HP Integrated Lights-Out 2 User Guide
Table Of Contents
- HP Integrated Lights-Out 2 User Guide
- Contents
- 1 Overview
- 2 Setting up iLO 2
- 3 Configuring iLO 2
- iLO 2 configuration overview
- Upgrading iLO 2 firmware
- Licensing
- User administration
- Configuring iLO 2 access
- Security
- Network
- SNMP/Insight Manager settings
- ProLiant BL p-Class configuration
- 4 Using iLO 2
- System status and status summary information
- iLO 2 Remote Console
- Remote Console overview and licensing options
- Remote Console settings
- IRC Fullscreen
- Integrated Remote Console option
- Multi-user access to the Integrated Remote Console
- Using Console Capture
- Using HP iLO Video Player
- Acquiring the Remote Console
- Remote Console
- Text-based remote console overview
- Virtual media
- Power management
- ProLiant BL p-Class Advanced management
- ProLiant BladeSystem HP Onboard Administrator
- 5 Directory services
- Overview of directory integration
- Benefits of directory integration
- Advantages and disadvantages of schema-free directories and HP schema directory
- Setting up Schema-free directory integration
- Setting up HP schema directory integration
- Features supported by HP schema directory integration
- Setting up directory services
- Schema documentation
- Directory services support
- Schema required software
- Schema installer
- Management snap-in installer
- Directory services for Active Directory
- Active Directory installation prerequisites
- Installing Active Directory on Windows Server 2008
- Directory services preparation for Active Directory
- Snap-in installation and initialization for Active Directory
- Example: Creating and configuring directory objects for use with iLO 2 in Active Directory
- Directory services objects
- Active Directory Lights-Out management
- Directory services for eDirectory
- User login using directory services
- Directory-enabled remote management
- HPQLOMIG directory migration utility
- Introduction to HPQLOMIG utility
- Compatibility
- HP Lights-Out directory package
- Using HPQLOMIG
- Finding management processors
- Upgrading firmware on management processors
- Selecting a directory access method
- Naming management processors
- Configuring directories when HP Extended schema is selected
- Configuring directories when schema-free integration is selected
- Setting up management processors for directories
- Directory services schema
- 6 HP Systems Insight Manager integration
- 7 Troubleshooting iLO 2
- iLO 2 POST LED indicators
- Event log entries
- Hardware and software link-related issues
- JVM support
- Login issues
- Login name and password not accepted
- Directory user premature logout
- iLO 2 Management Port not accessible by name
- iLO 2 RBSU unavailable after iLO 2 and server reset
- Inability to access the login page
- Inability to access iLO 2 using Telnet
- Inability to access virtual media or graphical remote console
- Inability to connect to iLO 2 after changing network settings
- Inability to connect to the iLO 2 Diagnostic Port
- Inability to connect to the iLO 2 processor through the NIC
- Inability to log in to iLO 2 after installing the iLO 2 certificate
- Firewall issues
- Proxy server issues
- Two-factor authentication error
- Troubleshooting alert and trap issues
- Troubleshooting directory issues
- Troubleshooting Remote Console issues
- Remote Console applet has a red X when running Linux client browser
- Inability to navigate the single cursor of the Remote Console to corners of the Remote Console window
- Remote Console no longer opens on the existing browser session
- Remote console text window not updating properly
- Remote Console turns gray or black
- Remote Serial Console troubleshooting
- Troubleshooting Integrated Remote Console issues
- Internet Explorer 7 and a flickering remote console screen
- Configuring Apache to accept exported capture buffers
- No console replay while server is powered down
- Skipping information during boot and fault buffer playback
- Out of Memory error starting Integrated Remote Console
- Session leader does not receive connection request when IRC is in replay mode
- Keyboard LED does not display correctly
- Inactive IRC
- IRC Failed to connect to server error message
- IRC toolbar icons do not update
- GNOME interface does not lock
- Repeating keys on the Remote Console
- Remote Console playback does not work when the host server is powered off
- Troubleshooting SSH and Telnet issues
- Troubleshooting terminal services issues
- Troubleshooting video and monitor issues
- Troubleshooting Virtual Media issues
- Troubleshooting iLO Video Player issues
- Troubleshooting Remote Text Console issues
- Troubleshooting miscellaneous issues
- Cookie sharing between browser instances and iLO 2
- Inability to access ActiveX downloads
- Inability to get SNMP information from HP SIM
- Incorrect time or date of the entries in the event log
- Inability to upgrade iLO 2 firmware
- iLO 2 network flash recovery
- Recovering from a bad iLO 2 flash image using network flash recovery
- Recovering from a bad iLO 2 flash image using the HP Smart Update Firmware DVD
- The iLO 2 firmware does not respond to SSL requests
- Testing SSL
- Resetting iLO 2
- Server name still present after ERASE utility is executed
- Troubleshooting a remote host
- 8 Technical support
- Acronyms and abbreviations
- Index
Login security
iLO 2 provides several login security features. After an initial failed login attempt, iLO 2 imposes
a delay of five seconds. After a second failed attempt, iLO 2 imposes a delay of 10 seconds. After
the third failed attempt, and any subsequent attempts, iLO 2 imposes a delay of 60 seconds. All
subsequent failed login attempts cycles through these values. An information page appears during
each delay. This continues until a valid login is completed. This feature assists in defending against
possible dictionary attacks against the browser login port.
The iLO 2 firmware saves a detailed log entry for failed login attempts, which imposes a delay of
60 seconds.
SSH key administration
The iLO 2 firmware enables you to authorize up to four SSH keys at one time on the SSH Key tab.
The SSH Key tab also displays the owner (if any keys are authorized) of each authorized SSH key.
Multiple keys can belong to a single user.
To add an authorized key to iLO 2, the public key path must be submitted to iLO 2. The key file
must contain the user name after the end of the key. iLO 2 associates each key with a local user
account. If the local account does not exist or if it is deleted, the key is invalid (the key is not listed
if the local account does not exist).
Alternatively, you can authorize SSH keys for an HP SIM server by running the mxagentconfig tool
from the HP SIM server and specifying the address and user credentials for iLO 2. See your HP
SIM documentation for more details.
To authorize a new key:
1. In the iLO 2 interface, click Administration>Security>SSH Key.
2. Click Browse, and locate the key file.
3. Click Authorize Key.
You can view or delete any previously authorized key by selecting the key, and clicking View
Selected Key or Delete Selected Key. The View Selected Key and Delete Selected Key buttons only
appear when SSH keys are installed.
SSL certificate administration
The iLO 2 firmware enables you to create a certificate signing request (CSR) with custom subject
information or default settings, import a certificate, and view certificate administration information
associated with a stored certificate. Certificate information is encoded in the certificate by the CA
and is extracted by iLO 2.
By default, iLO 2 creates a self-signed certificate for use in SSL connections. This certificate enables
iLO 2 to work without any additional configuration steps. The security features of the iLO 2 can
be enhanced by importing a trusted certificate. For more information on certificates and certificate
services, see “Introduction to certificate services” (page 132) and “Installing certificate services”
(page 132).
To access certificate information, click Administration>Security>SSL Certificate. The SSL Certificate
tab displays the following information:
• The Issued To field lists the entity to which the certificate was issued.
• The Issued By field lists the CA that issued the certificate.
• The Valid From field lists the first date that the certificate is valid.
• The Valid Until field lists the date that the certificate will expire.
• The Serial Number field lists the serial number assigned to the certificate by the CA.
• The Domain Name button to choose between the fully qualified domain name and the
shortname as CSR Common Name (CN).
44 Configuring iLO 2