HP Integrated Lights-Out 2 User Guide

More documents

Recommendations

Info

To avoid this problem, do not install the iLO 2 self-signed certificate in the browser certificate store. If youwant to install the iLO 2 certificate, a permanent certificate should be requested from a CA and importedinto the iLO 2. This permanent certificate can then be installed in the browser certificate store.Firewall issuesiLO 2 communicates through several configurable TCP/IP ports. If these ports are blocked, theadministrator must configure the firewall to allow for communications on these ports. See theAdministration section of the iLO 2 user interface to view or change port configurations.Proxy server issuesIf the Web browser software is configured to use a proxy server, it will not connect to the iLO 2 IPaddress. To resolve this issue, configure the browser not to use the proxy server for the IP address of iLO2. For example, in Internet Explorer, select Tools>Internet Options>Connections>LANSettings>Advanced, and then enter the iLO 2 IP address or DNS name in the Exceptions field.Two-factor authentication errorWhen attempting to authenticate to iLO 2 using two-factor authentication, you might receive the messageThe page cannot be displayed. This message may appear for the following reasons:• No user certificates are registered on the client system. To correct this issue, register the necessaryuser certificate on the client system, which might require software provided by the smart cardvendor.• The user certificate is stored on a smart card or USB token that is not connected to the client system.To correct this issue, connect the appropriate smart card or USB token to the client system.• The user certificate is not issued by the trusted CA. The trusted CA's certificate is configured in iLO 2on the Two-Factor Authentication settings page. The certificate configured as the trusted CA, must bethe public certificate of the CA that issues certificates in your organization. To correct this issue,configure the appropriate certificate as the trusted CA on the iLO 2 Two-Factor Authenticationsettings page, or use a user certificate that is issued by the trusted CA which is already configured.• The user certificate is expired or not yet valid. Regardless of whether the expired certificate maps toa local user, or whether it corresponds to a directory user account, iLO 2 will not allowauthentication with a certificate that has expired or that is not yet valid. Check the validity dates ofthe certificate to verify that this is the cause of the The page cannot be displayed message.To correct this problem, issue a valid certificate to the user. Map the certificate to the local iLO useraccount if you are authenticating local iLO 2 users and verify the iLO 2 time clock is set correctly.• The user certificate was not digitally signed with the same certificate that is specified as the trustedCA. Even though the name on the trusted CA certificate might match the issuer of the user certificate,the user certificate might have been digitally signed by a different certificate. View the certificationpath of the user certificate, and ensure that the public key of the issuing certificate is the same as thepublic key of the trusted CA certificate. To correct this issue, configure the appropriate certificate asthe trusted CA on the iLO 2 Two-Factor Authentication settings page, or use a user certificate thatwas issued by the trusted CA.Troubleshooting alert and trap problemsAlertTest TrapServer Power OutageServer ResetExplanationThis trap is generated by a user through the Web configuration page.Server has lost power.Server has been reset.Troubleshooting iLO 2 160
AlertFailed Login AttemptGeneral ErrorLogsSecurity Override SwitchChanged: On/OffRack Server Power OnFailedRack Server Power OnManual OverrideRack Name ChangedExplanationRemote user login attempt failed.This is an error condition that is not predefined by the hard-coded MIB.Circular log has been overrun.The state of the Security Override Switch has changed (On/Off).The server was unable to power on because the BL p-Class rackindicated that insufficient power was available to power on the server.The server was manually forced by the customer to power on despite theBL p-Class reporting insufficient power.The name of the ProLiant BL p-Class rack was changed.Inability to receive HP SIM alarms (SNMP traps) from iLO 2A user with the Configure iLO 2 Settings privilege must connect to iLO 2 to configure SNMP trapparameters. When connected to iLO 2, be sure that the correct alert types and trap destinations areenabled in the SNMP/Insight Manager Settings screen of the iLO 2 console application.iLO 2 Security Override switchThe iLO 2 Security Override switch allows emergency access to the administrator with physical controlover the server system board. Setting the iLO Security Override switch allows login access, with allprivileges, without a user ID and password.The iLO 2 Security Override switch is located inside the server and cannot be accessed without openingthe server enclosure. To set the iLO 2 Security Override switch, the server must be powered off anddisconnected from the power source. Set the switch and then power on the server. Reverse the procedureto clear the iLO 2 Security Override switch.A warning message is displayed on the iLO 2 Web pages, indicating that the iLO 2 Security Overrideswitch is currently in use. An iLO 2 log entry is added recording the use of the iLO 2 Security Overrideswitch. An SNMP alert may also be sent upon setting or clearing the iLO 2 Security Override switch.In the unlikely event that it is necessary, setting the iLO 2 Security Override switch also enables you toflash the iLO 2 boot block. The boot block is exposed until iLO 2 is reset. HP recommends that youdisconnect iLO 2 from the network until the reset is complete.Depending on the server, the iLO 2 Security Override switch might be a single jumper or it might be aspecific switch position on a dip switch panel. To access the iLO 2 Security Override switch, refer to theserver documentation.Authentication code error messageWithin a Mozilla browser, you might receive an incorrect message authentication code error message,which indicates that the public or private keypair and certificate used to initiate the browser's SSL sessionhas changed. This error message can occur when you do not use a customer provided certificate,because iLO 2 generates its own self-signed certificate each time it is rebooted.To resolve this issue, close and restart the Web browser, or install your own certificates into iLO 2.Troubleshooting directory problemsThe following sections discuss troubleshooting directory issues.Troubleshooting iLO 2 161
Page 1 and 2:
HP Integrated Lights-Out 2User Guid
Page 3 and 4:
ContentsOperational overview ......
Page 5:
Schema-free HPLOMIG-based setup ...
Page 9 and 10:
iLO 2 overviewiLO 2 Standard provid
Page 11 and 12:
functionality can be provided by va
Page 13 and 14:
A separate network increases the se
Page 15 and 16:
4. Select Network>NIC>TCP/IP, press
Page 17 and 18:
Install iLO 2 device driversThe iLO
Page 19 and 20:
Configuring iLO 2In this sectioniLO
Page 21 and 22:
3. Click Upgrade iLO 2 Firmware.4.
Page 23 and 24:
• Scripted virtual media• Apple
Page 25 and 26:
3. Click Add.4. Complete the fields
Page 27 and 28:
Group administrationThe Group Accou
Page 29 and 30:
Parameter Default value Description
Page 31 and 32:
If the iLO 2 installation is comple
Page 33 and 34:
4. Verify that the iLO Management I
Page 35 and 36:
Password guidelinesEncryptionThe fo
Page 37 and 38:
By default, iLO 2 creates a self-si
Page 39 and 40:
necessary security, the following c
Page 41 and 42:
10. Change Certificate Owner Field
Page 43 and 44:
Owner Field is set to SAN, iLO 2 ob
Page 45 and 46:
The test page displays the results
Page 47 and 48:
To change network settings for iLO
Page 49 and 50:
After iLO 2 resets, the Shared Netw
Page 51 and 52:
5. Navigate to the Virtual LAN ID f
Page 53 and 54:
• Verify NSLOOKUP correctly resol
Page 55 and 56:
On select p-Class blades in enclosu
Page 57 and 58:
Subnet Mask—Assigns the subnet ma
Page 59 and 60:
This configuration causes the iLO 2
Page 61 and 62:
Using iLO 2In this sectioniLO 2 bro
Page 63 and 64:
• Last Used Remote Console displa
Page 65 and 66:
Temperaturesfan failure, some fan o
Page 67 and 68:
DiagnosticsThe iLO 2 processor reco
Page 69 and 70:
The status of these self-tests is i
Page 71 and 72:
Remote Console Information screenRe
Page 73 and 74:
Supported hot keysThe Program Remot
Page 75 and 76:
• Ctrl-Alt-Del—Enters the key s
Page 77 and 78:
Security informationIf Remote Conso
Page 79 and 80:
High-Performance Mouse option. You
Page 81 and 82:
Graceful shutdown• No—Server wi
Page 83 and 84:
Processor StatesSelecting the Proce
Page 85 and 86:
You can access virtual media on a h
Page 87 and 88:
Virtual Floppy and USB key drives d
Page 89 and 90:
3. Click Connect.To use an image fi
Page 91 and 92:
4. Click Create. The virtual media
Page 93 and 94:
Rack ViewThe Rack View page present
Page 95 and 96:
Enclosure informationEnclosure info
Page 97 and 98:
Power component informationSelectin
Page 99 and 100:
Enclosure bay IP addressingDuring t
Page 101 and 102:
Field Possible value DescriptionDNS
Page 103 and 104:
BL p-Class and BL c-Class featuresT
Page 105 and 106:
• Flexibility—You can create a
Page 107 and 108:
10. Select the certificate authorit
Page 109 and 110: NOTE: When connected through the Di
Page 111 and 112: Schema PreviewThe Schema Preview sc
Page 113 and 114: Management snap-in installerThe man
Page 115 and 116: Snap-in installation and initializa
Page 117 and 118: d. Add users to the role. Click the
Page 119 and 120: MembersAfter user objects are creat
Page 121 and 122: Active Directory Lights-Out managem
Page 123 and 124: e. Repeat the process for several m
Page 125 and 126: Role managed devicesThe Role Manage
Page 127 and 128: To remove any of the entries, highl
Page 129 and 130: Directory-enabled remote management
Page 131 and 132: How directory login restrictions ar
Page 133 and 134: Using DNS-based restrictions can cr
Page 135 and 136: • HP SIM can:• Manage multiple
Page 137 and 138: • Windows® Server 2003• Novell
Page 139 and 140: 1. Click Start and select Programs>
Page 141 and 142: This page determines if the HP Exte
Page 143 and 144: • Role DN—The role distinguishe
Page 145 and 146: NOTE: The feature associated with t
Page 147 and 148: HP Systems Insight Manager integrat
Page 149 and 150: Clicking on a status icon for iLO 2
Page 151 and 152: Troubleshooting iLO 2In this sectio
Page 153 and 154: LED indicatorPOST code(activitycomp
Page 155 and 156: Event log displayEvent log explanat
Page 157 and 158: The DHCP server must be configured
Page 159: • The use of the diagnostic port
Page 163 and 164: 2. On the Level of Privacy screen,
Page 165 and 166: Terminal Services proxy stops respo
Page 167 and 168: For example, when User1 logs in, th
Page 169 and 170: 1. Attempt to connect to iLO 2 thro
Page 171 and 172: Directory services schemaIn this se
Page 173 and 174: SyntaxOptionsRemarksDistinguished N
Page 175 and 176: Lights-Out Management specific LDAP
Page 177 and 178: DescriptionSyntaxOptionsRemarksLoca
Page 179 and 180: Acronyms and abbreviationsACPIAdvan
Page 181 and 182: HPONCFGHP Lights-Out Online Configu
Page 183 and 184: RASremote access serviceRBSUROM-Bas
Page 185 and 186: IndexAaccess options 23, 28, 33acce
Page 187 and 188: memory 66Microsoft software 104, 11
Page 189: virtual media 59, 84, 85, 87, 91, 1
show all

HP Integrated Lights-Out 2 User Guide

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?