HP Part Number: 5991-6005
Published: January 2008
© Copyright 2008, Hewlett-Packard Development Company, L.P.
Legal Notices
Theinformationcontainedhereinissubjecttochangewithoutnotice.TheonlywarrantiesforHPproductsandservicesaresetforthintheexpress warrantystatementsaccompanyingsuchproductsandservices. Nothinghereinshouldbeconstruedasconstitutinganadditionalwarranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
Intel, Pentium, Intel Inside, Itanium, and the Intel Inside logo are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.
Linux is a U.S. registered trademark of Linus Torvalds.
Microsoft and Windows are U.S. registered trademarks of Microsoft Corporation.
Acrobat is a trademark of Adobe Systems Incorporated.
Java is a US trademark of Sun Microsystems, Inc.
UNIX is a registered trademark of The Open Group.
Table of Contents |
|
About This Document....................................................................................................... |
15 |
Intended Audience................................................................................................................................ |
15 |
New and Changed Information in This Edition................................................................................... |
15 |
Publishing History................................................................................................................................ |
15 |
Document Organization....................................................................................................................... |
16 |
Typographic Conventions..................................................................................................................... |
17 |
Related Information.............................................................................................................................. |
17 |
Warranty Information........................................................................................................................... |
18 |
HP Encourages Your Comments.......................................................................................................... |
18 |
1 Introduction to iLO 2 MP............................................................................................. |
19 |
Features................................................................................................................................................. |
19 |
Standard Features............................................................................................................................ |
19 |
Always-on Capability................................................................................................................. |
20 |
Virtual Front Panel..................................................................................................................... |
20 |
Multiple Access Methods........................................................................................................... |
20 |
Security....................................................................................................................................... |
20 |
User Access Control................................................................................................................... |
20 |
Multiple Users............................................................................................................................ |
20 |
IPMI over LAN........................................................................................................................... |
21 |
Firmware Upgrades................................................................................................................... |
21 |
Internal Subsystem Information................................................................................................ |
21 |
DHCP and DNS Support........................................................................................................... |
21 |
HP SIM Group Actions.............................................................................................................. |
21 |
SNMP......................................................................................................................................... |
22 |
SMASH....................................................................................................................................... |
22 |
SM CLP....................................................................................................................................... |
22 |
Mirrored Console....................................................................................................................... |
22 |
Remote Power Control............................................................................................................... |
22 |
Event Logging............................................................................................................................ |
22 |
Advanced Features.......................................................................................................................... |
22 |
Virtual Media............................................................................................................................. |
22 |
IRC.............................................................................................................................................. |
22 |
Directory-Based Secure Authorization Using LDAP................................................................. |
22 |
LDAP Lite................................................................................................................................... |
23 |
Power Meter Readings............................................................................................................... |
23 |
HP Insight Power Manager........................................................................................................ |
23 |
Advanced Pack License......................................................................................................................... |
23 |
Obtaining and Activating iLO 2 MP Advanced Pack Licensing..................................................... |
24 |
Supported Systems and Required Components and Cables................................................................ |
24 |
iLO 2 MP Supported Browsers and Client Operating Systems............................................................ |
24 |
Security................................................................................................................................................. |
25 |
Protecting SNMP Traffic.................................................................................................................. |
26 |
Lights-Out Advanced/KVM Card........................................................................................................ |
26 |
2 Ports and LEDs.............................................................................................................. |
27 |
HP Integrity Server Blade Components............................................................................................... |
27 |
Onboard Administrator................................................................................................................... |
27 |
HP Integrity rx2660 Server Components.............................................................................................. |
29 |
Table of Contents |
3 |
HP Integrity rx3600 and rx6600 Server Components........................................................................... |
29 |
iLO 2 MP Status LEDs........................................................................................................................... |
30 |
iLO 2 MP Reset Button.......................................................................................................................... |
31 |
Resetting Local User Accounts and Passwords to Default Values.................................................. |
31 |
Console Serial Port and Auxiliary Serial Port....................................................................................... |
31 |
iLO 2 MP LAN Port............................................................................................................................... |
32 |
iLO 2 MP LAN LEDs....................................................................................................................... |
32 |
3 Setting Up and Connecting the Console................................................................... |
33 |
Setup Checklist...................................................................................................................................... |
34 |
Setup Flowchart.................................................................................................................................... |
35 |
Preparing to Set Up iLO 2 MP.............................................................................................................. |
36 |
Determining the Physical iLO 2 MP Access Method...................................................................... |
36 |
Determining the iLO 2 MP LAN Configuration Method................................................................ |
36 |
Configuring the iLO 2 MP LAN Using DHCP and DNS..................................................................... |
37 |
Configuring the iLO 2 MP LAN Using ARP Ping................................................................................ |
37 |
Configuring the iLO 2 MP LAN Using the Console Serial Port........................................................... |
39 |
Logging In to the iLO 2 MP.................................................................................................................. |
40 |
Physically Connecting the Server Blade to the iLO 2 MP..................................................................... |
40 |
Connecting the Server Blade to the iLO 2 MP Using the Onboard Administrator......................... |
41 |
Auto-Login................................................................................................................................. |
41 |
Initiating an Auto-Login Session.......................................................................................... |
42 |
Terminating an Auto-Login Session..................................................................................... |
43 |
User Account Cleanup during IPF Blade Initialization........................................................ |
43 |
Auto-Login Troubleshooting................................................................................................ |
43 |
Connecting the Server Blade to the iLO 2 MP Using the Console Serial Port................................. |
43 |
Connecting the SUV Cable to the Server Blade......................................................................... |
44 |
Additional Setup................................................................................................................................... |
46 |
Modifying User Accounts and Default Passwords......................................................................... |
46 |
Setting Up Security.......................................................................................................................... |
47 |
Setting Security Access............................................................................................................... |
47 |
4 Accessing the Host Console........................................................................................ |
49 |
Interacting with the iLO 2 MP Using the Web GUI.............................................................................. |
49 |
Accessing Online Help.................................................................................................................... |
50 |
Accessing the Host Console Using the TUI.......................................................................................... |
50 |
Help System..................................................................................................................................... |
50 |
Accessing the Host Console Using vKVM (Integrated Remote Console)............................................ |
51 |
Accessing the Host Console Using SMASH SM CLP........................................................................... |
51 |
Accessing iLO 2 MP Using Onboard Administrator............................................................................ |
51 |
Accessing the Graphic Console Using VGA ........................................................................................ |
51 |
5 Configuring DHCP, DNS, LDAP, and LDAP Lite........................................................ |
53 |
Configuring DHCP............................................................................................................................... |
53 |
Configuring DNS.................................................................................................................................. |
54 |
Configuring LDAP Extended Schema.................................................................................................. |
55 |
Login Process Using Directory Services with Extended LDAP...................................................... |
56 |
Configuring LDAP Lite Default Schema.............................................................................................. |
56 |
Setting up Directory Security Groups............................................................................................. |
57 |
Login Process Using Directory Services Without Schema Extensions............................................ |
58 |
6 Using iLO 2 MP............................................................................................................ |
59 |
4Table of Contents
Text User Interface................................................................................................................................ |
59 |
MP Command Interfaces................................................................................................................. |
59 |
MP Main Menu................................................................................................................................ |
60 |
MP Main Menu Commands....................................................................................................... |
60 |
CO (Console): Leave the Main Menu and enter console mode............................................. |
61 |
VFP (Virtual Front Panel): Simulate the display panel......................................................... |
61 |
CM (Command Mode): Enter command mode..................................................................... |
61 |
SMCLP (Server Management Command Line Protocol): Switch to the SMASH SMCLP..... |
61 |
CL (Console Log): View the history of the console output................................................... |
61 |
SL (Show Logs): View events in the log history................................................................... |
61 |
HE (Help): Display help for the menu or command in the MP Main Menu........................ |
63 |
X (Exit): Exit the iLO 2 MP.................................................................................................... |
63 |
Command Menu.............................................................................................................................. |
63 |
Command Line Interface Scripting................................................................................................. |
64 |
Expect Script Example................................................................................................................ |
65 |
Command Menu Commands and Standard Command Line Scripting Syntax............................. |
66 |
BP: Reset BMC passwords.......................................................................................................... |
67 |
BLADE: Display BLADE parameters......................................................................................... |
67 |
CA: Configure asynchronous local serial port............................................................................ |
68 |
DATE: Display date..................................................................................................................... |
69 |
DC (Default Configuration): Reset all parameters to default configurations............................. |
69 |
DF: Display FRU information..................................................................................................... |
69 |
DI: Disconnect LAN, WEB, SSH or Console.............................................................................. |
70 |
DNS: DNS settings...................................................................................................................... |
70 |
FW: Upgrade the MP firmware................................................................................................... |
70 |
HE: Display help for menu or command in command menu interface..................................... |
70 |
ID: System information settings................................................................................................ |
71 |
IT: Inactivity timeout settings................................................................................................... |
71 |
LC: LAN configuration usage..................................................................................................... |
72 |
LDAP: LDAP directory settings.................................................................................................. |
72 |
LDAP: LDAP group administration...................................................................................... |
74 |
LDAP: LDAP Lite................................................................................................................... |
74 |
LM: License management............................................................................................................ |
74 |
LOC: Locator UID LED configuration........................................................................................ |
74 |
LS: LAN status........................................................................................................................... |
74 |
PC: Power control access............................................................................................................ |
75 |
PM: Power regulator mode......................................................................................................... |
75 |
PR: Power restore policy configuration...................................................................................... |
76 |
PS: Power status......................................................................................................................... |
76 |
RB: Reset BMC............................................................................................................................ |
76 |
RS: Reset system through the RST signal................................................................................... |
77 |
SA: Set access LAN/WEB/SSH/IPMI over LAN ports................................................................ |
77 |
SNMP: Configure SNMP parameters.......................................................................................... |
77 |
SO: Security option help............................................................................................................. |
78 |
SS: System Status....................................................................................................................... |
78 |
SYSREV: Firmware revisions...................................................................................................... |
79 |
TC: System reset through INIT or TOC signal........................................................................... |
79 |
TE: Send a message to other mirroring terminals...................................................................... |
79 |
UC: User Configuration (users, passwords, and so on)............................................................. |
80 |
WHO: Display a list of iLO 2 MP connected users....................................................................... |
81 |
XD: iLO 2 MP Diagnostics or reset.............................................................................................. |
81 |
Web GUI................................................................................................................................................ |
82 |
System Status................................................................................................................................... |
82 |
Status Summary > General ........................................................................................................ |
82 |
Table of Contents |
5 |
Status Summary > Active Users................................................................................................. |
83 |
Server Status > General.............................................................................................................. |
84 |
Server Status > Identification..................................................................................................... |
85 |
System Event Log....................................................................................................................... |
86 |
Events.................................................................................................................................... |
87 |
Integrated Remote Console (vKVM)............................................................................................... |
88 |
IRC Requirements and Usage.................................................................................................... |
88 |
Limitations of the vKVM Mouse and Keyboard.................................................................. |
89 |
Browsers and Client Operating Systems that Support vKVM............................................. |
89 |
vKVM-Supported Resolutions and Browser Configurations............................................... |
89 |
Accessing the IRC....................................................................................................................... |
90 |
Integrated Remote Console Fullscreen................................................................................. |
92 |
Remote Serial Console..................................................................................................................... |
93 |
Virtual Serial Port....................................................................................................................... |
95 |
Virtual Media................................................................................................................................... |
95 |
Using iLO 2 MP Virtual Media Devices..................................................................................... |
96 |
Virtual CD/DVD.................................................................................................................... |
97 |
Creating the iLO 2 MP Disk Image Files............................................................................. |
100 |
Virtual Floppy/USB Key...................................................................................................... |
101 |
Virtual Media Applet Timeout........................................................................................... |
102 |
Supported Operating Systems and USB Support for vMedia................................................. |
102 |
Java Plug-in Version................................................................................................................. |
103 |
Client Operating System and Browser Support for vMedia.................................................... |
103 |
Power Management....................................................................................................................... |
103 |
Power & Reset........................................................................................................................... |
103 |
Power Meter Readings............................................................................................................. |
105 |
Power Regulator....................................................................................................................... |
107 |
Administration............................................................................................................................... |
108 |
Firmware Upgrade................................................................................................................... |
109 |
Licensing................................................................................................................................... |
109 |
User Administration > Local Accounts.................................................................................... |
111 |
Group Accounts....................................................................................................................... |
112 |
Access Settings.......................................................................................................................... |
113 |
LAN.......................................................................................................................................... |
113 |
Serial Page................................................................................................................................. |
114 |
Login Options Page.................................................................................................................. |
115 |
Current LDAP Parameters....................................................................................................... |
116 |
Network Settings...................................................................................................................... |
117 |
Network Settings > Standard................................................................................................... |
117 |
Domain Name Server............................................................................................................... |
118 |
SNMP Settings.......................................................................................................................... |
119 |
BL c-Class....................................................................................................................................... |
121 |
Help............................................................................................................................................... |
122 |
SMASH Server Management Command Line Protocol..................................................................... |
123 |
SM CLP Features and Functionality Overview............................................................................. |
123 |
SM CLP Session........................................................................................................................ |
124 |
Accessing the SM CLP Interface.................................................................................................... |
124 |
Exiting the SM CLP Interface................................................................................................... |
124 |
Changing the iLO 2 Default Interface to SM CLP.................................................................... |
124 |
Using the SM CLP Interface........................................................................................................... |
125 |
SM CLP Syntax.............................................................................................................................. |
126 |
Command Line Terms.............................................................................................................. |
126 |
Command Verbs....................................................................................................................... |
126 |
Command Targets.................................................................................................................... |
127 |
Command Target Properties.................................................................................................... |
127 |
6Table of Contents
Command Options................................................................................................................... |
128 |
Level Option........................................................................................................................ |
128 |
Display Option.................................................................................................................... |
128 |
Character Set, Delimiters, Special, and Reserved Characters.................................................. |
129 |
System1 Target............................................................................................................................... |
130 |
Target: SYSTEM1...................................................................................................................... |
130 |
System Reset Power Status and Power Control............................................................................. |
130 |
Resetting the System................................................................................................................ |
130 |
Displaying Power Status.......................................................................................................... |
131 |
Powering Off the System.......................................................................................................... |
131 |
Powering On the System.......................................................................................................... |
131 |
Map1 (iLO 2) Target....................................................................................................................... |
131 |
Target: map1............................................................................................................................. |
131 |
Map1 Example.......................................................................................................................... |
132 |
Resetting the iLO 2 MP............................................................................................................. |
132 |
Text Console Services..................................................................................................................... |
132 |
Opening the MP Main Menu from SM CLP............................................................................ |
132 |
Target: map1/textredirectsap1............................................................................................. |
132 |
Opening the System Console Interface from SM CLP............................................................. |
133 |
Target: system1/consoles1/textredirectsap1........................................................................ |
133 |
Switching Between the System Console and the SM CLP....................................................... |
133 |
Starting a System Console Session...................................................................................... |
134 |
Determining the Session Termination Character Sequence for the System Console......... |
134 |
Exiting the System Console Session and Returning to SM CLP......................................... |
134 |
Entering the MP Main Menu Interface From SM CLP....................................................... |
134 |
Exiting the MP Main Menu Session and Returning to SM CLP......................................... |
134 |
Firmware Revision Display and Upgrade..................................................................................... |
134 |
SM CLP Firmware Targets........................................................................................................ |
134 |
Target: map1/swinstallsvc1................................................................................................. |
134 |
Target: map1/swinventory1................................................................................................ |
135 |
Target: map1/swinventory1/swid#...................................................................................... |
135 |
Displaying Firmware Revisions............................................................................................... |
135 |
Firmware Upgrade................................................................................................................... |
136 |
Remote Access Configuration....................................................................................................... |
136 |
Telnet SM CLP Targets............................................................................................................. |
136 |
Target: map1/telnetsvc1...................................................................................................... |
137 |
Telnet Examples.................................................................................................................. |
137 |
SSH........................................................................................................................................... |
137 |
Target: map1/sshsvc1................................................................................................................ |
137 |
SSH Examples........................................................................................................................... |
138 |
Network Configuration................................................................................................................. |
138 |
SM CLP Network Targets, Properties, and Verbs.................................................................... |
138 |
Target: map1/enetport1....................................................................................................... |
138 |
Target: map1/enetport1/lanendpt1..................................................................................... |
138 |
Target: map1/enetport1/lanendpt1/ipendpt1...................................................................... |
139 |
Target: map1/dhcpendpt1................................................................................................... |
139 |
Target: map1/dnsendpt1..................................................................................................... |
140 |
Target: map1/enetport1/lanendpt1/ipendpt1/gateway1..................................................... |
140 |
Target: map1/dnsserver1, map1/dnsserver2, map1/dnsserver3......................................... |
140 |
Target: map1/settings1/dnssettings1................................................................................... |
141 |
SM CLP Network Command Examples................................................................................... |
141 |
vMedia...................................................................................................................................... |
142 |
Target: map1/oemhp_vm1/cddr1........................................................................................ |
142 |
SM CLP vMedia Use Cases................................................................................................. |
143 |
User Accounts Configuration........................................................................................................ |
143 |
Table of Contents |
7 |
Target: map1/group1................................................................................................................ |
143 |
Target: map1/group1/account#................................................................................................. |
143 |
User Account Examples........................................................................................................... |
144 |
LDAP Configuration...................................................................................................................... |
144 |
Target: map1/settings1/oemhp_ldapsettings1.......................................................................... |
144 |
LDAP Configuration Examples................................................................................................ |
145 |
7 Installing and Configuring Directory Services ....................................................... |
147 |
Directory Services............................................................................................................................... |
147 |
Features Supported by Directory Integration............................................................................... |
148 |
Directory Services Installation Prerequisites................................................................................. |
148 |
Installing Directory Services.......................................................................................................... |
148 |
Schema Documentation................................................................................................................. |
149 |
Directory Services Support............................................................................................................ |
149 |
eDirectory Installation Prerequisites............................................................................................. |
149 |
Required Schema Software............................................................................................................ |
150 |
Schema Installer............................................................................................................................. |
150 |
Schema Preview Screen............................................................................................................ |
150 |
Setup Screen............................................................................................................................. |
150 |
Results Screen........................................................................................................................... |
151 |
Management Snap-In Installer...................................................................................................... |
152 |
Directory Services for Active Directory.............................................................................................. |
152 |
Active Directory Installation Prerequisites.................................................................................... |
152 |
Preparing Directory Services for Active Directory........................................................................ |
153 |
Installing and Initializing Snap-Ins for Active Directory.............................................................. |
154 |
Example: Creating and Configuring Directory Objects for Use with iLO 2 in Active Directory...154 |
|
Directory Services Objects............................................................................................................. |
158 |
Active Directory Snap-Ins........................................................................................................ |
158 |
Managing HP Devices In a Role......................................................................................... |
158 |
Managing Users In a Role................................................................................................... |
159 |
Setting Login Restrictions......................................................................................................... |
160 |
Setting Time Restrictions.................................................................................................... |
160 |
Defining Client IP Address or DNS Name Access............................................................. |
161 |
Setting User or Group Role Rights................................................................................................ |
162 |
Directory Services for eDirectory........................................................................................................ |
163 |
Installing and Initializing Snap-In for eDirectory......................................................................... |
163 |
Example: Creating and Configuring Directory Objects for Use with iLO 2 MP Devices in |
|
eDirectory...................................................................................................................................... |
163 |
Creating Objects....................................................................................................................... |
163 |
Creating Roles.......................................................................................................................... |
164 |
Directory Services Objects for eDirectory...................................................................................... |
166 |
Adding Role Managed Devices................................................................................................ |
166 |
Adding Members...................................................................................................................... |
166 |
Setting Role Restrictions................................................................................................................ |
167 |
Setting Time Restrictions............................................................................................................... |
168 |
Defining Client IP Address or DNS Name Access................................................................... |
168 |
Setting Lights-Out Management Device Rights............................................................................ |
168 |
Installing Snap-Ins and Extending Schema for eDirectory on a Linux Platform.......................... |
169 |
Installing the Java Runtime Environment................................................................................ |
169 |
Installing Snap-Ins.................................................................................................................... |
170 |
Extending Schema.................................................................................................................... |
170 |
Verifying Snap-In Installation and Schema Extension............................................................. |
171 |
Using the LDAP Command to Configure Directory Settings in the iLO 2 MP............................. |
171 |
User Login Using Directory Services.................................................................................................. |
172 |
8Table of Contents
Certificate Services.............................................................................................................................. |
173 |
Installing Certificate Services........................................................................................................ |
173 |
Verifying Directory Services.......................................................................................................... |
173 |
Configuring an Automatic Certificate Request............................................................................. |
173 |
Directory-Enabled Remote Management........................................................................................... |
173 |
Using Existing Groups................................................................................................................... |
174 |
Using Multiple Roles..................................................................................................................... |
174 |
Creating Roles that Follow Organizational Structure................................................................... |
175 |
Restricting Roles............................................................................................................................ |
175 |
Role Time Restrictions.............................................................................................................. |
175 |
IP Address Range Restrictions................................................................................................. |
176 |
IP Address and Subnet Mask Restrictions............................................................................... |
176 |
DNS-Based Restrictions............................................................................................................ |
176 |
Role Address Restrictions........................................................................................................ |
176 |
How Directory Login Restrictions Are Enforced.......................................................................... |
176 |
How User Time Restrictions Are Enforced................................................................................... |
177 |
User Address Restrictions............................................................................................................. |
178 |
Creating Multiple Restrictions and Roles...................................................................................... |
178 |
Directory Services Schema (LDAP).................................................................................................... |
179 |
HP Management Core LDAP Object Identifier Classes and Attributes........................................ |
179 |
Core Classes.............................................................................................................................. |
180 |
Core Attributes......................................................................................................................... |
180 |
Core Class Definitions.............................................................................................................. |
180 |
hpqTarget............................................................................................................................ |
180 |
hpqRole............................................................................................................................... |
181 |
hpqPolicy............................................................................................................................. |
181 |
Core Attribute Definitions........................................................................................................ |
181 |
hpqPolicyDN....................................................................................................................... |
181 |
hpqRoleMembership........................................................................................................... |
181 |
hpqTargetMembership........................................................................................................ |
182 |
hpqRoleIPRestrictionDefault.............................................................................................. |
182 |
hpqRoleIPRestrictions......................................................................................................... |
182 |
hpqRoleTimeRestriction..................................................................................................... |
182 |
iLO 2 MP-Specific LDAP OID Classes and Attributes.................................................................. |
183 |
iLO 2 MP Classes...................................................................................................................... |
183 |
iLO 2 MP Attributes................................................................................................................. |
183 |
iLO 2 MP Class Definitions...................................................................................................... |
183 |
hpqLOMv100...................................................................................................................... |
183 |
iLO 2 MP Attribute Definitions................................................................................................ |
184 |
hpqLOMRightLogin............................................................................................................ |
184 |
hpqLOMRightRemoteConsole............................................................................................ |
184 |
hpqLOMRightRemoteConsole............................................................................................ |
184 |
hpqLOMRightServerReset.................................................................................................. |
184 |
hpqLOMRightLocalUserAdmin......................................................................................... |
185 |
hpqLOMRightConfigureSettings........................................................................................ |
185 |
Glossary......................................................................................................................... |
187 |
Index............................................................................................................................... |
195 |
Table of Contents |
9 |
10
List of Figures
2-1 |
OA/iLO Network Port and Components...................................................................................... |
28 |
2-2 |
Onboard Administrator LEDs and Buttons.................................................................................. |
28 |
2-3 |
HP Integrity rx2660 Server Rear View.......................................................................................... |
29 |
2-4 |
HP Integrity rx3600 and rx6600 Server Rear Ports and LEDs....................................................... |
30 |
2-5 |
Console Serial Port (RS-232) Connector........................................................................................ |
31 |
2-6 |
iLO 2 MP LAN Port....................................................................................................................... |
32 |
3-1 |
Setup Flowchart............................................................................................................................. |
35 |
3-2 |
SUV Cable...................................................................................................................................... |
45 |
3-3 |
Connecting the SUV Cable to the Server Blade............................................................................. |
46 |
4-1 |
Web Login Page............................................................................................................................. |
49 |
4-2 |
Status Summary Page.................................................................................................................... |
50 |
6-1 |
MP Command Interfaces............................................................................................................... |
60 |
6-2 |
Status Summary General Page...................................................................................................... |
83 |
6-3 |
Status Summary Active Users Page.............................................................................................. |
84 |
6-4 |
Server Status General Page............................................................................................................ |
85 |
6-5 |
Server Status Identification Page................................................................................................... |
86 |
6-6 |
System Event Log Page................................................................................................................. |
87 |
6-7 |
Integrated Remote Console Page.................................................................................................. |
91 |
6-8 |
Integrated Remote Console Window............................................................................................ |
92 |
6-9 |
Remote Serial Console Page.......................................................................................................... |
93 |
6-10 |
Remote Serial Console Window.................................................................................................... |
94 |
6-11 |
Virtual Media Page........................................................................................................................ |
96 |
6-12 |
Virtual Media Dialog Box (Before Connection)............................................................................ |
98 |
6-13 |
Virtual Media Dialog Box (after connection)................................................................................ |
99 |
6-14 |
Local Image File Dialog Box........................................................................................................ |
100 |
6-15 |
Create Media Image Dialog Box.................................................................................................. |
101 |
6-16 |
Virtual Floppy/USB Key.............................................................................................................. |
102 |
6-17 |
Power & Reset Page..................................................................................................................... |
104 |
6-18 |
Power Meter Readings Page........................................................................................................ |
106 |
6-19 |
Power Regulator Page.................................................................................................................. |
107 |
6-20 |
Licensing Page............................................................................................................................. |
110 |
6-21 |
Local Accounts Page.................................................................................................................... |
111 |
6-22 |
Group Accounts Page.................................................................................................................. |
112 |
6-23 |
LAN Page..................................................................................................................................... |
113 |
6-24 |
Serial Page.................................................................................................................................... |
114 |
6-25 |
Login Options Page..................................................................................................................... |
115 |
6-26 |
Current LDAP Parameters Page.................................................................................................. |
116 |
6-27 |
Standard Page.............................................................................................................................. |
118 |
6-28 |
Domain Name Server Page.......................................................................................................... |
119 |
6-29 |
SNMP Settings Page.................................................................................................................... |
120 |
6-30 |
Onboard Administrator............................................................................................................... |
121 |
6-31 |
Help Page..................................................................................................................................... |
123 |
7-1 |
Schema Preview Screen............................................................................................................... |
150 |
7-2 |
Schema Setup Screen................................................................................................................... |
151 |
7-3 |
Schema Results Screen................................................................................................................. |
152 |
7-4 |
Directory Example....................................................................................................................... |
155 |
7-5 |
Create New HP Management Object Dialog Box........................................................................ |
156 |
7-6 |
Select Users Dialog Box............................................................................................................... |
157 |
7-7 |
Lights-Out Management Tab....................................................................................................... |
157 |
7-8 |
HP Devices Tab............................................................................................................................ |
159 |
7-9 |
Members Tab............................................................................................................................... |
159 |
7-10 |
Role Restrictions Tab................................................................................................................... |
160 |
11
7-11 |
Logon Hours Screen.................................................................................................................... |
161 |
7-12 New IP/Mask Dialog Box............................................................................................................ |
161 |
|
7-13 Lights Out Management Tab....................................................................................................... |
162 |
|
7-14 Roles and Devices Example......................................................................................................... |
163 |
|
7-15 Select Object Subtype Dialog Box................................................................................................ |
164 |
|
7-16 |
Setting Role Rights....................................................................................................................... |
165 |
7-17 Role Managed Devices Subtab.................................................................................................... |
166 |
|
7-18 |
Members Tab (eDirectory)........................................................................................................... |
167 |
7-19 Role Restrictions Subtab (eDirectory).......................................................................................... |
167 |
|
7-20 Add New Restriction Dialog Box................................................................................................ |
168 |
|
7-21 Lights-Out Management Device Rights Tab............................................................................... |
169 |
|
7-22 Admin User Gaining Admin Role Right, Example 1.................................................................. |
175 |
|
7-23 Admin User Gaining Admin Role Right, Example 2.................................................................. |
175 |
|
7-24 User and Role Access Restrictions............................................................................................... |
177 |
|
7-25 |
User Time Restrictions................................................................................................................. |
178 |
7-26 |
Restricting General Use............................................................................................................... |
179 |
7-27 Restricting the Reset Role............................................................................................................ |
179 |
12 List of Figures
List of Tables
1 |
Publishing History Details............................................................................................................ |
16 |
1-1 |
Supported Systems and Required Components Matrix............................................................... |
24 |
1-2 |
iLO 2 MP Supported Browsers and Client Operating Systems.................................................... |
25 |
2-1 |
iLO 2 MP Status LEDs................................................................................................................... |
30 |
2-2 |
Console Serial Port Pinouts........................................................................................................... |
31 |
2-3 |
iLO 2 MP LAN Port Pinouts.......................................................................................................... |
32 |
2-4 |
iLO 2 MP LAN Link Status LEDs.................................................................................................. |
32 |
2-5 |
iLO 2 MP LAN Link Speed LEDs.................................................................................................. |
32 |
3-1 |
Setup Checklist.............................................................................................................................. |
34 |
3-2 |
Physical Connection Matrix.......................................................................................................... |
36 |
3-3 |
LAN Configuration Methods........................................................................................................ |
36 |
3-4 |
ARP Ping Commands.................................................................................................................... |
38 |
6-1 |
MP Command Interfaces............................................................................................................... |
59 |
6-2 |
MP Main Menu Commands.......................................................................................................... |
60 |
6-3 |
Events............................................................................................................................................ |
62 |
6-4 |
Alert Levels.................................................................................................................................... |
62 |
6-5 |
Command Menu Commands........................................................................................................ |
63 |
6-6 |
Status Summary General Page Description.................................................................................. |
83 |
6-7 |
Active Users Page Description...................................................................................................... |
84 |
6-8 |
Server Status General Page Description........................................................................................ |
85 |
6-9 |
Server Status Identification Page Description............................................................................... |
86 |
6-10 |
System Event Log Page Description.............................................................................................. |
87 |
6-11 |
IRC Page Description..................................................................................................................... |
91 |
6-12 |
IRC Window Description.............................................................................................................. |
92 |
6-13 |
Operating System Support for vMedia....................................................................................... |
103 |
6-14 |
Client Operating System and Browser Support for vMedia....................................................... |
103 |
6-15 |
Power & Reset Page Description................................................................................................. |
104 |
6-16 |
Power Meter Readings Page Description.................................................................................... |
106 |
6-17 |
Power Regulator Page Description.............................................................................................. |
108 |
6-18 |
Licensing Page Description......................................................................................................... |
110 |
6-19 |
Local Accounts Page Description................................................................................................ |
112 |
6-20 |
Group Accounts Page Description.............................................................................................. |
113 |
6-21 |
LAN Page Description................................................................................................................. |
114 |
6-22 |
Serial Page Description................................................................................................................ |
115 |
6-23 |
Login Options Page Description.................................................................................................. |
115 |
6-24 |
Current LDAP Parameters Page Description.............................................................................. |
117 |
6-25 |
Standard Page Description.......................................................................................................... |
118 |
6-26 |
DNS Page Description................................................................................................................. |
119 |
6-27 |
SNMP Settings Page Description................................................................................................. |
120 |
6-28 |
Onboard Administrator Page Description.................................................................................. |
121 |
6-29 |
Supported Command Verbs........................................................................................................ |
126 |
6-30 |
Command Options...................................................................................................................... |
129 |
6-31 |
SM CLP Reserved Characters and Character Sequences............................................................ |
129 |
6-32 |
system1 Properties....................................................................................................................... |
130 |
6-33 |
map1 Properties........................................................................................................................... |
131 |
6-34 |
/map1/textredirectsap1 Properties.............................................................................................. |
133 |
6-35 |
/system1/consoles1/textredirectsap1 Properties.......................................................................... |
133 |
6-36 |
swinstallsvc1 Properties.............................................................................................................. |
134 |
6-37 |
swinventory1 Properties.............................................................................................................. |
135 |
6-38 |
swid# Properties.......................................................................................................................... |
135 |
6-39 |
telnetsvc1 Properties.................................................................................................................... |
137 |
6-40 |
sshsvc1 Properties........................................................................................................................ |
137 |
13
6-41 |
enetport1 Properties.................................................................................................................... |
138 |
6-42 |
lanedpt1 Properties...................................................................................................................... |
138 |
6-43 |
ipendpt1 Properties..................................................................................................................... |
139 |
6-44 |
dhcpendpt1 Properties................................................................................................................ |
139 |
6-45 |
dnsendpt1 Properties................................................................................................................... |
140 |
6-46 |
gateway1 Properties.................................................................................................................... |
140 |
6-47 |
dnsserver1, dnsserver2, dnsserver3 Properties........................................................................... |
140 |
6-48 |
dnssettings1 Properties................................................................................................................ |
141 |
6-49 |
cddr1 Properties.......................................................................................................................... |
142 |
6-50 |
group1 Properties........................................................................................................................ |
143 |
6-51 |
account# Properties..................................................................................................................... |
143 |
6-52 |
oemhp_ldapsettings1 Properties................................................................................................. |
145 |
7-1 |
Lights Out Management Rights.................................................................................................. |
162 |
7-2 |
Management Device Rights......................................................................................................... |
169 |
7-3 |
Core Classes................................................................................................................................. |
180 |
7-4 |
Core Attributes............................................................................................................................ |
180 |
7-5 |
hpqTarget..................................................................................................................................... |
180 |
7-6 |
hpqRole........................................................................................................................................ |
181 |
7-7 |
hpqPolicy..................................................................................................................................... |
181 |
7-8 |
hpqPolicyDN............................................................................................................................... |
181 |
7-9 |
hpqRoleMembership................................................................................................................... |
181 |
7-10 |
hpqTargetMembership................................................................................................................ |
182 |
7-11 |
hpqRoleIPRestrictionDefault....................................................................................................... |
182 |
7-12 |
hpqRoleIPRestrictions................................................................................................................. |
182 |
7-13 |
hpqRoleTimeRestriction.............................................................................................................. |
182 |
7-14 |
iLO 2 MP Classes......................................................................................................................... |
183 |
7-15 |
iLO 2 MP Attributes.................................................................................................................... |
183 |
7-16 |
hpqLOMv100............................................................................................................................... |
183 |
7-17 |
hpqLOMRightLogin.................................................................................................................... |
184 |
7-18 |
hpqLOMRightRemoteConsole.................................................................................................... |
184 |
7-19 |
hpqLOMRightRemoteConsole.................................................................................................... |
184 |
7-20 |
hpqLOMRightServerReset........................................................................................................... |
184 |
7-21 |
hpqLOMRightLocalUserAdmin.................................................................................................. |
185 |
7-22 |
hpqLOMRightConfigureSettings................................................................................................ |
185 |
14 List of Tables
This document provides information and instructions on how to use the HP Integrated Lights Out 2 Management Processor (iLO 2 MP) for Integrity.
The document printing date and part number indicate the document’s current edition. The printing date changes when a new edition is printed. Minor changes may be made at reprint withoutchangingtheprintingdate.Thedocumentpartnumberchangeswhenextensivechanges are made.
Documentupdatesmaybeissuedbetweeneditionstocorrecterrorsordocumentproductchanges. To ensure that you receive the updated or new editions, subscribe to the appropriate product support service. See your HP sales representative for details.
The latest version of this document can be found on the HP website at:http://www.docs.hp.com
This document provides technical product and support information for authorized service providers, system administrators, and HP support personnel.
The following information available for BL870c, BL860c, rx2660, rx3600, and rx6600 servers was added to this guide:
•vMedia - virtual floppy/USB key capability, see “Virtual Floppy/USB Key” (page 101) This document is also a reference for the following HP Integrity servers with Integrity iLO:
•rx7640
•rx8640
•Superdome sx2000
The publishing history below identifies the edition dates of this manual. Updates are made to thispublicationonanunscheduled,asneeded,basis.Theupdatesconsistofacompletereplacement manual and pertinent online or CD documentation.
Intended Audience |
15 |
Table 1 Publishing History Details
Document |
Operating Systems Supported |
Supported Servers |
Publication Date |
Manufacturing |
|
|
|
Part Number |
|
|
|
5991–6005 |
HP-UX 11i v2 |
BL870c |
January 2008 |
|
OpenVMS 8.3 1H1 |
BL860c |
|
|
Microsoft Windows Server 2003 |
rx2660 |
|
|
Red Hat Linux and SuSE |
rx3600 |
|
|
|
rx6600 |
|
|
|
rx76401 |
|
|
|
rx86401 |
|
|
|
Superdome sx20001 |
|
5991-5992 |
HP-UX 11i v2 |
BL860c |
November 2007 |
|
OpenVMS 8.3 1H1 |
rx2660 |
|
|
Microsoft Windows Server 2003 |
rx3600 |
|
|
Red Hat Linux and SuSE |
rx6600 |
|
|
|
rx76401 |
|
|
|
rx86401 |
|
|
|
Superdome sx20001 |
|
5991-5983 |
HP-UX 11i v2 |
BL860c |
June 2007 |
|
OpenVMS 8.3 |
rx2660 |
|
|
Microsoft Windows Server 2003 |
rx3600 |
|
|
Red Hat Linux and SuSE |
rx6600 |
|
AD217-9001A |
HP-UX 11i v2 |
BL860c |
February 2007 |
|
OpenVMS 8.3 |
rx2660 |
|
|
Microsoft Windows Server 2003 |
rx3600 |
|
|
Red Hat Linux and SuSE |
rx6600 |
|
AB419-9006A |
HP-UX 11i v2 |
rx2660 |
December 2006 |
|
OpenVMS 8.3 |
rx3600 |
|
|
Microsoft Windows Server 2003 |
rx6600 |
|
|
Red Hat Linux and SuSE |
|
|
5971-4292 |
HP-UX 11i v2 |
rx3600 |
September 2006 |
|
OpenVMS 8.3 |
rx6600 |
|
|
Microsoft Windows Server 2003 |
|
|
|
Red Hat Linux and SuSE |
|
|
1All of the iLO 2 functionality is not currently available on this server.
This guide is divided into the following chapters.
Chapter 1 Introduction Use this chapter to learn about the iLO 2 MP functionality. Chapter 2 Ports and LEDs Use this chapter to learn about ports and LEDs.
Chapter 3 Setting Up and Connecting the Console Use this chapter to set up and connect the console.
Chapter 4 AccessingtheHostConsoleUsethischaptertolearnhowtoaccessthehostconsole of an HP Integrity server through the iLO 2 MP.
16
Chapter 5 |
Configuring DHCP, DNS, LDAP, and LDAP Lite Use this chapter to configure |
|
DHCP, DNS, LDAP extended schema, and LDAP Lite default schema. |
Chapter 6 |
UsingtheiLO2MP Thischapterprovidesinformationonthedifferentinterfaces |
|
you can use to interact with the iLO 2 MP such as text user interface, web GUI, |
|
and SMASH SM CLP. |
Chapter 7 |
Installing and Configuring Directory Services Use this chapter to learn about |
|
installing and configuring directory services functions. |
Glossary |
Use the glossary to learn iLO 2 MP terms and definitions. |
This document uses the following conventions.
WARNING! A warning lists requirements that you must meet to avoid personal injury.
CAUTION: Acautionprovidesinformationrequiredtoavoidlosingdataoravoidlosingsystem functionality.
IMPORTANT: Important messages provide essential information to explain a concept or to complete a task.
NOTE: Anotehighlightsusefulinformationsuchasrestrictions,recommendations,orimportant details about HP product features.
TIP: Tipsprovideyouwithhelpfulhintsforcompletingatask.Atipisnotusedtogiveessential information,butcanbeusedtoprovideanalternatemethodforcompletingthetaskthatprecedes it.
Command |
A command name or qualified command phrase. |
Computer |
Text displayed by the computer. |
Output |
|
Ctrl+X |
A key sequence. A sequence such as Ctrl-X indicates that you must hold |
|
down the key labeled Ctrl while you press another key or mouse button. |
Key |
Thenameofakeyboardkey. Return and Enter bothrefertothesamekey. |
User Input |
Commands and other text that you enter. |
[ ] |
The contents are optional in formats and command descriptions. If the |
|
contentsarealistseparatedbyapipe(|),youmustselectoneoftheitems. |
{ } |
The contents are required in formats and command descriptions. If the |
|
contentsarealistseparatedbyapipe(|),youmustselectoneoftheitems. |
... |
The preceding element can be repeated an arbitrary number of times. |
|Separates items in a list of choices.
You can find other information on HP server hardware management, Microsoft® Windows®, and diagnostic support tools in the following publications.
HP Technical Documentation Website
http://www.docs.hp.com
Server Hardware Information
http://docs.hp.com/HP-UX/hw/
Typographic Conventions |
17 |
Windows Operating System Information
Find information about administration of the Microsoft Windows operating system at the following websites
•http://www.docs.hp.com/windows_nt/
•http://www.microsoft.com/technet/
Diagnostics and Event Monitoring: Hardware Support Tools
CompleteinformationaboutHPhardwaresupporttools,includingonlineandofflinediagnostics and event monitoring tools, is at:
http://www.docs.hp.com/HP-UX/diag/
Website for HP Technical Support
http://us-support2.external.hp.com/
Books about HP-UX Published by Prentice Hall
The HP Books website lists the HP books that Prentice Hall currently publishes, including the following:
•HP-UX 11i System Administration Handbook http://www.hp.com/hpbooks/prentice/ptr_0130600814.html
•HP-UX Virtual Partitions http://www.hp.com/hpbooks/prentice/ptr_0130352128.html
HP Books are available worldwide through bookstores, online booksellers, and office and computer stores.
The latest versions of the BCS Global Limited Warranty and Technical Support documentation is posted on the HP website in the Enterprise Servers, Workstations, and System Hardware collection under each server to which it applies, at: http://www.docs.hp.com.
HPencouragesyourcommentsconcerningthisdocument. Wearetrulycommittedtoproviding documentation that meets your needs.
Send comments to:
netinfo_feedback@cup.hp.com
Include title, manufacturing part number, and any comments, errors found, or suggestions for improvementyouhaveconcerningthisdocument. Also,pleaseincludewhatwedidrightsowe can incorporate it into other documents.
18
The Integrated Lights-Out Management Processor (iLO MP) for entry class Integrity servers is an autonomous management subsystem embedded directly on the server. It is the foundation of the server’s High Availability (HA) embedded server and fault management. It also provides system administrators secure remote management capabilities regardless of server status or location. The iLO MP is available whenever the system is connected to a power source, even if the server main power switch is in the off position.
HP has used several different names to describe the management functionality embedded in servers, including “the management processor.” In addition, HP uses the term “management processor” to refer to any embedded microprocessor that manages a system. Management processor is a descriptive term (such as “server”), and iLO is a brand name or label (such as “Integrity”).
Remote access is the key to maximizing efficiency of administration and troubleshooting for enterprise servers. Integrity servers are designed so all administrative functions that can be performed locally, can also be performed remotely. iLO enables remote access to the operating system console, control over the server’s power and hardware reset functionality, and works with the server to enable remote network booting through a variety of methods.
iLO 2 is an Integrated Lights Out 2 Management Processor (iLO 2 MP) with the latest advanced digital video redirection technology. This new feature gives you a higher performance graphics console redirection experience than with the previous iLO.
This chapter addresses the following topics:
•“Features” (page 19)
•“Advanced Pack License” (page 23)
•“Supported Systems and Required Components and Cables” (page 24)
•“iLO 2 MP Supported Browsers and Client Operating Systems” (page 24)
•“Security” (page 25)
iLO 2 MP functionality includes the following:
•Control of power, reset, and Transfer of Control (TOC) capabilities
•Console access
•Display and recording of system events
•Displayofdetailedinformationaboutthevariousinternalsubsystemsandfieldreplaceable units (FRUs)
•A virtual front panel to monitor system status and see the state of front panel LEDs
The iLO 2 MP is completely independent of the host system and the operating system. It has its own microprocessor and runs its own firmware. The operating system cannot send packets out on the iLO 2 MP LAN, and packets on the iLO 2 MP LAN cannot go to the operating system.
TheiLO2MPLANisexclusivetotheiLO2MPandisdrivenbyanembeddedrealtimeoperating system (RTOS) running on the iLO 2 MP.
The iLO 2 MP offers the following standard and advanced features.
TheiLO2MPstandardfeaturesprovidethefollowingbasicsystemboardmanagementfunctions, diagnostics, and essential Lights-Out functionality on iLO 2-supported HP servers:
Features 19
The iLO 2 MP is active and available through the iLO 2 MP LAN connection and the local serial portconnectionaslongasthepowercordispluggedin.Intheeventofacompletepowerfailure, the iLO 2 MP data is protected by an onboard battery backup.
Thevirtualfrontpanel(VFP)presentsasummaryofthesystemfrontpanelusingdirectconsole
addressing.
The available methods to access the iLO 2 MP are as follows:
IPMI/LAN |
Through the iLO 2 MP MAC address |
LAN |
Using telnet, web, or SSH to access the iLO 2 MP LAN |
Local Serial Port |
Using a terminal or laptop computer for direct connection |
Web |
Using a GUI |
The iLO 2 MP provides strong security for remote management in IT environments, such as the following:
•User-defined TCP/IP ports
•User accounts and access management
•LightweightDirectoryAccessProtocol-(LDAP)baseddirectoryservicesauthenticationand authorization
•Encrypted communication using SSL and SSH
The iLO 2 MP is restricted by user accounts. User accounts are password protected and are assigned access rights that define a specific level of access to the server and to the iLO 2 MP commands. TheiLO2MPsupportsbothLDAPdirectoryuserauthenticationandlocallystored iLO 2 MP user accounts. iLO 2 MP users can have any of the following access rights:
Console Access |
Right to access the system console (the host operating |
|
system). This does not bypass host authentication |
|
requirements, if any. |
Power Control Access |
Right to power on, power off, or reset the server, and the |
|
right to configure the power restore policy. |
Local User Administration Access |
Right to configure locally stored user accounts. |
iLO 2 MP Configuration Access |
Right to configure all iLO 2 MP settings and some system |
|
settings, such as the power restore policy. |
Virtual Media Access |
Enables Advanced Pack license users the right to use the |
|
virtual media applet. |
MultipleuserscaninteractwiththeiLO2MP. However,iLO2MPcommandmodeandconsole mode are mirrored, allowing only one user at a time to have write access to the shared console. When a command is completed, write access is released and any user can initiate another command.
20 Introduction to iLO 2 MP
IMPORTANT: Although the iLO 2 MP can support multiple simultaneous connections, to do so can impact performance. HP does not recommend running more than eight simultaneous connections.
The iLO 2 MP supports the following connections simultaneously:
•Fourweb(eachwebconnectioncanhavearemoteserialconsoleconnectionaswellandnot be counted as part of the total number of connections allowed)
•Eight SSH
•One local console serial port (RS-232)
•Four IPMI over LAN
•Four telnet
•One Integrated Remote Console (IRC)
•One vMedia
The Intelligent Platform Management Interface (IPMI) option provides direct access from the iLO 2 MP LAN port to the server Baseboard Management Controller (BMC) monitoring and controlling functions such as temperature, voltage, fans, and power supplies. IPMI defines a common interface for platform management hardware. With IPMI over LAN enabled, BMC functions are available to other management software applications. The iLO 2 MP supports up to four simultaneous IPMI over LAN connections.
Firmware upgrades enhance the functionality of the iLO 2 MP.
The MP firmware is packaged along with system, BMC, and FPGA/PSOC firmware. You can download and upgrade the firmware package from the HP website at: http://www.hp.com/go/bizsupport.
The iLO 2 MP displays information about the following internal subsystems:
•FRU information
•System power state and fan status
•Processor Status
The iLO 2 MP supports the Dynamic Host Configuration Protocol (DHCP) and the Domain Name System (DNS) configuration options for acquiring network information through the iLO 2 MP LAN port. When the iLO 2 MP starts, it acquires the port configuration stored on a DHCP server to assign an IP address to the iLO 2 MP LAN port. If DNS is configured, this information is updated on the DNS server. The simplest method to initially connect to the iLO 2 MP is with the default DNS name found on the toe-tag on the server, for example, mp0014c29c064f.
HPSystemsInsightManager(HPSIM)isasystem-levelmanagementtoolthatsupportsexecuting commands from HP SIM using the SSH interface. HP SIM enables you to perform similar management activities across multiple iLO 2s (group actions) without requiring you to access each iLO 2 MP individually. Group actions can be taken regardless of the server power state. Fore more information about HP SIM, see:
http://www.hp.com/go/hpsim.
For the user guide, see the Information Library.
Features 21
The SNMP is part of the TCP/IP protocol suit developed to manage servers on an IP network. SNMPenablesyoutomanagenetworkperformance,findandsolvenetworkproblems,andplan for network growth.
ServerManagementArchitectureforServerHardware(SMASH)isaninitiativebytheDistributed
ManagementTaskForce(DMTF)thatencompassesspecifications(ServerManagementCLP,SM
MEAddressing,SMProfiles)thataddresstheinteroperablemanageabilityrequirementsofsmall to large scale heterogeneous computer environments.
SM CLP
TheSMCLPspecificationdefinesauserfriendlycommand-lineprotocolthatprovidescommand line interface (CLI) standards for interoperability.
The system console output stream is reflected to all connected console users, and any user can provide input.
The iLO 2 MP enables remote power cycle, power on and power off, and TOC. It also provides options to reset the system, the BMC, or iLO 2 MP.
TheiLO2MPprovideseventlogging,display,andkeywordsearchofconsolehistoryandsystem
events.
TheiLO2MPadvancedfeaturesprovideadditionalfunctionalitysuchasthegraphicalintegrated remote console and virtual media. In addition, the advanced features increase security by integrating iLO 2 MP user administration with the Active Directory or eDirectory.
TheadvancedfeaturesrequiretheiLO2MPAdvancedPacklicense.See“AdvancedPackLicense” (page 23).
NOTE: A HP ProLiant iLO 2 Advanced Pack license key will not work on an HP Integrity server, and vice versa.
iLO2MPadvancedfeaturesincludetheiLO2MPstandardfeaturesandthefollowingfeatures:
Virtual Media (vMedia) enables connection of client-based USB CD and DVD devices and disk image files as virtual devices on the server, and requires the vMedia right and the Java plug-in version 1.4.2_10 and above.
IRC
The IRC provides a remote console on Windows clients running the Internet Explorer browser toHPIntegrity-basedWindowsservers.Itcombinesvirtualkeyboard,video,andmouse(vKVM).
Thedirectory-basedauthenticationandauthorizationoptionenablesiLO2MPuseraccountsto bedefinedinacentralizeddatabaseonanLDAPserver. iLO2MPusersareauthenticatedwhen
22 Introduction to iLO 2 MP
logging in to the iLO 2 MP and authorization is given each time an iLO 2 MP command runs. Thisprovidesacentralizeddatabase(LDAPserver)ofalluseraccountsandavoidstheoverhead of creating users in each iLO 2 MP.
DirectoryauthenticationoccursbyenablingExtendedSchemaorDefaultSchema.WhenExtended Schema is used, the schema in the directory server must be extended. When Default Schema is selected, schema extension is not needed.
LDAP Lite enables you to use directory authentication to log in to the iLO 2 MP without having todoanyschemaextensiononthedirectoryserverorsnap-ininstallationontheclient.Inaddition togeneraldirectoryintegrationbenefits,iLO2MPschema-freeintegrationprovidesthefollowing:
•Minimal maintenance and administration
•Reliable security
•Complements two-factor authentication
Not extending the schema on the directory server means the directory server does not know anything about the iLO 2 MP object or privileges, and the only thing the iLO 2 MP queries from the directory server is to authenticate the user name and password.
The power meter readings feature enables you to graphically view and monitor server power usage, temperature, and power regulator settings.
HP Insight Power Manager (HP IPM), a plug-in to HP Systems Insight Manager (HP SIM), is an integrated power monitoring and management application that provides centralized control of serverpowerconsumptionandthermaloutput.Itextendstheunifiedinfrastructuremanagement framework of HP SIM by providing new energy levers into the server.
Leveraging HP power regulator technology, HP IPM makes policy-based power and thermal managementpossiblebyenablingyoutoviewandmodifythepowerefficiencyregulatormode of the system. It expands the capacity of data centers by reducing the amount of power and cooling required for supported Integrity servers and the server blades.
Information on HP IPM is available at:
http://www.hp.com/go/ipm
The iLO 2 MP Advanced Pack license features sophisticated virtual administration and security features for ultimate control of servers in data centers and remote sites. With an iLO 2 MP Advanced Pack license key, you can activate powerful remote management features to install, configure, monitor, update, and troubleshoot remote HP servers anywhere, anytime from a standard web browser, command line or script.
Advanced Pack License 23
IMPORTANT: OnHPIntegrityserverblades,theAdvancedPacklicenseisstandard.Remember to save the Advanced Pack license key information that was provided by HP. If you ever need toreplaceyourserverbladeunderwarranty,youwillneedtotransferthekeybytypingthecode on the replacement server blade.
NOTE: A HP ProLiant iLO 2 Advanced Pack license key will not work on an HP Integrity server, and vice versa.
A free 30-day evaluation license is available for download on the HP website. The evaluation license activates and accesses iLO 2 MP Advanced Pack features. You can only install one evaluationlicenseperiLO2MP.Aftertheevaluationperiod,aniLO2MPAdvancedPacklicense isrequiredtocontinueusingtheadvancedfeatures.TheiLO2MPAdvancedPacklicensefeatures automatically deactivate when the evaluation license key expires.
Systems that do not have VGA support all other Advanced Pack license features.
For more information, see the HP website at:
http://h71028.www7.hp.com/enterprise/cache/279991-0-0-0-121.html
Follow the factory-install or manual install instructions located on the Integrated Lights-Out AdvancedPackforHPIntegrityServers;CertificateofLicensetoUse;LicenseInstallationCardtoactivate your license.
Table 1-1 lists the systems on which the iLO 2 MP is supported and the components and cables that are required to operate the iLO 2 MP.
Table 1-1 Supported Systems and Required Components Matrix
Supported |
Required Components |
Required Cables1 |
|
Systems |
|
|
|
BL860c |
Front console serial port (RS-232) |
SUV or DB-9 cable |
|
Rear OA/iLO network port |
LAN cable |
||
|
|||
rx2660 |
iLO2MPhardwareisintegratedintothesystem |
LAN, serial, and VGA cables |
|
|
board |
|
|
rx3600, |
Core I/O board without VGA; factory installed |
LAN and serial cables |
|
rx6600 |
Core I/O board with VGA (optional) |
LAN, serial, and VGA cables |
|
|
(This is only supported on Windows OS.)
rx7640, See your server documentation. rx8640,
Superdome sx2000
1Cables are not provided with the server.
The iLO 2 MP has an independent microprocessor. This architecture ensures that the majority of iLO 2 MP functionality is available regardless of the host operating system.
Table 1-2 lists the client operating systems and browsers that are supported on iLO 2 MP:
24 Introduction to iLO 2 MP
Table 1-2 iLO 2 MP Supported Browsers and Client Operating Systems
Browsers |
|
Client Operating System |
|
|
||
Java Plug-in 1.5.0_08 |
HP-UX |
Windows |
|
Linux |
|
OpenVMS |
|
11i |
WS 2003 |
|
Red Hat |
|
|
|
23/11.31 |
Enterprise |
XP |
Enterprise |
SuSE |
8.3 |
Firefox 2.0.0.4 |
X |
X |
X |
X |
X |
|
Internet Explorer 6.0 |
|
X |
X |
|
|
|
HP Secure Web Browser 1.7.13 |
|
|
|
|
|
X |
Related Links
•Java for HP-UX
—http://www.hp.com/products1/unix/java/versions/index.html
—http://www.hp.com/products1/unix/java/archives/index.html
•Java for OpenVMS
—http://h18012.www1.hp.com/java/alpha
•Firefox for HP-UX
—http://www.hp.com/products1/unix/java/firefox/index.html Note: 1.5.0.00 needs patch
—http://www.hp.com/go/firefox
•Firefox for Linux
—http://linuxcoe.corp.hp.com
•Firefox for Windows and Linux
—http://www.mozilla.com/firefox
•Browser Support 1.5.0
—http://java.sun.com/j2se/1.5.0/system-configurations.html
•Operating Systems for Montvale
—http://psweb1.cup.hp.com/~projects/sisl_prgm_mgmt/mvx%20(Low-end%20Montvale)/mvx%20info.htm
ItisimportanttohavestrongsecuritysurroundingtheiLO2MPdevice.HPsecurityrequirements of the enterprise and architected the iLO 2 MP include the following:
Authentication |
iLO 2 MP incorporates authentication techniques with the use of 128-bit |
|
Secure Socket Layer (SSL) encryption. It is password based for web and |
|
passwordand key-based for secure shell (SSH). |
Authorization |
Using local accounts, iLO 2 MP enables you to define up to 19 separate |
|
users and to vary the server access rights of each user. The directory |
|
services capabilities of iLO 2 MP enables you to maintain network user |
|
accountsandsecuritypoliciesinacentral,scalabledatabasethatsupports |
|
thousands of users, devices, and management roles. |
Integrity |
iLO 2 MP incorporates a trusted Java™ applet for vMedia. |
Privacy |
iLO2MPusesSSLforwebconnections,RSL-RC4encryptionforintegrated |
|
remote console and remote serial console, and SSH-DES3/DES128 2.0 |
|
recommended encryption algorithms for SSH-based connections. You |
|
can enable or disable telnet, IPMI over LAN, web, and SSH connectivity. |
Login |
Afterinitialfailedloginattempts(defaultthree),adelayofapproximately |
|
one second is imposed on the serial connection and the login banner |
|
warnings are repeated. All other connection types are disconnected. |
Security 25
Because iLO 2 MP devices are completely autonomous and can be used to control the server, treat them the same as other servers. For example, include the iLO 2 MP devices in the security and network audits.
IMPORTANT: Ensure that physical access to the server is limited. Anyone can clear passwords by pressing the power button for longer than four seconds.
Because SNMP uses passwords, known as community strings, that are sent across the network in clear text, you must enhance the network security when using SNMP traffic. To enhance network security, do the following:
•Resetthecommunitystrings(readonly)withthesamefrequencyandaccordingtothesame guidelines as the administrative passwords. For example, select alphanumeric strings with at least one uppercase letter, one numeral, and one symbol.
•Setfirewallsorrouterstoacceptonlyspecificsourceanddestinationaddresses.Forexample, you can allow inbound SNMP traffic into the host server only if it comes from one of the predetermined management workstations.
TIP: Telnet sends data without encryption and is not a secure connection. HP recommends using SSH instead of telnet because SSH uses encryption.
To enable and disable telnet access, use the SA command.
TheLights-OutAdvanced/KVMcard(LOA)isaPCI-Xcardthatyouinstallintoanysx2000-based mid-range or high-end HP Integrity server.
The LOA card enables the Lights-Out Advanced vKVM and vMedia features of the iLO 2 MP for the rx7640, rx8640, and Superdome sx2000 servers.
The LOA card is also a KVM card that offers physical video functionality for servers running Windows, and USB functionality for servers running HP-UX, Windows, and OpenVMS.
All Lights-Out Advanced features are fully enabled on the LOA card--there is no additional advanced pack license to purchase. At present, vKVM is only available for servers running Windows and vMedia is available for servers running HP-UX, Windows, and OpenVMS.
The LOA card is not currently supported under Linux.
The Lights-Out Advanced features are accessed through the iLO 2 web interface.
26 Introduction to iLO 2 MP
All iLO 2 MP functions are available through the server iLO 2 MP LAN port and the local and remote serial ports. On HP Integrity server blades, all iLO 2 MP functions are available on the Onboard Administrator. This chapter describes the available iLO 2 MP ports, connectors, and LEDs on the HP Integrity server blades, and the rx2660, rx3600, and rx6600 servers.
This chapter addresses the following topics:
•“HP Integrity Server Blade Components” (page 27)
•“HP Integrity rx2660 Server Components” (page 29)
•“HP Integrity rx3600 and rx6600 Server Components” (page 29)
•“iLO 2 MP Reset Button” (page 31)
•“Console Serial Port and Auxiliary Serial Port” (page 31)
Onboard Administrator is the enclosure management processor, subsystem, and firmware base used to support the HP Integrity server blades and all the managed devices contained within the enclosure. Onboard Administrator provides a single point from which to perform basic management tasks on server blades or switches within the enclosure. Using this hardwired knowledge,OnboardAdministratorperformsinitialconfigurationstepsfortheenclosure,enables runtime management and configuration of the enclosure components, and informs you of problems within the enclosure through e-mail, SNMP, or the Insight Display.
Before setting up the HP BladeSystem Onboard Administrator, HP recommends that you read the HP BladeSystem Onboard Administrator User Guide on the HP website at: http://h20000.www2.hp.com/bc/docs/support/SupportManual/c00705292/c00705292.pdf
Reading this guide ensures that you understand the HP BladeSystem Onboard Administrator and that you properly complete the initial setup to facilitate its proper functioning.
You can find other Onboard Administrator docs on the HP website at:
HP BladeSystem c-Class Onboard Administrator
Figure 2-1 shows the Onboard Administrator OA/iLO network port and components.
HP Integrity Server Blade Components 27
Figure 2-1 OA/iLO Network Port and Components
1 |
OA/iLO Network Port |
4 |
Enclosure Link-Up Port |
2 |
Onboard Administrator Bay 1 |
5 |
Enclosure Link-Down Port |
3Onboard Administrator Bay 2 (redundant if used)
Figure 2-2 shows the Onboard Administrator LEDs and buttons.
Figure 2-2 Onboard Administrator LEDs and Buttons
1 |
Onboard Administrator UID LED |
4 |
Onboard Administrator Health LED |
2 |
Enclosure UID LED |
5 |
Onboard Administrator Reset Button |
3 |
Onboard Administrator Active LED |
|
|
28 Ports and LEDs
Figure 2-3 shows the rear view of the HP Integrity rx2660 server.
The system LAN functionality is integrated into the system board.
Figure 2-3 HP Integrity rx2660 Server Rear View
1 |
PowerSupply1andLED 6 |
2PowerSupply2andLED 7
3 |
PCI-x/PCI-e Slots |
8 |
4 |
Core LAN Ports |
9 |
5Smart Array P400 Controller Slot
Auxiliary Serial Port |
10 |
iLO 2 MP LAN Port |
VGA Port |
11 |
iLO 2 MP Status LEDs |
USB Ports |
12 |
iLO 2 MP Reset Button |
Console Serial Port |
13 |
UID Button/LED |
(RS-232) |
|
|
Figure2-4 showsthecontrols,ports,andLEDsontherearoftheHPIntegrityrx3600andrx6600 servers.
HP Integrity rx2660 Server Components 29
NOTE: This figure is oriented vertically to match the orientation of the core I/O board.
Figure 2-4 HP Integrity rx3600 and rx6600 Server Rear Ports and LEDs
1 |
iLO 2 MP Serial Console |
3 |
USB 2.0 Ports (any USB |
5 VGA Port (No iLO 2 MP |
|
Port (RS-232) (DB-9F to |
|
device) |
access; EFI only) |
|
DB-9F cable) Connected to |
4 |
iLO2MPLANPort(10/100 |
|
|
emulation terminal device |
|
LAN) |
|
|
(PC, laptop, or ASCII |
|
|
|
|
terminal) |
|
|
|
2 |
General Use Serial Port |
|
|
|
|
(Printers, etc.) |
|
|
|
Table 2-1 lists the state of the iLO 2 MP status LEDs during normal operation.
Table 2-1 iLO 2 MP Status LEDs
iLO 2 MP Status LED |
LED State |
Standby Power |
Solid green. |
iLO 2 MP Self Test |
Off. The LED is solid amber when ac power is first applied. It remains solid amber for |
|
a few seconds until the MP completes its self test; then the LED turns off. |
30 Ports and LEDs |
|