HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 7
... Are Enforced 122 User Address Restrictions...122 Creating Multiple Restrictions and Roles 123 Directory Services Schema (LDAP)...124 HP Management Core LDAP Object Identifier Classes and Attributes 124 Core Classes...124 Core Attributes...124 Core Class Definitions...125...125 Core Attribute Definitions...125 hpqPolicyDN...126 hpqRoleMembership...126 hpqTargetMembership...126 hpqRoleIPRestrictionDefault 126 hpqRoleIPRestrictions...127 hpqRoleTimeRestriction...127 iLO MP-Specific LDAP OID Classes and Attributes 127 iLO MP Classes...127 iLO MP Attributes...128 iLO MP Class Definitions...128...
... Are Enforced 122 User Address Restrictions...122 Creating Multiple Restrictions and Roles 123 Directory Services Schema (LDAP)...124 HP Management Core LDAP Object Identifier Classes and Attributes 124 Core Classes...124 Core Attributes...124 Core Class Definitions...125...125 Core Attribute Definitions...125 hpqPolicyDN...126 hpqRoleMembership...126 hpqTargetMembership...126 hpqRoleIPRestrictionDefault 126 hpqRoleIPRestrictions...127 hpqRoleTimeRestriction...127 iLO MP-Specific LDAP OID Classes and Attributes 127 iLO MP Classes...127 iLO MP Attributes...128 iLO MP Class Definitions...128...
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 18
... another command. 18 Introduction to iLO MP Right to power on the serial connection and the login banner warnings are assigned access rights that define a specific level of approximately one user at a time to have any . After initial failed login attempts (default three), a delay of access to the server and to...
... another command. 18 Introduction to iLO MP Right to power on the serial connection and the login banner warnings are assigned access rights that define a specific level of approximately one user at a time to have any . After initial failed login attempts (default three), a delay of access to the server and to...
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 22
... Related links: • Java for MVX - http://java.sun.com/j2se/1.5.0/system-configurations.html • Operating Systems for HP-UX - http://www.hp.com/products1/unix/java/archives/index.html • Java for Windows and Linux - Using local accounts, iLO offers administrators ...hp.com/go/firefox • Firefox for HP-UX - HP security requirements of the enterprise and architected iLO include the following: Authentication Determines who is an independent microprocessor running an embedded operating system. Authorization Determines whether the user attempting to perform a specific...
... Related links: • Java for MVX - http://java.sun.com/j2se/1.5.0/system-configurations.html • Operating Systems for HP-UX - http://www.hp.com/products1/unix/java/archives/index.html • Java for Windows and Linux - Using local accounts, iLO offers administrators ...hp.com/go/firefox • Firefox for HP-UX - HP security requirements of the enterprise and architected iLO include the following: Authentication Determines who is an independent microprocessor running an embedded operating system. Authorization Determines whether the user attempting to perform a specific...
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 23
...Set firewalls or routers to the same guidelines as other servers. For example, select alphanumeric strings with the same frequency and according to accept only specific source and destination addresses. The following : • Reset the community strings (read-write and read-only) with at least one uppercase letter,... uses SSL for web connections, RSL-RC4 encryption for the remote serial console, and SSH-DES3/DES128 2.0 recommended encryption algorithms for HP Integrity and HP 9000 - A separate network enables administrators to verify the integrity of defense against security attacks.
...Set firewalls or routers to the same guidelines as other servers. For example, select alphanumeric strings with the same frequency and according to accept only specific source and destination addresses. The following : • Reset the community strings (read-write and read-only) with at least one uppercase letter,... uses SSL for web connections, RSL-RC4 encryption for the remote serial console, and SSH-DES3/DES128 2.0 recommended encryption algorithms for HP Integrity and HP 9000 - A separate network enables administrators to verify the integrity of defense against security attacks.
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 26
... 1 LED 100M amber 100M amber 10M green 10M green Condition On Blinking On Blinking Status Linked at 100 MBs. Two versions of the system when a specific LED condition exists: Figure 2-4 iLO MP LAN LEDs (rx4640; Activity present On other servers, the LEDs display as in Figure 2-3. rp4410/4440) Card Version 2 26...
... 1 LED 100M amber 100M amber 10M green 10M green Condition On Blinking On Blinking Status Linked at 100 MBs. Two versions of the system when a specific LED condition exists: Figure 2-4 iLO MP LAN LEDs (rx4640; Activity present On other servers, the LEDs display as in Figure 2-3. rp4410/4440) Card Version 2 26...
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 27
...power on Standby power off iLO MP Reset Button The iLO MP Reset button enables you to reset the iLO MP, and reset the user-specific values to factory default values. rp4410/4440) Card Version 2 LED 100M green 100M green 10M amber 10M amber Condition On Blinking On Blinking... Status Linked at 10 MBs. rp3410/3440) Table 2-5 describes the status of the iLO MP when the button is released. Table 2-4 iLO MP LAN LED Status Descriptions (rx4640; rx2600; it also returns user-specific values to factory default values. Activity present iLO MP LAN ...
...power on Standby power off iLO MP Reset Button The iLO MP Reset button enables you to reset the iLO MP, and reset the user-specific values to factory default values. rp4410/4440) Card Version 2 LED 100M green 100M green 10M amber 10M amber Condition On Blinking On Blinking... Status Linked at 10 MBs. rp3410/3440) Table 2-5 describes the status of the iLO MP when the button is released. Table 2-4 iLO MP LAN LED Status Descriptions (rx4640; rx2600; it also returns user-specific values to factory default values. Activity present iLO MP LAN ...
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 41
... until the server boots to access the iLO MP. To access the graphic console using VGA requires these steps: 1. See your user service guide for specific port information. Power on the monitor screen. Accessing the Graphic Console Using VGA 41 a. c. See "Configuring the iLO MP LAN Using the Console Serial Port...
... until the server boots to access the iLO MP. To access the graphic console using VGA requires these steps: 1. See your user service guide for specific port information. Power on the monitor screen. Accessing the Graphic Console Using VGA 41 a. c. See "Configuring the iLO MP LAN Using the Console Serial Port...
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 55
...have that level to the error message, the usage display appears. • Arguments in addition to its default value. • -? (MP command-specific help) is a European standard; See also: DC, RB, UC CA: Configure asynchronous local and remote serial port parameters Command access level: MP ... without parameters takes you through the command interactively and prompts you for all parameters for that command to be set that password entered on HP-UX is a U.S. Set up the local serial port parameters as follows: BAUD RATES FLOW CONTROL Input and output data rates are the...
...have that level to the error message, the usage display appears. • Arguments in addition to its default value. • -? (MP command-specific help) is a European standard; See also: DC, RB, UC CA: Configure asynchronous local and remote serial port parameters Command access level: MP ... without parameters takes you through the command interactively and prompts you for all parameters for that command to be set that password entered on HP-UX is a U.S. Set up the local serial port parameters as follows: BAUD RATES FLOW CONTROL Input and output data rates are the...
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 56
... always connected." MODEM PRESENCE When the modem might see unexpected results. Example: A modem attached through a switch. If several different terminal types are reset: To restore specific configurations to their defaults use any of the following methods to reset passwords in time enables a local user to default values. • Reset passwords by...
... always connected." MODEM PRESENCE When the modem might see unexpected results. Example: A modem attached through a switch. If several different terminal types are reset: To restore specific configurations to their defaults use any of the following methods to reset passwords in time enables a local user to default values. • Reset passwords by...
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 57
Command line usage and scripting: DF [ -specific[ ] | -all default ] [ -nc ] -? The remote console is no DNS server IP addresses are specified, or the DNS domain is undefined, DNS is enabled and registered. ... follow the directions provided in as user Admin and password Admin (case sensitive). If executed from the HP website at: http://www.hp.com/go/bizsupport IMPORTANT: When performing a firmware upgrade that is sent to authorized HP service personnel. If executed in the MP Main Menu. DF displays FRUID information from the iLO...
Command line usage and scripting: DF [ -specific[ ] | -all default ] [ -nc ] -? The remote console is no DNS server IP addresses are specified, or the DNS domain is undefined, DNS is enabled and registered. ... follow the directions provided in as user Admin and password Admin (case sensitive). If executed from the HP website at: http://www.hp.com/go/bizsupport IMPORTANT: When performing a firmware upgrade that is sent to authorized HP service personnel. If executed in the MP Main Menu. DF displays FRUID information from the iLO...
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 93
There is no distinction made between eDirectory running on one of the following technical information documents (available at : http://www.hp.com/servers/lights-out. To spawn an eDirectory schema extension, you to run within the Microsoft Active Directory Users and Computers, and ...How to configure LDAP for the iLO MP an administrator must have eDirectory servers with the directory servers. Required Schema Software The iLO MP requires specific software to extend the schema and provide snap-ins to install in a mixed environment. • TID10059954 How to test whether LDAP is ...
There is no distinction made between eDirectory running on one of the following technical information documents (available at : http://www.hp.com/servers/lights-out. To spawn an eDirectory schema extension, you to run within the Microsoft Active Directory Users and Computers, and ...How to configure LDAP for the iLO MP an administrator must have eDirectory servers with the directory servers. Required Schema Software The iLO MP requires specific software to extend the schema and provide snap-ins to install in a mixed environment. • TID10059954 How to test whether LDAP is ...
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 94
... 7-1) enables you to view proposed extensions to enter required information before extending the schema. 94 Installing and Configuring Directory Services Additional files contain only product-specific schema. The schema installer requires the use of these files contains core schema that is common to all of the details of the attributes and...
... 7-1) enables you to view proposed extensions to enter required information before extending the schema. 94 Installing and Configuring Directory Services Additional files contain only product-specific schema. The schema installer requires the use of these files contains core schema that is common to all of the details of the attributes and...
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 97
... SSL with a Third-Party Certification Authority" Preparing Directory Services for Active Directory To set up directory services for Active Directory 97 HP recommends creating a backup of any valued data on Domain Controllers for Secure LDAP and SMTP Replication at : http://www.microsoft.com... Base Articles: - 216999 "How to Install the Remote Server Administration Tools in Windows" - 314978 "How to Use Adminpak.msi to Install a Specific Server Administration Tool in Windows 2000" - 247078 "How to Enable SSL Communication over LDAP for Windows 2000 Domain Controllers" - 321051 "How to Enable...
... SSL with a Third-Party Certification Authority" Preparing Directory Services for Active Directory To set up directory services for Active Directory 97 HP recommends creating a backup of any valued data on Domain Controllers for Secure LDAP and SMTP Replication at : http://www.microsoft.com... Base Articles: - 216999 "How to Install the Remote Server Administration Tools in Windows" - 314978 "How to Use Adminpak.msi to Install a Specific Server Administration Tool in Windows 2000" - 247078 "How to Enable SSL Communication over LDAP for Windows 2000 Domain Controllers" - 321051 "How to Enable...
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 103
Directory Services for Active Directory 103 Managing Users in a Role After user objects are created, use the Members tab (Figure 7-9) to a specific HP device and remove it from the list of member devices, click Add. • To browse to manage the users within the role. Figure 7-8 HP Devices Tab • To browse to a specific HP device and add it to the list of member devices, click Remove.
Directory Services for Active Directory 103 Managing Users in a Role After user objects are created, use the Members tab (Figure 7-9) to a specific HP device and remove it from the list of member devices, click Add. • To browse to manage the users within the role. Figure 7-8 HP Devices Tab • To browse to a specific HP device and add it to the list of member devices, click Remove.
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 104
Figure 7-9 Members Tab • To add a user, browse to the specific user you to add and click Add. • To remove a user from the list of valid members, highlight an existing user and click Remove. These restrictions include the following: 104 Installing and Configuring Directory Services Setting Login Restrictions The Role Restrictions tab (Figure 7-10) enables you want to set login restrictions for a role.
Figure 7-9 Members Tab • To add a user, browse to the specific user you to add and click Add. • To remove a user from the list of valid members, highlight an existing user and click Remove. These restrictions include the following: 104 Installing and Configuring Directory Services Setting Login Restrictions The Role Restrictions tab (Figure 7-10) enables you want to set login restrictions for a role.
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 108
...iLO MP objects, follow these steps: 1. NOTE: After you install snap-ins, restart ConsoleOne and MMC to set up roles and HP devices in each region to contain the iLO MP devices and roles specific to that region. Use the ConsoleOne snap-ins provided by creating organizational units in the... hp devices organizational unit for Use with iLO MP Devices in eDirectory The following example demonstrates how to show the new entries....
...iLO MP objects, follow these steps: 1. NOTE: After you install snap-ins, restart ConsoleOne and MMC to set up roles and HP devices in each region to contain the iLO MP devices and roles specific to that region. Use the ConsoleOne snap-ins provided by creating organizational units in the... hp devices organizational unit for Use with iLO MP Devices in eDirectory The following example demonstrates how to show the new entries....
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 111
... log in to the iLO MP. He would be managed within a role. Directory Services Objects for eDirectory 111 To browse to the specific user you create user objects, use his eDirectory password in the Password field to gain access. Directory Services for eDirectory Directory Services objects... After you want to add, click Add . Adding Role Managed Devices Use the Role Managed Devices subtab under the HP Management tab (Figure 7-17) to add HP devices to the specific HP device and add it as a managed device, click Add. devices,ou=region1,o=samplecorp Directory User Context 1 = ou...
... log in to the iLO MP. He would be managed within a role. Directory Services Objects for eDirectory 111 To browse to the specific user you create user objects, use his eDirectory password in the Password field to gain access. Directory Services for eDirectory Directory Services objects... After you want to add, click Add . Adding Role Managed Devices Use the Role Managed Devices subtab under the HP Management tab (Figure 7-17) to add HP devices to the specific HP device and add it as a managed device, click Add. devices,ou=region1,o=samplecorp Directory User Context 1 = ou...
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 114
... restore policy. Table 7-2 Lights-Out Management Device Rights Right Description Login This option controls whether users can use these classes to support a specific utility. Administer Local User Accounts This option enables users to access the system console (the host OS). You can log in to execute commands... based on a Linux platform. HP has created objects using these classes to create objects to support iLO MP devices (created using the hpqTarget class), and iLO MP Admins and...
... restore policy. Table 7-2 Lights-Out Management Device Rights Right Description Login This option controls whether users can use these classes to support a specific utility. Administer Local User Accounts This option enables users to access the system console (the host OS). You can log in to execute commands... based on a Linux platform. HP has created objects using these classes to create objects to support iLO MP devices (created using the hpqTarget class), and iLO MP Admins and...
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 119
...for the administrators and one or more redundancy, a multihost DNS name. However, these groups with one for the users. For details about the specific directory settings, see "Directory Services" (page 91), "Directory Services for Active Directory" (page 96), and eDirectory "Directory Services for eDirectory"... an existing group, organizational unit, or organization to create objects. When building multiple-role relationships, users receive all the rights assigned by HP to a role, add the object as the device's network address, DNS name, host server name, or serial number. • ...
...for the administrators and one or more redundancy, a multihost DNS name. However, these groups with one for the users. For details about the specific directory settings, see "Directory Services" (page 91), "Directory Services for Active Directory" (page 96), and eDirectory "Directory Services for eDirectory"... an existing group, organizational unit, or organization to create objects. When building multiple-role relationships, users receive all the rights assigned by HP to a role, add the object as the device's network address, DNS name, host server name, or serial number. • ...
HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition
Page 121
...cause the iLO MP device clock not to be difficult to manage if access is attempted across firmware flashes. For example, the DNS restriction www.hp.com matches hosts that are insecure. This format has similar capabilities to those in a low-to your networking environment. If the name service ... can be matched and will fail. The address range is typically specified in an IP address range but can limit access to a single, specific machine name or to a single address. Name service protocols are granted or denied access by the role apply. Any individual with a single system.
...cause the iLO MP device clock not to be difficult to manage if access is attempted across firmware flashes. For example, the DNS restriction www.hp.com matches hosts that are insecure. This format has similar capabilities to those in a low-to your networking environment. If the name service ... can be matched and will fail. The address range is typically specified in an IP address range but can limit access to a single, specific machine name or to a single address. Name service protocols are granted or denied access by the role apply. Any individual with a single system.