HP Integrated Lights-Out 2 User Manual

0 (0)

HP Integrated Lights-Out 2 User Guide

HP Part Number: 394326-403

Published: June 2012

Edition: 1

Notices

The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license.

Microsoft, Windows, Windows Server, Windows Vista, Windows NT, and Windows XP are U.S. registered trademarks of Microsoft Corporation. AMD is a trademark of Advanced Micro Devices, Inc. Intel is a trademark of Intel Corporation in the U.S. and other countries. Java is a registered trademark of Oracle and/or its affiliates.

Intended audience

This document is for the person who installs, administers, and troubleshoots servers and storage systems. HP assumes you are qualified in the servicing of computer equipment and trained in recognizing hazards in products with hazardous energy levels.

Contents
1 Overview................................................................................................	11
New in this release of iLO 2.....................................................................................................	11
iLO 2 Overview......................................................................................................................	11
Differences between iLO 2 and iLO......................................................................................	12
HP Insight Control server deployment ...................................................................................	12
Server management through IPMI version 2.0 compliant applications........................................	13
WS-Management compatibility overview..............................................................................	13
iLO 2 browser interface overview..............................................................................................	14
Supported browsers and client operating systems...................................................................	15
Supported server operating system software..........................................................................	15
2 Setting up iLO 2.......................................................................................	17
Quick setup...........................................................................................................................	17
Preparing to set up iLO 2.........................................................................................................	17
Connecting to the network.......................................................................................................	18
Configuring the IP address.......................................................................................................	19
Logging in to iLO 2 for the first time..........................................................................................	20
Setting up user accounts..........................................................................................................	20
Setting up iLO 2 using iLO 2 RBSU.......................................................................................	20
Setting up iLO 2 with the browser-based option......................................................................	21
Activating iLO 2 licensed features with a browser........................................................................	21
Installing iLO 2 device drivers...................................................................................................	21
Microsoft device driver support............................................................................................	22
Linux device driver support..................................................................................................	22
Novell NetWare device driver support..................................................................................	22
3 Configuring iLO 2....................................................................................	24
iLO 2 configuration overview....................................................................................................	24
Upgrading iLO 2 firmware.......................................................................................................	24
Upgrading iLO 2 with a browser..........................................................................................	25
Updating the firmware using the maintenance CD..................................................................	25
Recovering from a failed iLO 2 firmware update.....................................................................	26
Downgrading the iLO 2 firmware.........................................................................................	26
Licensing...............................................................................................................................	26
User administration.................................................................................................................	28
Adding a new user............................................................................................................	29
Viewing or modifying existing user settings............................................................................	31
Deleting a user..................................................................................................................	31
Group administration.........................................................................................................	32
Configuring iLO 2 access........................................................................................................	33
Services options.................................................................................................................	33
Terminal Services Passthrough option...............................................................................	35
Terminal Services client requirements...........................................................................	35
Enabling the Terminal Services Passthrough option.............................................................	36
Terminal Services warning message............................................................................	37
Terminal Services Passthrough option display...............................................................	37
Remote Console and Terminal Services clients...................................................................	37
Terminal Services troubleshooting....................................................................................	38
Access options..................................................................................................................	38
iLO 2 Remote Console and Remote Serial Console access.......................................................	41
Security.................................................................................................................................	41
General security guidelines.................................................................................................	41

Contents 3

Password guidelines......................................................................................................	42
Securing RBSU..............................................................................................................	42
iLO 2 Security Override Switch administration...................................................................	42
Trusted Platform Module support..........................................................................................	43
User accounts and access...................................................................................................	43
Privileges.....................................................................................................................	44
Login security................................................................................................................	44
SSH key administration.......................................................................................................	44
SSL certificate administration...............................................................................................	45
Two-factor authentication....................................................................................................	46
Setting up two-factor authentication for the first time...........................................................	47
Setting up a user for two-factor authentication...................................................................	48
Two-factor authentication login........................................................................................	49
Using two-factor authentication with directory authentication...............................................	50
Directory settings...............................................................................................................	51
Configuring directory settings.........................................................................................	51
Directory tests...............................................................................................................	53
Encryption........................................................................................................................	53
Encryption settings........................................................................................................	54
Connecting to the iLO 2 using AES/3DES encryption.........................................................	54
HP SIM single sign-on (SSO)...............................................................................................	55
Setting up iLO 2 for HP SIM SSO....................................................................................	55
Adding HP SIM trusted servers........................................................................................	56
Setting up HP SIM SSO..................................................................................................	57
Remote Console Computer Lock...........................................................................................	58
Network................................................................................................................................	60
Network Settings...............................................................................................................	60
iLO 2 subsystem name limitations....................................................................................	61
iLO 2 Shared Network Port.............................................................................................	61
iLO 2 Shared Management Port features and restrictions................................................	62
Enabling the iLO 2 Shared Network Port feature...........................................................	62
Re-enabling the dedicated iLO 2 management port.......................................................	63
DHCP/DNS Settings..........................................................................................................	64
SNMP/Insight Manager settings...............................................................................................	65
Enabling SNMP alerts........................................................................................................	65
SNMP generated trap definitions.........................................................................................	66
Configuring Insight Manager integration...............................................................................	67
Static IP bay configuration.......................................................................................................	68
Configuring a ProLiant BL p-Class blade enclosure..................................................................	68
Configuring static IP bay settings..........................................................................................	69
ProLiant BL p-Class standard configuration parameters............................................................	69
ProLiant BL p-Class advanced configuration parameters...........................................................	69
Enabling iLO 2 IP address assignment..................................................................................	70
HP BladeSystem setup.........................................................................................................	70
The iLO 2 firmware configuration screen...........................................................................	71
Verify Server RAID Configuration screen...........................................................................	71
Connect Virtual Media screen.........................................................................................	72
Install Software screen...................................................................................................	72
iLO 2 diagnostic port configuration parameters......................................................................	72
4 Using iLO 2.............................................................................................	74
System status and status summary information............................................................................	74
System Information Summary...............................................................................................	75
Fans............................................................................................................................	76
Temperatures................................................................................................................	76

4Contents

Power..........................................................................................................................	77
Processors....................................................................................................................	77
Memory.......................................................................................................................	77
NIC.............................................................................................................................	77
iLO 2 Log.........................................................................................................................	77
IML..................................................................................................................................	78
Diagnostics.......................................................................................................................	79
Insight Agents....................................................................................................................	80
iLO 2 Remote Console.............................................................................................................	80
Remote Console overview and licensing options.....................................................................	81
Remote Console settings.....................................................................................................	81
Remote console hot keys.................................................................................................	83
Supported hot keys........................................................................................................	84
Hot keys and international keyboards..............................................................................	85
Hot keys and Virtual Serial Port.......................................................................................	85
IRC Fullscreen....................................................................................................................	85
Integrated Remote Console option........................................................................................	85
Optimizing mouse performance for Remote Console or Integrated Remote Console................	88
High Performance Mouse settings....................................................................................	88
Multi-user access to the Integrated Remote Console................................................................	89
Using Console Capture.......................................................................................................	90
Using HP iLO Video Player..................................................................................................	90
iLO Video Player user interface.......................................................................................	91
iLO Video Player controls...............................................................................................	92
Acquiring the Remote Console.............................................................................................	92
Remote Console.................................................................................................................	93
Remote Console features and controls..............................................................................	94
Recommended client settings..........................................................................................	94
Recommended server settings.........................................................................................	95
Microsoft Windows Server 2003 settings.....................................................................	95
Red Hat Linux and SUSE Linux server settings...............................................................	95
Text-based remote console overview.....................................................................................	95
Text-based console during POST......................................................................................	95
Text-based console after POST........................................................................................	96
Using the iLO 2 Text Console.....................................................................................	97
Customizing iLO 2 Text Console.................................................................................	97
Using a Linux session................................................................................................	99
Virtual serial port and remote serial console......................................................................	99
Remote Serial Console............................................................................................	100
Virtual Serial Port enhancements...............................................................................	101
Windows EMS Console...........................................................................................	102
Virtual media.......................................................................................................................	104
Using iLO 2 Virtual Media devices.....................................................................................	104
Virtual Media and Windows 7.....................................................................................	105
iLO 2 Virtual Floppy/USBKey........................................................................................	105
Virtual Floppy/USB Key operating systems notes.........................................................	106
Operating system USB support.................................................................................	107
Mounting USB Virtual Floppy/USBKey in NetWare 6.5...............................................	107
Mounting USB Virtual Media/USBKey in Linux...........................................................	108
Changing diskettes.................................................................................................	109
iLO 2 Virtual CD/DVD-ROM.........................................................................................	109
Virtual Media CD/DVD-ROM operating system notes..................................................	110
Mounting USB Virtual Media CD/DVD-ROM in Linux..................................................	110
Creating iLO 2 disk image files.....................................................................................	111
Virtual folder...................................................................................................................	111

Contents 5

Virtual folder operating system notes..................................................................................	112
Power management..............................................................................................................	112
Server power settings.......................................................................................................	113
Server power data...........................................................................................................	115
Processor states...............................................................................................................	116
Power efficiency...............................................................................................................	117
Graceful shutdown...........................................................................................................	118
Brown-Out recovery.........................................................................................................	119
ProLiant BL p-Class Advanced management..............................................................................	119
Rack View.......................................................................................................................	120
Blade configuration and information..............................................................................	121
Enclosure information...................................................................................................	122
Power enclosure information.........................................................................................	122
Network component information...................................................................................	123
iLO 2 control of ProLiant BL p-Class server LEDs....................................................................	123
Server POST tracking...................................................................................................	123
Insufficient power notification........................................................................................	124
ProLiant BL p-Class alert forwarding....................................................................................	124
ProLiant BladeSystem HP Onboard Administrator......................................................................	124
iLO 2 BL c-Class tab.........................................................................................................	124
Enclosure bay IP addressing..............................................................................................	125
Dynamic power capping for server blades..........................................................................	127
iLO 2 Virtual Fan.............................................................................................................	128
iLO option.......................................................................................................................	128
Web Administration.........................................................................................................	128
BL p-Class and BL c-Class features......................................................................................	129
5 Directory services...................................................................................	130
Overview of directory integration............................................................................................	130
Benefits of directory integration..............................................................................................	130
Advantages and disadvantages of schema-free directories and HP schema directory.....................	131
Schema-free directory integration.......................................................................................	131
Setting up Schema-free directory integration.............................................................................	132
Active Directory preparation..............................................................................................	132
Introduction to certificate services..................................................................................	132
Installing certificate services..........................................................................................	132
Verifying certificate services..........................................................................................	133
Configuring Automatic Certificate Request......................................................................	133
Schema-free browser-based setup.......................................................................................	133
Schema-free scripted setup................................................................................................	133
Schema-free HPLOMIG-based setup....................................................................................	134
Schema-free setup options.................................................................................................	134
Schema-free nested groups................................................................................................	135
Setting up HP schema directory integration..............................................................................	136
Features supported by HP schema directory integration.........................................................	136
Setting up directory services..............................................................................................	136
Schema documentation.....................................................................................................	137
Directory services support.................................................................................................	137
Schema required software.................................................................................................	137
Schema installer..............................................................................................................	138
Schema Preview..........................................................................................................	138
Setup.........................................................................................................................	138
Results.......................................................................................................................	139
Management snap-in installer............................................................................................	140
Directory services for Active Directory.................................................................................	140

6Contents

Active Directory installation prerequisites........................................................................	140
Installing Active Directory on Windows Server 2008.......................................................	141
Directory services preparation for Active Directory...........................................................	141
Snap-in installation and initialization for Active Directory..................................................	142
Example: Creating and configuring directory objects for use with iLO 2 in Active Directory....	143
Directory services objects.............................................................................................	145
Active Directory snap-ins.........................................................................................	146
Active Directory role restrictions................................................................................	147
Active Directory Lights-Out management.........................................................................	148
Directory services for eDirectory.........................................................................................	149
eDirectory installation prerequisites................................................................................	149
Snap-in installation and initialization for eDirectory..........................................................	150
Creating and configuring directory objects for use with LOM devices in eDirectory..............	150
Directory Services objects for eDirectory.........................................................................	152
Role managed devices............................................................................................	152
Members...............................................................................................................	153
eDirectory Role Restrictions...........................................................................................	154
Time restrictions......................................................................................................	154
Enforced client IP address or DNS name access.........................................................	154
eDirectory Lights-Out Management................................................................................	155
User login using directory services.....................................................................................	156
Directory-enabled remote management....................................................................................	156
Introduction.....................................................................................................................	156
Creating roles to follow organizational structure...................................................................	157
Using existing groups..................................................................................................	157
Using multiple roles.....................................................................................................	157
How directory login restrictions are enforced.......................................................................	158
Restricting roles...........................................................................................................	158
Role time restrictions...............................................................................................	159
Role address restrictions..........................................................................................	159
User restrictions...........................................................................................................	159
User address restrictions..........................................................................................	159
How user time restrictions are enforced......................................................................	160
Creating multiple restrictions and roles...........................................................................	160
Using bulk import tools.....................................................................................................	161
HPLOMIG directory migration utility........................................................................................	162
Introduction to HPLOMIG utility..........................................................................................	162
Compatibility..................................................................................................................	162
HP Lights-Out directory package........................................................................................	163
Using HPLOMIG..............................................................................................................	163
Finding management processors...................................................................................	163
Upgrading firmware on management processors.............................................................	165
Selecting a directory access method..............................................................................	166
Naming management processors..................................................................................	167
Configuring directories when HP Extended schema is selected..........................................	168
Configuring directories when schema-free integration is selected........................................	169
Setting up management processors for directories............................................................	170
Directory services schema......................................................................................................	171
HP Management Core LDAP OID classes and attributes........................................................	171
Core classes...............................................................................................................	172
Core attributes............................................................................................................	172
Core class definitions...................................................................................................	172
hpqTarget..............................................................................................................	172
hpqRole................................................................................................................	172
hpqPolicy..............................................................................................................	173

Contents 7

	Core attribute definitions..............................................................................................	173
	hpqPolicyDN.........................................................................................................	173
	hpqRoleMembership...............................................................................................	173
	hpqTargetMembership............................................................................................	173
	hpqRoleIPRestrictionDefault......................................................................................	173
	hpqRoleIPRestrictions...............................................................................................	174
	hpqRoleTimeRestriction............................................................................................	174
Lights-Out Management specific LDAP OID classes and attributes...........................................		175
	Lights-Out Management classes.....................................................................................	175
	Lights-Out Management attributes..................................................................................	175
	Lights-Out Management class definitions........................................................................	175
	hpqLOMv100........................................................................................................	175
	Lights-Out Management attribute definitions....................................................................	175
	hpqLOMRightLogin.................................................................................................	175
	hpqLOMRightRemoteConsole...................................................................................	176
	hpqLOMRightVirtualMedia......................................................................................	176
	hpqLOMRightServerReset.........................................................................................	176
	hpqLOMRightLocalUserAdmin..................................................................................	176
	hpqLOMRightConfigureSettings................................................................................	177
6 HP Systems Insight Manager integration....................................................		178
Integrating iLO 2 with HP SIM................................................................................................		178
HP SIM functional overview....................................................................................................		178
Establishing SSO with HP SIM................................................................................................		178
HP SIM identification and association......................................................................................		179
HP SIM status..................................................................................................................		179
HP SIM links....................................................................................................................		179
HP SIM systems lists..........................................................................................................		180
Receiving SNMP alerts in HP SIM...........................................................................................		180
HP SIM port matching...........................................................................................................		181
Reviewing Advanced Pack license information in HP SIM...........................................................		181
7 Troubleshooting iLO 2.............................................................................		182
iLO 2 POST LED indicators.....................................................................................................		182
Event log entries...................................................................................................................		183
Hardware and software link-related issues................................................................................		186
JVM	support........................................................................................................................	186
Login	issues.........................................................................................................................	187
Login name and password not accepted.............................................................................		187
Directory user premature logout.........................................................................................		187
iLO 2 Management Port not accessible by name..................................................................		187
iLO 2 RBSU unavailable after iLO 2 and server reset.............................................................		188
Inability to access the login page.......................................................................................		188
Inability to access iLO 2 using Telnet..................................................................................		188
Inability to access virtual media or graphical remote console.................................................		188
Inability to connect to iLO 2 after changing network settings..................................................		188
Inability to connect to the iLO 2 Diagnostic Port...................................................................		188
Inability to connect to the iLO 2 processor through the NIC...................................................		189
Inability to log in to iLO 2 after installing the iLO 2 certificate................................................		189
Firewall issues.................................................................................................................		189
Proxy server issues...........................................................................................................		190
Two-factor authentication error...........................................................................................		190
Troubleshooting alert and trap issues.......................................................................................		190
Inability to receive HP SIM alarms (SNMP traps) fromiLO 2....................................................		191
iLO 2 Security Override switch...........................................................................................		191
Authentication code error message.....................................................................................		191

8Contents

Troubleshooting directory issues..............................................................................................	191
Domain/name format login issues......................................................................................	191
ActiveX controls are enabled and I see a prompt but the domain/name login format does not
work..............................................................................................................................	192
User contexts do not appear to work..................................................................................	192
Directory user does not logout after the directory timeout has expires......................................	192
Troubleshooting Remote Console issues...................................................................................	192
Remote Console applet has a red X when running Linux client browser....................................	192
Inability to navigate the single cursor of the Remote Console to corners of the Remote Console
window..........................................................................................................................	192
Remote Console no longer opens on the existing browser session...........................................	193
Remote console text window not updating properly..............................................................	193
Remote Console turns gray or black...................................................................................	193
Remote Serial Console troubleshooting...............................................................................	193
Troubleshooting Integrated Remote Console issues....................................................................	194
Internet Explorer 7 and a flickering remote console screen.....................................................	194
Configuring Apache to accept exported capture buffers........................................................	194
No console replay while server is powered down.................................................................	195
Skipping information during boot and fault buffer playback...................................................	195
Out of Memory error starting Integrated Remote Console......................................................	195
Session leader does not receive connection request when IRC is in replay mode.......................	195
Keyboard LED does not display correctly.............................................................................	195
Inactive IRC.....................................................................................................................	196
IRC Failed to connect to server error message......................................................................	196
IRC toolbar icons do not update........................................................................................	196
GNOME interface does not lock........................................................................................	197
Repeating keys on the Remote Console...............................................................................	197
Remote Console playback does not work when the host server is powered off..........................	197
Troubleshooting SSH and Telnet issues.....................................................................................	197
Initial PuTTY input slow.....................................................................................................	197
PuTTY client unresponsive with Shared Network Port.............................................................	197
SSH text support from a Remote Console session..................................................................	197
Troubleshooting terminal services issues...................................................................................	197
Terminal Services button is not working...............................................................................	197
Terminal Services proxy stops responding............................................................................	198
Troubleshooting video and monitor issues................................................................................	198
General guidelines...........................................................................................................	198
Telnet displays incorrectly in DOS......................................................................................	198
Video applications not displaying in the Remote Console......................................................	198
User interface is not displaying correctly.............................................................................	198
Troubleshooting Virtual Media issues.......................................................................................	198
Virtual Media applet has a red X and does not display.........................................................	199
Virtual Floppy media applet is unresponsive........................................................................	199
Troubleshooting iLO Video Player issues...................................................................................	199
Video capture file does not play........................................................................................	199
Video capture file plays erratically......................................................................................	199
Troubleshooting Remote Text Console issues.............................................................................	199
Viewing the Linux installer in the text console.......................................................................	199
Passing data through an SSH terminal................................................................................	199
Troubleshooting miscellaneous issues.......................................................................................	199
Cookie sharing between browser instances and iLO 2..........................................................	199
Shared instances.........................................................................................................	200
Cookie order behavior.................................................................................................	200
Displaying the current session cookie.............................................................................	201
Preventing cookie-related user issues..............................................................................	201

Contents 9

Inability to access ActiveX downloads.................................................................................	201
Inability to get SNMP information from HP SIM....................................................................	201
Incorrect time or date of the entries in the event log..............................................................	201
Inability to upgrade iLO 2 firmware....................................................................................	201
Diagnostic steps..........................................................................................................	202
iLO 2 network flash recovery.............................................................................................	202
Recovering from a bad iLO 2 flash image using network flash recovery...................................	202
Recovering from a bad iLO 2 flash image using the HP Smart Update Firmware DVD...............	203
The iLO 2 firmware does not respond to SSL requests............................................................	204
Testing SSL......................................................................................................................	204
Resetting iLO 2................................................................................................................	204
Server name still present after ERASE utility is executed.........................................................	204
Troubleshooting a remote host...........................................................................................	205
8 Technical support...................................................................................	206
Support information..............................................................................................................	206
HP contact information..........................................................................................................	207
Before you contact HP...........................................................................................................	207
Acronyms and abbreviations.......................................................................	208
Index.......................................................................................................	211

10 Contents

1 Overview

The iLO 2 firmware provides multiple ways to configure, update, and operate servers remotely. The HP Integrated Lights-Out 2 User Guide describes these features and how to use them with the browser-based interface and RBSU. Some features are licensed features and may only be accessed after purchasing an optional license. For more information, see “Licensing” (page 26).

The HP Integrated Lights-Out Management Processor Scripting and Command Line Resource Guide describes the syntax and tools available to use iLO 2 through a command-line or scripted interface. Click the link for the guide http://h20000.www2.hp.com/bizsupport/TechSupport/ DocumentIndex.jsp?contentType=SupportManual&lang=en&cc=us&docIndexId=64179& taskId=135&prodTypeId=18964&prodSeriesId=1146658.

This manual discusses HP Integrated Lights-Out 2 firmware version 2.09 for ProLiant ML/DL servers, as well as ProLiant BladeSystem server blades.

New in this release of iLO 2

The iLO 2 firmware version 2.09 adds:

•iLO 2 Enhanced CLI prompt and Virtual Serial Port Log

•Support for SUSE Linux 10 and 11 (32– and 64–bit)

iLO 2 Overview

The iLO 2 firmware can remotely perform most functions that otherwise require a visit to servers at the data center, computer room, or remote location. The following are just a few of the iLO 2 features.

•Remote Console and virtual power – Enables you to view a stalled remote server with blue screen conditions and restart the server without onsite assistance.

•Remote Console – Enables you to change BIOS settings when necessary.

•Virtual KVM technology – Provides a high-performance remote console that enables you to remotely administer operating systems and applications in everyday situations.

•Virtual CD/DVD or floppy – Enables you to install an operating system or flash system firmware over the network from images on your workstations or on centralized web servers.

•Virtual Folder – Enables you to update operating system drivers or copy system files without physical media or creating a disk image.

•Scripting – Enables you to use virtual power and virtual media in other scripting tools to automate deployment and provisioning.

•Active participation in monitoring and maintaining server health, referred to as embedded health. iLO 2 monitors temperatures in the server and sends corrective signals to the fans to maintain proper server cooling. In addition to temperature monitoring, iLO 2 provides fan status monitoring and monitoring of the status of the power supplies, voltage regulators, and the internal hard drives.

These examples are just a few ways iLO 2 is used to manage HP ProLiant servers from your office, home, or travel location. As you begin using iLO 2 and defining your specific infrastructure requirements, refer to this guide for additional ways to simplify your remote server management needs.

For information about the features available in each version of iLO 2, see “Licensing” (page 26).

New in this release of iLO 2 11

Differences between iLO 2 and iLO

The iLO 2 firmware is based on the iLO and shares many common features. However, to use iLO 2 to access a pre-operating system, text-based remote console, you must use the remote serial console. For more information, see “Text-based remote console overview” (page 95).

The following table highlights the differences between iLO 2 and iLO.

Feature	iLO 2	iLO
Standard features
Text console	Pre-OS	Pre-OS and OS
Remote Serial Console (virtual serial	Pre-OS and OS	Pre-OS and OS
port)
Server health monitoring and	Yes	No
maintenance
Advanced features
Text console	Pre-OS and OS	Pre-OS and OS
Remote console	Yes (Virtual KVM )	Yes
Integrated Remote Console	Yes	No
Support for Microsoft JVM	Yes	No
Remote Console Acquire button	Yes	Yes
Terminal Services integration	Yes	Yes
HP schema directory integration	Yes	Yes
Schema-free directory integration	Yes	Yes
Two-factor authentication	Yes	Yes
Power Regulator reporting	Yes	Yes
Virtual Floppy and CD/DVD-ROM	Yes	Yes
USB key virtual media	Yes	Yes
Virtual folder	Yes	No

HP Insight Control server deployment

HP Insight Control server deployment integrates with iLO 2 to enable the management of remote servers and the performance of remote console operations, regardless of the state of the operating system or hardware.

The deployment server provides the capability to use the power management features of iLO 2 to power on, power off, or cycle power on the target server. Each time a server connects to the deployment server, the deployment server polls the target server to determine whether a LOM management device is installed. If installed, the server gathers information including the DNS name, IP address, and user login name. Security is maintained by requiring the user to enter a correct password.

For more information about the HP Insight Control server deployment, see the documentation that ships on the HP Insight Software DVD, or the HP Insight Control webpage at http://www.hp.com/ go/insightcontrol.

12 Overview

Server management through IPMI version 2.0 compliant applications

Server management through the IPMI is a standardized method for controlling and monitoring the server. iLO 2 provides server management based on the IPMI version 2.0 specification.

The IPMI specification defines a standardized interface for platform management. The IPMI specification defines the following types of platform management:

•Monitoring of system information, such as fans, temperatures, and power supplies

•Recovery capabilities, such as system resets and power on/off operations

•Logging capabilities, for abnormal events such as over temperature readings or fan failures

•Inventory capabilities, such as identifying failed hardware components

IPMI communications are dependent on the BMC and the SMS. The BMC manages the interface between the SMS and the platform management hardware. iLO 2 emulates the BMC functionality and the SMS functionality can be provided by various industry-standard tools. For additional information, see the IPMI specification on the Intel website at http://www.intel.com/design/servers/ ipmi/tools.htm.

The iLO 2 firmware provides the KCS interface, or open interface, for SMS communications. The KCS interface provides a set of I/O mapped communications registers. The default system base address for the I/O mapped SMS Interface is 0xCA2 and is byte aligned at this system address.

The KCS interface is accessible to SMS software that is running on the local system. Examples of compatible SMS software applications include:

•IPMI version 2.0 Command Test Tool is a low-level MS-DOS command line tool that enables hex-formatted IPMI commands to be sent to an IPMI BMC that implements the KCS interface. You can locate this tool on the Intel website at http://www.intel.com/design/servers/ipmi/ tools.htm.

•IPMItool is a utility for managing and configuring devices that support the IPMI version 1.5 and version 2.0 specifications and can be used in a Linux environment. You can locate this tool on the IPMItool website at http://ipmitool.sourceforge.net/index.html.

IPMI functionality provided by iLO 2

When emulating a BMC for the IPMI interface, iLO 2 supports all mandatory commands listed in the IPMI version 2.0 specification. See the IPMI version 2.0 specification for a listing of these commands. Also, the SMS uses the methods described in the specification for determining which IPMI features are enabled or disabled in the BMC (for example, using the Get Device ID command).

If the server operating system is running and the health driver is enabled, any IPMI traffic through the KCS interface can affect the performance of the health driver and overall health performance of the system. Do not issue any IPMI commands through the KCS interface that might detrimentally affect the monitoring performed by the health driver. These commands include any commands that sets or changes IPMI parameters, such as Set Watchdog Timer and Set BMC Global Enabled. Any IPMI command that simply returns data is safe to use, such as Get Device ID and Get Sensor Reading.

WS-Management compatibility overview

The iLO 2 firmware implementation of WS-Management is in accordance with the DTMF Web Services for Management 1.0.0a specification.

iLO 2 Overview 13

Authentication:

•The iLO 2 firmware uses basic authentication over SSL, compliant with profile: wsman:secprofile/https/basic.

•Authenticated users are authorized to execute WS-Management commands in accordance with designated privileges in their local or directory accounts.

•To enable basic authentication on Windows Vista, enter gpedit.msc at the command prompt to launch the Group Policy Object Editor. Select Computer Configuration> Administrative Templates> Windows Components> Windows Remote Management (WinRM)> WinRM Client. Set Allow Basic authentication to Enabled.

Compatibility:

•WS-Management in iLO 2 is compatible with the Windows Vista WinRM utility, Microsoft Operations Manager 3, and the Management Pack provided by HP.

•The full set of WS-Management commands is available on iLO 2 servers that support embedded system health. A greatly reduced subset of these commands is available on servers without embedded systems health support.

Commands:

The following commands are available for remote invocation of the following devices:

•Server power

•UID

Status:

The WS-Management in iLO 2 returns status information for fans, temperatures, power supplies, and VRMs.

iLO 2 browser interface overview

The iLO 2 browser interface groups similar tasks for easy navigation and workflow. These tasks are organized under high-level tabs across the top of the iLO 2 interface. These tabs appear on the browser interface and include System Status, Remote Console, Virtual Media, Power Management, and Administration.

Each high-level iLO 2 tab has a menu on the left side of the interface with various options. When you select a different high-level tab, the menu changes, and displays the options available from that tab. Each menu option displays a page title, which is a description of the information or settings available on that page. This page title might not reflect the name that appears on the menu option.

Assistance for all iLO 2 pages is available from iLO 2 Help. Links on each iLO 2 page provide summary information about the features of iLO 2 and helpful information to optimize its operation. To access page-specific help, click the question mark (?) on the right side of the browser window.

Typical user tasks are found under the System Status, Remote Console, Virtual Media, and Power Management tabs of the iLO 2 interface. These tasks are described in “Using iLO 2” (page 74).

The Administration tab is typically used by an advanced or administrative user who must manage users, configure global and network settings, as well as configure or enable the more advanced functions of iLO 2. These tasks are discussed in “Setting up iLO 2” (page 17) and “Configuring iLO 2” (page 24).

Subject-specific areas of iLO 2 functionality and integration are detailed in:

•“Directory services” (page 130)

•“Directory-enabled remote management” (page 156)

•“HPLOMIG directory migration utility” (page 162)

•“HP Systems Insight Manager integration” (page 178)

14 Overview

•“Troubleshooting iLO 2” (page 182)

•“Directory services schema” (page 171)

Supported browsers and client operating systems

•Microsoft Internet Explorer 7, Internet Explorer 8, Internet Explorer 9

◦These browsers are supported on Microsoft Windows products.

◦HP supports Microsoft JVM and SUN Java 1.4.2_13. To download the recommended JVM for your system configuration, see the website at http://h18006.www1.hp.com/ products/servers/management/ilo_table.html?jumpid=reg_r1002_usen.

•Mozilla Firefox versions 8, 9, and 10

◦This browser is supported on Red Hat Enterprise Linux Desktop 4 and Novell Linux Desktop 9.

◦HP supports Microsoft JVM and SUN Java 1.4.2_13. To download the recommended JVM for your system configuration, see the HP website at http://h18006.www1.hp.com/ products/servers/management/ilo_table.html?jumpid=reg_r1002_usen.

Certain browsers and operating system combinations might not work correctly, depending on the implementation of the required browser technologies.

Supported server operating system software

iLO 2 is an independent microprocessor running an embedded operating system. The architecture ensures that the majority of iLO 2 functionality is available, regardless of the host operating system.

For graceful host operating system shutdown, HP SIM integration requires health drivers and Management Agents or remote console access.

iLO 2 provides two interface drivers:

•The iLO 2 Advanced Server Management Controller Driver (health driver) – Provides system management support, including monitoring of server components, event logging, and support for the Management Agents.

•The iLO 2 Management Interface Driver – Enables system software and SNMP Insight Agents to communicate with iLO 2.

These drivers and agents are available for the following network operating systems:

•Microsoft

◦Windows 2008 Server

◦Windows 2008 Advanced Server

◦Windows Server 2003

◦Windows Server 2003, Web Edition

◦Windows Small Business Server 2003 (ML300 series)

◦Windows Vista

•Red Hat

◦RedHat Enterprise Linux 3 (x86)

◦RedHat Enterprise Linux 3 (AMD64/EM64T)

◦RedHat Enterprise Linux 4 (x86)

iLO 2 browser interface overview 15

◦RedHat Enterprise Linux 4 (AMD64/EM64T)

◦RedHat Enterprise Linux 5 (x86)

◦RedHat Enterprise Linux 5 (AMD64/EM64T)

•SUSE LINUX

◦SUSE LINUX Enterprise Server 9 (x86)

◦SUSE LINUX Enterprise Server (AMD64/EM64T)

◦SUSE LINUX Enterprise Server 10

◦SUSE LINUX 10 (32– and 64–bit)

◦SUSE LINUX 11 (32– and 64–bit)

16 Overview

2 Setting up iLO 2

Quick setup

To quickly set up iLO 2 by using the default settings for iLO 2 Standard and iLO Advanced features, follow these steps:

1.To decide how you want to structure networking and security, see“Preparing to set up iLO 2” (page 17)

2.To connect iLO 2 to the network, see “Connecting to the network” (page 18).

3.If you are not using dynamic IP addressing to configure a static IP address, use the iLO 2 RBSU. See “Configuring the IP address” (page 19).

4.To log into iLO 2 from a supported browser or command line using the default user name, password, and DNS name provided on the iLO 2 Network Settings tag attached to the server, see “Logging in to iLO 2 for the first time” (page 20).

5.Change the default user name and password on the administrator account to your predefined selections.

6.To use the local accounts feature, set up your user accounts, see “Setting up user accounts” (page 20).

7.To activate iLO 2 advanced features, see “Activating iLO 2 licensed features with a browser” (page 21).

8.To install the iLO 2 device drivers, see “Installing iLO 2 device drivers” (page 21).

Preparing to set up iLO 2

Before setting up your iLO 2 management processors, you must decide how to handle networking and security. The following questions can help you configure iLO 2 for your needs:

1.How should iLO 2 connect to the network?

For a graphical representation and explanation of the available connections, see “Connecting to the network” (page 18). Typically iLO 2 is connected to the network using either:

•A corporate network where both the NIC and the iLO 2 port are connected to the corporate network. This connection enables access to iLO 2 from anywhere on the network and reduces the amount of networking hardware and infrastructure required to support iLO 2. However, on corporate networks, network traffic can impede iLO 2 performance.

•A dedicated management network with the iLO 2 port on a separate network. A separate network improves performance and security because you can physically control which workstations are connected to the network. A separate network also provides redundant access to the server when a hardware failure occurs on the corporate network. In this configuration, iLO 2 cannot be accessed directly from the corporate network.

2.How will iLO 2 acquire an IP address?

To access iLO 2 after connecting it to the network, the management processor must acquire an IP address and subnet mask using either a dynamic or static process:

•Dynamic IP address is set by default. iLO 2 obtains the IP address and subnet mask from DNS/DHCP servers. This method is the simplest.

•Static IP address is used to configure a static IP address if DNS/DHCP servers are not available on the network. A static IP address can be configured in iLO 2 using the RBSU.

If using a static IP, you must have an IP address before starting iLO 2 setup.

Quick setup 17

3.What access security is required and what user accounts and privileges are needed?

The iLO 2 firmware provides several options to control user access. You must select one of the following methods to prevent unauthorized access to corporate IT assets:

•Local accounts with up to 12 user names and passwords can be stored on iLO 2. This is ideal for small environments such as labs and smalland medium-sized businesses.

•Directory services use the corporate directory (Microsoft Active Directory or Novell eDirectory) to manage iLO 2 user access. This is ideal for environments with a large number of frequently changing users. If you plan to use Directory services leave at least one local account enabled for alternate access. For more information, see “Security” (page 41).

4.How do you want to configure iLO 2?

The iLO 2 firmware supports various interfaces for configuration and operation. This guide discusses the following interfaces:

•Using iLO 2 RBSU when the system environment does not use DHCP, DNS, or WINS. For more information, see “Setting up iLO 2 using iLO 2 RBSU” (page 20).

•Using a browser-based setup when you can connect to iLO 2 on the network using a browser. This method can also reconfigure a previously configured iLO 2. For more information, see “Setting up iLO 2 with the browser-based option” (page 21).

•Using SMASH CLP when a command line is accessible through Telnet, SSH, or physical serial port. For more information, see the HP Integrated Lights-Out Management Processor Scripting and Command Line Resource Guide at http://h20000.www2.hp.com/ bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManual&lang=en& cc=us&docIndexId=64179&taskId=135&prodTypeId=18964&prodSeriesId=1146658.

The iLO 2 default settings enable you to use most features with no additional configuration. However, the extensive configuration flexibility of iLO 2 enables customization for multiple enterprise environments. For all available options, see “Configuring iLO 2” (page 24).

For advanced setup of multiple iLO 2 management processors using scripting commands, the following methods are available. Scripts are text files written in an XML-based scripting language called RIBCL. You can use RIBCL scripts to configure iLO 2 on the network, during initial deployment, or from an already deployed host. Each method is described in the HP Integrated Lights-Out Management Processor Scripting and Command Line Resource Guide at http:// h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManual& lang=en&cc=us&docIndexId=64179&taskId=135&prodTypeId=18964&prodSeriesId=1146658

•CPQLOCFG is a Microsoft Windows utility that sends RIBCL scripts to iLO 2 over the network.

•HPONCFG is a local, online, and scripted setup utility that runs on the host and passes RIBCL scripts to the local iLO 2 firmware. This utility has Windows and Linux versions, which require the iLO 2 Management Interface Driver.

•Perl is a scripting language that you use from Linux clients to send RIBCL scripts to the iLO 2 firmware over the network.

Connecting to the network

Typically, iLO 2 is connected to the network in one of two ways:

•Corporate network, where both ports are connected to the corporate network. In this configuration, the server has two network ports (one server NIC, and one iLO 2 NIC) connected to a corporate network.

18 Setting up iLO 2

•Dedicated management network, where the iLO 2 port is on a separate network.

Configuring the IP address

This step is necessary only if you are using a static IP address. When using dynamic IP addressing, your DHCP server automatically assigns an IP address for iLO 2. To simplify installation, HP recommends using DNS or DHCP with iLO 2.

To configure a static IP address, use the iLO 2 RBSU with the following procedure to disable DNS and DHCP and configure the IP address and the subnet mask:

1.Restart or power the server on.

2.Press the F8 key when prompted during POST. The iLO 2 RBSU runs.

3.Select Network>DNS/DHCP, press the Enter key, and then select DHCP Enable.

4.Press the spacebar to turn off DHCP. Be sure that DHCP Enable is set to Off, and then save the changes.

5.Select Network>NIC>TCP/IP, press the Enter key, and then enter the appropriate information in the IP Address, Subnet Mask, and Gateway IP Address fields.

6.Save the changes.

7.Exit iLO 2 RBSU. The changes take effect when you exit iLO 2 RBSU.

Configuring the IP address

Logging in to iLO 2 for the first time

The iLO 2 firmware is configured with a default user name, password, and DNS name. Default user information is located on the iLO 2 Network Settings tag attached to the server containing the iLO 2 management processor. Use these values to access iLO 2 remotely from a network client using a standard Web browser.

For security reasons, HP recommends changing the default settings after logging in to iLO 2 for the first time.

The default values are:

•User name – Administrator

•Password – A random, eight-character, alphanumeric string

•DNS Name – ILOXXXXXXXXXXXX

where XXXXXXXXXXXX represents the serial number of the server

NOTE: User names and passwords are case sensitive.

If you enter an incorrect user name and password, or a log in attempt fails, then iLO 2 imposes a security delay. For more information on login security, see “Login security” (page 44).

Setting up user accounts

The iLO 2 firmware comes preconfigured with default factory settings, including a default user account and password. For security reasons, HP recommends changing the default settings after logging in to iLO 2 for the first time. These changes can be made using any of the iLO 2 user interfaces. RBSU and browser procedures are explained in this user guide. Other options including the SMASH CLP and scripting methods are described in the HP Integrated Lights-Out Management Processor Scripting and Command Line Resource Guide at http://h20000.www2.hp.com/ bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManual&lang=en&cc=us& docIndexId=64179&taskId=135&prodTypeId=18964&prodSeriesId=1146658.

If iLO 2 is connected to a network running DNS or DHCP, you can use it immediately without changing any settings.

Setting up iLO 2 using iLO 2 RBSU

HP recommends that you use the iLO 2 RBSU to initially set up iLO 2 and configure iLO 2 network parameters for environments that do not use DHCP and DNS, or WINS. RBSU provides the basic tools to configure iLO 2 network settings and user accounts to get iLO 2 on the network.

You can use RBSU to configure network parameters, global settings, and user accounts. The iLO 2 RBSU is not intended for continued administration. RBSU is available every time the server is booted and can be run remotely using the iLO 2 Remote Console.

The iLO 2 RBSU can be disabled in the Global Settings preferences. Disabling iLO 2 RBSU prevents reconfiguration from the host unless the iLO 2 Security Override Switch is set.

To run iLO 2 RBSU to set up local accounts:

1.Restart or power the server on.

2.Press the F8 key when prompted during POST. The iLO 2 RBSU runs.

3.If prompted, enter a valid iLO 2 user ID and password with the appropriate iLO 2 privileges (Administer User Accounts>Configure iLO 2 Settings). Default account information is located on the iLO 2 Default Network Settings tag attached to the server containing the iLO 2 management processor. If iLO 2 has not been configured to present a login challenge to the RBSU, then no prompt appears.

4.Make and save any necessary changes to the iLO 2 configuration.

5.Exit iLO 2 RBSU.

20 Setting up iLO 2

Setting up iLO 2 with the browser-based option

If you can connect to iLO 2 on the network with a browser, then use the browser-based setup method. You can also use this method to reconfigure a previously configured iLO 2.

Access iLO 2 from a remote network client using a supported browser, and provide the default DNS name, user name, and password. Default DNS name and account information is located on the iLO 2 Network Settings tag attached to the server containing the iLO 2 management processor.

When you successfully log onto iLO 2, you can change the default values of the local user accounts by selecting User Administration under the iLO 2 Administration tab.

Activating iLO 2 licensed features with a browser

The Licensing page enables you to view the current license status and enter a key to activate iLO 2 license features. The iLO 2 version and current license information appears in this section. If a license is installed (including an evaluation license), the license number appears. For more information about iLO 2 license options, see “Licensing” (page 26).

1.Log into iLO 2 through a supported browser.

2.To display the iLO 2 license activation screen, click Administration>Licensing.

3.Enter the license key. To move between fields, press the Tab key or click inside a field. The Activation Key field advances automatically as you enter data. To clear the fields and reload the page, click Licensing.

4.Click Install. The EULA confirmation appears. The EULA details are available on the HP website at http://www.hp.com/servers/lights-out and with the license kit.

5.Click OK.

The advanced features of iLO 2 are now enabled.

Installing iLO 2 device drivers

The iLO 2 Management Interface Driver enables system software such as SNMP Insight Agents and the Terminal Services passthrough service to communicate with iLO 2.

The device drivers required to support iLO 2 are part of the PSP located on the SmartStart CD, Management CD, or on the HP website at http://www.hp.com/servers/lights-out.

All the support drivers for your server and iLO 2 can be downloaded from the HP website at http:// www.hp.com/servers/lights-out.

To download the drivers:

Activating iLO 2 licensed features with a browser

1.Click the iLO 2 graphic.

2.Select Software and Drivers.

Microsoft device driver support

The device drivers that support the iLO 2 are part of the PSP that is located on the HP website at http://www.hp.com/support or on the SmartStart CD. Before you install the Windows drivers, obtain the Windows documentation and the latest Windows Service Pack.

iLO 2 prerequisite files:

•CPQCIDRV.SYS – Provides the iLO 2 Management Interface Driver support.

•CPQASM2.SYS, SYSMGMT.SYS, and SYSDOWN.SYS – Provide the iLO 2 Advanced Server Management Controller Driver support.

PSP for Microsoft Windows products includes an installer that analyzes system requirements and installs all drivers. The PSP is available on the HP website at http://www.hp.com/support or on the SmartStart CD.

To install the drivers in the PSP:

1.Download the PSP from the HP website at http://www.hp.com/support.

2.Run the SETUP.EXE file included in the download, and then follow the installation instructions.

For additional information about the PSP installation, read the text file included in the PSP download.

Linux device driver support

You can download the LSP files containing the iLO 2 driver, the foundation agents, and health agents from the HP website at http://www.hp.com/support. The instructions on how to install or update the iLO 2 driver are available on the website. The HP Management Agents for Linux are:

•RPM package (hp-snmp-agents) combines the health driver, IML viewer, foundation agents, health agent, and standard equipment agent into one package.

•RPM package (hp-iLO) combines the RIB driver, rack daemon, RIB agent, and rack agent into one package.

To load the health and iLO 2 driver packages, enter the following commands:

rpm -ivh hp-snmp-agents-d.vv.v-pp.Linux_version.i386.rpm

rpm -ivh hp-iLO-d.vv.v-pp.Linux_version.i386.rpm

where:

d is the Linux distribution and version

vv.v-pp are version numbers

To remove the health and iLO 2 drivers, enter the following commands:

rpm -e hp-snmp-agents

rpm -e hp-iLO

For additional information, see the HP Software and Drivers website at http://www.hp.com/ support.

Novell NetWare device driver support

The device drivers required to support iLO 2 are part of the PSP that is located on the SmartStart CD and the HP website at http://www.hp.com/support. The PSP for Novell NetWare includes an installer that analyzes system requirements and installs all drivers.

iLO 2 requires the following files:

•The CPQHLTH.NLM file provides the Health Driver for Novell NetWare.

•The CPQCI.NLM file provides iLO 2 Management Interface Driver support.

22 Setting up iLO 2

When updating iLO 2 drivers, be sure iLO 2 is running the latest version of iLO 2 firmware. You can obtain the latest version as a Smart Component from the HP website at http://www.hp.com/ servers/lights-out.

Install the drivers download the PSP from the HP website at http://www.hp.com/support to a NetWare server. After downloading the PSP, follow the Novell NetWare component installation instructions to complete the installation. For additional information about the PSP installation, read the text file included in the PSP download.

When using Novell NetWare 6.X, use the ATI ES1000 video driver that is provided by the operating system for best results.

Installing iLO 2 device drivers 23

3 Configuring iLO 2

iLO 2 configuration overview

Typically, an advanced or administrative user who must manage users and configure global and network settings configures iLO 2. You can configure iLO 2 using the iLO 2 browser-based GUI or scripting tools such as CPQLOCFG and HPONCFG (described in the HP Integrated Lights-Out Management Processor Scripting and Command Line Resource Guide at http:// h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManual& lang=en&cc=us&docIndexId=64179&taskId=135&prodTypeId=18964&prodSeriesId=1146658.

The iLO 2 Administration tab enables you to configure and manage user settings, SNMP alerting (through integration with HP SIM), security settings, licensing, certificate administration, directory settings, and network environment settings. The Administration tab includes the following menu options:

•iLO 2 Firmware. See“Upgrading iLO 2 firmware” (page 24).

•Licensing. See “Licensing” (page 26).

•User Admininstration. See “User administration” (page 28)

•Settings

◦ Access. See “Configuring iLO 2 access” (page 33)

◦

Security. See “Security” (page 41)

Network. See “Network” (page 60)

Management. See “SNMP/Insight Manager settings” (page 65)

Upgrading iLO 2 firmware

Firmware upgrades enhance the functionality of iLO 2. You can find the latest firmware on the HP website at http://www.hp.com/servers/lights-out. Select your iLO 2 product, and then select Software & Drivers. After the software and drivers page appears, select your iLO 2 product and operating system, and then click Locate Software. You can also locate your iLO 2 software by selecting the Operating System and Category options.

You must have the Configure iLO 2 privilege (configure local device settings) to update the firmware unless, you set the security override switch. For more information, see “iLO 2 Security Override Switch administration” (page 42). If the security override switch is set, any iLO 2 user can update the firmware. You must run firmware updates from an Administrator or root context on the host operating system.

To update the iLO 2 choose one of the following methods:

•Online firmware update – Download the appropriate operating system component and run it from the Administrator or root context of the operating system. The online firmware update software runs on the host operating system and updates the iLO 2 firmware without requiring you to log in to iLO 2.

•Offline firmware update for SmartStart maintenance – Download the iLO 2 firmware image file you plan to install, and see “Upgrading iLO 2 with a browser” (page 25).

•Firmware Maintenance CD-ROM – Download the component to create a bootable CD that contains many firmware updates for ProLiant servers and options.

•Scripting with CPQLOCFG – Download the CPQLOCFG component to get the network-based scripting utility CPQLOCFG. CPQLOCFG enables you to use RIBCL scripts that perform firmware

24 Configuring iLO 2

updates, iLO 2 configuration, and iLO 2 operations in bulk, securely over the network. HP recommends that Linux users review the HP Lights-Out XML PERL Scripting Samples for Linux.

•Scripting with HPONCFG – Download the HPONCFG component to get the host-based scripting utility HPONCFG. This utility enables you to use RIBCL scripts that perform firmware updates, Lights-Out processor configuration and operations in bulk, from Administrator or root account access on supported host operating systems.

•HP Directories Support for Management Processors – Download the HP Directories Support for Management Processors executable file to get the directory support components. One of the components, HPLOMIG, can be used to discover iLO 2 processors, and update the firmware. You do not have to use directory integration to take advantage of this functionality.

Upgrading iLO 2 with a browser

You can complete the firmware upgrade from any network client using a supported browser. You must have the Update iLO 2 Firmware privilege to upgrade the iLO 2 firmware. The most recent firmware for iLO 2 is available on the HP website at http://www.hp.com/servers/lights-out. To upgrade the iLO 2 firmware using a supported browser:

1.Log in to iLO 2 with an account that has the Configure iLO 2 Settings privilege.

2.Click Administration>Upgrade iLO 2 Firmware. The Upgrade iLO 2 Firmware page appears.

3.Enter the file name in the New firmware image field or browse for the file.

4.Click Send firmware image. The firmware upgrade takes a few minutes. A progress bar displays the progress of the firmware upgrade.

Do not interrupt an Upgrade iLO 2 Firmware session. The iLO 2 system automatically resets after a successful firmware upgrade. The iLO 2 system reset does not affect the host operating system and server.

If the firmware upgrade is interrupted or fails, attempt the upgrade again immediately. Do not reset the iLO 2 system before reattempting a firmware upgrade.

Updating the firmware using the maintenance CD

To use HP Smart Update Manager on the Firmware Maintenance CD:

1.Place the Firmware Maintenance CD on a USB key using the USB Key Creator Utility.

2.Copy CP009768.exe to the /compaq/swpackages directory on the USB Key.

3.Follow HP Smart Update Manager steps to complete firmware update.

Upgrading iLO 2 firmware 25

Recovering from a failed iLO 2 firmware update

To recover from a failed firmware update using the HP Drive Key Boot Utility:

1.Copy the iLO 2 offline flash component to your USB drive key.

2.Verify that the iLO 2 security override switch is set to disabled.

3.Boot the USB drive key containing the iLO 2 flash component.

To download the HP Drive Key Boot Utility and for information on how to create a boot USB key, see the HP website at http://www.hp.com/go/support.

4.After the first screen displays, switch to text console by pressing the Ctrl+Alt+F1 keys.

5.Switch to the directory where the flash component is stored by entering cd /mnt/usb/components/ at the # prompt.

6.Remove the loaded HP Lights-Out driver by entering the following commands:

/etc/init.d/hp-snmp-agents stop /etc/init.d/hp-ilo stop

/etc/init.d/hpasm stop

7.Run the component using the - -direct option. For example:

./CP00xxxx.scexe – –direct

8.Enter y at the Continue (y/n)? prompt.

9.After programming is successfully completed, set the security override switch to enabled and reboot the server.

Downgrading the iLO 2 firmware

If you downgrade the iLO 2 firmware, you must remove the iLO 2 1.30 Remote Console ActiveX applet 1.3.0.19 from your Internet Explorer client browser. To remove the applet:

1.Open Internet Explorer.

2.Select Tools>Internet Options>Settings>View objects.

3.To remove 1.30.19, right-click iLO2 Remote console 1.3.0.18.

Licensing

HP iLO Advanced Pack and HP iLO Advanced Pack for Blade System licenses activate optional iLO 2 features that are not bundled with an unlicensed system.

If you purchase the iLO Advanced Pack or the iLO Advanced Pack for BladeSystem with any Insight Control software suite or iLO Power Management Pack, HP provides Technical Support and Update Services. For more information, see “Support information” (page 206).

If you purchase the iLO Advanced Pack or the iLO Advanced Pack for Blade System as a one-time activation of licensed features, you must purchase future functional upgrades. For more information, see “Support information” (page 206).

One iLO Advanced or iLO Advanced Pack for Blade System license is required for each server on which the product is installed and used. Licenses are nontransferable. You cannot license an HP ProLiant ML/DL server with an iLO Advanced for BladeSystem. For additional information, see the EULA.

HP will continue to provide maintenance releases with fixes as well as iLO Standard and iLO Standard Blade Edition feature enhancements at no extra charge.

A 60-day evaluation license key is available for download from the HP website. The evaluation license activates and enables access to iLO 2 Advanced features. You can only install one evaluation license per iLO 2. When the evaluation period expires, the iLO 2 features deactivate.

The following versions of iLO 2 are available:

26 Configuring iLO 2

NOTE: The features annotated with an asterisk (*) are not supported on all systems.

Feature	iLO 2 Advanced	iLO 2 Advanced for	iLO 2 Standard	iLO 2 Standard Blade
		BladeSystem		Edition
Virtual power and	X	X	X	X
reset control
Server console access	X	X	X	X
through POST
Text console after	X	X	– –	– –
POST
Event logs	X	X	X	X
System health* and	X	X	X	X
configuration
UID	X	X	X	X
DMTF SMASH	X	X	X	X
standard CLP
RIBCL/XML scripting	X	X	X	X
WS Management	X	X	X	X
Scripting
Browser access	X	X	X	X
SSH access	X	X	X	X
Shared network port	X	– –	X	– –
Serial access	X	X	X	X
Remote serial console	X	X	X	X
Integrated remote	X	X	– –	X
console
Remote console	X	X	– –	X
Virtual media applet	X	X	– –	X
Secure digital card	X	X	– –	X
support*
Terminal services	X	X	– –	X
passthrough
Virtual media scripting	X	X	– –	– –
Directory integration	X	X	– –	– –
24 hour power	X	X	X	X
reporting*
Real-time power	X	X	– –	– –
reporting*
Dynamic power	X	X	– –	– –
capping
Group power capping	X	X	– –	– –
Two-factor smart card	X	X	– –	– –
authentication
HP SIM single sign-on	X	X	– –	– –

Licensing 27

Feature	iLO 2 Advanced	iLO 2 Advanced for	iLO 2 Standard	iLO 2 Standard Blade
		BladeSystem		Edition
Kernel debugger for	X	X	– –	– –
Windows
Console replay	X	X	– –	– –
Shared remote	X	X	– –	– –
console
Boot/fault console	X	X	– –	– –
capture
iLO video player	X	X	X	X
(license required for
capture)
Enhanced CLI prompt	X	X	X	X
Virtual Serial port log	X	X	– –	– –

In addition to the standard iLO 2 single-server licenses, two other licensing options are available:

•The Flexible Quantity License Kit enables you to purchase a single software package, one copy of the documentation, and a single license key to activate the exact number of licenses requested.

•The Activation Key Agreement enables a volume purchase of ProLiant Essentials and Insight Control software over time, typically in conjunction with new ProLiant servers that are acquired on a regular basis.

User administration

The iLO 2 firmware enables you to manage user accounts stored locally in the secure iLO 2 memory and directory group accounts. Use MMC or ConsoleOne to manage directory user accounts.

The iLO 2 firmware supports up to 12 users with customizable access rights, login names, and advanced password encryption. Privileges control individual user settings. Users can have privileges customized to their individual access requirements. To support more than 12 users, you must have the Advanced Pack, which enables integration with an unlimited number of directory-based user accounts.

You must have the Administer User Accounts privilege to view iLO 2 users, add new users, and modify or delete existing users. If you do not have this privilege, you can view and modify only your account.

To access local accounts, click Administration>User Administration>Local Accounts.

28 Configuring iLO 2

iLO 2 Directory Accounts enables you to view iLO 2 groups and modify the settings for those groups. You must have the Administer Directory Groups privilege. To access Directory Accounts, click Administration>User Administration>Group Accounts.

Adding a new user

NOTE: Only users with the Administer User Accounts privilege can manage other users on iLO 2.

You can assign a different access privilege to each user. Each user can have a unique set of privileges designed for the tasks that the user must perform. You can grant or deny access to critical functions such as remote access, user management, virtual power, and other features.

To add a new user to iLO 2:

1.Log in to iLO 2 using an account that has the Administer User Accounts privilege.

2.Click Administration.

3.Select User Administration>Local Accounts.

4.Click New.

User administration 29

5.Complete the fields. The following options are available:

•User Name appears in the user list and on the home page. It is not necessarily the same as the Login name. The maximum length for a User Name is 39 characters. The User Name must use printable characters.

•Login Name is the name that you must use when logging in to iLO 2. The maximum length for a login name is 39 characters. The login name can only use printable characters.

•Password and Confirm Password fields set and confirm the password that is used when logging in to iLO 2. The minimum length for a password is set in the Access Options page. The maximum length for a password is 39 characters. Enter the password twice for verification.

•Administer User Accounts is a user privilege that allows you to add, modify, and delete local iLO 2 user accounts. Administer User Accounts also allows you to alter privileges for all users, including granting all permissions to yourself. Without this privilege, you can only view your own settings and change your own password.

•Remote Console Access is a user privilege that allows you to remotely access the host system Remote Console and Remote Serial Console, including video, keyboard and mouse control. You are still required to have access to the remote system to use this capability.

•Virtual Power and Reset is a user privilege that allows you to power-cycle or reset the host platform. Any of these activities interrupts the availability of the system. You can also diagnose the system using the virtual NMI button.

•Virtual Media is a user privilege that allows you to use virtual media on the host platform.

•Configure iLO 2 Settings is a privilege that allows you to configure most iLO 2 settings, including security settings. Configure iLO 2 Settings enables you to remotely update iLO 2 firmware. It does not include user account administration. These settings rarely change.

After correctly configuring iLO 2, revoking this privilege from all users prevents reconfiguration. A user with the Administer User Accounts privilege can enable or disable this privilege. If iLO 2 RBSU is enabled, you can also reconfigure iLO 2.

•User Certificate Information maps a certificate to a user. User certificates are only required for two-factor authentication. If a certificate is not mapped to the user account, then the following message displays A certificate has NOT been mapped to this user, along with the Add a Certificate button. Click this button to map a certificate to the user. After a certificate is mapped to the user account, a 40-digit thumbprint of the certificate appears, along with the Remove this Certificate button, which can be used to remove the certificate. If Two-Factor Authentication is enabled, map a different certificate

30 Configuring iLO 2

+ 194 hidden pages