HP BladeSystem Onboard Administrator User Guide - HP Business ...

More documents

Recommendations

Info

Login Banner Deselecting this option will allow other SSLv3 algorithms such as RSA, RC4, and MD5 to also be used in SSH sessions. Web GUI sessions use FIPS140-2-pproved algorithms regardless of this setting. To set this option, you must select the checkbox, and then click Apply. The HP BladeSystem Onboard Administrator FIPS 140-2 implementation is based on the open source package openssl-fips-1.2. For more information see, the OpenSSL website (http://openssl.org/docs/fips/fipsnotes.html). NOTE: The Enforce Strong Encryption option is available in Onboard Administrator version 3.60 and earlier. To save the settings, click Apply. NOTE: The Login Banner accepts English (ASCII) characters only. Enabling the Login Banner option requires Onboard Administrator users to acknowledge the banner text before they can log in. Enable Display of Banner on User Login Select this checkbox to enable the Login Banner option. Acknowledgment of the Login Banner text provides access to all systems connected to the primary Onboard Administrator. Banner Text The field size is limited to 1,500 printable characters, excluding the % or \ characters. While spaces and line feeds are accepted, using only white space characters within this text field is not allowed. Apply Trusted Hosts Click Apply to validate the Banner Text field. If the Banner Text field is empty or contains only white space characters, but the Enable Display of Banner on User Login checkbox is selected, you are prompted to disable this feature. The Trusted Hosts subcategory is used to restrict access to the Onboard Administrator to all hosts except those listed. When enabled, this protocol only allows access to the Onboard Administrator to listed hosts. This subcategory contains one dialog box, one entry field, and one display box, which, if enabled, is used to list trusted IP addresses. The Enable IP address access restriction checkbox is not selected by default. Selecting this checkbox allows only those IP addresses listed as Trusted Addresses to connect to the Onboard Administrator. CAUTION: Enabling IP address access restriction without first entering the user's IP address in the Trusted Addresses list will disconnect the user from the Onboard Administrator. The Trusted Addresses field is used to enter the IP addresses of all hosts that are to be trusted and allowed to connect remotely to the Onboard Administrator through the protocols set up in the Protocol Restrictions subcategory. This field allows for IP addresses only. Configuring the HP BladeSystem c7000 enclosure and enclosure devices 84
Below the Trusted Addresses field is the list box of all trusted IP addresses, if trusted IP addresses are configured. To add a trusted host, enter the IP address in the Trusted Addresses field, and then click Add. You can add a maximum of five Trusted Addresses. To remove a trusted host, select the IP address in the Trusted Addresses list, and then click Remove. To save the settings, click Apply. Anonymous Data FIPS tab FIPS mode Enable Extended Data on GUI Login Page—This checkbox is selected by default. Clearing this checkbox disables the + functionality in the topology view on the sign in page for this enclosure. Also, the Onboard Administrator health status appears as N/A on the sign in page. Disabling the extended data on the GUI sign in page prevents unauthenticated users from viewing additional information. To prevent additional information from appearing for each linked enclosure, you must clear this checkbox for each enclosure. Click Apply to save settings. Using the FIPS mode ON enforces use of the Onboard Administrator in a FIPS 140-2-approved mode. This FIPS mode includes the use of approved algorithms such as AES, 3DES, SHA and other security restrictions. Setting this option to OFF enables the use of non-FIPS-140-2-approved algorithms such as ARC4. Using the DEBUG option sets the Onboard Administrator to an environment similar to the FIPS mode ON, but with the option of debug support from HP. The FIPS mode DEBUG has the functionalities of the FIPS mode ON, but it is not considered FIPS-compliant because of the debug option. The Onboard Administrator restarts after all changes are made. All existing settings are lost when you run this operation. Any change to the FIPS mode setting performs a Restore to Factory Default operation. If the change is to the FIPS mode ON or FIPS mode DEBUG, strong passwords are enabled, minimum password length is set to eight characters, and a new Administrator account password is requested. Additionally, the Enclosure IP mode, SNMP and Telnet protocols are disabled. To save the settings, click Apply. Clear VC Mode NOTE: Entering and exiting FIPS mode performs a factory restore operation and locks the Insight Display (LCD). If the Onboard Administrator was previously configured with a static IP address, it defaults to a DHCP address until reconfigured with a static IP address. Recovery requires access to the Onboard Administrator serial console to perform the SHOW OA CONSOLE command to discover the new Onboard Administrator IP address. Clearing the VC mode removes all VC settings from the enclosure. Power off all VC-configured servers before clearing the VC mode. If servers are not powered down, they might maintain the VC settings until they are rebooted. You must clear the VC mode before changing to the FIPS mode ON/DEBUG. Configuring the HP BladeSystem c7000 enclosure and enclosure devices 85
Page 1 and 2:
HP BladeSystem Onboard Administrato
Page 3 and 4:
Contents Introduction .............
Page 5 and 6:
Boot Options tab ..................
Page 7 and 8:
Europe time zone settings .........
Page 9 and 10:
server iLO, interconnect management
Page 11 and 12:
If a protocol is disabled, then the
Page 13 and 14:
the KVM USB for keyboard and mouse
Page 15 and 16:
Option ROM settings. For the interc
Page 17 and 18:
If extended data is disabled on an
Page 19 and 20:
Using online help To access online
Page 21 and 22:
The Insight Display LCD panel allow
Page 23 and 24:
OA 3.60 Encryption Normal OA3.60 En
Page 25 and 26:
2. Slide the Onboard Administrator
Page 27 and 28:
Enclosure KVM Features The Enclosur
Page 29 and 30:
• Server Console—Select a serve
Page 31 and 32:
First Time Setup Wizard Before you
Page 33 and 34: To update the rack topology informa
Page 35 and 36: Rack and Enclosure Settings screen
Page 37 and 38: Administrator Account Setup screen
Page 39 and 40: For possible values and description
Page 41 and 42: Knowing your network configuration
Page 43 and 44: Use the LDAP Group Configuration sc
Page 45 and 46: Field Possible value Description Se
Page 47 and 48: Power Management screen IMPORTANT:
Page 49 and 50: Mode Insight Display name Descripti
Page 51 and 52: Navigating Onboard Administrator Na
Page 53 and 54: Clicking the link for an individual
Page 55 and 56: The following image shows the graph
Page 57 and 58: Rack View Rack View screen The Rack
Page 59 and 60: If the active mode is set for a sin
Page 61 and 62: Row Description Enclosure Ambient T
Page 63 and 64: Column Description Bay Model Manufa
Page 65 and 66: Configuring the HP BladeSystem c700
Page 67 and 68: To view the enclosure Status screen
Page 69 and 70: Information Configuring the HP Blad
Page 71 and 72: To change the state of the enclosur
Page 73 and 74: o Fan removed o Power supply status
Page 75 and 76: Disabled—Disables powerdelay for
Page 77 and 78: Column Description Delay Click Appl
Page 79 and 80: Enclosure TCP/IP settings IPv4 Sett
Page 81 and 82: IPv6 Settings tab This screen displ
Page 83: • Auto-Negotiate—Automatically
Page 87 and 88: EBIPA assigns IP addresses for the
Page 89 and 90: Column Description EBIPA Address Su
Page 91 and 92: Enclosure Virtual Buttons tab To ch
Page 93 and 94: Active to Standby DVD drive When a
Page 95 and 96: in the list. If multiple media disk
Page 97 and 98: The revert delay on the VLAN Settin
Page 99 and 100: Adding, editing, and removing VLANs
Page 101 and 102: To change the membership of a devic
Page 103 and 104: HP Insight Remote Support Use the R
Page 105 and 106: Insight Remote Support Service Even
Page 107 and 108: Row Description Collection Click Se
Page 109 and 110: Enclosure Firmware Management setti
Page 111 and 112: updating the firmware management lo
Page 113 and 114: • In the list of enclosures, the
Page 115 and 116: Row Description Firmware Version Ha
Page 117 and 118: Certificate Administration Informat
Page 119 and 120: Certificate Request tab The Certifi
Page 121 and 122: Certificate-signing request attribu
Page 123 and 124: Force Downgrade—You must use this
Page 125 and 126: • Enclosure Event 0x11: Fan Inser
Page 127 and 128: • Enclosure Event 0x1203: Flash P
Page 129 and 130: TCP/IP Settings for Standby Onboard
Page 131 and 132: Row Description Version MD5 Fingerp
Page 133 and 134: Field Possible values Description I
Page 135 and 136:
Button Description Momentary Press
Page 137 and 138:
Row Description Status Powered Powe
Page 139 and 140:
The Onboard Administrator provides
Page 141 and 142:
Row Description Bay Device Model Fi
Page 143 and 144:
Row Description Serial Number (Logi
Page 145 and 146:
Column Description iLO DVD Status D
Page 147 and 148:
IML Log tab The IML Log tab display
Page 149 and 150:
Diagnostic information is gathered
Page 151 and 152:
Status tab Status information Row D
Page 153 and 154:
Management Console Information prov
Page 155 and 156:
Interconnect bays Interconnect Bay
Page 157 and 158:
Click the Port Mapping Interconnect
Page 159 and 160:
Interconnect Bay Virtual Buttons In
Page 161 and 162:
Enclosure power management Power ma
Page 163 and 164:
IMPORTANT: To change the power redu
Page 165 and 166:
HP launched Power Capping technolog
Page 167 and 168:
The Line Voltage value is used to p
Page 169 and 170:
Row Description Present Power Enclo
Page 171 and 172:
The Power Subsystem screen provides
Page 173 and 174:
Fans and cooling management Fan zon
Page 175 and 176:
Fan status Column Description Fan M
Page 177 and 178:
Row Description Serial Number Diagn
Page 179 and 180:
c3000 Enclosure fan location rules
Page 181 and 182:
When a USB key is detected in the A
Page 183 and 184:
If a Windows® installation CD is i
Page 185 and 186:
You can eject media from the DVD dr
Page 187 and 188:
Unattended OS deployment The Onboar
Page 189 and 190:
You can initiate an unattended oper
Page 191 and 192:
From the DVD Connection Status scre
Page 193 and 194:
To view the progress of the unatten
Page 195 and 196:
Onboard Administrator bays. The pri
Page 197 and 198:
Field Possible value Description Pa
Page 199 and 200:
Account classification Capabilities
Page 201 and 202:
Field Possible value Description Se
Page 203 and 204:
A failed test reports that the IP a
Page 205 and 206:
Privilege level Field Possible valu
Page 207 and 208:
Checkbox Description Onboard Admini
Page 209 and 210:
Account classification Capabilities
Page 211 and 212:
HP SIM integration HP BladeSystem O
Page 213 and 214:
Using Enclosure Firmware Management
Page 215 and 216:
2. Select the Manual Update tab. 3.
Page 217 and 218:
Logging Enclosure Firmware Manageme
Page 219 and 220:
Server firmware Select Device Bays
Page 221 and 222:
When Two-Factor Authentication is e
Page 223 and 224:
administrator. If any sessions have
Page 225 and 226:
Port mapping Device bay port mappin
Page 227 and 228:
HP ProLiant BL680c G7 Servers Devic
Page 229 and 230:
HP ProLiant BL2x220c G7 Server The
Page 231 and 232:
In this diagram, N equals the numbe
Page 233 and 234:
Device bay port mapping table for c
Page 235 and 236:
Connection Port Number Connects to
Page 237 and 238:
12. Complete the remainder of the s
Page 239 and 240:
Since none of the configured device
Page 241 and 242:
Current enclosure inventory To view
Page 243 and 244:
The iLO entry in the tree view is o
Page 245 and 246:
Troubleshooting Onboard Administrat
Page 247 and 248:
55 Getting the Onboard Administrato
Page 249 and 250:
137 The session could not be create
Page 251 and 252:
216 Firmware update in progress. Lo
Page 253 and 254:
285 Invalid remote server address 2
Page 255 and 256:
358 URB reporting using SMTP cannot
Page 257 and 258:
Resetting the Onboard Administrator
Page 259 and 260:
Enabling LDAP Directory Services Au
Page 261 and 262:
1. Click the Upload Certificate Tab
Page 263 and 264:
CZImiZPyLGQBGRYDY29tMRIwEAYKCZImiZP
Page 265 and 266:
o Test Operator o TestOperator@Doma
Page 267 and 268:
Time zone settings Africa time zone
Page 269 and 270:
Asia time zone settings IMPORTANT:
Page 271 and 272:
Europe/Belfast Europe/Lisbon Europe
Page 273 and 274:
Acronyms and abbreviations CA certi
Page 275 and 276:
SUV serial, USB, video TFTP Trivial
Page 277 and 278:
Index A AC redundant, lost 161 acce
Page 279 and 280:
power management planning 161 power
show all

HP BladeSystem Onboard Administrator User Guide - HP Business ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?