NEC iLO 5 User Manual Download | Manualshive

Page: 240 / 335

background image

234

Administering SSL certificates

SSL protocol is a standard for encrypting data so that it cannot be viewed or modified while in
transit on the network. This protocol uses a key to encrypt and decrypt the data. Generally, the
longer the key, the better the encryption.

A certificate is a small data file that connects an SSL key to a server. The certificate contains the
server name and the server public key. Only the server has the corresponding private key, and
this is how it is authenticated.

A certificate must be signed to be valid. If it is signed by a Certificate Authority (CA), and that CA
is trusted, all certificates signed by the CA are also trusted. A self-signed certificate is one in
which the owner of the certificate acts as its own CA.

By default, iLO creates a self-signed certificate for use in SSL connections. This certificate enables
iLO to work without additional configuration steps.

IMPORTANT:

Using a self-signed certificate is less secure than importing a trusted certificate. NEC
Corporation recommends importing a trusted certificate to protect the security of the iLO
processor.

Viewing SSL certificate information

Procedure

To view certificate information, click Security in the navigation tree, and then click the SSL
Certificate tab.

SSL certificate details

•

Issued To—The entity to which the certificate was issued.

•

Issued By—The CA that issued the certificate.

•

Valid From—The first date that the certificate is valid.

•

Valid Until—The date that the certificate expires.

•

Serial Number—The serial number that the CA assigned to the certificate.

Obtaining and importing an SSL certificate

iLO allows you to create a Certificate Signing Request that you can send to a Certificate
Authority to obtain a trusted SSL certificate to import into iLO.

An SSL certificate works only with the keys generated with its corresponding CSR. If iLO is reset
to the factory default settings, or another CSR is generated before the certificate that
corresponds to the previous CSR is imported, the certificate does not work. In that case, a new
CSR must be generated and used to obtain a new certificate from a CA.

Prerequisites

«
...
238
239
240
241
242
...
»

Summary of Contents for iLO 5

Page 1: ...cks 7 Configuring and using iLO Federation 8 iLO Integrated Remote Console 9 Using a text based Remote Console 10 Using iLO Virtual Media 11 Using the power and thermal features 12 Configuring iLO network settings 13 Using the iLO administration features 14 Using the iLO security features 15 Configuring iLO management settings 16 IPMI server management 17 Managing iLO reboots factory reset and NMI...

Page 2: ...s standard commercial license Links to third party websites take you outside the NEC Corporation website NEC Corporation has no control over and is not responsible for information outside the NEC Corporation website Acknowledgments Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and or other countries Java and Oracle are registered...

Page 3: ... iLO 17 iLO web interface 19 Changing the language from the login page 20 4 Viewing iLO information and logs 22 Viewing iLO overview information 22 Managing iLO sessions 25 iLO Event Log 26 Integrated Management Log 31 Active Health System 38 Downloading the Active Health System Log for a date range 38 Viewing iLO self test results 41 5 Viewing general system information 43 Viewing processor infor...

Page 4: ...10 Using iLO Virtual Media 135 Virtual Media operating system information 137 Using Virtual Media from the iLO web interface 139 Remote Console Virtual Media 143 11 Using the power and thermal features 148 Server power on 148 Brownout recovery 148 Graceful shutdown 148 Power efficiency 149 Managing the server power 149 Configuring the System Power Restore Settings 151 Viewing server power usage 15...

Page 5: ...ng resetting iLO 275 Reset iLO to the factory default settings 278 Generating an NMI 280 18 Troubleshooting 281 Using the iLO Virtual Serial Port with Windbg 281 Using the Server Health Summary 283 Incorrect time stamp on iLO Event Log entries 285 Login and iLO access issues 286 iLO management port not accessible by name 286 Unable to connect to iLO IP address 290 Directory issues 294 Remote Conso...

Page 6: ......

Page 7: ...ew server events and configure notifications through SNMP alerts remote syslogs and email alerts Active Health System Log Download the Active Health System log You can send the log file to NEC Corporation when you have an open support case iLO Federation management Use the iLO Federation features to discover and manage multiple servers at a time Integrated Remote Console If you have a network conn...

Page 8: ...for all users These settings can be configured on the Access Settings page Disabling the BMC Configuration Utility prevents reconfiguration from the host unless the system maintenance switch is set to disable iLO security To access the BMC Configuration Utility press F9 during POST to start the UEFI System Utilities Click System Configuration and then click BMC Configuration Utility iLO RESTful AP...

Page 9: ...ultiple servers to incorporate a standard configuration into the deployment process and to control servers and subsystems The iLO scripting and CLI guide describes the syntax and tools available for using iLO through a command line or scripted interface ...

Page 10: ...mproves performance and security because you can physically control which workstations are connected to the network A separate network also provides redundant access to the server when a hardware failure occurs on the production network In this configuration iLO cannot be accessed directly from the production network The Dedicated management network is the preferred iLO network configuration Figur...

Page 11: ...from the server NIC port that iLO is configured to share The selected NIC teaming mode sends all traffic destined for iLO to a NIC port other than the one that iLO is configured to share Because iLO and the server transmit and receive on the same switch port the selected NIC teaming mode must allow the switch to tolerate traffic with two different MAC addresses on the same switch port Some impleme...

Page 12: ...ss A dynamic IP address is set by default iLO obtains the IP address and subnet mask from DNS or DHCP servers This method is the simplest If you use DHCP The iLO management port must be connected to a network that is connected to a DHCP server and iLO must be on the network before power is applied DHCP sends a request soon after power is applied If the DHCP request is not answered when iLO first b...

Page 13: ...se the iLO web interface when you can connect to iLO on the network by using a web browser You can also use this method to reconfigure an iLO management processor ROM based setup Use the BMC Configuration Utility when the system environment does not use DHCP DNS or WINS Other configuration options not discussed in this guide follow EXPRESSBUILDER To start EXPRESSBUILDER press F10 during POST iLO R...

Page 14: ...standard Ethernet cabling which includes CAT 5 UTP with RJ 45 connectors Straight through cabling is necessary for a hardware link to a standard Ethernet hub or switch For more information about setting up your hardware see the server user guide More Information iLO network connection options Setting up iLO by using the BMC Configuration Utility NEC Corporation recommends using the BMC Configurati...

Page 15: ...firm that you want to save the pending configuration changes 10 To save and exit click Yes Save Changes 11 The BMC Configuration Utility notifies you that iLO must be reset in order for the changes to take effect 12 Click OK iLO resets and the iLO session is automatically ended You can reconnect in approximately 30 seconds 13 Resume the normal boot process a Start the iLO remote console The BMC Co...

Page 16: ... 7 Enter the password a Move the cursor to the Password box and then press Enter The Enter your new password box opens b Type the password and then press Enter The Confirm your new password box opens c Type the password again to confirm and then press Enter 8 The BMC Configuration Utility confirms the new account creation 9 To close the confirmation dialog box click OK 10 Create as many user accou...

Page 17: ... privilege select NO The Login privilege is assigned to every user by default so it is not available in the BMC Configuration Utility You cannot assign the Recovery Set privilege through the BMC Configuration Utility so it is not available in the list 9 Update as many user accounts as needed and then press F12 to save the changes and exit the system utilities 10 When prompted to confirm the change...

Page 18: ...e iLO firmware is configured with a default user name password and DNS name The default information is on the serial label pull tab attached to the server that contains the iLO management processor Use these values to access iLO remotely from a network client by using a web browser User name Administrator Password A random eight character string DNS name BMCXXXXXXXXXXXX where the X characters repr...

Page 19: ... user has Configure iLO Settings privilege Click iLO Dedicated Network Port and Click SNTP when iLO is using iLO Dedicated Network Port Click iLO Shared Network Port and Click SNTP when iLO is using iLO Shared Network Port If you would like to sync a date and time between iLO and SNTP server configure iLO SNTP settings If you won t use time syncing function with SNTP server configure following par...

Page 20: ...14 If Time Format on BIOS Platform Configuration RBSU is Local time set Unspecified Time Zone GMT to iLO Time Zone BIOS Platform Configuration RBSU iLO Web Interface ...

Page 21: ...rm Configuration RBSU is Coordinated Universal Time UTC set same time zone parameter to iLO Time Zone BIOS Platform Configuration RBSU iLO Web Interface After setting Click Apply and Click Reset iLO will restart to apply the settings ...

Page 22: ...Internet Explorer To check or change this setting see Configuring the Internet Explorer JavaScript setting Cookies Cookies must be enabled for certain features to function correctly Pop up windows Pop up windows must be enabled for certain features to function correctly Verify that pop up blockers are disabled TLS To access the iLO web interface you must enable TLS 1 0 or later in your browser Con...

Page 23: ...RL in the browser address bar As a consequence all open browser windows share one user session Logging out in one window ends the user session in all the open windows Logging in as a different user in a new window replaces the session in the other windows This behavior is typical of browsers iLO does not support multiple users logged in from two different browser windows in the same browser on the...

Page 24: ... readily apparent If User1 continues to navigate in this mode User1 and User2 sharing a process because User2 logged in and reset the session cookie the following might occur User1 session behaves consistently with the privileges assigned to User2 User1 activity keeps User2 session alive but User1 session can time out unexpectedly Logging out of either window causes both sessions to end The next a...

Page 25: ... interface The iLO web interface groups similar tasks for easy navigation and workflow The interface is organized with a navigation tree in the left pane To use the web interface click an item in the navigation tree and then click the name of the tab you want to view Using the iLO controls iLO control icons When you log in to the iLO web interface the iLO controls are available from any iLO page P...

Page 26: ...epository options click this icon These options are available on all Firmware OS Software tabs iLO navigation pane iLO has a collapsible navigation pane that is accessible from each page To toggle between showing and hiding the navigation pane click the icon in the top left corner of the iLO web interface To hide the navigation pane click the X icon To show the navigation pane click the icon in th...

Page 27: ...21 ...

Page 28: ...d to host applications This value is displayed only when set by other software This value might affect operating system and application licensing The UUID Logical value is set as part of the logical server profile that is assigned to the system If the logical server profile is removed the system UUID value reverts from the UUID Logical value to the UUID value If no UUID Logical value is set this i...

Page 29: ...O firmware functionality iLO Firmware Version The version and date of the installed iLO firmware To navigate to the Firmware Update page click the iLO Firmware Version link IP Address The network IP address of the iLO subsystem Link Local IPv6 Address The SLAAC link local address of the iLO subsystem To navigate to the Network Summary page click the Link Local IPv6 Address link This value is displ...

Page 30: ...ot Supported Not Present or Present Enabled Trusted Platform Modules and Trusted Modules are computer chips that securely store artifacts used to authenticate the platform These artifacts can include passwords certificates or encryption keys You can also use a TPM or TM to store platform measurements to make sure that the platform remains trustworthy On a supported system ROM decodes the TPM or TM...

Page 31: ...on list details iLO displays the following details in the Current Session and Session List tables User The iLO user account name IP The IP address of the computer used to log in to iLO Login Time The date and time that the iLO session started Access Time The date and time that iLO was last active in the session Expires The date and time that the session will end automatically Source The session so...

Page 32: ...login attempts and maintaining a record of all login failures The Authentication Failure Logging setting allows you to configure logging criteria for failed authentications The event log captures the client name for each logged entry to improve auditing capabilities in DHCP environments and records the account name computer name and IP address Viewing the event log Procedure 1 Click Information in...

Page 33: ... occur They are not consolidated into one event log entry When less important events are repeated they are consolidated into one event log entry and the Count and Last Update values are updated Each event type has a specific time interval that determines whether repeated events are consolidated or a new event is logged Category The event category Event log icons iLO uses the following icons to ind...

Page 34: ...are selected the following is displayed System time UTC Time Zone displayed in BIOS Platform Configuration RBSU If Show Local Time is selected the following is displayed Added to the System time UTC Time Zone displayed in BIOS Platform Configuration RBSU and the time zone of the environment of the client connected to iLO In iLO 5 Firmware Version 1 15 Aug 17 2017 when SNTP setting is not configure...

Page 35: ...ile Procedure 1 Click Information in the navigation tree and then click the iLO Event Log tab 2 Click the CSV icon 3 In the CSV Output window click Save and then follow the browser prompts to save or open the file Clearing the event log Prerequisites Configure iLO Settings privilege Procedure 1 Click Information in the navigation tree and then click the iLO Event Log tab 2 Click 3 When prompted to...

Page 36: ...30 The event log is cleared of all previously logged information and an event is recorded in the log ...

Page 37: ...The ability to view the log when the server is off can be helpful when troubleshooting remote host server issues Examples of the types of information recorded in the IML follow Fan inserted Fan removed Fan failure Fan degraded Fan repaired Fan redundancy lost Fans redundant Power supply inserted Power supply removed Power supply failure Power supplies redundancy lost Power supplies redundant Tempe...

Page 38: ...occurred for example network maintenance or system revision Description The description identifies the component and detailed characteristics of the recorded event If the iLO firmware is rolled back the description UNKNOWN EVENT TYPE might be displayed for events recorded by the newer firmware You can resolve this issue by updating the firmware to the latest supported version or by clearing the lo...

Page 39: ... Informational The event provides background information Repaired An event has undergone corrective action Unknown The event severity could not be determined IML event pane details Initial Update The date and time when the first event of this type occurred This value is based on the date and time stored by the iLO firmware If iLO did not recognize the date and time when the event was first created...

Page 40: ...zone of the environment of the client connected to iLO In iLO 5 Firmware Version 1 15 Aug 17 2017 when SNTP setting is not configured and Time Format on BIOS Platform Configuration RBSU is Local Time the following times are displayed If Show Default and Show ISO Time are selected the following is displayed System time UTC Time Zone displayed in BIOS Platform Configuration RBSU If Show Local Time i...

Page 41: ...the Integrated Management Log tab 3 Select the log entry To select an IML entry click the check box next to the entry in the first column of the IML table If a check box is not displayed next to an IML entry that entry cannot be marked as repaired 4 Click The iLO web interface refreshes and the selected log entry status changes to Repaired ...

Page 42: ...nce Note window opens 3 Enter the text that you want to add as a log entry and then click OK You can enter up to 227 bytes of text You cannot submit a maintenance note without entering some text An Informational log entry with the class Maintenance is added to the IML Saving the IML to a CSV file Use a supported browser to export the IML to a CSV file Procedure 1 Click Information in the navigatio...

Page 43: ...privilege Procedure 1 Click Information in the navigation tree and then click the Integrated Management Log tab 2 Click 3 When prompted to confirm the request click OK The IML is cleared of all previously logged information and an event is recorded in the IML ...

Page 44: ...ersions and settings The Active Health System does not parse or change OS data from third party error event log activities for example content created or passed through the OS Active Health System Log The data collected by the Active Health System is stored in the Active Health System Log The data is logged securely isolated from the operating system and separate from customer data When the Active...

Page 45: ... the server 4 Click Download 5 Save the file Downloading the entire Active Health System Log It might take a long time to download the entire Active Health System Log If you must upload the Active Health System Log for a technical issue NEC Corporation recommends downloading the log for the specific range of dates in which the problem occurred Procedure 1 Click Information in the navigation tree a...

Page 46: ...eing used by EXPRESSBUILDER the Active Health System download CLI tool or the iLO Service Port 2 Click Show Advanced Settings 3 Scroll to the Clear Log section and then click Clear 4 When prompted to confirm the request click OK iLO notifies you that the log is being cleared 5 Reset iLO Resetting iLO is required because some Active Health System data is recorded to the log only during iLO startup ...

Page 47: ... Diagnostics tab iLO self tests Self test details Self Test The tested function Status The test status Pass The test was successful Fail The test detected a problem A reboot firmware or software update or service might be required Informational Supplemental data about the tested system is provided in the Notes column Notes A test might include supplemental information in the Notes column For some ...

Page 48: ...ests functions related to power measurement power capping and power management CPLD Tests the programmable hardware in the server Host ROM Checks the BIOS to determine whether it is out of date compared to the management processor Supported Host Checks the management processor firmware to determine whether it is out of date for the server hardware EEPROM Tests the hardware that stores basic iLO pr...

Page 49: ... the last power off Health information is updated only when the server is powered on and POST is complete Procedure 1 Click System Information in the navigation tree Redundancy status Redundancy status is displayed for the following Fan Redundancy Power Status Subsystem and device status Summarized status information is displayed for the following Agentless Management Service BIOS Hardware Health ...

Page 50: ...m health status is listed as OK However if a redundant fan or power supply fails while the system is powered on the system health status is listed as Degraded until you replace the fan or power supply Failed Redundant The device or subsystem is in a nonoperational state Failed One or more components of the device or subsystem are nonoperational Other For more information navigate to the System Inf...

Page 51: ...on and POST is complete Procedure ア Click System Information in the navigation tree and then click the Processors tab Processor details The following information is displayed for each processor Processor Name The name of the processor Processor Status The health status of the processor Processor Speed The speed of the processor Execution Technology Information about the processor cores and threads...

Page 52: ... Details 2 Optional By default empty memory sockets are hidden in the Memory Details table To view the empty memory sockets click show empty sockets When empty memory sockets are displayed click hide empty sockets to hide them Advanced Memory Protection details AMP Mode Status The status of the AMP subsystem Other Unknown The system does not support AMP or the management software cannot determine ...

Page 53: ... occur the spare memory is activated and the memory that is experiencing the errors is disabled Mirroring The system is configured for mirrored memory protection All memory banks are duplicated in mirrored memory as opposed to only one for online spare memory If enough ECC errors occur the spare memory is activated and the memory that is experiencing the errors is disabled RAID XOR The system is c...

Page 54: ... cannot be configured for AMP Memory Summary The Memory Summary section shows a summary of the memory that was installed and operational at POST Location The slot or processor on which the memory board cartridge or riser is installed Possible values follow System Board There is no separate memory board slot All DIMMs are installed on the motherboard Board Number There is a memory board slot availa...

Page 55: ...le is in use Size The size of the memory module in MB Speed The memory module speed Technology The memory module technology Possible values follow Unknown Memory technology cannot be determined N A Not present Synchronous RDIMM UDIMM LRDIMM NVDIMM NVDIMM N R NVDIMM Logical Memory Details This section shows the NEC Scalable Persistent Memory devices that were configured and operational at POST Loca...

Page 56: ...R4 N A Memory module is not present Minimum Voltage The minimum voltage at which the memory module can operate Ranks The number of ranks in the memory module Error Correction The type of error correction used by the memory module Data Width Bits The memory module data width in bits Bus Width Bits The memory module bus width in bits Channel The channel number in which the memory module is connected...

Page 57: ...ype The type of memory installed The only possible value for logical memory is Logical Minimum Voltage The minimum voltage at which the memory module can operate Ranks The number of ranks in the memory module Error Correction The type of error correction used by the memory module Data Width Bits The memory module data width in bits Bus Width Bits The memory module bus width in bits Memory Media Th...

Page 58: ...a log out of iLO and then log back in Procedure 1 Click System Information in the navigation tree and then click the Network tab 2 Optional To expand or collapse the information on this page click Expand All or Collapse All respectively Physical Network Adapters Integrated and add in NICs and Fibre Channel adapters This section displays the following information about the integrated and add in NIC...

Page 59: ...ress IPv4 Address For iLO adapters the iLO IPv4 address For system NICs embedded and stand up the server IP address if available IPv6 Address For iLO adapters the iLO IPv6 address For system NICs embedded and stand up the server IP address if available Status The port status Team Bridge If a port is configured for NIC teaming the name of the configured link between the physical ports that form a l...

Page 60: ...hat form the logical network adapter MAC Address The logical network adapter MAC address IP Address The logical network adapter IP address Status The logical network adapter status The following information is displayed for the ports that form each logical network adapter Members A sequential number assigned to each port that forms the logical network adapter MAC Address The MAC address of the phy...

Page 61: ...ery status If the iLO firmware cannot retrieve the network adapter product name or part number directly from the device it attempts to collect that information from AMS Procedure 1 Click System Information in the navigation tree and then click the Device Inventory tab Device Inventory details Location The device install location Product Name The device product name Product Part Number The device p...

Page 62: ...s operating at a reduced capacity Unknown The iLO firmware has not received data about the device status Viewing PCI slot details Procedure 1 Click System Information in the navigation tree and then click the Device Inventory tab 2 Move the cursor over the Location column for a listed PCI slot PCI slot tooltip details Type The PCI slot type Bus Width The PCI slot bus width Length The PCI slot leng...

Page 63: ...tion for every category Fibre Channel adapters are not listed on this page To view information about Fibre Channel adapters click System Information in the navigation tree and then click the Network tab Procedure 1 Click System Information in the navigation tree and then click the Storage tab 2 Optional To expand or collapse the data click Expand All or Collapse All respectively 3 Smart Array cont...

Page 64: ...rovides the following details for each Smart Array controller Controller location Slot number or system board Top level controller status displayed on the left of the controller location A combination of the controller hardware status and the status of cache modules enclosures and physical logical and spare drives associated with the controller If the controller hardware status is OK and any assoc...

Page 65: ...d properties and some storage configurations do not have drive enclosures Logical drives When the Logical View option is selected the following information is listed for the logical drives attached to a Smart Array controller Logical drive number Status Capacity Fault Tolerance Logical Drive Type Encryption Status Logical drives must be configured through the Smart Storage Administrator software b...

Page 66: ...ller hardware status is OK and any associated hardware has a failure the top level controller status changes to Major Warning or Degraded depending on the failure type If the controller hardware has a Failed status the top level controller status is Failed Controller Status Controller hardware status OK or Failed Serial Number Model Firmware Version Controller Type Physical Drives This section pro...

Page 67: ...61 ...

Page 68: ...ministrator Windows login The iLO Online ROM Flash Component is examples of online in band firmware update methods Out of band Firmware is sent to iLO over a network connection Users with the Configure iLO Settings privilege can update firmware by using an out of band method If the system maintenance switch is set to disable iLO security any user can update firmware with an out of band method The ...

Page 69: ...se SUM together with iLO to access the iLO repository and manage install sets and the installation queue Viewing and updating firmware from the iLO web interface The iLO web interface supports the following firmware and software management features Viewing installed firmware Viewing installed software Using the Flash Firmware controls to install firmware on the local managed server Using the Group...

Page 70: ...r Remote file option 4 Depending on the option you selected do one of the following In the Local binary file box click Browse Internet Explorer or Firefox or Choose Files Chrome and then specify the location of the firmware component In the Remote binary file URL box enter the URL for a firmware component on an accessible web server 5 Optional To save a copy of the component to the iLO Repository ...

Page 71: ...uires a system reset or server reboot for the new firmware to take effect take the appropriate action For more information see Requirements for firmware update to take effect 10 Optional To confirm that the new firmware is active check the firmware version on the Installed Firmware page You can also check the iLO firmware version on the Overview page Supported firmware types Many types of firmware...

Page 72: ...om express 2 To locate and download the iLO Online ROM Flash Component file follow the onscreen instructions Download a Windows or Linux component 3 Extract the BIN file For Windows components Double click the downloaded file and then click the Extract button Select a location for the extracted files and then click OK For Linux components Depending on the file format enter one of the following com...

Page 73: ...Firmware types The firmware types listed on the Installed Firmware page vary based on the server model and configuration For most servers the system ROM and iLO firmware are listed Other possible firmware options include the following Power Management Controller Server Platform Services Firmware Smart Array Intelligent Platform Abstraction Data Smart Storage Battery TPM or TM firmware SAS Programm...

Page 74: ...nt that uses the listed firmware Replacing the active system ROM with the redundant system ROM Prerequisites The server supports redundant system ROM Virtual Power and Reset privilege Procedure 1 Click Firmware OS Software in the navigation tree 2 On the Firmware tab click the swap icon next to the Redundant System ROM details iLO prompts you to confirm the request 3 Click OK The change will take ...

Page 75: ...OS Software in the navigation tree and then click Upload to iLO Repository If the Upload to iLO Repository option is not displayed click the ellipsis icon in the top right corner of the iLO web interface then click Upload to iLO Repository 2 Select the Local file or Remote file option 3 Depending on the option you selected do one of the following In the Local binary file box click Browse Internet ...

Page 76: ... web interface Installing a component from the iLO Repository You can add a component to the installation queue from the iLO Repository page When you add a component to the installation queue it is added to the end of the queue After other queued items are complete the added component is installed when the software that initiates updates for the component type detects the installation request To d...

Page 77: ...llation If the installation queue is empty and iLO can initiate the update the update begins immediately Removing a component from the iLO Repository Prerequisites Configure iLO Settings privilege The component is not in an install set The component is not part of a queued task Procedure 1 Click Firmware OS Software in the navigation tree and then click the iLO Repository tab 2 Click the remove co...

Page 78: ...epository contents The Contents section of the iLO Repository page displays the following details about each firmware or software component Name Version iLO Repository individual component details When you click an individual component the following details are displayed Name Component name Version Component version File Name Component file name Size Component size Uploaded Upload date and time In...

Page 79: ...a previously queued task is waiting to start or finish a new queued component might be delayed indefinitely For example if a queued update must wait until the UEFI BIOS detects it during server POST but the server is not restarted then the updates that follow in the queue will not be installed Prerequisites Configure iLO Settings privilege No components in the install set are queued as part of ano...

Page 80: ...ary details The Install Sets tab displays the following details about each install set Name The install set name Components Commands The components and commands in the install set Use the install set icons to add an install set to the installation queue or to remove an install set The protected install set is displayed with a lock icon Individual install set details When you click an individual in...

Page 81: ...stem recovery set System ROM BIOS iLO firmware System Programmable Logic Device CPLD Innovation Engine Server Platform Services SPS Firmware If the default system recovery set is deleted a user with the Recovery Set privilege can use SUM to create an install set and then designate it as the system recovery set by using the iLO RESTful API For instructions see the SUM user guide Only one system rec...

Page 82: ...I BIOS detects it during server POST but the server is not restarted then the updates that follow in the queue will not be installed To learn more about how iLO SUM and the BIOS software work together to manage software and firmware see the SUM documentation Viewing the Installation Queue Procedure 1 Click Firmware OS Software in the navigation tree and then click the Installation Queue tab 2 Opti...

Page 83: ...tallable by The software that can initiate an update with the selected component Start time The task start date and time Expiration The task expiration date and time Removing a task from the Installation Queue Prerequisites Configure iLO Settings privilege Procedure 1 Click Firmware OS Software in the navigation tree and then click Installation Queue 2 Click the remove component icon iLO prompts y...

Page 84: ...avigation tree and then click Update Firmware The Flash Firmware controls appear 4 Click Browse Internet Explorer or Firefox or Choose Files Chrome 5 Select a language pack and then click Open 6 Optional To save a copy of the language pack file to the iLO Repository select the Also store in iLO Repository check box 7 Click Flash iLO prompts you to confirm the installation request 8 Click OK iLO in...

Page 85: ...pdated click to update the page with the latest information Product related Software details This section lists all the product related software on the managed server The list includes NEC Corporation and NEC recommended third party software that was added manually or by using the SPP Name The name of the software Version The software version The versions of the displayed firmware components indic...

Page 86: ... all the software that is running or available to run on the managed server Name The name of the software Path The file path of the software Installed Software details The Installed Software list displays the name of each installed software program ...

Page 87: ...wer capping Set dynamic power caps for the servers in an iLO Federation group Group firmware update Update the firmware of the servers in an iLO Federation group Group license installation Enter a license key to activate iLO licensed features on the servers in an iLO Federation group Group configuration Add iLO Federation group memberships for multiple iLO systems Any user can view information on ...

Page 88: ...LO systems on the network For iLO systems that are separated by Layer 3 switches configure the switches to forward SSDP multicast traffic between networks Configure the network to allow multicast traffic UDP port 1900 and direct HTTP TCP default port 80 communication between iLO systems For networks with multiple VLANs configure the switches to allow multicast traffic between the VLANs For network...

Page 89: ... the iLO Federation features The default setting is Enabled Selecting Disabled disables the iLO Federation features for the local iLO system Multicast discovery Enables or disables multicast discovery The default setting is Enabled Selecting Disabled disables the iLO Federation features for the local iLO system Multicast Announcement Interval seconds minutes Sets the frequency at which the iLO sys...

Page 90: ... iLO system View group memberships Add and edit group memberships Remove group memberships iLO Federation group memberships for a set of iLO systems When you add group memberships for multiple iLO systems at one time you specify the privileges that members of the group have for configuring the other members of the group For example if you configure group2 based on the DEFAULT group and you assign ...

Page 91: ... system maintenance switch is set to disable iLO security iLO Federation group characteristics All iLO systems are automatically added to the DEFAULT group which is granted the Login privilege for each group member You can edit or delete the DEFAULT group membership iLO Federation groups can overlap span racks and data centers and can be used to create management domains An iLO system can be a mem...

Page 92: ...ation tree The Group Membership for this iLO table lists the name of each group that includes the local iLO system and the privileges granted to the group by the local iLO system Adding iLO Federation group memberships Prerequisites Configure iLO Settings privilege Procedure 1 Click iLO Federation in the navigation tree The Setup tab is displayed 2 Click Join Group ...

Page 93: ...m is added to that group If you enter the name and key for a group that does not exist the group is created and the local iLO system is added to the new group 4 Select from the following privileges Login Remote Console Virtual Power and Reset Virtual Media Host BIOS Configure iLO Settings Administer User Accounts Host NIC Host Storage Recovery Set The privileges granted to the group by the local i...

Page 94: ...haracters long 4 To change the group key select the Change Group Key check box then enter a new value in the Group Key and Group Key Confirm boxes The group key can be from the configured minimum password length to 31 characters long 5 Select or clear the check boxes for the privileges you want to update The privileges granted to the group by the local iLO system control the tasks that users of ot...

Page 95: ...om an iLO Federation group Prerequisites Configure iLO Settings privilege Procedure 1 Click iLO Federation in the navigation tree The Setup tab shows the group membership for the local iLO system 2 Select the check box next to the group membership that you want to delete 3 Click Delete 4 When prompted to confirm the request click OK ...

Page 96: ...ith the same members as an existing group For example you might want to create a group that contains the same systems that are in the DEFAULT group but with different privileges Prerequisites Configure iLO Settings privilege An iLO license that supports this feature is installed Procedure 1 Click iLO Federation in the navigation tree and then click the Group Configuration tab ...

Page 97: ...mbers of the group 5 Optional Enter the Login Name and Password for a user account on the remote systems you want to manage This information is required if the selected group does not have the Configure iLO Settings privilege on the remote systems you want to manage To enter credentials for multiple remote systems create a user account with the same login name and password on each system 6 Click C...

Page 98: ...from the configured minimum password length to 31 characters long Group Key Confirm Confirm the group password 5 Select from the following privileges Administer User Accounts Remote Console Access Virtual Power and Reset Virtual Media Configure iLO Settings Login Privilege For more information about the available privileges see iLO Federation group privileges This step defines the privileges that ...

Page 99: ...lps you identify and locate a server especially in high density rack environments The possible states are UID ON UID OFF and UID BLINK iLO Hostname The fully qualified network name assigned to the iLO subsystem To open the iLO web interface for the server click the link in the iLO Hostname column IP Address The network IP address of the iLO subsystem To open the iLO web interface for the server cl...

Page 100: ...criteria The changes you make on iLO Federation pages apply to all the servers in the selected group that meet the filter criteria The filter settings are saved in a cookie and remain persistent even when you log out of iLO Selected Group list filter criteria You can use the following criteria to filter the servers in a group Health status Click a health status link to select servers with a specif...

Page 101: ... servers that are currently displayed on the iLO web interface page If a query error occurred the systems that did not respond to the query are excluded from the iLO web interface page and the CSV file iLO Federation information export options You can export the following information from the iLO Federation pages Systems with critical or degraded status Export this list from the Multi System View ...

Page 102: ...rs in each listed health status The percentage of the total number of servers in each listed health status is also displayed Model The list of servers grouped by model number The percentage of the total number of servers for each model number is also displayed Critical and Degraded Systems The list of servers in the critical or degraded state Viewing servers with critical and degraded status Proce...

Page 103: ... server UID LED The UID LED helps you identify and locate a server especially in high density rack environments The possible states are UID ON UID OFF and UID BLINK System ROM The installed System ROM version iLO Hostname The fully qualified network name assigned to the iLO subsystem To open the iLO web interface for the server click the link in the iLO Hostname column IP Address The network IP ad...

Page 104: ... the selected group is retrieved Procedure 1 Click iLO Federation in the navigation tree and then click the Multi System Map tab 2 Select a group from the Selected Group menu More Information Exporting iLO Federation information to a CSV file iLO peer details The peer number iLO UUID The iLO system UPnP UUID Last Seen The time stamp of the last communication from the server Last Error A descriptio...

Page 105: ...TTP or HTTPS format iLO does not support FTP Before you use the Virtual Media feature review the Virtual Media operating system considerations Connecting scripted media for groups Prerequisites An iLO license that supports this feature is installed Each member of the selected iLO Federation group has granted the Virtual Media privilege to the group Procedure 1 Click iLO Federation in the navigatio...

Page 106: ...in an iLO Federation group the following details are listed in the Virtual Floppy Status section and Virtual CD DVD ROM Status section Media Inserted The Virtual Media type that is connected Scripted Media is displayed when scripted media is connected Connected Indicates whether a Virtual Media device is connected Image URL The URL that points to the connected scripted media The Virtual Floppy Sta...

Page 107: ...ntify and locate a server especially in high density rack environments The possible states are UID ON UID OFF and UID BLINK iLO Hostname The fully qualified network name assigned to the iLO subsystem To open the iLO web interface for the server click the link in the iLO Hostname column IP Address The network IP address of the iLO subsystem To open the iLO web interface for the server click the lin...

Page 108: ...te for a group of servers The Virtual Power Button section on the Group Power page summarizes the current power state of the servers in a group The summary information includes the total number of servers that are in the ON OFF or Reset state The System Power summary indicates the state of the server power when the page is first opened Use the browser refresh feature to update the System Power inf...

Page 109: ...lick one of the following buttons Momentary Press Press and Hold Reset Cold Boot For servers that are in the OFF state click the Momentary Press button The Press and Hold Reset and Cold Boot options are not available for servers that are in the OFF state 4 When prompted to confirm the request click OK iLO displays a progress bar while the grouped servers respond to the Virtual Power Button action ...

Page 110: ... this option circumvents a graceful operating system shutdown Cold Boot Immediately removes power from the servers in the selected group Processors memory and I O resources lose main power The servers will restart after approximately 6 seconds Using this option circumvents a graceful operating system shutdown Servers affected by the Virtual Power Button The Affected Systems list provides the follo...

Page 111: ...ter the Power Cap Value in watts BTU hr or as a percentage The percentage is the difference between the maximum and minimum power values The power cap value cannot be set lower than the server minimum power value 5 Optional When values are displayed in watts click Show values in BTU hr to change the display to BTU hr When values are displayed in BTU hr click Show values in Watts to change the disp...

Page 112: ... Performance Cap threshold and it represents the maximum power that the servers in a group use in their current configuration A power cap set to this value does not affect server performance Minimum Observed Power The minimum observed power for all servers in a group This value is the Minimum Power Cap threshold and it represents the minimum power that the servers in a group use A power cap set to...

Page 113: ...elected group Present Power Cap The total amount of power allocated to the selected group This value is 0 if a power cap is not configured Group Power Allocations for this system The group power caps that affect the local iLO system and the amount of power allocated to the local iLO system by each group power cap If a power cap is not configured the allocated power value is 0 ...

Page 114: ...rmware file to a web server 3 Click iLO Federation in the navigation tree and then click the Group Firmware Update tab 4 Select a group from the Selected Group menu All of the systems in the selected group will be affected when you initiate a firmware update on this page 5 Optional To filter the list of affected systems click a firmware version flash status or TPM or TM Option ROM Measuring status...

Page 115: ...re update types might require a system reset iLO reset or a server reboot for the new firmware to take effect More Information Obtaining the iLO firmware image file Obtaining supported server firmware image files Viewing group firmware information Procedure 1 Click iLO Federation in the navigation tree and then click the Group Firmware Update tab 2 Select a group from the Selected Group menu 3 Opt...

Page 116: ...ers with the listed system ROM version is also displayed Servers affected by a Group Firmware Update The Affected Systems list provides the following details about the servers affected by a firmware update Server Name The server name defined by the host operating system System ROM The installed System ROM BIOS iLO Firmware Version The installed iLO firmware version iLO Hostname The fully qualified...

Page 117: ...111 Installing license keys iLO Federation group IMPORTANT Do not use this function ...

Page 118: ...To determine whether a license is installed click Administration in the navigation tree and then click the Licensing tab When you use Windows or Linux with the Oracle Java Runtime Environment the Java IRC is a Java Web Start application that is launched from the iLO web interface The application runs in a separate window outside of the web browser At launch a blank secondary window opens Do not cl...

Page 119: ...a supported version of the NET Framework is included in the OS The NET Framework is also available at the Microsoft Download Center http www microsoft com download The NET Framework versions 3 5 and 4 0 have two deployment options Full and Client Profile The Client Profile is a subset of the Full framework The NET IRC is supported with the Full framework only the Client Profile is not supported Ve...

Page 120: ...114 supported ClickOnce Google Chrome 42 and later does not support NPAPI based plug ins As a workaround use one of the following The NET IRC with a different browser The Java IRC ...

Page 121: ...ture is installed Your system meets the requirements for using the NET IRC Procedure 1 Click Information in the navigation tree and then click the Overview tab 2 Click the NET link Starting the Java IRC Oracle JRE Use this procedure to start the Java IRC in environments with Windows or Linux and the Oracle JRE Prerequisites Remote Console privilege The Remote Console feature is enabled on the Acce...

Page 122: ... Settings page An iLO license that supports this feature is installed Your system meets the requirements for using the Java IRC Procedure 1 Click Remote Console Media in the navigation tree The Launch tab displays the Remote Console launch options 2 Click the Applet button 3 If a Security Warning dialog box or a confirmation dialog box appears follow the on screen instructions to continue Starting...

Page 123: ... or deny permission to acquire the Remote Console If there is no response in 10 seconds permission is granted Using the Remote Console power switch Use the Remote Console power switch menu to access the iLO Virtual Power Button features Prerequisites Remote Console privilege The Remote Console feature is enabled on the Access Settings page An iLO license that supports this feature is installed Pro...

Page 124: ...ds and then releasing it The server is powered off as a result of this operation Using this option might circumvent the graceful shutdown features of the operating system This option provides the ACPI functionality that some operating systems implement These operating systems behave differently depending on a short press or long press Reset Forces the server to warm boot CPUs and I O resources are...

Page 125: ...r reconnecting a user after a failure To allow user access after a failure restart the Remote Console session During a Shared Remote Console session the session leader has access to all Remote Console features whereas all other users can access only the keyboard and mouse Satellite clients cannot control Virtual Power or Virtual Media iLO encrypts Shared Remote Console sessions by authenticating t...

Page 126: ...ing the NET IRC The Server Startup file starts capturing when server startup is detected and stops when it runs out of space This file is overwritten each time the server starts The Console Capture control buttons are on the bottom of the NET IRC session window The following controls are available Skip to Start Restarts playback from the beginning of the file Pause Pauses the playback Play Starts ...

Page 127: ... the NET IRC 3 Press the Play button The Play button has a green triangle icon and it is located in the toolbar at the bottom of the Remote Console window 4 Select Server Startup or Server Prefailure 5 Click Start 6 Press the Play button again to stop playback Capturing video files Use this procedure to capture video files of sequences other than Server Startup and Server Prefailure Prerequisites ...

Page 128: ...e Console privilege The Remote Console feature is enabled on the Access Settings page An iLO license that supports this feature is installed Procedure 1 Click Remote Console Media in the navigation tree The Launch tab displays the Remote Console launch options 2 Start the NET IRC 3 Press the Play button The Playback Source dialog box opens 4 Click the magnifying glass icon next to the From File bo...

Page 129: ...n to the remote server After you configure the hot key press Ctrl X in the Remote Console window when you want to send Alt F4 to the remote server Example 2 If you want to create a hot key to send the international AltGR key to the remote server use R_ALT in the key list Creating hot keys Prerequisites Configure iLO Settings privilege Procedure 1 Click Remote Console Media in the navigation tree a...

Page 130: ...n INS F7 9 o DEL F8 p HOME F9 q END F10 r PG UP F11 s PG DN F12 t ENTER SPACE u TAB a v BREAK b w BACKSPACE c x NUM PLUS d y NUM MINUS e z Resetting hot keys Resetting the hot keys clears all current hot key assignments Prerequisites Configure iLO Settings privilege Procedure 1 Click Remote Console Media in the navigation tree and then click the Hot Keys tab 2 Click Reset Hot Keys ...

Page 131: ...ava IRC only Prerequisites Remote Console privilege The Remote Console feature is enabled on the Access Settings page An iLO license that supports this feature is installed Procedure 1 Click Remote Console Media in the navigation tree The Launch tab displays the Remote Console launch options 2 Start the Java IRC 3 Select Keyboard View Hot Keys ...

Page 132: ...ns Windows Use this option to configure iLO to lock a managed server running a Windows operating system The server automatically displays the Computer Locked dialog box when a Remote Console session ends or the iLO network link is lost Custom Use this option to configure iLO to use a custom key sequence to lock a managed server or log out a user on that server You can select up to five keys from t...

Page 133: ...alling a trusted SSL certificate and enabling the IRC requires a trusted certificate in iLO setting In this configuration the NET IRC is launched by using an HTTPS connection If the IRC requires a trusted certificate in iLO setting is disabled the NET IRC is launched by using a non SSL connection and SSL is used after the NET IRC starts to exchange encryption keys Prerequisites Configure iLO Setti...

Page 134: ...te console you can operate as if a physical serial connection exists on the remote server serial port The iLO Virtual Serial Port is displayed as a text based console but the information is rendered through graphical video data iLO displays this information through an SSH client when the server is in a pre operating system state enabling an unlicensed iLO system to observe and interact with the se...

Page 135: ... to use c In the BIOS Serial Console Baud Rate menu select 115200 4 NOTE The iLO Virtual Serial Port does not use a physical UART so the BIOS Serial Console Baud Rate value has no effect on the speed the iLO Virtual Serial Port uses to send and receive data d For Windows users only In the EMS Console menu select the COM port that matches the selected Virtual Serial Port COM port 5 To save the chan...

Page 136: ...timeout 10 splashimage hd0 2 grub splash xpm gz title Red Hat Linux 2 6 18 164 e15 root hd0 2 9 kernel vmlinux 2 6 18 164 e15 ro root dev sda9 console tty0 console ttyS1 115200 initrd initrd 2 6 18 164 e15 img After Linux is fully booted a login console can be redirected to the serial port If configured the dev ttyS0 and dev ttyS1 devices enable you to obtain serial TTY sessions through the iLO Vi...

Page 137: ...e following command to create the grub cfg file grub2 mkconfig o boot efi EFI redhat grub cfg 3 Enable a getty login service for the serial port For example systemctl enable serial getty ttyS0 service 4 Configure getty to listen on the serial port For example systemctl start getty ttyS0 service 5 To begin a shell session on a configured serial port add the following line to the etc inittab file to...

Page 138: ...rt iLO automatically detects whether the EMS port is enabled or disabled and detects the selection of the COM port You can use the Windows EMS Console and the iLO Remote Console at the same time To display the SAC prompt you might have to press Enter after connecting through the iLO Virtual Serial Port More Information Configuring the iLO Virtual Serial Port in the UEFI System Utilities Configurin...

Page 139: ...credentials More Information Configuring the iLO Virtual Serial Port in the UEFI System Utilities Configuring Windows for use with the iLO Virtual Serial Port Windows EMS Console with iLO Virtual Serial Port Viewing the iLO Virtual Serial Port log If the iLO Virtual Serial Port log is enabled you can view iLO Virtual Serial Port activity by using the vsp log command Virtual Serial Port activity is...

Page 140: ...134 More Information Configuring iLO access options ...

Page 141: ...n avoid this warning by using the operating system feature to stop the device before disconnecting it The iLO Virtual CD DVD ROM is available at server boot time for supported operating systems Booting from a Virtual CD DVD ROM enables you to perform tasks such as deploying an operating system from network drives and performing disaster recovery of failed operating systems If the host server OS su...

Page 142: ...PC or on a network drive accessible through a high speed network link You can use the NET IRC to mount a Virtual Folder to access and copy files between a client and a managed server You can also access the Virtual Media feature by using the NET IRC or Java IRC the iLO RESTful API or the SMASH CLP If the Virtual Floppy USB key or Virtual CD DVD ROM capability is enabled you cannot typically access...

Page 143: ...ual Floppy USB key drives appear automatically after Windows recognizes the USB device Use the virtual device as you would use a locally attached device To use a Virtual Floppy as a driver diskette during a Windows installation disable the integrated diskette drive in the host RBSU which forces the virtual floppy disk to appear as drive A To use a virtual USB key as a driver diskette during a Wind...

Page 144: ...Start the NET IRC or Java IRC 3 Select the Virtual Drives menu 4 Select the CD DVD ROM to use 5 Mount the drive by using the following commands For Red Hat Enterprise Linux mount dev cdrom1 mnt cdrom1 Operating system considerations Virtual Folder Boot process and DOS sessions The Virtual Folder device appears as a standard BIOS floppy drive drive A If a physically attached floppy drive exists it ...

Page 145: ... configuration You can configure these settings on the Access Settings page Procedure 1 Navigate to the Remote Console Media page and then click the Virtual Media tab The Virtual Media feature status and configured port are displayed 2 Optional To configure the Virtual Media feature status click the Virtual Media Status link The Access Settings page is displayed 3 Optional To configure the Virtual...

Page 146: ...ia device is connected Ejecting a local media device Prerequisites Virtual Media privilege The Virtual Media feature is enabled on the Access Settings page Procedure 1 Click Remote Console Media in the navigation tree and then click the Virtual Media tab 2 Click the Force Eject Media button in the Virtual Floppy USB Key Virtual Folder Status or Virtual CD DVD ROM Status section Connecting scripted...

Page 147: ... system boot options are configured accordingly An error occurs if you try to enable the Boot on Next Reset check box when the server is in POST because you cannot modify the boot order during POST Wait for POST to finish and then try again 4 Click Insert Media 5 Optional To boot to the connected image now reboot the server Viewing connected scripted media Prerequisites Virtual Media privilege The...

Page 148: ...eature is enabled on the Access Settings page Procedure 1 Click Remote Console Media in the navigation tree and then click Virtual Media 2 To eject scripted media devices click the Force Eject Media button in the Virtual Floppy Virtual Folder Status or Virtual CD DVD ROM Status section ...

Page 149: ...rator rights which are required for mounting a physical drive Procedure 1 Click Remote Console Media in the navigation tree The Launch tab displays the Remote Console launch options 2 Start the NET IRC or Java IRC 3 Click the Virtual Drives menu and then select the drive letter of a floppy disk CD DVD ROM or USB key drive on your client PC The virtual drive activity LED will show virtual drive act...

Page 150: ...age type you will use select Virtual Drives URL Removable Media IMG or Virtual Drives URL CD ROM DVD ISO The Image file at URL dialog box opens 4 Enter the URL for the image file that you want to mount as a virtual drive and then click Connect The virtual drive activity LED does not show drive activity for URL mounted virtual media Create Media Image feature Java IRC only When you use Virtual Medi...

Page 151: ...on to change it to Disk Image 5 Do one of the following If you will use a file select Media File and then click Browse and navigate to the file you want to use If you will use physical media select Media Drive and then select the drive letter of the floppy disk USB key or CD ROM in the Media Drive menu 6 Enter the path and file name for the image file in the Image File text box 7 Click Create iLO ...

Page 152: ...s Create Disk Image The Create Media Image dialog box opens 4 In the Create Media Image window click Disk Image The Create Media Image changes to the Image Disk option 5 Select the drive letter of the floppy disk or USB key in the Media Drive menu 6 Enter the path and file name for the existing image file in the Image File text box iLO notifies you when the disk creation is complete 7 Click Close ...

Page 153: ...nd dismount a local or networked directory that is accessible through the client After you create a virtual image of a folder or directory the server connects to the image as a USB storage device You can browse to the server and transfer the files from the virtual image to the server This feature and many others are part of a licensing package The Virtual Folder is nonbootable and read only the mo...

Page 154: ...ownout might interrupt the operating system but does not interrupt the iLO firmware iLO detects and recovers from power brownouts If iLO detects that a brownout has occurred server power is restored after the power on delay unless Auto Power On is set to Always Remain Off After the brownout recovery the iLO firmware records a Brown out recoveryevent in the iLO Event Log Graceful shutdown The abili...

Page 155: ...and secondary power supplies while maintaining improved efficiency at lower power usage levels HEM does not affect power redundancy If the primary supplies fail the secondary supplies immediately begin supplying DC power to the system preventing any downtime Use the UEFI System Utilities to configure HEM You cannot configure these settings through iLO For more information see the Server Maintenanc...

Page 156: ...t down by using the Virtual Power button Press and Hold The same as pressing the physical power button for 5 seconds and then releasing it The server is powered off as a result of this operation Using this option might circumvent the graceful shutdown features of the operating system This option provides the ACPI functionality that some operating systems implement These operating systems behave di...

Page 157: ...elect an Auto Power On value Changes to the Auto Power On value might not take place until after the next server reboot 3 Select a Power On Delay value This value is not available if the Auto Power On option is set to Always Remain Off 4 Click Apply Auto Power On The Auto Power On setting determines how iLO behaves after power is restored for example when the server is plugged in or when a UPS is ...

Page 158: ... on is delayed by 30 seconds 45 Second Delay Power on is delayed by 45 seconds 60 Second Delay Power on is delayed by 60 seconds Random up to 120 seconds The power on delay varies and can be up to 120 seconds Viewing server power usage Power meter graphs display recent server power usage Power history information is not collected when the server is powered off When you view a graph that includes p...

Page 159: ...er you open the page To refresh the page immediately click the refresh icon To start refreshing the page automatically click the triangle icon next to the refresh icon Depending on the selected graph type the page refreshes at ten second or five minute intervals until you click the stop icon or navigate to another page 5 Optional To change the power reading display to watts or BTU hr select a valu...

Page 160: ... a subsecond basis Maximum power data is displayed in purple in power meter graphs Average The mean power reading during the sample Average power data is displayed in blue in power meter graphs Minimum The minimum value observed during a measurement period The 20 minute graph displays a minimum value that matches the lowest average reading every 10 seconds The 24 hour graph displays minimum values...

Page 161: ...d for ML and DL servers Power Regulator Mode The configured mode For information about the possible settings see Power settings Viewing the server power history Procedure 1 Click Power Thermal in the navigation tree and then click the Power Meter tab The Power History section displays the server power history details Power history details The Power History table shows power readings from three tim...

Page 162: ...od the value is the minimum of all readings since the server booted When multiple power supplies are removed from the server at the same time there is a short time period in which iLO will not display information in the Power History section or in the Power Meter graphs This information will be displayed again after iLO collects information about the remaining installed power supplies ...

Page 163: ...onfiguring the Power Regulator settings The Power Regulator feature enables iLO to modify processor frequency and voltage levels based on operating conditions to provide power savings with minimal effect on performance Prerequisites Configure iLO Settings privilege Procedure 1 Click Power Thermal in the navigation tree and then click the Power Settings tab 2 Select a Power Regulator mode 3 Click A...

Page 164: ...ocessor speed and power usage This option guarantees a lower maximum power usage value for the system Static High Performance Mode Processors will run at maximum power and performance at all times regardless of the OS power management policy OS Control Mode Processors will run at maximum power and performance at all times unless the OS enables a power management policy Configuring power caps Prere...

Page 165: ...it represents the minimum power that the server uses A power cap set to this value reduces the server power usage to the minimum which results in server performance degradation When a power cap is set the average power reading of the server must be at or lower than the power cap value Power capping is not supported on all servers For more information check the server user s guide Configuring SNMP ...

Page 166: ...on on the Power Settings page allows you to enable or disable the persistent keyboard and mouse feature When this feature is enabled the iLO virtual keyboard and mouse are always connected to the iLO UHCI USB controller When this feature is disabled the iLO virtual keyboard and mouse are connected dynamically to the iLO UHCI controller only when a Remote Console application is open and connected t...

Page 167: ...plies are present the most recent power reading from the server is displayed Other power supplies do not provide this data Although this value is typically equal to the sum of all active power supply outputs there might be some variance as a result of reading the individual power supplies This value is a guideline value and is not as accurate as the values presented on the Power Meter page For mor...

Page 168: ...on is achieved because the Auto option chooses between the odd or even power supply based on the server serial number High Efficiency Mode Even Supply Standby Delivers full power to the odd numbered power supplies and places the even numbered power supplies on standby at a lower power usage level High Efficiency Mode Odd Supply Standby Delivers full power to the even numbered power supplies and pl...

Page 169: ...rs that support the Smart Storage Battery Index The battery index number Present Whether a battery is installed The possible values are OK and Not Installed Status The battery status The possible values are OK Degraded Failed or Other Model The battery model number Spare The part number of the spare battery Serial Number The battery serial number Capacity The battery capacity Firmware The installe...

Page 170: ... input at higher output levels and the overall power efficiency improves High Efficiency Mode does not affect power redundancy If the primary power supplies fail the secondary power supplies immediately begin supplying DC power to the system preventing any downtime You can configure redundant power supply modes only through the UEFI System Utilities You cannot modify these settings through the iLO...

Page 171: ...an Fan The fan name Location This value depends on the server type The location in the server chassis is listed Status The fan health status Speed The fan speed percent Fans The iLO firmware in conjunction with the hardware controls the operation and speed of the fans Fans provide essential cooling of components to ensure reliability and continued operation The fans react to the temperatures monit...

Page 172: ...vent in the IML or turn on LED indicators In non redundant configurations or redundant configurations where multiple fan failures occur the system might be incapable of providing sufficient cooling to protect the server from damage and to ensure data integrity In this case in addition to the cooling policies the system might start a graceful shutdown of the operating system and server ...

Page 173: ...en the server is powered on and POST is complete Viewing the temperature graph Procedure 1 Click Power Thermal in the navigation tree and then click the Temperatures tab 2 Optional Customize the graph display To display a three dimensional graph select the 3D check box To display a two dimensional graph clear the 3D check box To display the sensors at the front or back of the server select Front V...

Page 174: ...erature approaches the critical threshold Viewing temperature sensor data Procedure 1 Click Power Thermal in the navigation tree and then click the Temperatures tab 2 Optional When temperatures are displayed in Celsius click the Show values in Fahrenheit switch to change the display to Fahrenheit When temperatures are displayed in Fahrenheit click the Show values in Celsius switch to change the di...

Page 175: ...emperature sensor is not installed the Thresholds column shows the value N A Temperature monitoring The following temperature thresholds are monitored Caution The server is designed to maintain a temperature lower than the caution threshold If the temperature exceeds the caution threshold the fan speeds are increased to maximum If the temperature exceeds the caution threshold for 60 seconds a grac...

Page 176: ...xibleLOM Uses an optional NIC that plugs into a special slot on the server This NIC normally handles server network traffic and it can be configured to handle iLO network traffic at the same time through a common LAN connector To access the network settings select the active NIC in the navigation tree and then view or edit the network settings on the following pages Network Summary Network General...

Page 177: ...network interface The default value is Auto Negotiate Duplex Option The current link duplex setting for the selected iLO network interface The default value is Auto Negotiate You can configure the iLO hostname and NIC settings on the Network General Settings page IPv4 Summary details DHCPv4 Status Indicates whether DHCP is enabled for IPv4 Address The IPv4 address currently in use If the value is ...

Page 178: ...ble shows the currently configured IPv6 addresses for iLO It provides the following information Source The address type IPv6 The IPv6 address Prefix Length The address prefix length Status The address status The possible values are Active the address is in use by iLO Pending Duplicate Address Detection is in progress or Failed Duplicate Address Detection failed The address is not in use by iLO Def...

Page 179: ...d DNS are configured to connect to the iLO subsystem name instead of the IP address 4 Enter the iLO Domain Name if DHCP is not configured To use a static domain name when the iLO Dedicated Network port is selected disable the Use DHCPv4 Supplied Domain Name and Use DHCPv6 Supplied Domain Name settings on the IPv4 and IPv6 Network General Settings tabs To use a static domain name when the iLO Share...

Page 180: ...ork Port and configure the associated NIC settings in the NIC Settings section of the Network General Settings tab Enabling the iLO Dedicated Network Port through the iLO web interface Prerequisites Configure iLO Settings privilege Procedure 1 Connect the iLO Dedicated Network Port to a LAN from which the server is managed 2 Click iLO Dedicated Network Port in the navigation tree 3 Click the Gener...

Page 181: ...Shared Network Port through the iLO web interface Prerequisites Configure iLO Settings privilege Procedure 1 Connect the Shared Network Port LOM or FlexibleLOM port to a LAN 2 Click iLO Shared Network Port in the navigation tree and then click the General tab 3 Select the Use Shared Network Port check box 4 Depending on the server configuration select LOM or FlexibleLOM 5 Select a value from the P...

Page 182: ...optional NIC that plugs into a special slot on the server This NIC normally handles server network traffic and it can be configured to handle iLO network traffic at the same time through a common RJ 45 connector For information about the NICs your server supports see the server system configuration guide at the following website http www nec com express iLO network connection considerations Only o...

Page 183: ...s configured for 1Gb s some copper iLO Shared Network Port adapters might lose connectivity when the server is powered off Connectivity will return when the server is powered back on Disabling the iLO Shared Network Port does not completely disable the system NIC server network traffic can still pass through the NIC port When the iLO Shared Network Port is disabled any traffic going to or originat...

Page 184: ...ege Procedure 1 Click iLO Dedicated Network Port or iLO Shared Network Port in the navigation tree and then click the IPv4 tab 2 Configure the DHCPv4 settings 3 Configure the general IPv4 settings 4 Configure the DNS server information 5 Configure the WINS server information ...

Page 185: ... Tertiary DNS Server boxes Use DHCPv4 Supplied Time Settings Specifies whether iLO uses the DHCPv4 supplied NTP service locations Use DHCPv4 Supplied WINS Servers Specifies whether iLO uses the DHCP server supplied WINS server list If not enter the WINS server addresses in the Use DHCPv4 Supplied WINS Servers Primary WINS Server and Secondary WINS Server boxes General IPv4 settings IPv4 Address Th...

Page 186: ... is supplied automatically If not enter the Primary WINS Server address Secondary WINS Server If Use DHCPv4 Supplied WINS Servers is enabled this value is supplied automatically If not enter the Secondary WINS Server address Enable WINS Server Registration Specifies whether iLO registers its name with a WINS server Ping Gateway on Startup setting This setting causes iLO to send four ICMP echo requ...

Page 187: ...s page to configure the iLO IPv6 settings IPv6 is not supported in the Shared Network Port configuration Prerequisites Configure iLO Settings privilege Procedure 1 Click iLO Dedicated Network Port in the navigation tree and then click the IPv6 tab 2 Configure the DHCPv6 settings ...

Page 188: ...IPv6 addresses for itself from router advertisement messages iLO creates its own link local address even when this option is not selected Enable DHCPv6 in Stateful Mode Address Select this check box to allow iLO to request and configure IPv6 addresses provided by a DHCPv6 server Use DHCPv6 Rapid Commit Select this check box to instruct iLO to use the Rapid Commit messaging mode with the DHCPv6 ser...

Page 189: ...al addresses Static Default Gateway Enter a default IPv6 gateway address for cases in which no router advertisement messages are present in the network Static Route 1 Static Route 2 and Static Route 3 Enter static IPv6 route destination prefix and gateway address pairs Specify the prefix length for the destination Link local addresses are not allowed for the destination but are allowed for the gat...

Page 190: ...184 DDNS Client SNMP AlertMail Remote Syslog WinDBG Support Scriptable Virtual Media CLI key import over an IPv6 connection Authentication using LDAP and Kerberos over IPv6 iLO Federation IPMI ...

Page 191: ...splayed If Show Default and Show ISO Time are selected the following is displayed System time UTC Time Zone displayed in BIOS Platform Configuration RBSU If Show Local Time is selected the following is displayed Added to the System time UTC Time Zone displayed in BIOS Platform Configuration RBSU and the time zone of the environment of the client connected to iLO Prerequisites Configure iLO Setting...

Page 192: ...ly 6 If you are finished configuring the iLO network settings on the General IPv4 IPv6 and SNTP tabs click Reset to restart iLO It might take several minutes before you can re establish a connection SNTP options Use DHCPv4 Supplied Time Settings Configures iLO to use a DHCPv4 provided NTP server address Use DHCPv6 Supplied Time Settings Configures iLO to use a DHCPv6 provided NTP server address NT...

Page 193: ...y an adjustment to UTC time In addition that time zone must not apply a Daylight Savings Time Summer Time adjustment There are several time zones that fit this requirement One example that you can select in iLO is Greenwich GMT If you select this time zone the iLO web interface pages and log entries display the exact time provided by the SNTP server NOTE Configure the NTP servers to use Coordinate...

Page 194: ...s if available is used for the secondary time server To change the protocol based priority behavior to use DHCPv4 first clear the iLO Client Applications use IPv6 first check box If a DHCPv6 address is not available for the primary or secondary address a DHCPv4 address if available is used ...

Page 195: ...ching for a NIC connection when the current connection fails NIC auto selection must be enabled to use this feature iLO startup behavior with NIC auto selection enabled When NIC auto selection is enabled If iLO was just connected to power it tests the iLO Dedicated Network Port first If iLO was just reset it tests the last used iLO network port first When testing a network port if iLO detects netw...

Page 196: ...election is configured to search for DHCP address assignment activity but only one of the iLO network ports has DHCP enabled iLO tests for received data packet activity on the port that is not configured for DHCP Enabling iLO NIC auto selection Procedure 1 Configure both iLO network ports Before enabling and using the NIC auto selection feature both iLO network ports must be configured for their r...

Page 197: ...ick the icon in the Windows Network folder and then select View device webpage To view the properties of an iLO system right click the icon in the Windows Network folder and then select Properties The Properties window includes the following Device Details iLO manufacturer and version information To start the iLO web interface click the Device webpage link Troubleshooting Information The serial nu...

Page 198: ...irectories to support more than 12 user accounts iLO supports up to six directory groups More Information Directory authentication and authorization Adding local user accounts Prerequisites Administer User Accounts privilege Procedure 1 Click Administration in the navigation tree The User Administration tab is displayed 2 Click New 3 Enter the following details Login Name User Name New Password an...

Page 199: ...g local user accounts Prerequisites Administer User Accounts privilege Procedure 1 Click Administration in the navigation tree The User Administration tab is displayed 2 Select a user and then click Edit 3 Update the following values on the Add Edit Local User page as needed Login Name User Name 4 To change the password click the Change password check box and then update the New ...

Page 200: ...o delete 3 Click Delete 4 When prompted to confirm the request click OK iLO user account options User Name appears in the user list on the User Administration page It does not have to be the same as the Login Name The maximum length for a user name is 39 characters The User Name must use printable characters Assigning descriptive user names can help you to identify the owner of each login name Log...

Page 201: ...Accounts privilege can enable or disable this privilege Administer User Accounts Enables a user to add edit and delete local iLO user accounts A user with this privilege can change privileges for all users If you do not have this privilege you can view your own settings and change your own password Host NIC Enables a user to configure the host NIC settings Host Storage Enables a user to configure ...

Page 202: ...twork that does not extend outside the secure data center More Information Configuring iLO access options IPMI DCMI users The iLO firmware follows the IPMI 2 0 specification When you add IPMI DCMI users the login name must be a maximum of 16 characters and the password must be a maximum of 20 characters When you select iLO user privileges the equivalent IPMI DCMI user privilege is displayed in the...

Page 203: ...nts Procedure 1 Click Administration in the navigation tree The User Administration tab is displayed The Local Users table shows the login names user names and assigned privileges of each configured user 2 Optional To view a privilege name move the cursor over a privilege icon ...

Page 204: ...installed Procedure 1 Click Administration in the navigation tree and then click the Directory Groups tab 2 Click New 3 Provide the following details in the Group Information section Group DN Group SID Kerberos authentication and Active Directory integration only 4 Select from the following privileges Login Remote Console Virtual Power and Reset Virtual Media Host BIOS Configure iLO Settings Admin...

Page 205: ...ory Groups tab 2 Select a group in the Directory Groups section and then click Edit 3 Provide the following details in the Group Information section Group DN Group SID Kerberos authentication and Active Directory integration only 4 Select from the following privileges Login Remote Console Virtual Power and Reset Virtual Media Host BIOS Configure iLO Settings Administer User Accounts Host NIC Host ...

Page 206: ...ectory for example CN Group1 OU Managed Groups DC domain DC extension Shortened DNs are also supported for example Group1 The shortened DN is not a unique match NEC Corporation recommends using the fully qualified DN Group SID Security ID Microsoft Security ID is used for Kerberos and directory group authorization This value is required for Kerberos authentication The required format is S 1 5 2039...

Page 207: ...ure the host storage settings Recovery Set Enables directory users to manage the critical recovery install set By default this privilege is assigned to the default Administrator account To assign this privilege to another account log in with an account that already has this privilege This privilege is not available if you start a session when the system maintenance switch is set to disable iLO sec...

Page 208: ...ot firmware You can select UEFI or the Legacy BIOS Prerequisites Configure iLO Settings privilege Procedure 1 Click Administration in the navigation tree and then click the Boot Order tab 2 Select Unified Extensible Firmware Interface UEFI or Legacy BIOS 3 Click Apply iLO prompts you to confirm the change When you change this setting you cannot make additional changes on the Boot Order page until ...

Page 209: ...Down In Legacy BIOS mode select from the following devices CD DVD Drive USB Storage Device Hard Disk Drive Network Device number where the server Ethernet card and additional NIC FlexibleLOM cards are Network Device 1 Network Device 2 Network Device 3 and so on In UEFI mode select an option from the list of available boot devices 3 Click Apply iLO confirms that the boot order was updated successfu...

Page 210: ...elect One Time Boot Option list The following options are available No One Time Boot CD DVD Drive USB Storage Device Hard Disk Drive Network Device number where the server Ethernet card is Network Device 1 and additional NIC FlexibleLOM cards are Network Device 2 Network Device 3 and so on Intelligent Provisioning When you select this option the server boots the EXPRESSBUILDER Embedded UEFI Shell ...

Page 211: ...ed UEFI Shell When you select this option the server boots to an embedded shell environment that is separate from the UEFI System Utilities 3 If you selected UEFI Target in the Select One Time Boot Option list select a boot device from the Select UEFI Target Option list For example you might have a hard drive with two bootable partitions and you can use this option to select the bootable partition...

Page 212: ... following To load the ROM based setup utility on the next server reset click Boot to System Setup Utilities To reboot the server click Server Reset If a one time boot option is specified this setting takes precedence over the Server Boot Order value ...

Page 213: ...utomatically when you enter data into the segments of the Activation Key box 3 Click Install 4 The EULA confirmation opens The EULA details are available in the License Pack option kit 5 Click OK The license key is now enabled Viewing license information Procedure 1 Click Administration in the navigation tree and then click the Licensing tab License details License The license name Status The lice...

Page 214: ...h as graphical Remote Console with multiuser collaboration video record playback and many more features License key information One iLO license is required for each server on which the product is installed and used Licenses are not transferable Please you keep a license key carefully not to lose because it cannot be reissued ...

Page 215: ... with the Java IRC on Windows systems you must select the correct language in the Regional and Language Options Control Panel For localization support with the Java IRC on Linux systems make sure that the fonts for the specified language are installed and available to the JRE If an installed language pack does not include the translation for a text string the text is displayed in English When you ...

Page 216: ...y other language for which a language pack is installed 3 Click Apply iLO notifies you that the default language was changed In subsequent iLO web interface sessions if there is no browser cookie from a previous session and the browser or OS language is not supported the iLO web interface uses the configured default language Configuring the current iLO web interface session language Procedure 1 Cl...

Page 217: ...ace session 1 If you previously logged in to the iLO web interface on the same computer using the same browser and you have not cleared the cookies the language setting of the last session with that iLO processor is used 2 If there is no cookie the current browser language is used if iLO supports it and the required language pack is installed 3 Internet Explorer only If the browser language is not...

Page 218: ...some cases you might need to reset iLO to the factory default settings to erase settings external to iLO Resetting iLO to the factory default settings erases the iLO configuration To recover the iLO configuration quickly restore the configuration from a backup file after the reset to the factory default settings is complete Accidental or incorrect configuration change In some cases the iLO configu...

Page 219: ...ccurred between the backup and the time or event that required the restore this information is not restored iLO Event Log To preserve information about events that occurred between the backup and the time or event that required the restore this information is not restored Active Health System data To preserve the information recorded during the backup and restore process this information is not re...

Page 220: ...rerequisites Configure iLO Settings privilege Administer iLO User Accounts privilege An iLO backup file exists The default iLO account credentials are available if you previously reset iLO to the factory default settings Procedure 1 Click Administration in the navigation tree and then click Backup Restore 2 Click Restore 3 Depending on your browser click Browse or Choose File and then navigate to ...

Page 221: ...requisites Configure iLO Settings privilege Administer iLO User Accounts privilege An iLO backup file exists The default iLO account credentials are available if you previously reset iLO to the factory default settings Procedure 1 Replace the system board and transfer the hardware components from the old system board to the new system board 2 Power on the system and ensure that all components are ...

Page 222: ...nsole Key security features Configure iLO security features on the following web interface pages Access Settings Enable or disable iLO interfaces and features Customize the TCP IP ports iLO uses Configure authentication failure logging and delays Secure the BMC Configuration Utility iLO Service Port Configure iLO Service Port availability authentication and supported devices Secure Shell Key Add S...

Page 223: ...orted tools for single sign on with iLO Login Security Banner Add a security notice to the iLO login page More Information Administering SSL certificates Directory authentication and authorization iLO access settings Connecting iLO to the network Editing local user accounts Configuring encryption settings Configuring the Integrated Remote Console Trust setting NET IRC ...

Page 224: ...in use iLO prompts you to enter a different value In addition to customizing the TCP IP ports you can also enable or disable iLO features in the Service section of the Access Settings page Changing these settings usually requires configuration of the web browser used for standard and SSL communication When these settings are changed an iLO reset is required to activate the changes Prerequisites Co...

Page 225: ...Remote Console Allows you to enable or disable access through the iLO remote consoles When this option is disabled the NET IRC Java IRC standalone remote console and text based remote console are disabled The configured remote console port is not detected in a security audit that uses a port scanner to scan for security vulnerabilities Remote Console Port Sets the remote console port The default v...

Page 226: ...ng is disabled by default When IPMI DCMI over LAN is disabled iLO disables IPMI DCMI over the LAN Server side IPMI DCMI applications are still functional when this feature is disabled When IPMI DCMI over LAN is enabled iLO allows you to use a client side application to send IPMI DCMI commands over the LAN When IPMI DCMI over LAN is disabled the configured IPMI DCMI over LAN Port is not detected in...

Page 227: ...wser also results in an idle connection The iLO firmware supports a finite number of connections Misuse of the Infinite timeout option might make iLO inaccessible to other users Idle connections are recycled after they expire This setting applies to local and directory users Directory server timeout settings might pre empt the iLO setting Changes to the setting might not take effect immediately in...

Page 228: ...lled Require user login and configuration privilege for BMC Configuration in the UEFI System Utilities Show iLO IP during POST Enables the display of the iLO network IP address during host server POST When this setting is enabled default the iLO IP address is displayed during POST When this setting is disabled the iLO IP address is not displayed during POST Virtual Serial Port Log Enables or disab...

Page 229: ...t this value 57600 115200 The serial port configuration must be set to no parity eight data bits and one stop bit N 8 1 for correct operation Set this value to match the serial port speed configured in the UEFI System Utilities Minimum Password Length Specifies the minimum number of characters allowed when a user password is set or changed The character length must be a value from 0 to 39 characte...

Page 230: ...ailure A failed login log entry is recorded after every fifth failed login attempt Disabled No failed login log entry is recorded Authentication Failure Delay Time Enables you to configure the duration of the iLO login delay after a failed login attempt The following values are valid 2 5 10 and 30 seconds The default value is 10 seconds Authentication Failures Before Delay Enables you to configure...

Page 231: ... an incorrect login name and password You receive three password prompts After the third incorrect password the connection ends and the first login failure is recorded The SSH login failure counter is set to 1 2 Run the SSH client and log in with an incorrect login name and password You receive three password prompts After the third incorrect password the connection ends and the second login failu...

Page 232: ...stem Log through the iLO Service Port Prerequisites The iLO Service Port and USB flash drives options are enabled on the iLO Service Port page Procedure 1 Create a text file named command txtwith the required content for downloading the Active Health System Log 2 Save the file to the root directory of a supported USB flash drive 3 Connect the USB flash drive to the iLO Service Port the USB port la...

Page 233: ...nnect a client to any server through the Service Port You cannot change this address The Service Port status changes to Busy and the UID flashes at a rate of four medium flashes then off for one second 3 When you are finished disconnect the client from the Service Port The Service Port status changes to Ready and the UID stops flashing or flashes to indicate a state such as Remote Console access o...

Page 234: ...og The default setting is disabled User credentials are not required when the system maintenance switch is set to disable iLO security USB Ethernet adapters Allows you to use a USB to Ethernet adapter to connect a laptop to the iLO Service Port to access the Integrated Remote Console The default setting is enabled If you connect a laptop when this setting is disabled the device is ignored Configur...

Page 235: ... file command txt file template Use the following example as a template for your command txt file ahsdata POST downloadAll 0 from 2016 08 25 to 2016 08 26 case_no ABC0123XYZ UserName my_username Password my_password command txt file parameters You can customize the following values downloadAll Controls the download scope To download the log for a range of dates enter 0 To download the entire log e...

Page 236: ...tch is set to disable iLO security command txt file requirements The file must be in valid JSON format NEC Corporation recommends using an online JSON formatter to verify the file syntax A free utility is available at the following website http www freeformatter com json formatter html Do not include comments in the file The text in the file is case sensitive The file supports plain text only Do n...

Page 237: ...ck Authorize New Key 6 Copy and paste the public key into the Public Key Import Data box The key must be a 2 048 bit DSA or RSA key 7 Click Import Public Key Authorizing a new SSH key by using the CLI Prerequisites Administer User Accounts privilege Procedure 1 Generate a 2 048 bit DSA or RSA SSH key by using ssh keygen puttygen exe or another SSH key utility 2 Create the key pub file 3 Verify tha...

Page 238: ...ey s The selected SSH keys are removed from iLO SSH keys When you add an SSH key to iLO you paste the SSH key file into iLO The file must contain the user generated public key The iLO firmware associates each key with the selected local user account If a user is removed after an SSH key is authorized for that user the SSH key is removed Supported SSH key formats RFC 4716 OpenSSH key format iLO leg...

Page 239: ...rrLGPdSt0avNSz0DNQuU7gTPfjj 8c XyHe3y95Oa3Rics1fARyLiNFGqFjr7w2ByQuoYUaXBzzghIYMQcmpc W kDMC0dVOf2XnfcLpcVDIm3ahVPRkxFV9WKkAAAAVAI 3J61F oVKrbNovhoHh8pFfUa9LAAAAgA8pU5 M9F0s5QxqkEWPD6 FVz9cZ0GfwIbiuAI 9ARsizkbwRtpAlxAp6eDZKFvj3ZIy NjcQODeYYqOvVU45AkSkLBMGjpF05cVtnWEGEvrW7mAvtG2zwMEDFSREw V526 jR9TKzSNXTH wqRtTc oLotHeyV2jFZFGpxD OvNWAAAAgFf6pvWaco3CDELmH0jT3yUkRSaDztpqtoo4D7ev7VrNPPjnKKKmpzHPmAKRx...

Page 240: ...n importing a trusted certificate NEC Corporation recommends importing a trusted certificate to protect the security of the iLO processor Viewing SSL certificate information Procedure To view certificate information click Security in the navigation tree and then click the SSL Certificate tab SSL certificate details Issued To The entity to which the certificate was issued Issued By The CA that issu...

Page 241: ...235 Configure iLO Settings privilege Procedure 1 Obtain a trusted certificate from a Certificate Authority CA 2 Import the trusted certificate into iLO ...

Page 242: ...tes Configure iLO Settings privilege Procedure 1 Click Security in the navigation tree and then click the SSL Certificate tab 2 Click Customize Certificate 3 On the SSL Certificate Customization page enter the following Country C State ST City or Locality L ...

Page 243: ...ions between the client browser and iLO Key sizes up to 2 048 bits are supported The generated CSR is held in memory until a new CSR is generated iLO is reset to the factory default settings or a certificate is imported 7 Select and copy the CSR text 8 Open a browser window and navigate to a third party CA 9 Follow the onscreen instructions and submit the CSR to the CA When you submit the CSR to t...

Page 244: ...ertificate tab 2 Click Customize Certificate 3 Click Import Certificate 4 In the Import Certificate window paste the certificate into the text box and then click Import iLO supports SSL certificates that are up to 3 KB including the 609 bytes or 1 187 bytes used by the private key for 1 024 bit and 2 048 bit certificates respectively 5 Reset iLO CSR input details Enter the following details when y...

Page 245: ...ed Organization Name O The name of the company or organization that owns this iLO subsystem Organizational Unit OU Optional The unit within the company or organization that owns this iLO subsystem Common Name CN The FQDN of this iLO subsystem The FQDN is entered automatically in the Common Name CN box To enable iLO to enter the FQDN into the CSR configure the Domain Name on the Network General Set...

Page 246: ...nfiguring authentication and directory server settings Procedure 1 Verify that your iLO user account has the Configure iLO Settings privilege 2 Install an iLO license that supports this feature 3 Configure your environment to support Kerberos authentication or directory integration 4 The Kerberos keytab file is available Kerberos authentication only Configuring Kerberos authentication settings in ...

Page 247: ...o generate the keytab file Configuring schema free directory settings in iLO Prerequisites Your environment meets the prerequisites for using this feature Procedure 1 Click Security in the navigation tree and then click the Directory tab 2 Select Use Directory Default Schema from the LDAP Directory Authentication menu 3 Set Local User Accounts to enabled if you want to use local user accounts at t...

Page 248: ... need to enter their full DNs at login Directory user contexts can be up to 128 characters Certificate Status Specifies whether a directory server CA certificate is loaded If the status is Loaded click View to display the CA certificate details If no CA certificate is loaded the status Not Loaded is displayed iLO supports SSL certificates up to 4 KB in size Directory user contexts You can identify...

Page 249: ...gration Local user accounts can be active when you configure iLO to use a directory or Kerberos authentication In this configuration you can use local and directory based user access Consider the following When local user accounts are enabled configured users can log in by using locally stored user credentials When local accounts are disabled user access is limited to valid directory credentials D...

Page 250: ...dministrator Password boxes NEC Corporation recommends that you use the same credentials that you used when creating the iLO objects in the directory iLO does not store these credentials they are used to verify the iLO object and user search contexts 4 In the Directory Test Controls section enter a test user name and password in the Test User Name and Test User Password boxes 5 Click Start Test Se...

Page 251: ...h the latest results Using the Stop Test button might not stop the tests immediately Not Running Indicates that directory tests are current and that you can supply new parameters to run the tests again Use the Start Test button to start the tests and use the current test control values Directory tests cannot be started after they are already in progress Stopping Indicates that directory tests have...

Page 252: ...eries the configured DNS server If the test is successful iLO obtained an IP address for the configured directory server If iLO cannot obtain an IP address for the directory server this test and all subsequent tests fail If the directory server is configured with an IP address iLO skips this test Ping Directory Server iLO initiates a ping to the configured directory server The test is successful i...

Page 253: ...assword is incorrect User Authorization This test verifies that the specified user name is part of the specified directory group and is part of the directory search context specified during directory services configuration Directory User Contexts If Directory Administrator Distinguished Name was specified iLO tries to search the specified context If the test is successful iLO found the context by ...

Page 254: ...n to iLO through a browser the browser and iLO negotiate a cipher setting to use during the session The negotiated cipher is displayed on the Encryption page Based on the configured security state iLO supports the following Production 256 bit AES GCM with RSA ECDH and an AEAD MAC ECDHE RSA AES256 GCM SHA384 256 bit AES with RSA ECDH and a SHA384 MAC ECDHE RSA AES256 SHA384 256 bit AES with RSA ECD...

Page 255: ...D MAC AES128 GCM SHA256 128 bit AES with RSA and a SHA256 MAC AES128 SHA256 128 bit AES with RSA and a SHA1 MAC AES128 SHA 168 bit 3DES with RSA ECDH and a SHA1 MAC ECDHE RSA DES CBC3 SHA 168 bit 3DES with RSA DH and a SHA1 MAC EDH RSA DES CBC3 SHA 168 bit 3DES with RSA and a SHA1 MAC DES CBC3 SHA ...

Page 256: ... compliant application to iLO bypassing an intermediate login step To use this feature You must have a supported version of an NEC SSO compliant application Configure iLO to trust the SSO compliant application There is no application currently compatible with NEC SSO ...

Page 257: ...e the Enable Login Security Banner setting iLO uses the following default text for the Login Security Banner This is a private system It is to be used solely by authorized users and may be monitored for all lawful purposes By accessing this system you are consenting to such monitoring 3 Optional To customize the security message enter a custom message in the Security Message text box The byte coun...

Page 258: ...252 5 The security message is displayed at the next login ...

Page 259: ...le iLO security All user accounts that have the Administer User Accounts privilege are locked out An invalid configuration prevents iLO from being displayed on the network and the ROM based configuration utility is disabled The iLO NIC is turned off and it is not possible or convenient to run the ROM based configuration utility to turn it back on Only one user name is configured and the password i...

Page 260: ... Storage Smart Array SMART Drive Monitoring connected to Smart Array Internal and external drives connected to Smart Array Smart Storage battery monitoring supported servers only SMART Drive Monitoring connected to Smart Array Smart HBA and AHCI iSCSI Windows NVMe drives Network MAC addresses for embedded NICs that support NC SI over MCTP Physical link connectivity and link up link down traps for ...

Page 261: ...st Prerequisites Configure iLO Settings privilege Procedure 1 Click Management in the navigation tree The SNMP Settings page is displayed 2 Enter the following values in the SNMP Settings section System Location System Contact System Role System Role Detail Read Community Trap Community SNMP Alert Destination s The SNMP Port value is read only on this page You can change this value on the Access S...

Page 262: ...s and DNS provides both IPv4 and IPv6 addresses for the FQDNs iLO sends traps to the address specified by the iLO Client Applications use IPv6 first setting on the IPv6 page If iLO Client Applications use IPv6 first is enabled traps will be sent to IPv6 addresses when available When iLO Client Applications use IPv6 first is disabled traps will be sent to IPv4 addresses when available SNMP Port The...

Page 263: ...Passphrase 4 To save the user profile click Apply SNMPv3 user options Security Name The user profile name Enter an alphanumeric string of 1 to 32 characters Authentication Protocol Sets the message digest algorithm to use for encoding the authorization passphrase The message digest is calculated over an appropriate portion of an SNMP message and is included as part of the message sent to the recip...

Page 264: ...Settings page is displayed 2 Scroll to the SNMPv3 Users section 3 Select a user profile in the SNMPv3 Users section and then click Delete 4 When prompted to confirm the request click OK Configuring the SNMPv3 Engine ID The SNMPv3 Engine ID sets the unique identifier of an SNMP engine belonging to an SNMP agent entity Prerequisites Configure iLO Settings privilege Procedure 1 Click Management in th...

Page 265: ...a value in the SNMPv3 Engine ID box 3 This value must be a hexadecimal string of 6 to 32 characters not counting the preceding 0x and must be an even number of characters for example 0x01020304abcdef 4 Click Apply ...

Page 266: ...test alert and send it to the UDP addresses in the SNMP Alert Destination s 6 boxes click Send Test Alert Test alerts are used to verify the network connectivity of iLO with the SNMP Alert Destination s addresses After the alert is generated check the alert destination for receipt of the alert 7 To save the configuration click Apply SNMP alert settings Trap Source Identifier Determines the host na...

Page 267: ... broadcast to a subnet broadcast address The Cold Start Trap is broadcast when any of the following conditions is met SNMP Alert Destinations are not configured iLO failed to resolve all the SNMP Alert Destinations to IP addresses The subnet broadcast address for an IPv4 host is obtained by performing a bitwise logical OR operation between the bit complement of the subnet mask and the host IP addr...

Page 268: ...date the SNMP settings 4 Optional To generate a test alert and send it to the TCP IP addresses in the Trap Destination s boxes click Send Test Trap Test alerts are used to verify the network connectivity of iLO with the Trap Destination s addresses After the alert is generated check the alert destination for receipt of the alert 5 To save the configuration click Apply ...

Page 269: ...dundancy was lost 1013 cpqSeUSBStorageDeviceRedundancyRestored USB storage device redundancy was restored 1014 cpqSeUSBStorageDeviceSyncFailed The sync operation to restore USB storage device redundancy failed 1015 cpqSePCIeDiskTemperatureFailed The temperature of the PCIe disk crossed the upper critical threshold 1016 cpqSePCIeDiskTemperatureOk The temperature of the PCIe disk is normal 1017 cpqS...

Page 270: ...y physical drive 3047 cpqDa7SpareStatusChange A change has been detected in the status of a Smart Array spare drive 3049 cpqDaPhyDrvSSDWearStatusChange A change has been detected in the SSD wear status of a Smart Array physical drive 6026 cpqHe3ThermalConfirmation The server was shut down due to a thermal anomaly and is now operational 6027 cpqHe3PostError One or more POST errors have occurred 603...

Page 271: ...upplyDegraded The fault tolerant power supply condition has been set to Degraded 6050 cpqHe4FltTolPowerSupplyFailed The fault tolerant power supply condition has been set to Failed 6051 cpqHeResilientMemMirroredMemoryEngaged The Advanced Memory Protection subsystem has detected a memory fault Mirrored Memory has been activated 6054 cpqHe3FltTolPowerRedundancyRestore The fault tolerant power suppli...

Page 272: ...ged 8030 cpqSs6TempStatusChange The storage enclosure temperature status changed 8031 cpqSs6PwrSupplyStatusChange The storage enclosure power status changed 8032 cpqSsConnectionStatusChange The storage enclosure status changed 9001 cpqSm2ServerReset The server power has been reset 9003 cpqSm2UnauthorizedLoginAttempts The maximum unauthorized login attempt threshold has been exceeded 9005 cpqSm2Sel...

Page 273: ...yChangeTrap A change in the health status of the server has occurred 5022 cpqSasPhyDrvStatusChange AMS detected a change in the status of an SAS or SATA physical drive 14004 cpqIdeAtaDiskStatusChange AMS detected a change in the status of an ATA disk drive 16028 cpqFca3HostCntlrStatusChange AMS detected a change in the status of a Fibre Channel host controller 18011 cpqNic3ConnectivityRestored Con...

Page 274: ...SI system cpqnic mib System NIC cpqstsys mib Storage systems cpqstdeq mib Server standard equipment cpqfca mib Fibre Channel array cpqsinfo mib System Information cpqstsys mib Smart Array storage IMPORTANT When SNMP setting is used on OS environment and AMS Agentless Management Service is working AMS sends some same traps as iLO In this case same trap number is sent by both AMS and iLO However the...

Page 275: ...tMail tab 2 Set the Enable iLO AlertMail option to enabled 3 Enter the following information Email Address Sender Domain SMTP Port SMTP Server 4 Optional To send a test message to the configured email address click Send Test AlertMail This button is available only when AlertMail is enabled 5 To save the changes click Apply Subject NEC iLO AlertMail 280 CAUTION System Fan Removed Fan 4 Location Sys...

Page 276: ...ticated SMTP connections The default value is 25 SMTP Server The IP address or DNS name of the SMTP server or the MSA This server cooperates with the MTA to deliver the email This string can be up to 63 characters IMPORTANT For iLO 5 Firmware Version 1 10 Jun 07 2017 It is not able to perform name resolution on the IPv6 DNS server When using in IPv6 environment you set the SMTP Server with the IP ...

Page 277: ...he IP address FQDN IPv6 name or short name of the server running the Syslog service To enter multiple servers separate the server IP address FQDN IPv6 name or short name with a semicolon You can enter up to 63 characters per server and a total of 127 characters On Linux systems a tool called syslog logs system events You can set a syslog server on a remote system that will act as a central logging...

Page 278: ...icense that supports this feature is installed Configure iLO Settings privilege Procedure 1 Click Management in the navigation tree and then click the Remote Syslog tab 2 Set the Enable iLO Remote Syslog option to disabled 3 To save the changes click Apply ...

Page 279: ...commands to be sent to an IPMI BMC that implements the KCS interface You can download this tool from the Intel website at http www intel com IPMItool A utility for managing and configuring devices that support the IPMI version 1 5 and version specifications IPMItool can be used in a Linux environment You can download this tool from the IPMItool website at http ipmitool sourceforge net index html F...

Page 280: ...or example To retrieve the iLO Event Log enter ipmitool I lanplus H iLO ip address U username P password sel list Output example 1 03 18 2000 00 25 37 Power Supply 0x03 Presence detected Deasserted 2 03 18 2000 02 58 55 Power Supply 0x03 Presence detected Deasserted 3 03 18 2000 03 03 37 Power Supply 0x04 Failure detected Asserted 4 03 18 2000 03 07 35 Power Supply 0x04 Failure detected Asserted ...

Page 281: ...server UID button on supported servers Use the iLO RESTful API Use IPMI If none of these methods are available or working as expected you must power down the server and disconnect the power supplies Rebooting resetting the iLO processor with the web interface Prerequisites Configure iLO Settings privilege Procedure 1 Click Information in the navigation tree and then click the Diagnostics tab 2 Cli...

Page 282: ...ck Exit and resume system boot e When prompted to confirm the request click OK to exit the utility and resume the normal boot process Rebooting resetting iLO with the server UID button The UID button on supported servers can be used to initiate a manual reboot of iLO For more information about the UID button see the server user guide Performing a graceful iLO reboot with the server UID button When...

Page 283: ...ons to iLO If a firmware flash is in progress it is interrupted which might cause data corruption on the flash device If data corruption occurs on the flash device use the secure recovery or iLO network failed flash recovery features Data loss or NVRAM corruption might occur during a hardware iLO reboot Do not initiate a hardware reboot if other troubleshooting options are available The UID button...

Page 284: ...d Management Log because this step clears all the data in the logs Procedure 1 Optional If you access the server remotely start an iLO remote console session 2 Restart or power on the server 3 Press F9 in the server POST screen The UEFI System Utilities start 4 From the System Utilities screen click System Configuration and then click BMC Configuration Utility 5 Select Yes in the Set to factory de...

Page 285: ...279 d When prompted to confirm the request click OK to exit the screen and resume the boot process 10 Optional Use the default iLO account information to log in to iLO after the reset ...

Page 286: ...ses the operating system to crash resulting in lost service and data Use the Generate NMI to System button only in extreme cases in which the OS is not functioning correctly and an experienced support organization has recommended an NMI Prerequisites Virtual Power and Reset privilege Procedure 1 Click Information in the navigation tree and then click the Diagnostics tab 2 Click Generate NMI to Sys...

Page 287: ...rt or restart the server 4 Press F9 in the server POST screen The ROM based configuration utility starts 5 Configure the following settings Disable EMS and BIOS Serial Console Set the Virtual Serial Port to COM 2 6 To access the selection menu for the Windows debug boot option reboot the server 7 From the local test system use PuTTY to connect to iLO and log in 8 Enter the IP address for the sessi...

Page 288: ...rver console or access the iLO Remote Console and press Enter to boot the debug selection on the OS load menu This step might take several minutes 12 When you are finished debugging the host server use PuTTY to connect to the CLI and turn off the debug socket to the Virtual Serial Port Then enter the following command windbg_disable You can disconnect and reconnect the Windows debugger as long as ...

Page 289: ... An external monitor is connected Procedure 1 Press the UID button on the server CAUTION Press and release the UID button Holding it down at any time for more than 5 seconds initiates a graceful iLO reboot or a hardware iLO reboot Data loss or NVRAM corruption might occur during a hardware iLO reboot The Server Health Summary screen is displayed on the external monitor 2 Press the UID button again...

Page 290: ...sion Embedded Smart Array The installed Smart Array firmware version This value is displayed only if server POST has successfully completed since the last auxiliary power cycle iLO IPv4 The iLO IPv4 address This value is displayed only if Show iLO IP during POST is enabled on the Access Settings page iLO IPv6 The iLO IPv6 address This value is displayed only if Show iLO IP during POST is enabled o...

Page 291: ...p on iLO Event Log entries Symptom iLO Event Log entries have an incorrect date or time Cause The NTP server addresses or the time zone is configured incorrectly Action 1 Verify that the SNTP settings are configured correctly ...

Page 292: ...s the iLO management port by name The environment is not configured to support accessing the iLO management port by name Action Verify that your environment meets the following requirements The WINS or DDNS server must be up and running before the iLO management port is powered on The iLO management port is configured with the IP address of the WINS or DDNS server You can use DHCP to configure the...

Page 293: ...owing cases The selected NIC teaming mode causes the switch that iLO is connected with to ignore traffic from the server NIC port that iLO is configured to share The selected NIC teaming mode sends all traffic destined for iLO to a NIC port other than the one that iLO is configured to share Action 1 Ensure that your Shared Network Port configuration follows the iLO NIC teaming guidelines Unable to...

Page 294: ...nect with a browser by entering the IP address of the NIC as the URL You can see the iLO login page from this address Reset iLO If a network connection is established you might have to wait up to 90 seconds for the DHCP server request Unable to log in to iLO after installing iLO certificate Symptom iLO is inaccessible after the iLO self signed certificate is installed in the browser certificate st...

Page 295: ...udes the text Default Issuer Do not install the iLO self signed certificate in the browser certificate store If you want to install a certificate request a permanent certificate from a CA and import it into iLO See the browser documentation for more information about working with certificates ...

Page 296: ... through one or more TCP IP ports Action 1 Configure the firewall to allow communications on the ports iLO uses Secure Connection Failed error when using Firefox to connect to iLO Symptom The following error occurs when you try to use Firefox to connect to iLO sec_error_reused_issuer_and_serial Solution 1 Cause The installed certificate contains the same serial number as another certificate issued...

Page 297: ...the following location C Users user name AppData Local Mozilla Firefox Certificate error when navigating to iLO web interface with Internet Explorer Symptom When you navigate to the iLO web interface with Internet Explorer a certificate error appears Solution 1 Action Click the Continue to this website not recommended link Log in to iLO Solution 2 Action Navigate to the Administration Security SSL...

Page 298: ...m When you navigate to the iLO web interface with Firefox a certificate error appears Solution 1 Action 1 Click I Understand the Risks and then click Add Exception 2 In the Add Security Exception dialog box enter https iLO hostname or IP address in the Location box 3 Click Confirm Security Exception 4 The security exception is saved and the iLO login screen appears 5 Log in to iLO Solution 2 Actio...

Page 299: ...r verifying the items in the previous step choose from the following options Accept the certificate temporarily for this session Accept the certificate permanently Stop now and import a certificate into your browser from a file provided by an administrator iLO responds to pings intermittently or does not respond Symptom iLO responds to pings intermittently or does not respond Cause iLO is configur...

Page 300: ...red in iLO does not match the Active Directory key iLO is configured for an incorrect KDC server address The date and time do not match between the client PC the KDC server and iLO Set the date and time on these systems to the same value The date and time on these systems must not differ by more than 5 minutes Action 1 Verify that your environment meets the requirements for Kerberos support Soluti...

Page 301: ...ld domain and the Kerberos configuration parameters reference the parent domain Action 1 Verify that the following Kerberos parameters are configured correctly Kerberos Realm Kerberos KDC Server Address and Kerberos KDC Server Port A directory connection to iLO ends prematurely Symptom An Active Directory session ends prematurely Cause Network errors can cause iLO to conclude that a directory conn...

Page 302: ...oes not log out after directory timeout expires Symptom A directory user is not logged out after being idle for the amount of time configured for the directory login timeout Cause The iLO Idle Connection Timeout value is set to Infinite With this configuration the Remote Console periodically pings the iLO firmware to verify that the connection exists When the Remote Console pings iLO the iLO firmw...

Page 303: ...s configured with nested groups or posixgroups Cause iLO does not support nested groups or posixgroups with OpenLDAP Action 1 Configure iLO with a group in which the LDAP user has a direct membership Make sure the OpenLDAP directory group has an objectClass of the type groupOfNames iLO Zero Sign In fails after domain controller OS reinstall Symptom The iLO web interface Zero Sign In option does no...

Page 304: ...n click OK 5 Select the Personal Certificates folder 6 Right click the folder and select Request New Certificate 7 Verify that the Type is domain controller and click Next until a certificate is issued Directory Server DNS Name test reports a failure Symptom The Directory Server DNS Name test reports the status Failed Cause iLO cannot obtain an IP address for the directory server Action Verify tha...

Page 305: ...tory server is enabled to allow communications through port 636 Connect using SSL test reports a failure Symptom The Connect using SSL test reports the status Failed Cause The SSL handshake and negotiation between iLO and the directory server were unsuccessful Action Enable the directory server for SSL negotiations If you are using Microsoft Active Directory verify that Active Directory Certificat...

Page 306: ...als were entered correctly User Authentication test reports a failure Symptom The User Authentication test reports the status Failed Cause Authentication failed with the provided user name and password Action Verify that the user credentials were entered correctly Try using other user name formats for example user domain com DOMAIN username username called Display Name in Active Directory or userl...

Page 307: ...inguished Name to search for a specified user context the container was not found in the directory Action 1 Verify that the search contexts were entered correctly LOM Object Exists test reports a failure Symptom The LOM Object Exists test reports the status Failed Cause iLO failed to locate the directory object specified by the iLO Object Distinguished Name configured on the Security Directory pag...

Page 308: ...ux system Cause Firefox is not configured to accept cookies Action 1 Configure Firefox to accept cookies iLO Java IRC does not start Symptom The Java IRC fails to start when you do not accept the security warning and confirm that you want to run the application Cause You cannot run the Java IRC without accepting the security warning and confirming that you want to run the application Action 1 Clic...

Page 309: ...O firmware can detect and display them Typically only the upper left corner of the text window is updated while the rest of the text window remains static Action 1 After the text window stops scrolling click Refresh to update the Remote Console window Mouse or keyboard not working in iLO NET IRC or Java IRC Java Web Start Symptom The mouse or keyboard does not work in the NET IRC or Java IRC Java ...

Page 310: ... outside the Remote Console window and then drag it back inside Solution 3 Action 1 Close the browser window and exit the browser 2 Open the Java Control Panel 3 Navigate to the Java Runtime Environment Settings dialog box 4 Add the following runtime parameter Dsun java2d d3d false 5 Click OK and close the Java Runtime Environment Settings window 6 Click Apply and then click OK to close the Java C...

Page 311: ...Cause The client OS or Java software might be out of date Action 1 Make sure that Red Hat Enterprise Linux 6 or later is installed on the local client system 2 Install the latest version of Java and configure it to connect through the Firefox browser 3 Log in to the iLO web interface 4 Insert a USB key or floppy disk on the local client system 5 Verify that you can access the USB key or floppy dis...

Page 312: ...ution 1 Cause A network issue might be causing network latency Action 1 Identify and fix problems that might cause network latency Solution 2 Cause The remote system settings are causing a delay Action Adjust the following settings on the remote machine Increase the typematic delay This setting controls the delay before a character repeats when you press and hold a key on the keyboard Decrease the...

Page 313: ... of the Remote Console keyboard lock keys The Caps Lock Num Lock and Scroll Lock keys are fully functional when you use the keyboard options in the Remote Console Action 1 No action needed iLO NET IRC becomes inactive or disconnects Symptom The iLO NET IRC becomes inactive or disconnects during periods of high activity NET IRC activity slows before becoming inactive Symptoms of an inactive NET IRC...

Page 314: ...308 Reset iLO ...

Page 315: ...specified amount of time for a connection to be established with iLO If the client server does not receive a response in this amount of time it displays an error message Action 2 Correct the network delay and retry the NET IRC connection Solution 2 Cause A Shared Remote Console session is requested but the session leader delayed sending an acceptance or denial message The iLO NET IRC client waits ...

Page 316: ...erver 5 Disconnect the device by using the Virtual Devices menu in the NET IRC 6 Do not use Windows Explorer to refresh the contents of the USB key 7 Use the Safely Remove Hardware feature to eject the device from the client computer 8 Remove the device from the client computer 9 When you connect the USB key to any computer the file changes will be visible in Windows Explorer iLO NET IRC takes a l...

Page 317: ...sion leader NET IRC client and each shared NET IRC client Make sure that the firewall settings on all clients allow an inbound connection to the Remote Console port the default port is 17990 iLO NET IRC will not start in Firefox Symptom When you launch the NET IRC in Mozilla Firefox the application might fail to start Cause If the iLO system uses the default iLO SSL certificate not a signed truste...

Page 318: ...o a DOS bootable USB key that is mounted by using the iLO Remote Console If the USB key is 2 GB or less the following message is displayed Attempting Boot from CD ROM Attempting Boot from USB DriveKey C Cannot load DOS Any key to retry If the USB key is larger than 2 GB the server does not progress beyond following message Attempting Boot from USB DriveKey C Boot from Drive Operating system load e...

Page 319: ...emote Console Action 1 Close the PuTTY client and restart the session An SSH session fails to start or terminates unexpectedly Symptom An SSH session fails to start or terminates unexpectedly Cause iLO is configured to use the Shared Network Port and NIC teaming is enabled for the NIC the Shared Network Port uses In this configuration network communications might be blocked in the following cases ...

Page 320: ... page for errors This page can help you identify communication problems between iLO peers Verify that the switches in the network are configured to allow communication between iLO peers If you changed the network routes subnet mask IP address or HTTP port for an iLO peer verify that the peer has a communication path to the local iLO system Ensure that a communication path exists between the local ...

Page 321: ... peer with the error An intermediate firewall or a change to the iLO network configuration and HTTP port setting might block communication between the local iLO system and the peer iLO Multi System Map page displays a 403 error Symptom The Multi System Map page shows a 403 Forbidden Authorization error Cause The group key on the local iLO system does not match the group key on a peer iLO system Ac...

Page 322: ... Ensure that a communication path exists between the local iLO system and the peer with the error An intermediate firewall or a change to the iLO network configuration and HTTP port setting might block communication between the local iLO system and the peer iLO peers are displayed with IPv6 addresses on IPv4 networks Symptom iLO peers on an IPv4 network are displayed with IPv6 addresses on iLO Fed...

Page 323: ...mmunication issue 2 Attempt to ping iLO If you are successful the network is working 3 Try the firmware update again Solution 2 Action 1 Try a different firmware update method iLO firmware update error Symptom The following error is displayed during a firmware update The last firmware update attempt was not successful Ready for the next update Cause An incorrect file was used to update the iLO fir...

Page 324: ...onnection is test and the password is flash To send a firmware image to iLO use the FTP client PUT command After receiving the image iLO validates the image If the image is a complete signed and valid firmware image the kernel begins programming the FLASH partition After the image is programmed into the FLASH partition reset iLO by issuing the RESET command to the iLO FTP server Example F ilo ftp ...

Page 325: ...n 2 Cause An evaluation key was submitted when a regular license was previously installed Action 1 None iLO does not support installing an evaluation key when a regular key was previously installed Solution 3 Cause The iLO date and time settings are incorrect Action 1 Check the iLO date and time settings and then try again Solution 4 Cause The license key entered is incorrect Action 1 Check for er...

Page 326: ... an optional iLO license If a license is not installed a message informs you that these features are not available without a license Action 1 Install an iLO license that supports these features Agentless Management AMS and SNMP issues AMS is installed but unavailable in iLO Symptom AMS is installed on a server but it is listed as Not available in the iLO web interface Action 1 Verify that AMS is i...

Page 327: ...l Media Integrated Remote Console IRC Pre OS only Pre OS only Global Team Collaboration via Integrated Remote Console Integrated Remote Console Record and Playback Virtual Serial Port Record and Playback Text based Remote Console via SSH Email Based Alerting Remote Syslog Advanced Power Management Power History Graphs Dynamic Power Capping iLO Federation Management iLO Federation Discovery Virtual...

Page 328: ...Virtual Media 17988 1 TCP Dynamic 6 Remote Console 17990 1 TCP Dynamic 6 SMTP Dynamic 6 TCP 25 2 DNS Dynamic 6 UDP 53 Web Non SSL Dynamic 6 TCP 80 5 Kerberos KDC Dynamic 6 TCP 88 3 NTP Dynamic 6 UDP 123 SNMP Trap Dynamic 6 UDP 162 1 Web SSL Dynamic 6 TCP 443 5 Remote Syslog Dynamic 6 UDP 514 4 LDAP Dynamic 6 TCP 636 3 1 Change the port number on Security Access Settings page 2 Change the port numb...

Page 329: ...ut System BMC Baseboard management controller CA Certificate authority CLP Command Line Protocol CN Common Name COM port Communication port cookie A small unscriptable text file placed on your hard drive by a website to preserve specific settings When you return to the site your system opens the cookie with the previously saved settings so they can be passed along to the site Cookies are also used...

Page 330: ...otocol IDE Integrated Drive Electronics IETF Internet Engineering Task Force IIS Internet Information Services iLO A built in controller that supports the IPMI version 2 0 protocol The controller is called as iLO5 because this server adopts a generation 5 version controller IML Integrated Management Log IPMI Intelligent Platform Management Interface IRC Integrated Remote Console ISO International ...

Page 331: ...ol Independent Multicast PKCS Public key cryptography standards POST Power on self test Product Info Collection Utility Software for collecting several hardware software statuses and event logs You can easily collect the data for the server maintenance by using this software PuTTY A terminal emulator that can act as a client for the SSH Telnet rlogin and raw TCP protocols and as a serial console c...

Page 332: ...ction manual application and other software for the server This must be installed before using OS on the server Starter Pack is provided as an optional product and ISO data on our website SUM Software Update Manager System Maintenance Switch A DIP switch on motherboard This switch can enable disable initialization password iLO settings and other functions of maintenance System Utilities System Uti...

Page 333: ...327 VSP Virtual Serial Port WBEM Web Based Enterprise Management WINS Windows Internet Name Service ...

Page 334: ......

Page 335: ...e contents of this manual may not be copied or altered without the prior written permission of NEC Corporation NEC Express Server iLO 5 User s Guide October 2017 NEC Corporation 7 1 Shiba 5 Chome Minato Ku Tokyo 108 8001 Japan ...

Reviews:

No comments

Related manuals for iLO 5

Brand: IBM Pages: 64

MCX-2000 - MusicCAST Digital Audio Server

Brand: Yamaha Pages: 25

NetVista N2800e

Brand: IBM Pages: 82

SimpliVity 2600 Gen10

Brand: HPE Pages: 37

Brand: Buffalo Pages: 80

NPort P5250A Series

Brand: Moxa Technologies Pages: 2

Brand: Axel Pages: 28

Brand: AXIOMTEK Pages: 58

Brand: Vxl Pages: 19

Brand: ZLAN Pages: 13

Intesis IBMBSDAL0640000

Brand: HMS Networks Pages: 39

HPE ProLiant DL580 Gen10

Brand: Hewlett Packard Enterprise Pages: 197

SuperServer 5013G-M

Brand: Supero Pages: 104

Brand: Epson Pages: 28

EpsonNet 802.11b

Brand: Epson Pages: 30

Stylus C80WN - Ink Jet Printer

Brand: Epson Pages: 1

Brand: Epson Pages: 258

Brand: Epson Pages: 280

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands