF and to complete the settings.

XSCF> rebootxscf The XSCF will be reset. Continue? [y|n] :y

■ At this time, the window session is disconnected, so please reconnect to the XSCF

by using the new network interface and log in again.

4. Display the Network Configurat ion by using the shownetwork(8), showhostname(8), showroute(8) and shownameserver(8) commands again

and check the new network information.

2-28 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

5. Use the nslookup (8) command to check the host name information.

<Example> Specify the host name information scf0-hostname.

XSCF> nslookup scf0-hostname Server: server.example.com Address: 192.168.1.3

Name: scf0-hostname.company.com Address: 192.168.10.10

Display XSCF Network Connection Status

■ Command operation

● Use the shownetwork (8) command to display the network status.

XSCF> shownetwork -i Active Internet connections (without servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 xx.xx.xx.xx:telnet xxxx:1617 ESTABLISHE D

2.2.2 User Account Administration

User account administration is used to specify user accounts, passwords, and user privileges and the password policy.

TABLE 2-3 lists a term used in user account administration.

TABLE 2-3 User Account Administration Term

Term Description

UID ID that is assigned automatically to a user account.

Also, the UID can be specified. The ID values start from 100 and end at 65533. Or start from 65536 and end at 4294967295.

TABLE 2-4 lists setting items and the corresponding shell commands.

Chapter 2 Setting Up XSCF 2-29

TABLE 2-4 User Account Administration

Item Description Shell Command Remarks

Display user account management

Displays user account management information. showuser • The item displayed

is Never, which means unlimited.

information Add/delete

user account

Adds or deletes a user account. adduser

deleteuser

The maximum length of a user account is 32 characters.

Password Sets a user account password.

• Specify whether to use a specific number of days or specific date for the account validity period. Or specify no expiration.

Specify the following for the password: (Note)

• Maximum number of days in the password validity period (up to 999999 days)

• Minimum number of days in the password validity period (0 days)

password • The expiration date

format follows that of the locale.

Example: yyyy-mm-dd

•The password must satisfy the following condition:

It consists of up to 79 characters.

• Password expiration warning date (seven days in advance)

• Number of days in wh ich the account remains unlocked after expiration of the password (0 days, no limit)

Change user privilege

Assigns a user privilege t o a user. setprivileges Multiple user

privileges can be assigned to one user.

Enable/ disable user

Enables or disables a user account. enableuser

disableuser

account Display

password

Displays a password policy. showpassword-

policy

2-30 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

TABLE 2-4 User Account Administration (Continued)

Item Description Shell Command Remarks

Password policy

Sets a password policy as described below.

• Minimum number of days that must elapse before the password can be changed (Mindays)

• Maximum number of days that the password is valid (Maxdays)

• Number of days preceding password expiration, for the firs t warning (Warn)

• Number of days in which the account remains unlocked after password expiration (Inactive)

• Number of days a new account will be valid before expiring and becoming disabled. (Expiry)

• Maximum number of retries of password entry (Retry)

• Maximum number of characters that must be different in a new password.(Difok)

• Minimum number of password characters (Minlen)

• Minimum number of digits contained in a password (Dcredit)

• Minimum number of uppercase letters contained in a password (Ucredit)

• Minimum number of lowercase letters contained in a password (Lcredit)

• Minimum number of symbols contained in a password (Ocredit)

• Maximum numbers of pass words in the password history (Remember)

setpasswordpolicy

• Once an account is locked after password expiration, its user must contact the system administrator in order to use the system again.

• A password must consist of at least six characters.

• Inactive is -1, whic h means unlimited.

• Expiry is 0, which means unlimited.

Note – If the password policy is set, then the password policy is applied to the users

added after that.

Note – When you change the password for another user by using the user operand,

they system password policy is not enforced. When changing another user ’s password, be sure to choose a password that conforms with the system password policy.

Chapter 2 Setting Up XSCF 2-31

Adding or Deleting a User Account and Specifying a Password

■ Comm and operation

1. Use the showuser (8) command to display all of the user account information. (See the description of the password policy in

XSCF> showuser -l User Name: user001 UID: 101 Status: Enabled Minimum: 0 Maximum: 99999 Warning: 7 Inactive: -1 Last Change: Jul 11, 2006 Password Expires: Never Password Inactive: Never Account Expires: Never Privileges: platadm

2. Use the adduser (8) command to add a user account.

<Example 1> Specify a user account name.

XSCF> adduser jsmith

TABLE 2-4.)

<Example 2> Specify a UID for a user account.

XSCF> adduser –u 359 jsmith

If the XSCF is configured to use Lightweight Directory Access Protocol (LDAP) for user account data, the user name and UID (if specified) must not already be in use, either locally or in LDAP.

Note – You cannot use the following user account names, as they are reserved for

system use: root, bin, daemon, adm, operator, nobody, sshd, rpc, rpcuser, ldap, apache, ntp, admin, or default.

2-32 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

3. Use the password (8) command to specify a password.

<Example 1> Specify a password.

XSCF> password jsmith Changing password for platadm (current) XSCF password: xxxxxx New XSCF password: xxxxxx BAD PASSWORD: is too similar to the old one New XSCF password: xxxxxx BAD PASSWORD: it is too simplistic/systematic New XSCF password: xxx BAD PASSWORD: it’s WAY too short New XSCF password: xxxxxx Retype new XSCF password: xxxxxx XSCF>

<Example 2> Specify 60 days for the validity period, and also specify that a validity expiration warning be issued 15 days in advance.

XSCF> password –M 60 –w 15 jsmith

Specifying a User Privilege

■ Comm and operation

1. Use the showuser (8) command to display user account settings.

XSCF> showuser -a User Name: jsmith Status: Enabled Minimum: 0 Maximum: 99999 Warning: 7 Inactive: -1 Last Change: Aug 22, 2005 Password Expires: Never Password Inactive: Never Account Expires: Never

2. Use the setprivileges (8) command to assign a user privilege to a user account.

<Example> Specify useradm and auditadm for a user account.

XSCF> setprivileges jsmith useradm auditadm

3. Use the showuser (8) command to confirm the privilege.

Chapter 2 Setting Up XSCF 2-33

XSCF> showuser -p User Name: jsmith Privileges: useradm auditadm

Enabling or Disabling a User Account

■ Comm and operation

1. Use the showuser (8) command to display user account settings.

XSCF> showuser -a

2. Use the enableuser (8) command to enable a user account.

<Example> Enable a user account.

XSCF> enableuser jsmith

Specifying a Password Policy

■ Comm and operation

1. Use the showpasswordpolicy (8) command to display password policy settings.

XSCF> showpasswordpolicy Mindays: 0 Maxdays: 90 Warn: 7 Inactive: -1 Expiry: 0 Retry: 5 Difok: 1 Minlen: 8 Dcredit: 0 Ucredit: 0 Lcredit: 0 Ocredit: 0 Remember: 4

2-34 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

2. Use the setpasswordpolicy (8) command to specify a password policy.

<Example> Specify 3 for the retry count, an eight-character password containing at least two digits, 60 days for the expiration period, and 15 days for the advance notice of expiration.

XSCF> setpasswordpolicy -y 3 -m 8 -d 2 -u 0 -l 0 -o 0 -M 60 -w 15

3. Use the showpasswordpolicy (8) command to confirm the settings.

XSCF> showpasswordpolicy Mindays: 0 Maxdays: 60 Warn: 15 Inactive: -1 Expiry: 0 Retry: 3 Difok: 1 Minlen: 8 Dcredit: 2 Ucredit: 0 Lcredit: 0 Ocredit: 0 Remember: 3

2.2.3 LDAP Administration

LDAP administration is used to specify items relating to LDAP clients. The LDAP server, bind ID, password, baseDN and so on are set. In the LDAP server, the XSCF user information is managed.

Note – This section does not cover LDAP configuration and administration. An

administrator who is familiar with LDAP should perform the LDAP design. For details on adding user information to an account on an LDAP server, see the Administration Guide.

TABLE 2-5 lists terms used in LDAP Administration.

Chapter 2 Setting Up XSCF 2-35

TABLE 2-5 LDAP Administration Terms

Term Description

LDAP Abbreviation for Lightweight Directory Access Protocol.

LDAP is a protocol used to access directory databases in TCP/IP networks.

baseDN Abbreviation for base Distinguished name.

Under LDAP, directory information is in a hierarchical structure. To perform a search, specify the subtree to be searched in the hierarchical structure. To do so, specify the identification name (DN) of the top of the target subtree. This DN is referred to as the search base (basedDN).

Certificate chain List of certificates including a user certificate and certification authority

certificate. OpenSSL and TLS certificates must be downloaded in advance.

TLS Abbreviation for Transport Layer Security. This is a protocol for

encrypting information fo r transmission via th e Internet.

TABLE 2-6 lists setting items and the corresponding shell commands:

TABLE 2-6 LDAP Administration

Item Description Shell command Remarks

Display the use of LDAP

Enable/ disable the use of LDAP

Displays the use of an LDAP server for authentication and privilege lookup.

Enables or disables the use of an LDAP server for authentication and privilege lookup.

showlookup

setlookup If this specif ies that

authentication data and user privilege data be placed together on an LDAP server, the system first searches the local area, and it searches the LDAP server only if the target data is not found

locally. Display client Displays LDAP client setting information. showldap Bind ID Bind an ID for a connection to (bind:

authenticate) an LDAP server.

setldap Bind ID maximum length is

128 characters. password Sets a password used to bind an LDAP server. setldap A password can consist of 8

to 16 characters. Search base Sets an LDAP tree search base (baseDN). setldap • If this item is omitted, the

command searches th e t r ee, beginning from the top .

• Search base maximum length is 128 characters.

2-36 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

TABLE 2-6 LDAP Administration (Continued)

Item Description Shell command Remarks

Certificate chain

LDAP server/port

Timeout Sets the maximum time (seconds) allowed for

LDAP test Tests the connection to an LDAP server. setldap

Imports the certificate chain of an LDAP server. Import a certificate chain as follows:

• Import a secure copy (scp) from a remote file.

• Establish a connection to the target LDAP server, and import the certificate chain from the server.

Specify the IP addresses and port numbers of the primary and secondary LDAP servers.

Specify IP addresses or host names for the addresses.

(e.g. ldap://foobar.east, ldaps://10.8.31.14:636 )

an LDAP search.

setldap • The certific ate chain must

be in PEM format. (Note

• A password may need to be entered to import an scp from a remote file.

setldap • The default LDAP port

number is 636 for ldaps, 389 for ldap when the port number is not specif ied.

•If LDAP server name is specified, the server name maximum length is 128 characters

setldap

Note – PEM: Abbreviation for Privacy Enhanced Mail. Mail to be sent is encrypted

for increased privacy.

Enabling or Disabling the LDAP Server

■ Comm and operation

1. Use the showlookup (8) command to display the lookup method of authentication and user privileges.

XSCF> showlookup Privileges lookup: Local only Authentication lookup: Local and LDAP

Chapter 2 Setting Up XSCF 2-37

2. Use the setlookup (8) command to enable or disable the LDAP server.

<Example> Enable the use of LDAP server for both user authentication and user privilege.

XSCF> setlookup –a ldap XSCF> setlookup –p ldap

3. Use the showlookup (8) command to confirm the lookup method.

XSCF> showlookup Privileges lookup: Local and LDAP Authentication lookup: Local and LDAP

Specifying an LDAP Server, Port Number, Bind ID, Bind Password, Search Base (BaseDN) and Search Time (Timeout Period)

■ Comm and operation

1. Use the showldap (8) command to display LDAP client settings.

XSCF> showldap Bind Name: Not set Base Distinguished Name: Not set LDAP Search Timeout: 0 Bind Password: Not set LDAP Servers: Not set CERTS: None

2. Use the setldap (8) command to configure an LDAP client.

<Example 1> Specify bind ID and search base (baseDN).

XSCF> setldap –b "cn=Directory Manager" –B "ou=People,dc=users,dc= apl,dc=com,o=isp"

<Example 2> Specify bind password.

XSCF> setldap -p Password:xxxxxxxx

<Example 3> Specify the primary and secondary LDAP servers and port numbers.

XSCF> setldap -s ldap://onibamboo:389,ldaps://company2.com:636

<Example 4> Specify the timeout period for LDAP search.

XSCF> setldap -T 60

2-38 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

3. Use the showldap (8) command to confirm the setting.

XSCF> showldap Bind Name: cn=Directory Manager Base Distinguished Name: ou=People,dc=users,dc=apl,dc=com,o=isp LDAP Search Timeout: 60 Bind Password: Set LDAP Servers: ldap://onibamboo:389 ldaps://company2.com:636 CERTS: None

Installing the Certificate Chain of an LDAP Server

■ Comm and operation

1. Use the showldap (8) command to display the LDAP setting.

2. Use the setldap (8) command to import the certificate chain.

XSCF> setldap –c hhhh@example.com:Cert.pem

3. Use the showldap (8) command to confirm that you have imported the certificate chain.

Chapter 2 Setting Up XSCF 2-39

Testing a Connection to an LDAP Server

■ Comm and operation

1. Use the setldap (8) command to perform the test.

XSCF> setldap -t sysadmin onibamboo:389 PASSED

2. Log in as the user created in the LDAP server. Confirm the registration using the user’s password.

3. Use the showuser (8) command to confirm whethe r the displayed privilege is the same as the one created in the LDAP server.

XSCF> showuser User Name: sysadmin (nonlocal) UID: 110 Privileges: platadm

2.2.4 Time Administration

Time administration is used to specify the time and the NTP settings for this system. The server (all domains) uses the XSCF Unit clock as the reference time.

Note – The customer should decide the NTP server operating mode. For details on

NTP, see the NTP manuals.

The XSCF Unit can be optionally configured to be an NTP client. If you do not configure the XSCF Unit as an NTP clie nt, the XSCF Unit will run its internal realtime clock (RTC) based on the setdate (8) command alone.

Domains can be configured to use a time-of-day management policy on an individual basis, so that each domain can manage its own time-of-day in a different manner. Domain time-of-day policies include:

■ If no time or date configuration is done on the Solaris OS domain (that is, you do

not set up the system as an NTP client and you do not use the Solaris OS date command to set the domain’s date), the Solari s OS domain will obtain its initial time-of-day from the XSCF Unit.

2-40 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

■ A Solaris OS domain can be set up as an NTP client with the XSCF Unit being the

NTP server. In this case, the XSCF Unit must be set up as an NTP server (see

Configuring an NTP Server). In this case, the Solaris OS domain will obtain its

initial time-of-day from the XSCF NTP server, which will then be used to ke ep the Solaris domain and the XSCF unit in sync.

■ A Solaris domain can be set up as an NTP client from an external NTP server. In

this case, the initial time for Solaris OS will be obtained from the XSCF Unit. If you connect the domain to an external NTP server, connect a high rank NTP server that supplies the time at the same accuracy for the domain as for XSCF.

■ If you use the Solaris OS date command to set the t ime on a Solaris OS domain,

the time offset between the Solaris OS domain and the XSCF Unit will be preserved over reboots. Whenever the Solaris OS domain boots, its initial time-ofday will be the XSCF Unit time adjusted by the time offset created the last time the Solaris OS date command was used on the domain.

TABLE 2-7 lists the settings and the corresponding shell commands.

TABLE 2-7 Setting Time and Date

Item Description Shell Command Remarks

Display time zone

Time zone Sets the time zone.

Display system time

Date and time

Display NTP server settings

Displays the time zone. showtimezone

settimezone The POSIX standard is

Specify a local time name consisting of up to eight characters.

used for the time zone. The setting time zone list

can be referred by specifying "-a" option.

Displays the time and date of the XSCF by

showdate

the local time or the Coordinated Universal Time (UTC).

Sets a date and time to a local time or UTC. The specification format is as follows:

• yyyy.mm.dd-HH:MM:SS

• mmddHHMMyyyy.SS yyyy: Year, mm: Month, dd: Day of the

setdate The settings can be enabled

when all of the domains are powered off.

XSCF reset is done after the settings.

month, HH: Hour (24-hour system), MM: Minute, SS: Second

Displays NTP server settings showntp Synchronization is also

checked.

Chapter 2 Setting Up XSCF 2-41

TABLE 2-7 Setting Time and Date (Continued)

Item Description Shell Command Remarks

NTP server Configures an NTP server for XSCF

network. (In this case, XSCF is an NTP client.)

Specify the IP address or host name of an NTP server.

setntp No default setting has been

specified. If the same IP address as

DSCP is set, an error will occur.

You can synchronize with up to three NTP servers.

Stratum value

Reset time subtraction

Specifies a stratum service for XSCF. You can specify an integer from 1 to 15.

Resets the time subtraction between the XSCF and each domain, which is stored in XSCF.

setntp The default stratum value

is 5.

resetdateoffset The settings c an be enable d

when all of the domains are powered off.

As a result, the time of each domain will be set to the same time as the XSCF after startup.

Specifying a Time Zone

■ Comm and operation

1. Use the showtimezone (8) command to display the time zone.

XSCF> showtimezone -c tz America/Chicago

2-42 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

2. Use the settimezone (8) command to set the system time. The platadm privilege is required.

<Example 1> Display the timezone list.

XSCF> settimezone -c settz -a Africa/Abidjan Africa/Accra :

<Example 2> Set the timezone.

XSCF> settimezone -c settz -s Asia/Tokyo Asia/Tokyo

The set time zone takes effect at the next login.

3. Use the showtimezone (8) command to confirm the setting.

Setting the XSCF Time

■ Comm and operation

1. Use the showdate (8) command to display the XSCF time.

<Example 1> Display the current time with local time.

XSCF> showdate Mon Jan 23 14:53:00 JST 2006

<Example 2> Display the current time with UTC.

XSCF> showdate -u Mon Jan 23 14:53:00 JST 2006

Chapter 2 Setting Up XSCF 2-43

2. Use the setdate (8) command to set the time.

<Example 1> Set the current time to 2006-1-27 16:59:00 of a local time.

XSCF> setdate -s 012716592006.00 Fri Jan 27 16:59:00 JST 2006 The XSCF will be reset. Continue? [y|n]:y Fri Jan 27 16:59:00 JST 2006

<Example 2> Set the current time to 2006-1-27 07:59:00 of UTC.

XSCF> setdate -u -s 012707592006.00 Fri Jan 27 07:59:00 UTC 2006 The XSCF will be reset. Continue? [y|n]:y Fri Jan 27 16:59:00 JST 2006

Note – After the time settings, XSCF reset is done. At this time, the XSCF session is

disconnected. Please reconnect to the XSCF and log in again. Also, when the domains are running and if you use XSCF as an NTP server, please perform a domain reboot or apply the changed time to the domain using the ntpdate (1M) command.

Note – When replacing the XSCF unit, be sure to note the time set on the

replacement XSCF. If the replacement XSCF time does not match the current time, set it to the current time. For the replacement XSCF unit, execute the showdate (8) command to check the time, and reset it using the setdate (8) command.

Configuring an NTP Server

■ Comm and operation

1. Use the showntp (8) command to display the NTP server for the XSCF network.

XSCF> showntp -a server ntp1.example.com prefer # [1] ntp server name server ntp2.example.com # [2] ntp server name

2-44 SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008

FUJITSU M4000 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Contents

Figures

Tables

Preface

Audience

Glossary

Structure and Contents of this Manual

SPARC Enterprise Mx000 Servers Documentation

Abbreviated Refer ences to Other Documents

Models

Text Conventions

Prompt Notations

Syntax of the Command Line Interface (CLI)

Command syntax

Conventions for Important Messages

Software License

Limitations and Notes

About Remote Maintenance

Fujitsu Welcomes Your Comments

Reader's Comment Form

XSCF Overview

1.1 XSCF Features

1.2 XSCF Functions

1.3 Types of Connection to XSCF

1.3.1 Examples of LAN Connection Operations

1.3.2 NTP Configuration and Time Synchronization

1.3.3 About the CD-RW/DVD-RW Drive Unit and Tape Drive Unit

1.4 XSCF User Interfaces

1.4.1 User Accounts and User Privileges

Setting Up XSCF

2.1 XSCF Setup Summary

2.1.1 Setup Summary by the XSCF Shell

2.1.2 Setup Summary Using the XSCF Web

2.2 Specifying the XSCF Settings

2.2.1 Network Configuration

2.2.2 User Account Administration

2.2.3 LDAP Administration

2.2.4 Time Administration