HP Integrity iLO 2 Operation Manual
HP Integrity iLO 2 Operations Guide
HP Part Number: 5991-8053_ed11
Published: April 2010
Edition: 11
© Copyright 2006, 2010 Hewlett-Packard Development Company, L.P.
Legal Notices
The informationcontained hereinis subjectto changewithout notice.The onlywarranties for HP products and services are set forth in the express
warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP
shall not be liable for technical or editorial errors or omissions contained herein.
Intel, Pentium, Intel Inside, Itanium, and the Intel Inside logo are trademarks or registered trademarks of Intel Corporation or its subsidiaries in
the United States and other countries.
Microsoft and Windows are U.S. registered trademarks of Microsoft Corporation.
Acrobat is a trademark of Adobe Systems Incorporated.
Java is a US trademark of Sun Microsystems, Inc.
UNIX is a registered trademark of The Open Group.
Table of Contents
About This Document.......................................................................................................15
Intended Audience................................................................................................................................15
New and Changed Information in This Edition...................................................................................15
Publishing History................................................................................................................................15
Document Organization.......................................................................................................................17
Typographic Conventions.....................................................................................................................18
Related Information..............................................................................................................................18
HP Contact Information........................................................................................................................19
Documentation Feedback.....................................................................................................................19
1 Introduction to iLO 2....................................................................................................21
Features.................................................................................................................................................21
Standard Features............................................................................................................................22
Always-On Capability................................................................................................................22
Virtual Front Panel.....................................................................................................................22
Multiple Access Methods...........................................................................................................22
Security.......................................................................................................................................22
User Access Control...................................................................................................................22
Multiple Users............................................................................................................................23
IPMI over LAN...........................................................................................................................23
System Management Homepage...............................................................................................23
Firmware Upgrades...................................................................................................................24
Internal Subsystem Information................................................................................................24
DHCP and DNS Support...........................................................................................................24
Group Actions............................................................................................................................24
Group Actions Using HP SIM....................................................................................................24
SNMP.........................................................................................................................................24
SMASH.......................................................................................................................................24
SM CLP.......................................................................................................................................25
Mirrored Console.......................................................................................................................25
Remote Power Control...............................................................................................................25
Power Regulation.......................................................................................................................25
Event Logging............................................................................................................................25
Advanced Features..........................................................................................................................25
Virtual Media.............................................................................................................................25
Integrated Remote Console........................................................................................................26
Directory-Based Secure Authorization Using LDAP.................................................................26
Schema-Free LDAP....................................................................................................................26
Power Meter Readings...............................................................................................................26
HP Insight Power Manager........................................................................................................26
Obtaining and Activating iLO 2 Advanced Pack Licensing.................................................................27
Lights-Out Advanced KVM Card...................................................................................................27
Supported Systems and Required Components and Cables................................................................27
Integrity iLO 2 Supported Browsers and Client Operating Systems...................................................28
Security.................................................................................................................................................28
Protecting SNMP Traffic..................................................................................................................29
2 Ports and LEDs..............................................................................................................31
HP Integrity Server Blade Components...............................................................................................31
Table of Contents 3
Onboard Administrator...................................................................................................................31
HP Integrity rx2660 Server Components..............................................................................................33
HP Integrity rx3600 and rx6600 Server Components...........................................................................33
iLO 2 MP Status LEDs...........................................................................................................................34
iLO 2 MP Reset Button..........................................................................................................................35
Resetting Local User Accounts and Passwords to Default Values..................................................35
Console Serial Port and Auxiliary Serial Port.......................................................................................35
MP LAN Port........................................................................................................................................36
MP LAN LEDs.................................................................................................................................36
3 Getting Connected to iLO 2.......................................................................................37
Setup Checklist......................................................................................................................................38
Setup Flowchart....................................................................................................................................39
Rackmount Server Connection.............................................................................................................40
Preparing to Set Up iLO 2................................................................................................................40
Determining the Physical iLO 2 Access Method........................................................................40
Determining the iLO 2 MP LAN Configuration Method..........................................................41
Configuring the iLO 2 MP LAN Using DHCP and DNS................................................................41
Configuring the iLO 2 MP LAN Using ARP Ping...........................................................................42
Configuring the iLO 2 MP LAN Using the Console Serial Port......................................................43
Server Blade Connection.......................................................................................................................45
Connecting to a Server Blade iLO 2 Using the Console Serial Port................................................45
Connecting the SUV Cable to the Server Blade.........................................................................46
Connecting the Server Blade To iLO 2 Using the Onboard Administrator....................................48
Auto Login.................................................................................................................................49
Initiating an Auto Login Session..........................................................................................50
Terminating an Auto Login Session......................................................................................50
User Account Cleanup During IPF Blade Initialization.......................................................50
Auto Login Troubleshooting.................................................................................................50
Additional Setup...................................................................................................................................51
Modifying User Accounts and Default Passwords.........................................................................51
Setting Up Security..........................................................................................................................52
Setting Security Access...............................................................................................................52
Setting iLO 2 MP LAN From EFI.....................................................................................................52
4 Logging In to iLO 2......................................................................................................55
Logging In to iLO 2 Using the Web GUI..............................................................................................55
Logging In to iLO 2 Using the Command Line Interface.....................................................................55
Network Port Usage..............................................................................................................................55
5 Adding Advanced Features........................................................................................57
Lights-Out Advanced KVM Card for sx2000 Servers...........................................................................57
Lights-Out Advanced KVM card Requirements.............................................................................58
Configuring the Lights-Out Advanced KVM Card.........................................................................59
Lights-Out Advanced KVM Card IRC Feature...............................................................................60
Lights-Out Advanced KVM Card vMedia Feature.........................................................................60
Installing the Lights-Out Advanced KVM Card in a Server...........................................................61
Lights-Out Advanced KVM Card Quick Setup Steps.....................................................................63
Using Lights-Out Advanced KVM Features...................................................................................64
Mid Range PCI Backplane Power Behavior....................................................................................65
Troubleshooting the Lights-Out Advanced KVM Card..................................................................65
Core I/O Card Configurations.........................................................................................................66
Supported PCI-X Slots.....................................................................................................................67
4 Table of Contents
Upgrading the Lights-Out Advanced KVM Card Firmware..........................................................67
6 Accessing the Host (Operating System) Console.....................................................69
Accessing a Text Host Console through iLO 2 Virtual Serial Console.................................................69
Accessing Online Help....................................................................................................................70
Accessing a Text Host Console Using the TUI......................................................................................70
Help System.....................................................................................................................................70
Accessing a Graphic Host Console Using the Integrated Remote Console.........................................71
Accessing a Text Host Console Using SMASH SM CLP......................................................................71
7 Configuring DHCP, DNS, LDAP, and Schema-Free LDAP........................................73
Configuring DHCP...............................................................................................................................73
Configuring DNS..................................................................................................................................74
Configuring LDAP Extended Schema..................................................................................................74
Login Process Using Directory Services with Extended LDAP......................................................75
Configuring Schema-Free LDAP..........................................................................................................76
Setting Up Directory Security Groups............................................................................................77
Login Process Using Directory Services Without Schema Extensions............................................77
LDAP and MP Login for Integrity Cell-Based Servers.........................................................................78
User Accounts..................................................................................................................................78
Commands.......................................................................................................................................78
Access Rights...................................................................................................................................79
Partition User Support Options.......................................................................................................82
8 Using iLO 2...................................................................................................................83
Text User Interface................................................................................................................................83
MP Command Interfaces.................................................................................................................83
MP Main Menu................................................................................................................................84
MP Main Menu Commands.......................................................................................................84
CO (Console): Leave the MP Main Menu and enter console mode......................................85
VFP (Virtual Front Panel): Simulate the display panel.........................................................85
CM (Command Mode): Enter command mode.....................................................................85
SMCLP (Server Management Command Line Protocol): Switch to the SMASH SMCLP.....85
CL (Console Log): View the history of the console output...................................................85
SL (Show Logs): View events in the log history...................................................................85
HE (Help): Display help for the menu or command in the MP Main Menu........................89
X (Exit): Exit iLO 2.................................................................................................................89
Command Menu..............................................................................................................................89
Command Line Interface Scripting.................................................................................................91
Expect Script Example................................................................................................................91
Command Menu Commands and Standard Command Line Scripting Syntax.............................93
BP: Reset BMC passwords..........................................................................................................93
BLADE: Display BLADE parameters.........................................................................................94
CA: Configure asynchronous local serial port............................................................................94
DATE: Display date.....................................................................................................................95
DC (Default Configuration): Reset all parameters to default configurations.............................95
DF: Display FRU information.....................................................................................................96
DI: Disconnect LAN, WEB, SSH, or Console.............................................................................96
DNS: DNS settings......................................................................................................................96
FW: Upgrade the MP firmware...................................................................................................97
HE: Display help for menu or command in command menu interface.....................................97
ID: System information settings................................................................................................97
Table of Contents 5
IT: Inactivity timeout settings...................................................................................................98
LC: LAN configuration usage.....................................................................................................98
LDAP: LDAP directory settings..................................................................................................99
LDAP: LDAP group administration....................................................................................100
LDAP: Schema-Free LDAP..................................................................................................101
LM: License management..........................................................................................................101
LOC: Locator UID LED configuration.......................................................................................101
LS: LAN status.........................................................................................................................101
PC: Power control access..........................................................................................................101
PM: Power regulator mode........................................................................................................102
PR: Power restore policy configuration....................................................................................103
PS: Power status.......................................................................................................................103
RB: Reset BMC..........................................................................................................................103
RS: Reset system through the RST signal.................................................................................103
SA: Set access LAN/WEB/SSH/IPMI over LAN ports..............................................................104
SNMP: Configure SNMP parameters........................................................................................104
SO: Security option help...........................................................................................................105
SS: System Status.....................................................................................................................105
SYSREV: Firmware revisions....................................................................................................106
TC: System reset through INIT or TOC signal.........................................................................106
TE: Send a message to other mirroring terminals....................................................................106
UC: User Configuration (users, passwords, and so on)............................................................106
WHO: Display a list of iLO 2 connected users............................................................................108
XD: iLO 2 Diagnostics or reset..................................................................................................108
Web GUI..............................................................................................................................................110
System Status.................................................................................................................................110
Status Summary > General ......................................................................................................110
Status Summary > Active Users...............................................................................................111
Status Summary > FW Revisions..............................................................................................112
Server Status > General.............................................................................................................113
Server Status > Identification....................................................................................................114
System Event Log.....................................................................................................................115
Events..................................................................................................................................116
Remote Serial Console...................................................................................................................116
Virtual Serial Port.....................................................................................................................119
Integrated Remote Console...........................................................................................................119
IRC Requirements and Usage..................................................................................................119
Limitations of the IRC Mouse and Keyboard.....................................................................120
Browsers and Client Operating Systems that Support the IRC..........................................121
IRC-Supported Resolutions and Browser Configurations.................................................121
Accessing the IRC.....................................................................................................................122
Integrated Remote Console Fullscreen...............................................................................124
Virtual Media.................................................................................................................................125
Using iLO 2 Virtual Media Devices..........................................................................................125
Virtual CD/DVD..................................................................................................................126
Creating the iLO 2 Disk Image Files...................................................................................128
Virtual Floppy/USB Key......................................................................................................130
Virtual Media Applet Timeout...........................................................................................131
Supported Operating Systems and USB Support for vMedia.................................................131
Java Plug-in Version.................................................................................................................132
Client Operating System and Browser Support for vMedia....................................................132
Power Management.......................................................................................................................132
Power & Reset...........................................................................................................................132
Power Meter Readings.............................................................................................................133
6 Table of Contents
Power Regulator.......................................................................................................................135
Administration...............................................................................................................................137
Firmware Upgrade...................................................................................................................137
Licensing...................................................................................................................................138
User Administration > Local Accounts....................................................................................139
Group Accounts.......................................................................................................................140
Access Settings..........................................................................................................................141
LAN..........................................................................................................................................142
Serial Page.................................................................................................................................143
Login Options Page..................................................................................................................143
Current LDAP Parameters.......................................................................................................144
Network Settings......................................................................................................................146
Network Settings > Standard...................................................................................................146
Domain Name Server...............................................................................................................147
SNMP Settings..........................................................................................................................148
BL c-Class.......................................................................................................................................149
Help...............................................................................................................................................150
SMASH Server Management Command Line Protocol.....................................................................152
SM CLP Features and Functionality Overview.............................................................................152
SM CLP Session........................................................................................................................152
Accessing the SM CLP Interface....................................................................................................152
Exiting the SM CLP Interface...................................................................................................153
Changing the iLO 2 Default Interface to SM CLP....................................................................153
Using the SM CLP Interface...........................................................................................................154
SM CLP Syntax..............................................................................................................................154
Command Line Terms..............................................................................................................154
Command Verbs.......................................................................................................................155
Command Targets....................................................................................................................156
Command Target Properties....................................................................................................156
Command Options...................................................................................................................156
Level Option........................................................................................................................156
Display Option....................................................................................................................157
Character Set, Delimiters, Special, and Reserved Characters..................................................157
System1 Target...............................................................................................................................158
Target: SYSTEM1......................................................................................................................158
System Reset Power Status and Power Control.............................................................................159
Resetting the System................................................................................................................159
Displaying Power Status..........................................................................................................159
Powering Off the System..........................................................................................................159
Powering On the System..........................................................................................................159
Map1 (iLO 2) Target.......................................................................................................................160
Target: map1.............................................................................................................................160
Map1 Example..........................................................................................................................160
Resetting iLO 2.........................................................................................................................161
Text Console Services.....................................................................................................................161
Opening the MP Main Menu from SM CLP............................................................................161
Target: map1/textredirectsap1.............................................................................................161
Opening the System Console Interface from SM CLP.............................................................161
Target: system1/consoles1/textredirectsap1........................................................................161
Switching Between the System Console and the SM CLP.......................................................162
Starting a System Console Session......................................................................................162
Determining the Session Termination Character Sequence for the System Console.........162
Exiting the System Console Session and Returning to SM CLP.........................................162
Entering the MP Main Menu Interface From SM CLP.......................................................162
Exiting the MP Main Menu Session and Returning to SM CLP.........................................162
Table of Contents 7
Firmware Revision Display and Upgrade.....................................................................................163
SM CLP Firmware Targets........................................................................................................163
Target: map1/swinstallsvc1.................................................................................................163
Target: map1/swinventory1................................................................................................163
Target: map1/swinventory1/swid#......................................................................................163
Displaying Firmware Revisions...............................................................................................164
Firmware Upgrade...................................................................................................................165
Remote Access Configuration.......................................................................................................165
Telnet SM CLP Targets.............................................................................................................165
Target: map1/telnetsvc1......................................................................................................165
Telnet Examples..................................................................................................................166
SSH...........................................................................................................................................166
Target: map1/sshsvc1................................................................................................................166
SSH Examples...........................................................................................................................166
Network Configuration.................................................................................................................166
SM CLP Network Targets, Properties, and Verbs....................................................................166
Target: map1/enetport1.......................................................................................................166
Target: map1/enetport1/lanendpt1.....................................................................................167
Target: map1/enetport1/lanendpt1/ipendpt1......................................................................167
Target: map1/dhcpendpt1...................................................................................................168
Target: map1/dnsendpt1.....................................................................................................168
Target: map1/enetport1/lanendpt1/ipendpt1/gateway1.....................................................169
Target: map1/dnsserver1, map1/dnsserver2, map1/dnsserver3.........................................169
Target: map1/settings1/dnssettings1...................................................................................169
SM CLP Network Command Examples...................................................................................170
vMedia......................................................................................................................................171
Setting Up IIS for Scripted vMedia.....................................................................................171
vMedia Functionality on Server Blades and Rack-Mounted Servers.................................172
User Accounts Configuration........................................................................................................176
Target: map1/group1................................................................................................................176
Target: map1/group1/account#.................................................................................................176
User Account Examples...........................................................................................................177
LDAP Configuration......................................................................................................................177
Target: map1/settings1/oemhp_ldapsettings1..........................................................................177
LDAP Configuration Examples................................................................................................178
9 Installing and Configuring Directory Services .......................................................179
Directory Services...............................................................................................................................179
Features Supported by Directory Integration...............................................................................179
Directory Services Installation Prerequisites.................................................................................180
Installing Directory Services..........................................................................................................180
Schema Documentation.................................................................................................................180
Directory Services Support............................................................................................................181
eDirectory Installation Prerequisites.............................................................................................181
Required Schema Software............................................................................................................181
Schema Installer.............................................................................................................................182
Schema Preview Screen............................................................................................................182
Setup Screen.............................................................................................................................182
Results Screen...........................................................................................................................183
Management Snap-In Installer......................................................................................................184
Directory Services for Active Directory..............................................................................................184
Active Directory Installation Prerequisites....................................................................................184
Preparing Directory Services for Active Directory........................................................................185
Installing and Initializing Snap-Ins for Active Directory..............................................................186
8 Table of Contents
Example: Creating and Configuring Directory Objects for Use with iLO 2 in Active Directory...186
Directory Services Objects.............................................................................................................189
Active Directory Snap-Ins........................................................................................................190
Managing HP Devices In a Role.........................................................................................190
Managing Users In a Role...................................................................................................190
Setting Login Restrictions.........................................................................................................191
Setting Time Restrictions....................................................................................................192
Defining Client IP Address or DNS Name Access.............................................................192
Setting User or Group Role Rights................................................................................................193
Directory Services for eDirectory........................................................................................................194
Installing and Initializing Snap-In for eDirectory.........................................................................194
Example: Creating and Configuring Directory Objects for Use with iLO 2 Devices in
eDirectory......................................................................................................................................195
Creating Objects.......................................................................................................................195
Creating Roles..........................................................................................................................196
Directory Services Objects for eDirectory......................................................................................198
Adding Role Managed Devices................................................................................................198
Adding Members......................................................................................................................198
Setting Role Restrictions................................................................................................................199
Setting Time Restrictions...............................................................................................................200
Defining Client IP Address or DNS Name Access...................................................................200
Setting Lights-Out Management Device Rights............................................................................200
Installing Snap-Ins and Extending Schema for eDirectory on a Linux Platform..........................201
Installing the Java Runtime Environment................................................................................201
Installing Snap-Ins....................................................................................................................202
Extending Schema....................................................................................................................202
Verifying Snap-In Installation and Schema Extension.............................................................203
Using the LDAP Command to Configure Directory Settings in iLO 2.........................................203
User Login Using Directory Services..................................................................................................204
Certificate Services..............................................................................................................................205
Installing Certificate Services........................................................................................................205
Verifying Directory Services..........................................................................................................205
Configuring an Automatic Certificate Request.............................................................................205
Directory-Enabled Remote Management...........................................................................................205
Using Existing Groups...................................................................................................................206
Using Multiple Roles.....................................................................................................................206
Creating Roles that Follow Organizational Structure...................................................................207
Restricting Roles............................................................................................................................207
Role Time Restrictions..............................................................................................................207
IP Address Range Restrictions.................................................................................................208
IP Address and Subnet Mask Restrictions...............................................................................208
DNS-Based Restrictions............................................................................................................208
Role Address Restrictions........................................................................................................208
Enforcing Directory Login Restrictions.........................................................................................208
Enforcing User Time Restrictions..................................................................................................209
User Address Restrictions.............................................................................................................210
Creating Multiple Restrictions and Roles......................................................................................210
Directory Services Schema (LDAP)....................................................................................................211
HP Management Core LDAP Object Identifier Classes and Attributes........................................211
Core Classes..............................................................................................................................211
Core Attributes.........................................................................................................................211
Core Class Definitions..............................................................................................................212
hpqTarget............................................................................................................................212
hpqRole...............................................................................................................................212
hpqPolicy.............................................................................................................................212
Table of Contents 9
Core Attribute Definitions........................................................................................................212
hpqPolicyDN.......................................................................................................................213
hpqRoleMembership...........................................................................................................213
hpqTargetMembership........................................................................................................213
hpqRoleIPRestrictionDefault..............................................................................................213
hpqRoleIPRestrictions.........................................................................................................213
hpqRoleTimeRestriction.....................................................................................................214
iLO 2-Specific LDAP OID Classes and Attributes.........................................................................214
iLO 2 Classes............................................................................................................................214
iLO 2 Attributes........................................................................................................................214
iLO 2 Class Definitions.............................................................................................................215
hpqLOMv100......................................................................................................................215
iLO 2 Attribute Definitions.......................................................................................................215
hpqLOMRightLogin............................................................................................................215
hpqLOMRightRemoteConsole............................................................................................215
hpqLOMRightRemoteConsole............................................................................................216
hpqLOMRightServerReset..................................................................................................216
hpqLOMRightLocalUserAdmin.........................................................................................216
hpqLOMRightConfigureSettings........................................................................................216
Glossary.........................................................................................................................217
Index...............................................................................................................................225
10 Table of Contents
List of Figures
2-1 OA/iLO Network Port and Components......................................................................................31
2-2 Onboard Administrator LEDs and Buttons..................................................................................32
2-3 HP Integrity rx2660 Server Rear View..........................................................................................33
2-4 HP Integrity rx3600 and rx6600 Server Rear Ports and LEDs.......................................................34
2-5 Console Serial Port (RS-232) Connector........................................................................................35
2-6 MP LAN Port.................................................................................................................................36
3-1 Setup Flowchart.............................................................................................................................39
3-2 SUV Cable......................................................................................................................................47
3-3 Connecting the SUV Cable To the Server Blade............................................................................48
5-1 PCI-X or PCI-X/PCIe Card Cage (Common to all supported servers)..........................................62
5-2 dvc.CAB Error...............................................................................................................................64
6-1 Web Login Page.............................................................................................................................69
6-2 Status Summary Page....................................................................................................................70
8-1 MP Command Interfaces...............................................................................................................84
8-2 Status Summary General Page....................................................................................................110
8-3 Status Summary Active Users Page.............................................................................................111
8-4 FW Revisions Page.......................................................................................................................112
8-5 Server Status General Page..........................................................................................................113
8-6 Server Status Identification Page.................................................................................................114
8-7 System Event Log Page................................................................................................................115
8-8 Remote Serial Console Page........................................................................................................117
8-9 Remote Serial Console Window..................................................................................................118
8-10 Integrated Remote Console Page.................................................................................................123
8-11 Integrated Remote Console Window..........................................................................................124
8-12 Virtual Media Page......................................................................................................................126
8-13 Virtual Media Dialog Box (Before Connection)...........................................................................127
8-14 Virtual Media Dialog Box (after connection)...............................................................................128
8-15 Local Image File Dialog Box........................................................................................................129
8-16 Create Media Image Dialog Box..................................................................................................129
8-17 Virtual Floppy/USB Key..............................................................................................................131
8-18 Power & Reset Page.....................................................................................................................132
8-19 Power Meter Readings Page........................................................................................................134
8-20 Power Regulator Page..................................................................................................................136
8-21 Licensing Page.............................................................................................................................138
8-22 Local Accounts Page....................................................................................................................140
8-23 Group Accounts Page..................................................................................................................141
8-24 LAN Page.....................................................................................................................................142
8-25 Serial Page....................................................................................................................................143
8-26 Login Options Page.....................................................................................................................144
8-27 Current LDAP Parameters Page..................................................................................................145
8-28 Standard Page..............................................................................................................................146
8-29 Domain Name Server Page..........................................................................................................147
8-30 SNMP Settings Page....................................................................................................................148
8-31 Onboard Administrator...............................................................................................................149
8-32 Help Page.....................................................................................................................................151
9-1 Schema Preview Screen...............................................................................................................182
9-2 Schema Setup Screen...................................................................................................................183
9-3 Schema Results Screen.................................................................................................................184
9-4 Directory Example.......................................................................................................................187
9-5 Create New HP Management Object Dialog Box........................................................................187
9-6 Select Users Dialog Box...............................................................................................................188
9-7 Lights-Out Management Tab.......................................................................................................189
11
9-8 HP Devices Tab............................................................................................................................190
9-9 Members Tab...............................................................................................................................191
9-10 Role Restrictions Tab...................................................................................................................191
9-11 Logon Hours Screen....................................................................................................................192
9-12 New IP/Mask Dialog Box............................................................................................................193
9-13 Lights-Out Management Tab.......................................................................................................194
9-14 Roles and Devices Example.........................................................................................................195
9-15 Select Object Subtype Dialog Box................................................................................................196
9-16 Setting Role Rights.......................................................................................................................197
9-17 Role Managed Devices Subtab....................................................................................................198
9-18 Members Tab (eDirectory)...........................................................................................................199
9-19 Role Restrictions Subtab (eDirectory)..........................................................................................199
9-20 Add New Restriction Dialog Box................................................................................................200
9-21 Lights-Out Management Device Rights Tab...............................................................................201
9-22 Admin User Gaining Admin Role Right, Example 1..................................................................207
9-23 Admin User Gaining Admin Role Right, Example 2..................................................................207
9-24 User and Role Access Restrictions...............................................................................................209
9-25 User Time Restrictions.................................................................................................................209
9-26 Restricting General Use...............................................................................................................210
9-27 Restricting the Reset Role............................................................................................................211
12 List of Figures
List of Tables
1 Publishing History Details............................................................................................................15
1-1 Supported Systems and Required Components Matrix...............................................................27
2-1 iLO 2 MP Status LEDs...................................................................................................................34
2-2 Console Serial Port Pinouts...........................................................................................................35
2-3 MP LAN Port Pinouts....................................................................................................................36
2-4 MP LAN Link Status LEDs............................................................................................................36
2-5 MP LAN Link Speed LEDs............................................................................................................36
3-1 Setup Checklist..............................................................................................................................38
3-2 Physical Connection Matrix..........................................................................................................40
3-3 LAN Configuration Methods........................................................................................................41
3-4 ARP Ping Commands....................................................................................................................43
4-1 TCP Ports.......................................................................................................................................56
4-2 UDP Ports......................................................................................................................................56
5-1 Supported System Configurations................................................................................................59
5-2 Availability of Features..................................................................................................................59
5-3 General Troubleshooting...............................................................................................................66
5-4 Unsupported Core I/O Configurations with Possible Solutions...................................................67
5-5 Mode-1 PCI-X Slots by Server and Backplane..............................................................................67
7-1 Command Categories....................................................................................................................79
7-2 Access Rights for Cell-Based Servers............................................................................................80
7-3 Commands and Associated Access Right.....................................................................................80
8-1 MP Command Interfaces...............................................................................................................83
8-2 MP Main Menu Commands..........................................................................................................84
8-3 Events............................................................................................................................................86
8-4 iLO 2 Event Log Filter Options.....................................................................................................87
8-5 Alert Levels....................................................................................................................................87
8-6 Events and Actions........................................................................................................................88
8-7 Navigation Commands.................................................................................................................88
8-8 MPEL Log Navigation Filter.........................................................................................................89
8-9 Command Menu Commands........................................................................................................89
8-10 Status Summary General Page Description.................................................................................111
8-11 Active Users Page Description....................................................................................................112
8-12 FW Revisions Page Descriptions.................................................................................................112
8-13 Server Status General Page Description......................................................................................113
8-14 Server Status Identification Page Description.............................................................................114
8-15 System Event Log Page Description............................................................................................115
8-16 Supported Terminal Types..........................................................................................................118
8-17 IRC Page Description...................................................................................................................123
8-18 IRC Window Description............................................................................................................124
8-19 Power & Reset Page Description.................................................................................................133
8-20 Power Meter Readings Page Description....................................................................................134
8-21 Power Regulator Page Description..............................................................................................136
8-22 Licensing Page Description.........................................................................................................139
8-23 Local Accounts Page Description................................................................................................140
8-24 Group Accounts Page Description..............................................................................................141
8-25 LAN Page Description.................................................................................................................142
8-26 Serial Page Description................................................................................................................143
8-27 Login Options Page Description..................................................................................................144
8-28 Current LDAP Parameters Page Description..............................................................................145
8-29 Standard Page Description..........................................................................................................147
8-30 DNS Page Description.................................................................................................................148
8-31 SNMP Settings Page Description.................................................................................................149
13
8-32 Onboard Administrator Page Description..................................................................................150
8-33 Supported Command Verbs........................................................................................................155
8-34 Command Options......................................................................................................................157
8-35 SM CLP Reserved Characters and Character Sequences............................................................158
8-36 system1 Properties.......................................................................................................................159
8-37 map1 Properties...........................................................................................................................160
8-38 /map1/textredirectsap1 Properties..............................................................................................161
8-39 /system1/consoles1/textredirectsap1 Properties..........................................................................162
8-40 swinstallsvc1 Properties..............................................................................................................163
8-41 swinventory1 Properties..............................................................................................................163
8-42 swid# Properties..........................................................................................................................164
8-43 telnetsvc1 Properties....................................................................................................................165
8-44 sshsvc1 Properties........................................................................................................................166
8-45 enetport1 Properties....................................................................................................................167
8-46 lanedpt1 Properties......................................................................................................................167
8-47 ipendpt1 Properties.....................................................................................................................168
8-48 dhcpendpt1 Properties................................................................................................................168
8-49 dnsendpt1 Properties...................................................................................................................169
8-50 gateway1 Properties....................................................................................................................169
8-51 dnsserver1, dnsserver2, dnsserver3 Properties...........................................................................169
8-52 dnssettings1 Properties................................................................................................................170
8-53 cddr1 Properties..........................................................................................................................173
8-54 group1 Properties........................................................................................................................176
8-55 account# Properties.....................................................................................................................176
8-56 oemhp_ldapsettings1 Properties.................................................................................................178
9-1 Lights-Out Management Rights..................................................................................................194
9-2 Management Device Rights.........................................................................................................201
9-3 Core Classes.................................................................................................................................211
9-4 Core Attributes............................................................................................................................211
9-5 hpqTarget.....................................................................................................................................212
9-6 hpqRole........................................................................................................................................212
9-7 hpqPolicy.....................................................................................................................................212
9-8 hpqPolicyDN...............................................................................................................................213
9-9 hpqRoleMembership...................................................................................................................213
9-10 hpqTargetMembership................................................................................................................213
9-11 hpqRoleIPRestrictionDefault.......................................................................................................213
9-12 hpqRoleIPRestrictions.................................................................................................................213
9-13 hpqRoleTimeRestriction..............................................................................................................214
9-14 iLO 2 Classes................................................................................................................................214
9-15 iLO 2 Attributes...........................................................................................................................214
9-16 hpqLOMv100...............................................................................................................................215
9-17 hpqLOMRightLogin....................................................................................................................215
9-18 hpqLOMRightRemoteConsole....................................................................................................215
9-19 hpqLOMRightRemoteConsole....................................................................................................216
9-20 hpqLOMRightServerReset...........................................................................................................216
9-21 hpqLOMRightLocalUserAdmin..................................................................................................216
9-22 hpqLOMRightConfigureSettings................................................................................................216
14 List of Tables
About This Document
This documentprovides information andinstructions on howto use the HP Integrated Lights-Out
2 (iLO 2) for Integrity for BL870c, BL860c, rx2660, rx3600, and rx6600 servers.
The document date and part number indicate the document’s current edition. The date changes
when a new edition is published. The document part number changes when extensive changes
are made.
Document updatesmay be issued between editions to correct errorsor document product changes.
To ensure that you receive the updated or new editions, subscribe to the appropriate product
support service. See your HP sales representative for details.
This document is also a reference for the following HP Integrity servers with Integrity iLO 2:
• rx7640
• rx8640
• Superdome sx2000
The latest version of this document can be found on the HP website at http://www.hp.com.
Intended Audience
This document provides technical product and support information for authorized service
providers, system administrators, and HP support personnel.
New and Changed Information in This Edition
• Added information about using a Japanese keyboard on a Windows operating system for
communicating in English.
• Added information about using the OA IP address as a gateway address for Integrity iLO
2.
Publishing History
The publishing history below identifies the edition dates of this manual. Updates are made to
this publication on an unscheduled, as needed, basis.
Table 1 Publishing History Details
Publication DateSupported ServersOperating Systems SupportedDocument
Manufacturing Part
Number
September 2006rx3600
rx6600
HP-UX 11i v2
OpenVMS 8.3
Microsoft Windows Server 2003
Red Hat Linux and SuSE
5971-4292
December 2006rx2660
rx3600
rx6600
HP-UX 11i v2
OpenVMS 8.3
Microsoft Windows Server 2003
Red Hat Linux and SuSE
AB419-9006A
February 2007BL860c
rx2660
rx3600
rx6600
HP-UX 11i v2
OpenVMS 8.3
Microsoft Windows Server 2003
Red Hat Linux and SuSE
AD217-9001A
Intended Audience 15
Table 1 Publishing History Details (continued)
Publication DateSupported ServersOperating Systems SupportedDocument
Manufacturing Part
Number
June 2007BL860c
rx2660
rx3600
rx6600
HP-UX 11i v2
OpenVMS 8.3
Microsoft Windows Server 2003
Red Hat Linux and SuSE
5991-5983
November 2007BL860c
rx2660
rx3600
rx6600
rx7640*
rx8640*
Superdome sx2000*
HP-UX 11i v2
OpenVMS 8.3 1H1
Microsoft Windows Server 2003
Red Hat Linux and SuSE
5991-5992
January 2008BL870c
BL860c
rx2660
rx3600
rx6600
rx7640*
rx8640*
Superdome sx2000*
HP-UX 11i v2
OpenVMS 8.3 1H1
Microsoft Windows Server 2003
Red Hat Linux and SuSE
5991-6005
August 2008BL870c
BL860c
rx2660
rx3600
rx6600
rx7640*
rx8640*
Superdome sx2000*
HP-UX 11i v3
OpenVMS 8.3 1H1
Microsoft Windows Server 2008
Red Hat Linux and SuSE
5991-6024
May 2009BL870c
BL860c
rx2660
rx3600
rx6600
rx7640*
rx8640*
Superdome sx2000*
HP-UX 11i v3
OpenVMS 8.3 1H1
Microsoft Windows Server 2008
Red Hat Linux and SuSE
5991-8053
16
Table 1 Publishing History Details (continued)
Publication DateSupported ServersOperating Systems SupportedDocument
Manufacturing Part
Number
August 2009BL870c
BL860c
rx2660
rx3600
rx6600
rx7640*
rx8640*
Superdome sx2000*
HP-UX 11i v3
OpenVMS 8.3 1H1
Microsoft Windows Server 2008
Red Hat Linux and SuSE
5991-8053_ed9
December 2009BL870c
BL860c
rx2660
rx3600
rx6600
rx7640*
rx8640*
Superdome sx2000*
HP-UX 11i v3
OpenVMS 8.3 1H1
Microsoft Windows Server 2008
Red Hat Linux and SuSE
5991-8053_ed10
April 2010BL870c
BL860c
rx2660
rx3600
rx6600
rx7640*
rx8640*
Superdome sx2000*
HP-UX 11i v3
OpenVMS 8.3 1H1
Microsoft Windows Server 2008
Red Hat Linux and SuSE
5991-8053_ed11
* All of the iLO 2 functionality is not currently available on this server.
Document Organization
This document is divided into the following chapters.
Chapter 1 Introduction Use this chapter to learn about iLO 2 functionality.
Chapter 2 Ports and LEDs Use this chapter to learn about ports and LEDs.
Chapter 3 Getting Connected to iLO 2 Use this chapter to connect to iLO 2.
Chapter 4 Logging in to iLO 2 Use this chapter to log in to iLO 2.
Chapter 5 Adding Advanced Features Use this chapter to learn about the HP Lights-Out
Advanced KVM card functionality and installation on the rx7640, rx8640, and
Superdome sx2000 servers.
Chapter 6 Accessing the Host Console Use this chapter to learn how to access the host console
of an HP Integrity server through iLO 2.
Chapter 7 Configuring DHCP, DNS, LDAP, and Schema-Free LDAP Use this chapter to
configure DHCP, DNS, LDAP extended schema, and Schema-Free LDAP.
Chapter 8 Using iLO 2 This chapter provides information on the different interfaces you
can use to interact with iLO 2 such as text user interface, web GUI, and SMASH
SM CLP.
Document Organization 17
Chapter 9 Installing and Configuring Directory Services Use this chapter to learn about
installing and configuring directory services functions.
Glossary Use the glossary to learn iLO 2 terms and definitions.
Typographic Conventions
This document uses the following typographical conventions:
%, $, or #
A percent sign represents the C shell system prompt. A dollar
sign represents the system prompt for the Bourne, Korn, and
POSIX shells. A number sign represents the superuser prompt.
Command
A command name or qualified command phrase.
Computer output
Text displayed by the computer.
Ctrl+x A key sequence. A sequence such as Ctrl+x indicates that you
must hold down the key labeled Ctrl while you press another
key or mouse button.
ENVIRONMENT VARIABLE The name of an environment variable, for example, PATH.
[ERROR NAME]
The name of an error, usually returned in the errno variable.
Key The name of a keyboard key. Return and Enter both refer to the
same key.
Term The defined use of an important word or phrase.
User input
Commands and other text that you type.
Variable
The name of a placeholder in a command, function, or other
syntax display that you replace with an actual value.
[] The contents are optional in syntax. If the contents are a list
separated by |, you must choose one of the items.
{} The contents are required in syntax. If the contents are a list
separated by |, you must choose one of the items.
... The preceding element can be repeated an arbitrary number of
times.
Indicates the continuation of a code example.
| Separates items in a list of choices.
WARNING A warning calls attention to important information that if not
understood or followed will result in personal injury or
nonrecoverable system problems.
CAUTION A caution calls attention to important information that if not
understood or followed will result in data loss, data corruption,
or damage to hardware or software.
IMPORTANT This alert provides essential information to explain a concept or
to complete a task
NOTE A note contains additional information to emphasize or
supplement important points of the main text.
Related Information
You can find other information on HP server hardware management, Microsoft® Windows®,
and diagnostic support tools in the following publications.
HP Technical Documentation Website
http://www.hp.com/go/Integrity_Servers-docs for HP Integrity servers
18
http://www.hp.com/go/Blades-docs for HP Integrity server blades
Windows Operating System Information
Find information about administration of the Microsoft Windows operating system on the
following website:
http://www.microsoft.com/technet/
Diagnostics and Event Monitoring: Hardware Support Tools
Complete informationabout HP hardware support tools, including online and offline diagnostics
and event monitoring tools, is on the HP website at:
http://www.docs.hp.com/HP-UX/diag/
Website for HP Technical Support
http://h20219.www2.hp.com/services/cache/126868-0-0-225-121.html?jumpid=reg_R1002_USEN
Books About HP-UX Published by Prentice Hall
You can find the entire Prentice Hall Professional Series on HP at:
http://www.informit.com/imprint/series_detail.aspx?st=61305
HP Contact Information
For the name of the nearest HP authorized reseller:
• In the United States, see the HP US service locator webpage (http://welcome.hp.com/country/
us/en/wwcontact.html.)
• In other locations, see the Contact HP worldwide (in English) webpage:
http://welcome.hp.com/country/us/en/wwcontact.html.
For HP technical support:
• In the United States, for contact options see the Contact HP United States webpage: (http://
welcome.hp.com/country/us/en/contact_us.html)
To contact HP by phone:
— Call 1-800-HP-INVENT (1-800-474-6836). This service is available 24 hours a day, 7 days
a week. For continuous quality improvement, calls may be recorded or monitored.
— If you have purchased a Care Pack (service upgrade), call 1-800-633-3600. For more
information about Care Packs, see the HP website at: (http://www.hp.com/hps).
• In other locations, see the Contact HP worldwide (in English) webpage (http://
welcome.hp.com/country/us/en/wwcontact.html).
Documentation Feedback
HP welcomes your feedback. To make comments and suggestions about product documentation,
send a message to docsfeedback@hp.com.
Include the document title and manufacturing part number. All submissions becomethe property
of HP.
HP Contact Information 19
20
1 Introduction to iLO 2
The IntegratedLights-Out Management Processor (iLO MP) for Integrity servers is an autonomous
management subsystem embedded directly on the server. It is the foundation of the server’s
High Availability (HA) embedded server and fault management. It also provides system
administrators secure remote management capabilities regardless of server status or location.
iLO is available whenever the system is connected to a power source, even if the server main
power switch is in the off position.
HP has used several different names to describe the management functionality embedded in
servers, including “the management processor.” In addition, HP uses the term “management
processor” to refer to any embedded microprocessor that manages a system. Management
processor is a descriptive term (such as “server”), and iLO is a brand name or label (such as
“Integrity”).
Remote access is the key to maximizing efficiency of administration and troubleshooting for
enterprise servers. Integrity servers are designed so all administrative functions that can be
performed locally, can also be performed remotely. iLO enables remote access to the operating
system console, control over the server’s power and hardware reset functionality, and works
with the server to enable remote network booting through a variety of methods.
The iLO 2 is an Integrated Lights-Out 2 management processor with the latest advanced digital
video redirection technology. This new feature gives you a higher performance graphics console
redirection experience than with the previous iLO.
This documentation addresses HP Integrated Lights-Out 2 (iLO 2) for Integrity servers and server
blades. For information on iLO for ProLiant servers and ProLiant BladeSystem server blades,
see www.hp.com/go/iLO.
NOTE: Previously, this document used the name iLO 2 MP as a reference to a management
processor. For the remainder of this document, we will simply refer to it as iLO 2 unless when
referring to physical components such as MP ports, connectors, LEDs, and so on.
IMPORTANT: This guide addresses server-specific details that vary between server products.
These details are frequently updated. For the latest server-specific product information, see the
Integrity iLO 2 Quick Specs on the HP website at www.hp.com/go/integrityilo.
Features
Integrity iLO 2 functionality includes the following:
• Monitoring of server health and status
• Control of power, reset, and Transfer of Control (TOC) capabilities
• Console access
• Display and recording of system events
• Display of detailed information about the various internal subsystems and field replaceable
units (FRUs)
• A virtual front panel to monitor system status and see the state of front panel LEDs
Integrity iLO 2 is completely independent of the host system and the operating system. It has its
own microprocessor and runs its own firmware. The operating system cannot send packets out
on the MP LAN, and packets on the MP LAN cannot go to the operating system. The MP LAN
is exclusive to iLO 2 and is driven by an embedded realtime operating system (RTOS) running
on iLO 2.
Features 21
NOTE: The following ProLiant iLO 2 features are not available on Integrity iLO 2:
• Virtual Folder
• Shared LAN
• Graphics Console Replay
Integrity iLO 2 offers the following standard and advanced features.
Standard Features
Integrity iLO2 standard features provide the following basic system board management functions,
diagnostics, and essential Lights-Out functionality on iLO 2-supported HP servers.
Always-On Capability
Integrity iLO 2 is active and available through the MP LAN connection and the local serial port
connection as long as the power cord is plugged in. In the event of a complete power failure,
iLO 2 data is protected by an onboard battery backup.
Virtual Front Panel
The virtual front panel (VFP) presents a summary of the system front panel using direct console
addressing.
Multiple Access Methods
The available methods to access iLO 2 are as follows:
IPMI/LAN Through the iLO 2 MP MAC address
LAN Using Telnet, web, or SSH to access the iLO 2 MP LAN
Local Serial Port Using a terminal or laptop computer for direct connection
Web Using a GUI
Security
Integrity iLO 2 provides strong security for remote management in IT environments, such as the
following:
• User-defined TCP/IP ports
• User accounts and access management
• Lightweight DirectoryAccess Protocol- (LDAP) based directoryservices authentication and
authorization
• Encrypted communication using SSL and SSH
User Access Control
Integrity iLO 2 is restricted by user accounts. User accounts are password protected and are
assigned access rights that define a specific level of access to the server and to the iLO 2 MP
commands. iLO 2 supports both LDAP directory user authentication and locally stored iLO 2
user accounts. iLO 2 users can have any of the following access rights:
Console Access Right to access the system console (the host operating
system). This does not bypass host authentication
requirements, if any.
Power Control Access Right to power on, power off, or reset the server, and the
right to configure the power restore policy.
Local User Administration Access Right to configure locally stored user accounts.
22 Introduction to iLO 2
MP Configuration Access Right to configure all iLO 2 MP settings and some system
settings, such as the power restore policy.
Virtual Media Access Enables Advanced Pack license users the right to use the
virtual media applet.
Multiple Users
Multiple users can interact with iLO 2. However, iLO 2 command mode and console mode are
mirrored, allowing only one user at a time to have write access to the shared console. When a
command is completed, write access is released and any user can initiate another command.
IMPORTANT: Although iLO 2 can support multiple simultaneous connections, to do so can
impact performance.HP does not recommendrunning more than eight simultaneous connections.
Integrity iLO 2 supports the following connections simultaneously:
• Four web (each web connection can have a remote serial console connection as well and not
be counted as part of the total number of connections allowed)
• Eight SSH
• One local console serial port (RS-232)
• Four IPMI over LAN
• Four Telnet
• One Integrated Remote Console
• One vMedia
IPMI over LAN
The Intelligent Platform Management Interface (IPMI) option provides direct access from the
MP LANport to the server Baseboard Management Controller (BMC) monitoring and controlling
functions such as temperature, voltage, fans, and power supplies. IPMI defines a common
interface for platform management hardware. With IPMI over LAN enabled, BMC functions are
available to other management software applications. This enables you to write your own
customizable management applicationsusing IPMI v1.5. iLO 2 supports upto four simultaneous
IPMI over LAN connections.
Currently, there is no capability to manage the IPMI user name or password in the iLO 2 command
line or web interfaces. There is only the ability to enable or disable access with IPMI through the
SA command.
To set a user name or password using the IPMI over LAN interface, you can use an IPMI tool.
HP does not recommend any particular IPMI tools.
IMPORTANT: IPMI traffic is unencrypted, just like Telnet traffic is unencrypted. Also, at initial
enablement, there is no password, and the IPMI over LAN port is insecure.
For more information on IPMI, see the Intel website at:
http://developer.intel.com/design/servers/ipmi
System Management Homepage
The HP Insight Management Agents support a web interface for access to runtime management
data through the HP System Management Homepage. The HP System Management Homepage
is a secure web-based interface that consolidates and simplifies the management of individual
servers and operating systems. By aggregating data from HP Insight Management Agents and
other management tools, the System Management Homepage provides an intuitive interface to
review in-depth hardware configuration and status data, performance metrics, system thresholds,
and software version control information.
Features 23
Firmware Upgrades
Firmware upgrades enhance the functionality of iLO 2.
The MP firmware is packaged along with system, BMC, and FPGA/PSOC firmware. You can
download and upgrade the firmware package from the HP website at http://www.hp.com/go/
bizsupport.
Select Download drivers and software, select your server, and follow the instructions provided.
TIP: Before performing certain iLO 2 functions, verify that you have the supported firmware
version required to carry out the task.
Internal Subsystem Information
Integrity iLO 2 displays information about the following internal subsystems:
• FRU information
• System power state and fan status
• Processor Status
DHCP and DNS Support
Integrity iLO 2 supports the Dynamic Host Configuration Protocol (DHCP) and the Domain
Name System (DNS) configuration options for acquiring network information through the MP
LAN port. When iLO 2 starts, it acquires the port configuration stored on a DHCP server to
assign an IP address to the MP LAN port. If DNS is configured, this information is updated on
the DNS server. The simplest method to initially connect to iLO 2 is with the default DNS name
found on the iLO Network Information Tag on the server, for example, mp0014c29c064f.
Group Actions
Integrity iLO 2 integrates with HP SIM, HP OpenView, and third-party management tools.
Group Actions Using HP SIM
HP SystemsInsight Manager (HP SIM) is a system-level management tool that supports executing
commands from HP SIM using the SSH interface. HP SIM enables you to perform similar
management activities across multiple iLO 2s (group actions) without requiring you to access
each iLO 2 individually. Group actions are launched from the HP SIM GUI and are supported
at all times, regardless of the server power state.
HP SIM is available for free download from the HP website. For more information about HP
SIM, see the HP website at http://www.hp.com/go/hpsim.
For the user guide, see the Information Library.
SNMP
The SNMP is part of the TCP/IP protocol suit developed to manage servers on an IP network.
SNMP enables you to manage network performance, find and solve network problems, and plan
for network growth.
SMASH
Server Management Architecture for Server Hardware (SMASH) is an initiative by the Distributed
Management Task Force (DMTF) that encompasses specifications (Server Management CLP, SM
ME Addressing, SM Profiles) that address the interoperable manageability requirements of small
to large scale heterogeneous computer environments.
24 Introduction to iLO 2
SM CLP
The SM CLP specification defines a user friendly command-lineprotocol that provides command
line interface (CLI) standards for interoperability.
Mirrored Console
The system console output stream is reflected to all connected console users, and any user can
provide input.
Remote Power Control
Integrity iLO 2 enables remote power cycle, power on and power off, and TOC. It also provides
options to reset the system, the BMC, or iLO 2.
Power Regulation
Although the 24-hour graph function of power regulation feature requires the iLO 2 Advanced
Pack, you can obtain some power regulation information without the license:
• For both server blades and entry-rack servers, use the SS command from the MP CLI interface
for an instantaneous power reading.
• For server blades, use the web GUI Server Status page to obtain current power usage and
ambient temperature.
Event Logging
Integrity iLO 2 provides event logging, display, and keyword search of console history and
system events.
Advanced Features
Integrity iLO 2 advanced features provide additional functionality such as the graphical integrated
remote console and virtual media. In addition, the advanced features increase security by
integrating iLO 2 user administration with the Active Directory or eDirectory.
iLO advanced features are enabled on Integrity servers in one of two ways. For Integrity entry
class and blades, the advanced features are enabled with a license key. For Integrity cell-based
servers, the advanced features are enabled with a PCI-X accessory card instead of a key.
IMPORTANT: On HP Integrity server blades, the Advanced Pack license is standard. Remember
to save the Advanced Pack license key information that was provided by HP. If you ever need
to replace your server blade under warranty, you will need to transfer the key by entering the
code on the replacement server blade.
NOTE: A HP ProLiant iLO 2 Advanced Pack license key will not work on an HP Integrity
server, and vice versa.
NOTE: Not all advanced features are supported on all systems. For the most current information
on accessories, features, and supported products, see the HP website at http://www.hp.com/go/
integrityilo and look for the Quick Specs.
Integrity iLO 2 advanced features include the iLO 2 standard features and the followingfeatures:
Virtual Media
Virtual Media (vMedia) enables connections of a CD/DVD physical device or image file from
the local client system to the remote server. The virtual device or image file can be used to boot
the server with an operating system that supports USB devices.
Features 25
Virtual Media depends on a reliable network with good bandwidth. This is especially important
when you are performing tasks such as large file transfers or OS installs.
NOTE: iLO vMedia is automatically disconnected if the iLO management processor is reset.
HP does not recommend use of iLO vMedia with firmware update tools such as HPOFM which
reset the management processor mid-way through the update process.
Integrated Remote Console
The Integrated Remote Console (IRC) provides a high-performance graphical remote console to
HP Integrity-basedWindows servers. IRC supports Windows clients running the Internet Explorer
browser. IRC requires that the server have VGA. VGA is optional for some Integrity servers.
VGA is included on the Lights-Out Advanced KVM card.
Directory-Based Secure Authorization Using LDAP
The directory-based authentication and authorization option enables iLO 2 user accounts to be
defined in acentralized database on an LDAP server.iLO 2 users are authenticated when logging
in to iLO 2 and authorization is given each time an iLO 2 command runs. This provides a
centralized database (LDAP server) of all user accounts and avoids the overhead of creating
users in each iLO 2.
Directory authenticationoccurs by enabling Extended Schema or Default Schema. When Extended
Schema is used, the schema in the directory server must be extended. When Default Schema is
selected, schema extension is not needed.
Schema-Free LDAP
Schema-Free LDAP enables you to use directory authentication to log in to iLO 2 without having
to do any schema extension on the directory server or snap-in installation on the client. In addition
to general directory integration benefits, iLO 2 schema-free integration provides the following:
• Minimal maintenance and administration
• Reliable security
• Complements two-factor authentication
Not extending the schema on the directory server means the directory server does not know
anything about the iLO 2 object or privileges, and the only thing the iLO 2 queries from the
directory server is to authenticate the user name and password.
Power Meter Readings
The power meter readings feature enables you to graphically view and monitor server power
usage, temperature, and power regulator settings.
The Advanced Pack license enables you to see the Power Regulator graphs from the iLO 2 web
GUI. The license key also enables iLO 2 to share information with Insight Power Manager.
NOTE: You can obtain an instant power reading without a license key through the CLI using
the PS command.
HP Insight Power Manager
HP Insight Power Manager (HP IPM), a plug-in to HP Systems Insight Manager (HP SIM), is an
integrated power monitoring and management application that provides centralized control of
server power consumption and thermal output.
Leveraging HP power regulator technology, HP IPM makes policy-based power and thermal
management possible by enabling you to view and modify the power efficiency regulator mode
of the system. It expands the capacity of data centers by reducing the amount of power and
cooling required for supported Integrity servers and the server blades.
26 Introduction to iLO 2
Information on HP IPM is available on the HP website at http://www.hp.com/go/ipm.
Obtaining and Activating iLO 2 Advanced Pack Licensing
For Integrity entry class systems, an Integrity iLO 2 Advanced Pack license key can be purchased
from your HP sales rep. To find the part number for the option for your system, see the HP
website at http:/www.hp.com/go/integrityilO. A free 30-day evaluation license is available for
download on the HP website. The evaluation license activates and accesses iLO 2 Advanced
Pack features. You can only install one evaluation license per iLO 2. After the evaluation period,
an iLO 2 Advanced Pack license is required to continue using the advanced features. The iLO 2
Advanced Pack license features automatically deactivate when the evaluation license key expires.
Systems that do not have VGA support all other iLO 2 Advanced Pack license features.
For more information, see the HP website at http://h71028.www7.hp.com/enterprise/cache/
279991-0-0-0-121.html.
Follow the factory-install or manual install instructions located on the Integrated Lights-Out
Advanced Pack for HP Integrity Servers; Certificate of License to Use; License Installation Card to activate
your license.
Lights-Out Advanced KVM Card
The HP Lights-Out Advanced KVM card is a PCI-X card that you install into a partition in any
sx2000-based mid-range or high-end HP Integrity server such as rx7640, rx8640, and Superdome
sx2000.
The Lights-Out Advanced KVM card extends the basic iLO 2 features built into your server by
adding virtual media and integrated remote console features to an individual partition. You
must add a card for each partition where vMedia or IRC is desired.
The Lights-Out Advanced KVM card is also a KVM card that offers physical video functionality
for servers running Windows, and USB functionality for servers running HP-UX, Windows, and
OpenVMS.
All Lights-Out Advanced features are fully enabled on the Lights-Out Advanced KVM card.
There is no additional advanced pack license to purchase. At present, the IRC is only available
for servers running Windows, and vMedia is available for servers running HP-UX, Windows,
and OpenVMS.
Supported Systems and Required Components and Cables
Table 1-1 lists the systems on which iLO 2 is supported and the components and cables that are
required to operate iLO 2.
Table 1-1 Supported Systems and Required Components Matrix
Required Cables
1
Required ComponentsSupported
Systems
SUV or DB-9 cableFront console serial port (RS-232)
BL860c
LAN cableRear OA/iLO network port
LAN, serial, and VGA cablesiLO 2 hardware is integrated into the system
board
rx2660
Obtaining and Activating iLO 2 Advanced Pack Licensing 27
Table 1-1 Supported Systems and Required Components Matrix (continued)
Required Cables
1
Required ComponentsSupported
Systems
LAN and serial cablesCore I/Oboard withoutVGA; factory installedrx3600, rx6600
LAN, serial, and VGA cablesCore I/O board with VGA (optional)
(This is only supported on Windows Server
OS.)
LAN, serial, and VGA cablesiLO 2 hardware is integrated in the main
system. Lights-Out Advanced KVM cards can
be added per partition.
rx7640, rx8640,
Superdome
sx2000
1 Cables are not provided with the server.
Integrity iLO 2 Supported Browsers and Client Operating Systems
Integrity iLO 2 has an independent microprocessor. This architecture ensures that the majority
of iLO 2 functionality is available regardless of the host operating system.
You can view the list of supported browsers and operating systems on the HP website at http://
www.hp.com/go/integrityilo.
Related Links
• Java™ for HP-UX
— http://www.hp.com/products1/unix/java/versions/index.html
— http://www.hp.com/products1/unix/java/archives/index.html
• Java for OpenVMS
— http://h18012.www1.hp.com/java/alpha
• Firefox for HP-UX
— http://www.hp.com/products1/unix/java/firefox/index.html
Note: 1.5.0.00 needs patch
— http://www.hp.com/go/firefox
• Firefox for Linux®
— http://linuxcoe.corp.hp.com
• Firefox for Windows and Linux
— http://www.mozilla.com/firefox
• Browser Support 1.5.0
— http://java.sun.com/j2se/1.5.0/system-configurations.html
Security
It is important to have strong security surrounding the iLO 2 device. HP security requirements
of the enterprise and architected the iLO 2 include the following:
Authentication Integrity iLO 2 incorporates authentication techniques with the use of
128-bit Secure Socket Layer (SSL) encryption. It is password based for
web and password- and key-based for secure shell (SSH).
Authorization Using local accounts, iLO 2 enables you to define up to 19 separate users
and to vary the server access rights of each user. The directory services
capabilities of iLO 2 enables you to maintain network user accounts and
security policies in a central, scalable database that supports thousands
of users, devices, and management roles.
Integrity Integrity iLO 2 incorporates a trusted Java applet for vMedia.
28 Introduction to iLO 2
Privacy Integrity iLO 2 uses SSL for web connections, RSL-RC4 encryption for
IRC and remote serial console, and SSH-DES3/DES128 2.0 recommended
encryption algorithms for SSH-based connections. You can enable or
disable Telnet, IPMI over LAN, web, and SSH connectivity.
Login After initial failed login attempts (default three), a delay of approximately
one second is imposed on the serial connection and the login banner
warnings are repeated. All other connection types are disconnected.
Because iLO 2 devices are completely autonomous and can be used to control the server, treat
them the same as other servers. For example, includethe iLO 2 devices in the security and network
audits.
IMPORTANT: Ensure that physical access to the server is limited. Anyone can clear passwords
by pressing the iLO MP reset button for longer than four seconds.
Protecting SNMP Traffic
Because SNMP uses passwords, known as community strings, that are sent across the network
in clear text, you must enhance the network security when using SNMP traffic. To enhance
network security, do the following:
• Reset the community strings (read only) with the same frequency and according to the same
guidelines as the administrative passwords. For example, select alphanumeric strings with
at least one uppercase letter, one numeral, and one symbol.
• Set firewalls or routers to accept only specific source and destination addresses. For example,
you can allow inbound SNMP traffic into the host server only if it comes from one of the
predetermined management workstations.
TIP: Telnet sends data without encryption and is not a secure connection. HP recommends
using SSH instead of Telnet because SSH uses encryption.
To enable and disable Telnet access, use the SA command.
Security 29
30
Loading...