Remote Supervisor Adapter II SlimLine and Remote Supervisor Adapter II User’s Guide
Remote Supervisor Adapter II SlimLine and Remote Supervisor Adapter II User’s Guide
Note: Before using this information and the product it supports, read the general information in Appendix B, “Notices,” on page 115. Seventh Edition (April 2007) © Copyright International Business Machines Corporation 2003, 2007. All rights reserved. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
Contents Chapter 1. Introduction . . . . . . . . . . Remote Supervisor Adapter II features . . . . Web browser and operating-system requirements Notices used in this book . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1 3 3 Chapter 2. Opening and using the Web interface . . . . . . . . . . . . 5 Logging in to the Remote Supervisor Adapter II . . . . . . . . . . . . . 5 Remote Supervisor Adapter II action descriptions . . . .
Using the configuration file . . . . . . . . . Backing up your current configuration . . . . Restoring and modifying your ASM configuration Restoring ASM defaults . . . . . . . . . . . Restarting ASM . . . . . . . . . . . . . . Logging off . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 64 65 66 66 66 Chapter 4. Monitoring remote server Viewing system health . . . . . .
srcfg command . . . ssl command . . . . tcpcmdmode command timeouts command . . users command . . . ASM control commands . clearcfg command . . clock command . . . resetsp command . . update command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
vi Remote Supervisor Adapter II SlimLine and Remote Supervisor Adapter II: User’s Guide
Chapter 1. Introduction This document explains how to use the functions of the IBM® Remote Supervisor Adapter II SlimLine and the IBM Remote Supervisor Adapter II when they are installed in an IBM server. The Remote Supervisor Adapter II SlimLine and the Remote Supervisor Adapter II provide the following functions: v Around-the-clock remote access and system management of your server.
v Alphanumeric or numeric pager alerts (not supported with the Remote Supervisor Adapter II SlimLine) v Automatic notification and alerts v Automated Server Restart (ASR) Continuous health monitoring and control Domain Name System (DNS) server support Dynamic Host Configuration Protocol (DHCP) support E-mail alerts Enhanced user authority levels Event logs that are time stamped, saved on the Remote Supervisor Adapter II, and can be attached to e-mail alerts v Independent power, which enables around-the-cloc
Web browser and operating-system requirements The Remote Supervisor Adapter II Web interface requires the Java™ Plug-in 1.4 or later and one of the following Web browsers: v Microsoft® Internet Explorer version 5.5 or later with the latest Service Pack v Netscape Navigator version 7.0 or later v Mozilla version 1.3 or later (Remote Control features are supported only on the Remote Supervisor Adapter II SlimLine with Refresh 2 firmware.
4 Remote Supervisor Adapter II SlimLine and Remote Supervisor Adapter II: User’s Guide
Chapter 2. Opening and using the Web interface To access the Remote Supervisor Adapter II remotely using the Remote Supervisor Adapter II Web interface, you must log in to the adapter. This chapter describes the login procedures and describes the actions you can perform from the Remote Supervisor Adapter II Web interface. Logging in to the Remote Supervisor Adapter II To access the Remote Supervisor Adapter II through the Remote Supervisor Adapter II Web interface, complete the following steps: 1.
3. Depending on how your system administrator has configured the user ID, the following window might open. 4. The Welcome window opens. Select a timeout value from the drop-down list in the field that is provided. If your browser is inactive for that number of minutes, the Remote Supervisor Adapter II logs you off the Remote Supervisor Adapter II Web interface. Note: Depending on how your system administrator has configured the global login settings, the timeout value might be a fixed value.
5. Click Continue to start the session. The browser opens the System Status page, which gives you a quick view of the server status and the server health summary. For descriptions of the actions that you can perform from the links in the left navigation pane of the Remote Supervisor Adapter II Web interface, see “Remote Supervisor Adapter II action descriptions” on page 8. Then, go to Chapter 3, “Configuring the Remote Supervisor Adapter II,” on page 11. Chapter 2.
Remote Supervisor Adapter II action descriptions Table 1 lists the actions that are available when you are logged in to the Remote Supervisor Adapter II. Table 1.
Table 1. Remote Supervisor Adapter II actions (continued) Link Action Description Access Remote ASM2 Access other service processors on the ASM interconnect network From the Access Remote ASM page, you can view a list of service processors that are present on the ASM interconnect network and establish a connection to any of those systems.
Table 1. Remote Supervisor Adapter II actions (continued) Link Action Description Security Configure the Secure Sockets Layer (SSL) You can enable or disable SSL and manage the SSL certificates that are used. You can also enable or disable whether an SSL connection is used to connect to an LDAP server.
Chapter 3. Configuring the Remote Supervisor Adapter II Use the links under ASM Control in the navigation pane to configure the Remote Supervisor Adapter II. v From the System Settings page, you can: – Set system information – Select the operating system to support (Microsoft Windows or Linux) Important: For the Remote Supervisor Adapter II to function correctly, the specified operating system must match the operating system of the server in which the Remote Supervisor Adapter II is installed.
– TCP command mode protocol – Service location protocol v From the Security page, you can install and configure the Secure Sockets Layer (SSL) settings. v From the Configuration File page, you can back up, modify, and restore the configuration of the Remote Supervisor Adapter II. v From the Restore Defaults page, you can reset the Remote Supervisor Adapter II configuration to the factory defaults. v From the Restart ASM page, you can restart the Remote Supervisor Adapter II.
field can contain up to 63 characters. To minimize confusion, set the ASM Name field to the nonqualified portion of the IP host name. The nonqualified IP host name consists of up to the first period of a fully qualified IP host name. For example, for the fully qualified IP host name asmcard1.us.company.com, the nonqualified IP host name is asmcard1. For information about your host name, see “Configuring an Ethernet connection to the Remote Supervisor Adapter II” on page 39. 4.
v Nonmaskable interrupt 3. Enable the server timeouts that correspond to the events that you want the Remote Supervisor Adapter II to respond to automatically. POST watchdog Use the POST watchdog field to specify the number of minutes that the Remote Supervisor Adapter II will wait for the server to complete a power-on self-test (POST).
POST and the starting of the operating system. If this interval is exceeded, the Remote Supervisor Adapter II generates a loader timeout alert and automatically restarts the server. After the server is restarted, the loader timeout is automatically disabled until the operating system is shut down and the server is power cycled (or until the operating system starts and the software is successfully loaded).
To disable the automatic server restart after a nonmaskable interrupt, select Disabled. 4. Scroll to the bottom of the page and click Save. Setting the date and time The Remote Supervisor Adapter II contains its own real-time clock to time stamp all events that are logged in the event log. Alerts that are sent by e-mail, LAN, and SNMP use the real-time clock setting to time stamp the alerts.
Synchronizing clocks in a network The Network Time Protocol (NTP) provides a way to synchronize clocks throughout a computer network, enabling any NTP client to obtain the correct time from an NTP server. The Remote Supervisor Adapter II NTP feature provides a way to synchronize the Remote Supervisor Adapter II real-time clock with the time that is provided by an NTP server.
Disabling the USB device driver interface If you want to prevent any application that is running on the server from requesting the Remote Supervisor Adapter II to perform tasks, you must disable the USB device driver interface. To disable the USB device driver interface, complete the following steps. 1. Log in to the Remote Supervisor Adapter II on which you want to disable the USB device driver interface. For more information, see Chapter 2, “Opening and using the Web interface,” on page 5. 2.
Note: By default, the Remote Supervisor Adapter II is configured with one login profile that enables remote access using a login user ID of USERID and a password of PASSW0RD (the 0 is a zero, not the letter O). To avoid a potential security exposure, change this default login profile during the initial setup of the Remote Supervisor Adapter II. 3. Click one of the unused login profile links. An individual profile page similar to the one in the following illustration is displayed. 4.
Note: This login ID is used to grant remote access to the Remote Supervisor Adapter II. 5. In the Password field, assign a password to the login ID. A password must contain at least five characters, one of which must be a nonalphabetic character. Null or empty passwords are accepted. Note: This password is used with the login ID to grant remote access to the Remote Supervisor Adapter II. 6. In the Confirm Password field, type the password again. 7.
1. Log in to the Remote Supervisor Adapter II for which you want to set the global login settings. For more information, see Chapter 2, “Opening and using the Web interface,” on page 5. 2. In the navigation pane, click Login Profiles. 3. Scroll down to the Global Login Settings area. A page similar to the one in the following illustration is displayed. 4. In the User authentication method field, specify how users who are attempting to log in are authenticated.
You can view and change the account security management configuration on the Custom Security Settings page. When you change the User login password required setting, you must also have a password, to be consistent with the requirement. User login password required Use this field to indicate whether a login ID with no password is allowed. Number of previous passwords that cannot be used Use this field to indicate the number of previous passwords that cannot be reused.
2. You cannot distinguish between the alerts that are sent to remote alert recipients. All configured recipients receive each alert that you select. Configuring remote alert recipients Notes: 1. For the Remote Supervisor Adapter II SlimLine, the configuring remote alert recipients feature is available only when using LAN-based alert functionality. 2. For the Remote Supervisor Adapter II SlimLine, the PPP settings are not available. You can define up to 12 unique remote alert recipients.
4. To have only critical alerts sent to the recipient, select the Receives critical alerts only check box. 5. In the Status field, click Enabled to activate the remote alert recipient. 6. In the Name field, type the name of the recipient or other identifier. The name that you type appears as the link for the recipient on the Alerts page. 7. In the Notification method field, select the notification method for reaching the recipient. Select one of the following notification methods.
For example, to log in to the IBM Global Network®, the PPP login ID is in the following format: secureip.y.z where y is your account name and z is your user ID. 11. In the PPP password field, type the password that is used to log in to the ISP. This field is required only for E-mail over PPP and SNMP over PPP notification methods. 12. Click Save to save your remote alert recipient profile. Repeat step 2 on page 23 through step 24 for each remote alert recipient profile. 13.
To verify whether the selected Remote Supervisor Adapter II is the gateway to the interconnect network, complete the following steps: 1. Log in to the Remote Supervisor Adapter II for which you want to see the alert forwarding status. For more information, see Chapter 2, “Opening and using the Web interface,” on page 5. 2. In the navigation pane, click Alerts and scroll down to the Alert Forwarding area. 3.
Remote alert retry limit Use the Remote alert retry limit field to specify the number of additional times that the Remote Supervisor Adapter II will attempt to send an alert to a recipient. Delay between entries Use the Delay between entries field to specify the time interval (in minutes) that the Remote Supervisor Adapter II will wait before sending an alert to the next recipient in the list.
Table 2. Critical remote alerts Alphanumeric pager code Alphanumeric recovery code 00 Event Action 50 Temperature irregularity Generates an alert if any of the monitored temperatures are outside critical threshold values. To view the threshold values, click the temperature readings on the System Health page. If a critical temperature condition is detected, the server shuts down and turns off, regardless of the alert notification setting.
System alerts System alerts are generated for events that occur as a result of system errors. If the Select all system alerts check box is selected, an alert can be sent for any system alert. Notes: a. The Select all system alerts check box is not available on all servers. b. Hard disk drive Predictive Failure Analysis (PFA) alerts are not monitored. Table 4.
1. Log in to the Remote Supervisor Adapter II where you want to set local events. For more information, see Chapter 2, “Opening and using the Web interface,” on page 5. 2. In the navigation pane, click Alerts and scroll down to the Monitored Local Events area. 3. Select the events that you want to store in the event log. The Remote Supervisor Adapter II stores the notification only in the event log.
2. In the navigation pane, click Serial Port. A page similar to the one in the following illustration is displayed. 3. In the Port function field, select the function for which this serial port will be used. If the Remote Supervisor Adapter II supports point-to-point protocol (PPP) over a serial port, select PPP as the port function to enable the PPP interface for that port. Any other selection disables the PPP interface. Select None, if it is available, to disable the port.
Set these values only if the alert forwarding functions are not working properly. Each string that is marked with an asterisk (*) must have a carriage return (^M) manually entered at the end of the field value. The following table describes the initialization strings for this modem. Table 6. Port 1 settings 32 Field What you type Initialization string* Type the initialization string that will be used for the specified modem. A default string is provided (ATE0).
Table 6. Port 1 settings (continued) Field What you type Escape guard (0 - 250) Type the length of idle time that is used before and after the escape string is issued to the modem, so that the modem will recognize the escape string. This value is measured in 10-millisecond intervals. The default value is 1 second. 9. Click Save. If you need to provide a new initialization string, see the documentation that came with your modem.
v You update the Remote Supervisor Adapter II firmware. For information about obtaining Remote Supervisor Adapter II firmware and software, see the Installation Guide. v Your operating system has serial support for text management in the operating system.
b. Configure the Baud rate, Parity, and Stop bits fields to match the serial port settings on the server. Notes: 1) Serial redirection does not support hardware-based flow control. Disable the terminal flow control. 2) To prevent buffer overrun and character loss, configure both serial ports with the same baud rate. The Remote Supervisor Adapter II provides a 512-character buffer on both incoming and outgoing serial streams. 4. In the Serial Port 2 area, set the following values for the fields: a.
Note: All traffic from COM2 is now routed to the Telnet session. All traffic from the Telnet session is routed to COM2. ESC ( Note: In the default mode (EMS compatible), press Esc then the open parenthesis symbol [ ( ] to return to the command-line interface. SN# J1RAE32S000> exit (Press Enter.
sequences are defined by the Microsoft Windows Server 2003 Emergency Management Services specification. The key sequences that are supported are described in the following table. Table 7. Supported Emergency Management Services key sequences Task Key sequence Enter the Remote Supervisor Adapter II command-line interface Press Esc ( The Remote Supervisor Adapter II sends Esc * as an acknowledgment to the command.
EMS reset key sequence is not available, and the Remote Supervisor Adapter II will not issue the EMS acknowledgment when the enter key sequence is accepted. 5. At the bottom of the page, click Save. 6. To begin using the new settings, in the left navigation pane, click Restart ASM. To set up the hardware connections, see the Installation Guide. Configuring port assignments To change the port numbers of Remote Supervisor Adapter II services, complete the following steps: 1.
SSH This is the port for the SSH. The default is 22. SNMP Agent This is the port number for the SNMP agent that runs on the Remote Supervisor Adapter II. The default value is 161. Other valid values are in the range 1 through 65535. SNMP Traps This is the port number that is used for SNMP traps. The default value is 162. Other valid values are in the range 1 through 65535. TCP command mode This is the port that IBM Director uses for out-of-band communication with the Remote Supervisor Adapter II.
3. If you want to use an Ethernet connection, select Enabled in the Interface field. Ethernet is enabled by default. 4. If you want to use a Dynamic Host Configuration Protocol (DHCP) server connection, enable it by clicking either of the following choices in the DHCP field: v Enabled v Try DHCP server. If it fails, use static IP config. The default setting is Try DHCP server. If it fails, use static IP config.
qualified IP host name. For example, for the fully qualified IP host name asmcard1.us.company.com, the nonqualified IP host name is asmcard1. For information about your host name, see “Setting system information” on page 12. 6. In the IP address field, type the IP address of the Remote Supervisor Adapter II. The IP address must contain four integers from 0 through 255 with no spaces and separated by periods. 7. In the Subnet mask field, type the subnet mask that is used by the Remote Supervisor Adapter II.
Table 9. Advanced Ethernet setup (continued) Field Function Burned-in MAC address The burned-in MAC address is a unique physical address that is assigned to this Remote Supervisor Adapter II by the manufacturer. The address is also a read-only field. Locally administered MAC address Enter a physical address for this Remote Supervisor Adapter II in the Locally administered MAC address field. If a value is specified, the locally administered address overrides the burned-in MAC address.
3. In the Interface field, select Enabled. 4. In the Local IP address field, type the local IP address for the PPP interface on this Remote Supervisor Adapter II. The field defaults to 192.96.1.1. The IP address must contain four integers from 0 through 255 separated by periods and no spaces. 5. In the Remote IP address field, type the remote IP address that this Remote Supervisor Adapter II will assign to a remote user. The field defaults to 192.96.1.2.
Note: If you plan to configure Simple Network Management Protocol (SNMP) traps on the Remote Supervisor Adapter II, you must install and compile the management information base (MIB) on your SNMP manager. The MIB supports SNMP traps. The MIB is included in the Remote Supervisor Adapter II firmware update package that you downloaded from the IBM Support Web site. To configure SNMP, complete the following steps: 1. Log in to the Remote Supervisor Adapter II where you want to configure SNMP.
6. Set up a community to define the administrative relationship between SNMP agents and SNMP managers. You must define at least one community. Each community definition consists of the following parameters: v Name v IP address v Access Type (Refresh 2 or later firmware only) If any of these parameters is not correct, SNMP management access is not granted. 7. 8. 9. 10. Note: If an error message window opens, make the necessary adjustments to the fields that are listed in the error window.
1. Log in to the Remote Supervisor Adapter II where you want to configure SMTP. For more information, see Chapter 2, “Opening and using the Web interface,” on page 5. 2. In the navigation pane, click Network Protocols and scroll down to the SMTP area. 3. In the SMTP Server Host Name or IP Address field, type the host name of the SMTP server. Use this field to specify the IP address or, if DNS is enabled and configured, the host name of the SMTP server. 4. Scroll to the bottom of the page and click Save.
The Remote Supervisor Adapter II contains a Version 2.0 LDAP client that you can configure to provide user authentication through one or more LDAP servers. The LDAP server that is to be used for authentication can be discovered dynamically or manually preconfigured. 3. Choose one of the following methods to configure the LDAP client: v To dynamically discover the LDAP server, select Use DNS to Find LDAP Servers.
Service Name The DNS SRV request that is sent to the DNS server must also specify a service name. The configured value is used. If this field is left blank, the default value is ldap. The DNS SRV request must also specify a protocol name. The default is tcp and is not configurable. v To use a preconfigured LDAP server, select Use Pre-Configured LDAP Server. Note: The port number for each server is optional. If the field is left blank, the default value of 389 is used for nonsecured LDAP connections.
Binding Method Before the LDAP server can be searched or queried, a bind request must be sent. This parameter controls how this initial bind to the LDAP server is performed. Choose from the following three options: – Anonymously. Bind without a DN or password. This option is strongly discouraged because most servers are configured to not allow search requests on specific user records. – w/ Configured Credentials. Bind with configured client DN and password. – w/ Login Credentials.
3. To configure the search attributes, use the following information. UID Search Attribute When the selected binding method is Anonymously or w/ Configured Credentials, the initial bind to the LDAP server is followed by a search request that is directed at retrieving specific information about the user, including the distinguished name, login permissions, and group membership. To retrieve this information, the search request must specify the attribute name that is used to represent user IDs on that server.
The IBMRBSPermission= keyword is used to allow it to be placed anywhere in the attribute field. This enables the LDAP administrator to reuse an existing attribute, therefore preventing an extension to the LDAP schema. This also enables the attribute to be used for its original purpose. You can add the keyword string anywhere in the attribute field. The attribute that you use should allow for a free-formatted string.
Priority is given to login permissions that are retrieved directly from the user record. If the login permission attribute is not in the user’s record, an attempt is made to retrieve the permissions from the groups to which the user belongs. This is done as part of the group authentication phase. The user is assigned the inclusive OR of all the bits for all of the groups. The Read Only bit is set only if all the other bits are zero.
3. You can configure the following parameters: Address type This is the address type that the MM SLP server listens on. If Broadcast is selected, the SLP server listens on the broadcast address of 255.255.255.255. If Multicast is selected, the SLP server listens on the IP address that is specified in the Multicast address field. The default for this field is Multicast. Multicast address This is the multicast IP address that the MM SLP server listens on if the Address type field is set to Multicast.
between the Remote Supervisor Adapter II and an LDAP server. If you are not familiar with the use of SSL certificates, read the information in “SSL certificate overview.” Use the following general tasks list to configure the security for the Remote Supervisor Adapter II: 1. Configure the Secure Web server: a. Disable the SSL server. Use the SSL Server Configuration for Web Server area on the Security page. b. Generate or import a certificate.
The function of the certificate authority is to verify the identity of the Remote Supervisor Adapter II. A certificate contains digital signatures for the certificate authority and the Remote Supervisor Adapter II. If a well-known certificate authority issues the certificate or if the certificate of the certificate authority has already been imported into the Web browser, the browser will be able to validate the certificate and positively identify the Remote Supervisor Adapter II Web server.
b. Before you can enable SSL, a valid SSL certificate must be in place. c. To use SSL, you must configure a client Web browser to use SSL3 or TLS. Older export-grade browsers with only SSL2 support cannot be used. 3. In the SSL Server Certificate Management area, select Generate a New Key and a Self-signed Certificate. A page similar to the one in the following illustration is displayed. 4. Type the information in the required fields and any optional fields that apply to your configuration.
4. Type the information in the required fields and any optional fields that apply to your configuration. The fields are the same as for the self-signed certificate, with some additional fields. Read the information in the following sections for a description of each of the common fields.
Web address to the name that appears in the certificate. To prevent certificate warnings from the browser, the value that is used in this field must match the host name that is used by the browser to connect to the Remote Supervisor Adapter II. For example, if the address in the Web address bar is http://mm11.xyz.com/private/ main.ssi, the value that is used for the ASM Host Name field must be mm11.xyz.com. If the Web address is http://mm11/private/ main.ssi, the value that is used must be mm11.
name that is assigned to the Remote Supervisor Adapter II. This field can contain a maximum of 60 characters. 5. After completing the information, click Generate CSR. The new encryption keys and certificate are generated. This process might take several minutes. A page similar to the one in the following illustration is displayed when the process is completed. 6. Click Download CSR and then click Save to save the file to your workstation.
10. Click Browse. 11. Click the certificate file that you want and then click Open. The file name (including the full path) is displayed in the field next to the Browse button. 12. Click Import Server Certificate to begin the process. A progress indicator is displayed as the file is transferred to storage on the Remote Supervisor Adapter II. Continue to display this page until the transfer is completed.
SSL client trusted certificate management The secure SSL client (LDAP client) uses trusted certificates to positively identify the LDAP server. A trusted certificate can be the certificate of the certificate authority that signed the certificate of the LDAP server, or it can be the actual certificate of the LDAP server. At least one certificate must be imported to the Remote Supervisor Adapter II before the SSL client is enabled. You can import up to three trusted certificates.
The Remove button is now available for the Trusted CA Certificate 1 option. If you want to remove a trusted certificate, click the corresponding Remove button. You can import other trusted certificates using the Trusted CA Certificate 2 and the Trusted CA Certificate 3 Import buttons. Enabling SSL for the LDAP client Use the SSL Client Configuration for LDAP Client area of the Security page to enable or disable SSL for the LDAP Client.
Secure Shell users are authenticated by exchanging user ID and password. The password and user ID are sent after the encryption channel is established. The user ID and password pair can be one of the 12 locally stored user IDs and passwords, or they can be stored on an LDAP server. Public key authentication is not supported. Generating a Secure Shell server key A Secure Shell server key is used to authenticate the identity of the Secure Shell server to the client.
3. Click Enabled in the SSH Server field. 4. In the navigation pane, click Restart ASM to restart the Remote Supervisor Adapter II. Using the Secure Shell server If you are using the Secure Shell client that is included in Red Hat Linux version 7.3, to start a Secure Shell session to a Remote Supervisor Adapter II with network address 192.168.70.132, type a command similar to the following example: ssh -x -l userid 192.168.70.
1. Log in to the Remote Supervisor Adapter II where you want to back up your current configuration. For more information, see Chapter 2, “Opening and using the Web interface,” on page 5. 2. In the navigation pane, click Configuration File. 3. In the Backup ASM Configuration area, click view the current configuration summary. 4. Verify the settings and then click Close. 5. To back up this configuration, click Backup. 6.
7. 8. 9. 10. Note: The security settings on the Security page are not restored by the restore operation. To modify security settings, see “Secure Web server and secure LDAP” on page 53. After receiving a confirmation that the restore process is complete, in the navigation pane, click Restart ASM; then, click Restart. Click OK to confirm that you want to restart your Remote Supervisor Adapter II. Click OK to close the current browser window.
2. If you are running Internet Explorer or Netscape Navigator, click Yes in the confirmation window. The current browser window closes to maintain security. You must manually close other open browser windows, if any, to prevent a cached version of your user ID and password from remaining available. Chapter 3.
68 Remote Supervisor Adapter II SlimLine and Remote Supervisor Adapter II: User’s Guide
Chapter 4. Monitoring remote server status Use the links under the Monitors heading of the navigation pane to view the status of the server that you are accessing.
v Either a red circle that contains an X or a yellow triangle that contains an exclamation point and the phrase One or more monitored parameters are abnormal If the monitored parameters are operating outside normal ranges, a list of the specific abnormal parameters is displayed on the System Health Summary page. 3. Scroll down to the Temperatures area.
Note: The hard shutdown alert is sent only if a soft shutdown alert has not yet been sent. If the system is monitored by a baseboard management controller (BMC) instead of the Remote Supervisor Adapter II, the IPMI thresholds that are supported by the BMC are displayed on the Temperature Thresholds page. The Remote Supervisor Adapter II generates an event when the threshold is reached. The BMC generates any shutdown actions, if they are required.
Soft Shutdown When the voltage drops below or exceeds a specified voltage range, a voltage alert is sent to configured remote alert recipients, and the server begins the shutdown process with an orderly operating-system shutdown. The server then turns itself off. You must select the Voltage check box on the Alerts page for the alert to be sent.
operating-system loader screen. Only error conditions are captured and maintained. The Remote Supervisor Adapter II stores only the most recent error event information, overwriting older information when a new error event occurs. To remotely access a server operating-system-failure screen image, complete the following steps: a. Log in to the Remote Supervisor Adapter. For more information, see Chapter 2, “Opening and using the Web interface,” on page 5. b.
The event log has a limited capacity. When that limit is reached, the older events are deleted in a first-in, first-out order. You can sort and filter entries in the event log. To access and view the event log, complete the following steps: 1. Log in to the Remote Supervisor Adapter II. For more information, see Chapter 2, “Opening and using the Web interface,” on page 5. 2. In the navigation pane, click Event Log to view the recent history of events on the server.
Viewing vital product data When the server starts, the Remote Supervisor Adapter II collects system, basic input/output (BIOS) information, and server component vital product data (VPD) and stores it in nonvolatile memory. You can access this information at any time from almost any computer. The Vital Product Data page contains key information about the remote managed server that the Remote Supervisor Adapter II is monitoring. To view the server component vital product data, complete the following steps: 1.
Table 13. Component activity log Field Function FRU number Identifies the field replaceable unit (FRU) number (a seven-digit alphanumeric identifier) of the component. Serial number Identifies the serial number of the component. Manufacturer ID Identifies the manufacturer of the component. Slot Identifies the slot number where the component is located. Action Identifies the action taken by each component. Timestamp Identifies the date and time of the component action.
Table 16. ASM vital product data (continued) Field Function Build ID Identifies the build IDs of the application firmware and the startup ROM firmware. File name Identifies the file names of the application firmware and the startup ROM firmware. Release date Identifies the release dates of the application firmware and the startup ROM firmware. Revision Identifies the revision numbers of the application firmware and the startup ROM firmware.
78 Remote Supervisor Adapter II SlimLine and Remote Supervisor Adapter II: User’s Guide
Chapter 5. Performing Remote Supervisor Adapter II tasks Use the functions under the Tasks heading in the navigation pane to directly control the actions of the Remote Supervisor Adapter II and your server. The tasks that you can perform depend on the server in which the Remote Supervisor Adapter II is installed.
v OS booted v CPUs held in reset Restart count The Restart count field shows the number of times that the server has been restarted. Note: The counter is reset to zero each time the ASM subsystem is cleared to factory defaults. Power-on hours The Power-on hours field shows the total number of hours that the server has been turned on.
Power on server at specified time To turn on the server at a specified time and start the operating system, click Power on Server at Specified Time and set the time to turn on the server. Power off server immediately To turn off the server without shutting down the operating system, click Power Off Server Immediately. Shut down OS and then power off server To shut down the operating system and then turn off the server, click Shutdown OS and then Power Off Server.
3. Click the Cache tab. 4. Choose one of the following options: v Clear the Enable Caching check box. If you choose this option, Java caching is always disabled. v Click Clear Caching. If you choose this option, you must click Clear Caching after each Remote Supervisor Adapter II firmware update. Remote console A remote console is an interactive graphical user interface (GUI) display of the server, viewed on your computer.
console and the login session. After a short delay, you can log in to the adapter again with a new session, start the remote console again, and exit the server Configuration/Setup Utility program. Remote console keyboard support The operating system on the client system that you are using will trap certain key combinations, such as Ctrl+Alt+Del in Microsoft Windows, instead of transmitting them to the server. Other keys, such as F1, might cause an action on your computer as well as on the server.
v SUSE Linux version 8.0 v Novell NetWare 6.5 2. The client system requires Microsoft Windows 2000 or later and the Java 1.4 Plug-in or later. 3. The client system must have an Intel® Pentium® III microprocessor or greater, operating at 700 MHz or faster, or equivalent. 4. If the optical drive that is being used on the client system cannot be mounted or read successfully, retry the operation from a different client system. Some client optical drives might not work with the remote disk feature.
maximum of one drive or image can be stored on the Remote Supervisor Adapter II. The size of the drive or image contents must be 1.44 MB or smaller. Important: You will lose the disk image when the Remote Supervisor Adapter II is restarted or the Remote Supervisor Adapter II firmware is updated. If the Encrypt disk and KVM data during transmission check box was selected before the Remote Control window was opened, the disk data is encrypted with 3DES encryption.
1) In the Microsoft Windows Control Panel, click Add/Remove Hardware; then, click Next. 2) Select Uninstall/Unplug a device; then, click Next. 3) Click Unplug/Eject a device; then, click Next. b. Select USB Mass Storage Device and click Stop. c. Click Close. d. In the Remote Control window, click Unmount Drive. Setting up PXE network boot Note: The PXE network boot feature is not available on all servers.
3. Use the following information to complete the quick setup information: Serial pass-thru The serial data of the server is directed to COM1 and then passes through to COM2. The pass-thru data can be accessed through COM2. The Remote Supervisor Adapter II command line interface (CLI) is also accessible through COM2.
Updating firmware Use the Firmware Update option on the navigation pane to update the firmware of the Remote Supervisor Adapter II. Notes: 1. To remotely update the firmware or operating system on the server, see “Remote disk” on page 83. 2. If you plan to use the Remote Control feature after you update the firmware, see “Important information about updating your Remote Supervisor Adapter II firmware” on page 81.
12. Click OK to close the current browser window. 13. Repeat step 2 on page 88 through step 12 for each packet that you must update. 14. After the Remote Supervisor Adapter II firmware is updated, log in to the Remote Supervisor Adapter II again to access the Web interface. Accessing remote adapters through an ASM interconnect network Note: This feature is not available on the Remote Supervisor Adapter II SlimLine.
the table, click the login link that corresponds to the remote system that you want to access. Then, follow the standard login procedure to gain access to that system. Direct LAN Connection Click the IP address link to bypass the ASM interconnect connection and to connect to a remote system directly through your Ethernet network. This connection offers faster access to a remote ASM.
Chapter 6. Command-line interface Use the Remote Supervisor Adapter II command line interface (CLI) to access the Remote Supervisor Adapter II or Remote Supervisor Adapter II SlimLine without having to use the Web interface. It provides a subset of the management functions that are provided by the Web interface. You can access the CLI through a Telnet session, SSH, or a serial connection.
Features and limitations The CLI has the following features and limitations: v Multiple concurrent CLI sessions are allowed with different access methods (Telnet, SSH, or serial). – At most, two Telnet command-line sessions can be active at any time. (The number of Telnet sessions is configurable: valid values are 0,1, and 2, with 0 meaning that the Telnet interface is disabled). – At most, two SSH command-line sessions can be active at any time. This number is fixed.
v All commands have the -h, -help, and ? options, which give syntax help. All of the following examples will give the same result: x345RSA> power -h x345RSA> power -help x345RSA> power ? v Some of the commands listed in the following sections might not be available.
Monitor commands The monitor commands are as follows: v clearlog v fans v readlog v syshealth v temps v volts clearlog command Description Use the clearlog command to clear the event log of the Remote Supervisor Adapter II or Remote Supervisor Adapter II SlimLine. You must have the authority to clear event logs to use this command. fans command Description Use the fans command to display the speed for each of the server fans.
8 I SERVPROC 12/18/03 10:09:25 Ethernet[0] Link Established at 100Mb, Full Duplex. 9 I SERVPROC 12/18/03 10:09:24 Ethernet[0] configured to do Auto Speed/Auto Duplex. 10 I SERVPROC 12/18/03 10:09:24 Ethernet[0] MAC Address currently being used: 0x00-09-6B-CA-0C-80 x345RSA> syshealth command Description Use the syshealth command to get a summary of the health of the server. The power state, system state, restart count, and Remote Supervisor Adapter II software status are displayed.
3.3v 3.35 12v 12.25 -5v -5.10 -3.3v -3.35 VRM1 VRM2 x345RSA> 2.80 11.10 -5.85 -4.10 2.95 11.30 -5.65 -3.95 3.05 11.50 -5.40 -3.65 3.10 11.85 -5.20 -3.50 3.45 5.45 3.50 12.15 -4.85 -3.10 3.65 12.25 -4.65 -2.95 3.70 12.40 -4.40 -2.80 3.85 12.65 -4.20 -2.
power command Syntax power power power power on off [-s] state cycle [-s] Description Use the power command to control the server power. To issue the power commands, you must have power and restart access authority. power on turns on the server power. power off turns off the server power. The -s option shuts down the operating system before the server is turned off. Note: The Remote Supervisor Adapter II software must be installed and running for the -s option to function correctly.
Description Use the console command to start a serial redirect console session to the designated serial port of the Remote Supervisor Adapter II or the Remote Supervisor Adapter II SlimLine.
Option Description -d Assigned domain name -dns1 Primary DNS server IP address -dns2 Secondary DNS IP address -dns3 Tertiary DNS server IP address ifconfig command Syntax ifconfig eth0 [options] ifconfig ppp [options] eth0 options: -state interface_state -c config_method -i static_ip_address -g gateway_address -s subnet_mask -n hostname -r data_rate -d duplex_mode -m max_transmission_unit -l locally_administered_MAC ppp options: -state enabled/disabled - interface status -i ip_addr - IP address -r
Option Description Values -m MTU Numeric between 60 and 1500 -l LAA MAC address format. Multicast addresses are not allowed (the first byte must be even). -ri Remote IP address Valid IP address format -a Authentication protocol pap, chap, cthenp Example x345RSA> ifconfig eth0 -state enabled -c dthens -i 192.168.70.125 -g 0.0.0.0 -s 255.255.255.0 -n ASMA00096B9E003A -r auto -d auto -m 1500 -b 00:09:6B:9E:00:3A -l 00:00:00:00:00:00 x345RSA> ifconfig eth0 -c static -i 192.168.70.
The following table shows the arguments for the options.
ntp command Syntax ntp [options] options: -en state -i hostname -f frequency -synch Description Use the ntp command to display and configure the Network Time Protocol (NTP). The following table shows the arguments for the options. Option Description Values -en Enables or disables the Network Time Protocol Enabled, disabled -i Name or IP address of the Network Time Protocol server The name of the NTP server to be used for clock synchronization.
Option Description -exp Maximum password age [0 - 365] days. Set to 0 for no expiration.
Option Description Values -climode CLI mode none, cliems, cliuser v none: The command-line interface is disabled v cliems: The command-line interface is enabled with EMS-compatible keystroke sequences v cliuser: The command-line interface is enabled with user-defined keystroke sequences -cliauth CLI authentication enabled, disabled Example x345RSA> portcfg com1 -serred enabled -b 57600 -p none -s 1 -climode cliems -cliauth enabled x345RSA> portcfg com1 -climode cliuser ok x345RSA> slp command Synt
Description Use the srcfg command to configure the serial redirection. Type srcfg to display the current configuration. To change the serial redirect configuration, type the options, followed by the values. To change the serial redirect configuration, you must have at least Adapter Networking and Security Configuration authority. The following table shows the arguments for the options.
Parameters The following parameters are presented in the option status display for the ssl command and are output only from the command-line interface: Server secure transport enable This status display is read-only and cannot be set directly. Server Web/CMD key status This status display is read-only and cannot be set directly.
Configuration - Networking & Security or Adapter Configuration - Advanced (Firmware Update, Restart ASM, Restore Configuration) authority level. The following table shows the arguments for the options. Option Description Values -t Timeout A timeout value in seconds, up to a maximum of 4 294 967 295.
x345RSA> timeouts -p 5 -o 2.5 -l 3.5 -f 3 -n 1 users command Syntax users [options] options: -user number -n username -p password -a authority level Description Use the users command to access all user accounts and their authority levels, and to create new user accounts and modify existing accounts. Read the following guidelines about the users command: v User numbers must be from 1 to 12, inclusive.
11. 12. x345RSA> users -7 -n sptest -p PASSW0RD -a custom:am|rca|cel|nsc|ac ok x345RSA> users 1. USERID Read/Write Password Expires: no expiration 2. test Read/Write Password Expires: no expiration 3. test2 Read/Write Password Expires: no expiration 4. 5. jacobyackenovic custom:cel|ac Password Expires: no expiration 6. 7. sptest custom:am|rca|cel|nsc|ac Password Expires: no expiration 8. 9. 10. 11. 12.
v For +10, the daylight saving time settings are as follows: off, ea (Eastern Australia), tas (Tasmania), vlad (Vladivostok). v The year must be from 2000 to 2089, inclusive. v The month, date, hours, minutes, and seconds can all be single-digit values (for example, 9:50:25 instead of 09:50:25). v GMT offset can be in the format of +2:00, +2, or 2, for positive offsets, and -5:00 or -5, for negative offsets.
Example x345RSA> update -v -i 192.168.70.120 -l dev.pkt TFTP file upload successful 1253022. Starting flash packet preparation. Flash preparation - packet percent complete 24. Flash preparation - packet percent complete 48. Flash preparation - packet percent complete 72. Flash preparation - packet percent complete 96. Flash preparation - packet percent complete 100. Flash operation phase starting. Flashing - packet percent complete 34. Flashing - packet percent complete 38.
112 Remote Supervisor Adapter II SlimLine and Remote Supervisor Adapter II: User’s Guide
Appendix A. Getting help and technical assistance If you need help, service, or technical assistance or just want more information about IBM products, you will find a wide variety of sources available from IBM to assist you. This section contains information about where to go for additional information about IBM and IBM products, what to do if you experience a problem with your system, and whom to call for service, if it is necessary.
Getting help and information from the World Wide Web On the World Wide Web, the IBM Web site has up-to-date information about IBM systems, optional devices, services, and support. The address for IBM System x™ and xSeries® information is http://www.ibm.com/systems/x/. The address for IBM BladeCenter information is http://www.ibm.com/systems/bladecenter/. The address for IBM IntelliStation® information is http://www.ibm.com/intellistation/.
Appendix B. Notices This information was developed for products and services offered in the U.S.A. IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used.
BladeCenter Chipkill e-business logo Eserver FlashCopy i5/OS Predictive Failure Analysis ServeRAID ServerGuide ServerProven System x XA-32 XA-64 X-Architecture XpandOnDemand xSeries Intel, Intel Xeon, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. Microsoft, Windows, and Windows NT are trademarks of Microsoft Corporation in the United States, other countries, or both.
IBM makes no representation or warranties regarding non-IBM products and services that are ServerProven®, including but not limited to the implied warranties of merchantability and fitness for a particular purpose. These products are offered and warranted solely by third parties. IBM makes no representations or warranties with respect to non-IBM products. Support (if any) for the non-IBM products is provided by the third party, not IBM.
118 Remote Supervisor Adapter II SlimLine and Remote Supervisor Adapter II: User’s Guide
Index A configuring (continued) Ethernet connection 39 LDAP 46 LDAP client authentication 49 LDAP search attributes 49 network interfaces 39 port assignments 38 PPP access 42 remote alert recipients 23 Secure Shell server 62 security 54 serial-to-serial redirection 34 serial-to-Telnet redirection 35 single serial port 30 SMTP 45 SNMP 43 critical alerts 27 custom authority levels in login profile alerts configuring recipients for 23 forwarding from ISMP 25 gateway (forwarding) 25 ISMP, gateway to network 2
H O hardware service and support 114 help, getting 113 host server startup sequence, changing online publications 1 operating system (OS) watchdog (server timeout) operating system requirements 3 8 I P IBM Support Line 114 initialization-string guidelines for modem IP address, default static 5 ISMP alert forwarding 25 ISMP vital product data, viewing 77 33 K keyboard support in remote console 83 L LDAP configuring client authentication 49 configuring search attributes 49 overview 46 secure 53 set
Remote Supervisor Adapter II (continued) configuring 11 features 1 functions 1 logging in to Web interface 5 monitoring and configuring 36 SlimLine 1 requirements operating system 3 Web browser 3 restarting ASM 66 restoring ASM configuration 65 restoring ASM defaults 66 S Secure Shell server enabling 63 generating private key 63 overview 62 using 64 Secure Sockets Layer (SSL) 53 secure Web server and secure LDAP enabling SSL for LDAP client 62 enabling SSL for secure Web server 60 overview 53 SSL certifica
web site (continued) support line, telephone numbers 122 114 Remote Supervisor Adapter II SlimLine and Remote Supervisor Adapter II: User’s Guide
Part Number: 43W7827 Printed in USA (1P) P/N: 43W7827
