Hewlett Packard Enterprise Superdome Flex Скачать руководство пользователя страница 37 | Manualshive

Страница: 37 / 62

background image

Review the output of the

help set ldap

command for examples of using this command.

Example minimal configuration:

RMC cli> set ldap server=dir_server.company.com basedn="dc=company,dc=com"

Example with additional search settings for user and group:

RMC cli> set ldap server=dir_server.company.com port=636 login=uid
set ldap basedn="ou=org,dc=company,dc=com"
set ldap userdn="ou=devs,ou=org,dc=company,dc=com" userdn="ou=test,ou=org,dc=company,dc=com"
set ldap userfilter="objectClass=posixAccount"
set ldap groupdn="ou=groups,ou=org,dc=company,dc=com"
set ldap groupfilter="objectClass=posixGroup"

Example for an Active Directory server:

RMC cli> set ldap server=dir_server.company.com login=sAMAccountName
set ldap basedn="dc=company,dc=com"
set ldap userfilter="(&(objectClass=user)(!(objectClass=computer))"
set ldap groupfilter="objectClass=group"
set ldap sid=S-1-5-21-3623811015-3361044348-30300820

Example for server that requires a bind name and password:

RMC cli> Set bindpw to be prompted for a bind password (if not in script mode)
set ldap server=dir_server.company.com port=636 login=uid
set ldap basedn="dc=company,dc=com" binddn="cn=admin,dc=company,dc=com"
set ldap bindpw
Please enter the bind password: _

Default values if not set:

port = 636
login = uid
userfilter = "(objectClass=posixAccount)"
groupfilter = "(objectClass=posixGroup)"

The login parameter is the name of the LDAP attribute that contains the unique identifier of the LDAP entry which will be
used as the username.

There are two supported ways of establishing group membership in an LDAP group entry; either by a

memberUid or a

member attribute.

• The

memberUid attribute contains a username which is used to search for the corresponding LDAP user entry.

• The

member attribute contains LDAP DNs which identify a user or nested group.

If group membership is provided by the

memberUid attributes, the value of a memberUid must match the value of the

login parameter; for example, the username must be added as a

memberUid of a group entry. If member attributes are

used, then user entries are fully identified by the DN values without regard for the username.

NOTE: The space character for the DN string can be included by replacing space with

\20

( for example. backslash

followed by the digits two and zero). In the following example, DN with OU customer service org is represented as

customer\20service\20org

.

set ldap
groupdn="ou=groups,ou=customer\20service\20org,dc=company,dc=com"

More information

Configuring LDAP server details

Managing HPE Superdome Flex Server

37

«
...
35
36
37
38
39
...
»

Содержание Superdome Flex

Страница 1: ...HPE Superdome Flex Server User Guide Part Number 10 200003 Q122 Published October 2021 Edition 11 Abstract Product overview initial setup network configuration and system management...

Страница 2: ...is not responsible for information outside the Hewlett Packard Enterprise website Acknowledgments Intel Xeon and Optane are trademarks of Intel Corporation in the U S and other countries Redfish is a...

Страница 3: ...r accounts and passwords Added section on updating SD Flex software Added section on updating SD Flex firmware Added section on configuring and using LDAP for user authentication Updated several illus...

Страница 4: ...ing the factory default passwords on the BMC 23 Verifying the HPE Superdome Flex Server is running correctly and can boot 24 Configuring the RMC to forward SNMP alerts 26 SNMP alerts 26 Managing HPE S...

Страница 5: ...Enabling Secure Boot with Boot Manager 50 Disabling Secure Boot with CLI 51 Disabling Secure Boot with Boot Manager 51 Installing or reinstalling default Secure Boot keys 52 Secure Boot Configuration...

Страница 6: ...m the base chassis and can be used as the monarch boot chassis for nPartitions Any one system has one base chassis Mixing partitionable and expansion chassis is not supported 1 2 3 4 5 6 7 8 9 10 11 1...

Страница 7: ...nted RMC required for partitioned systems For more information about features and supported configurations see the www hpe com support superdome flex quickspecs Post installation checklist A Hewlett P...

Страница 8: ...ch internal components Removing the covers can expose you to dangerous voltage points or other risks Unplug this product from the wall outlet and refer servicing to qualified service personnel under t...

Страница 9: ...the system alone Moving a rack requires at least two people To slide out the chassis in either direction complete the following steps Confirm that the rack does not move The rack feet should be down...

Страница 10: ...eaching as you install components Use the ladder handhold while climbing the stepladder Be aware that tools and equipment that you carry up the ladder could fall from the top of the rack 2 m 6 ft Fall...

Страница 11: ...x Server to a private server management network within your corporate LAN Hewlett Packard Enterprise strongly recommends using a management network that is separate from the normal corporate LAN Make...

Страница 12: ...Accessing HPE Superdome Flex Server RMC or eRMC from Windows 7 Optional Use this step only if you have a 1U RMC and want to set it up using the RMC AUX port and LAN cable The RMC AUX port is preconfi...

Страница 13: ...ange the default IPMI password Hewlett Packard Enterprise recommends that you configure the same password for both the RMC administrator user and ipmi user The BMC Superdome Flex chassis running FW 3...

Страница 14: ...d component 13 14 15 16 17 18 19 13 14 15 16 17 18 19 In a partitionable system an RMC is required regardless of the number of chassis If there are three or more chassis in a system an RMC is required...

Страница 15: ...has a bar code and the factory default password written on it If the system uses an RMC this sticker is on the rear of the 1U rackmounted component Password If the system uses an eRMC the sticker is o...

Страница 16: ...twork If the system uses an RMC plug one end of the Ethernet cable into the WAN port on the RMC Plug the other end into the manageability network WAN If the system uses an eRMC plug one end of the Eth...

Страница 17: ...x Server OS Installation Guide When JViewer is required the monarch chassis must be connected to the management LAN Procedure 1 Locate the chassis that contains the BMC The BMC is located in the lowes...

Страница 18: ...m connect the MGMT port on the lowermost monarch chassis for each nPar to the management LAN Configuring the RMC on the network Prerequisites The manageability network must be a private server managem...

Страница 19: ...rmation about loading these drivers see Accessing HPE Superdome Flex Server RMC or eRMC from Windows 3 In the serial terminal window use your terminal emulation program instructions to set the followi...

Страница 20: ...might need the RMC password in the future 11 Reboot the RMC for the changes to take effect reboot rmc 12 To test new IP address and password for the RMC open another terminal window and enter the fol...

Страница 21: ...e RMC administrator user password set password The system prompts for the administrator user password when the administrator user logs into the RMC over the network NOTE The factory assigned administr...

Страница 22: ...rocedure Changing the factory default IPMI password on the rack management controller RMC For systems using an RMC not using an eRMC complete the following procedure to change the IPMI password on the...

Страница 23: ...sword that was previously set for administrator on the RMC 2 Run BASEIOLIST and make note of the base BMC GEOID For example RMC cli baseiolist P000 r001i01b 192 168 5 21 08 00 69 17 A1 B1 The GEOID is...

Страница 24: ...sequences in the configuration procedures Procedure 1 Open two terminal sessions to the RMC and log in as the administrator user in each session On the monitor orient the terminal sessions one on top...

Страница 25: ...n take up to two minutes for the BMC to be configured 5 In the top window enter the following command power on npar pnum 0 The RMC cli prompt will appear after power has been applied which can take 3...

Страница 26: ...e uses the MIB to convert low level SNMP variables to readable names such as CPU2_TEMP The RMC and the BMCs manage SNMP alerts with the RMC receiving the SNMP alerts that the BMCs generate Hewlett Pac...

Страница 27: ...yed From the home page you can access management functions such as Using HTML5 KVM and attaching an ISO Installing an OS or HFS See HPE Superdome Flex Server OS Installation Guide Configuring a virtua...

Страница 28: ...10 one approach is to access the Windows command line as the administrator user and then run JViewer from that command line For more information about using JViewer with vFolders see the HPE Superdome...

Страница 29: ...er may be synchronized back to the original folder The contents of the original folder will be overwritten The Disc Image File is then deleted Prerequisites You are logged in as an administrator See L...

Страница 30: ...drive you selected When connected the image file is shared with the server 7 Power on the server with the RMC power on npar pnum 1 bootopt Shell bootopt Shell forces the console to stop at the UEFI S...

Страница 31: ...file back to the vFolder on the PC When synchronization is complete the changes made on the server are now visible under the vFolder 13 Optional You can disconnect and reconnect as needed Whenever the...

Страница 32: ...ions drive Q and drive R Both partitions are configured as FAT32 so that they are accessible as Virtual Media 3 Click Connect beside the drive you selected The Hard Disk USB Redirection Status panel a...

Страница 33: ...3 GPT 88D9175B 0EBC 46AE 9654 0007781192B0 0x808000 0x800000 7 Identify each logical partition To determine which logical partition is mounted to each FS file system it will be necessary to uniquely i...

Страница 34: ...in LDAP names The dot character is a valid character in user and group names However the Superdome Flex Rack Management Controller RMC Embedded Rack Management Controller eRMC Command Line Interface...

Страница 35: ...erdome Flex Server Administration Guide LDAP configuration LDAP configuration is managed using the CLI on the RMC Successfully configuring the HPE Superdome Flex Server for LDAP authentication require...

Страница 36: ...sword _ More information Set LDAP command information Set LDAP command information The set LDAP command is used from the RMC command line to configure the LDAP server details Usage set ldap server SER...

Страница 37: ...dap bindpw Please enter the bind password _ Default values if not set port 636 login uid userfilter objectClass posixAccount groupfilter objectClass posixGroup The login parameter is the name of the L...

Страница 38: ...ch 1 ou org dc company dc com User Filter objectClass posixAccount User DN Search 1 Group Filter objectClass posixGroup Group DN Search 1 AD Domain SID Adding new LDAP groups Procedure Grant users of...

Страница 39: ...Flex_users Displaying the current LDAP groups Procedure Display the current list of authorized LDAP groups by using the show ldap_group command RMC cli show ldap_group Group Name Role Users operator E...

Страница 40: ...ny com ping6 c2 dir_server company com Ping Test was successful Group Search Test Attempting LDAP search for group1 in ou org dc company dc com DN scope LDAPTLS_REQCERT allow ldapsearch LLL v x l 90 d...

Страница 41: ...mc administrator flex rmc s password administrator password HPE Superdome Flex BMC 2 At the CLI prompt enter the appropriate command to manage user accounts commands Enter help for a list of available...

Страница 42: ...e administrator Adding RMC users Procedure 1 Create an RMC user account using the add user command USER ROLE role For example RMC cli add user name Mary_Albright role monitor Changing password for Mar...

Страница 43: ...Albright Old password New password Retype password Password for Mary_Albright changed by Mary_Albright To change another user s password RMC cli set password username Mary_Albright Changing password f...

Страница 44: ...ly change it to a secure password again More information Changing the factory default IPMI password HPE Superdome Flex Server updates Updating HPE Superdome Flex Server firmware This topic describes h...

Страница 45: ...s access redhat com documentation en us red_hat_enterprise_linux 7 html system_administrators_guide index The update instructions can be found in section 9 7 Automatically Refreshing Package Database...

Страница 46: ...tlement required This site includes access to the latest HFS ISO files Release Notes and installation update instructions for all supported Linux operating systems Updating the I O firmware and driver...

Страница 47: ...ent Memory on Superdome Flex Server with Intel Xeon 62xx and 82xx Cascade Lake processors For details on supported PMM configurations and related administration and maintenance tasks see HPE Persisten...

Страница 48: ...ation for this attempt a Select the IP version you want to use under the Internet Protocol menu item b Optional Set the number of times to attempt reconnecting under the Connection Retry Count menu it...

Страница 49: ...ystems shipped from the factory and to newly created Superdome Flex Server partitions Many secure boot configuration changes require resetting the partition before booting an OS or accessing the UEFI...

Страница 50: ...ot with Boot Manager Procedure 1 Interrupt the boot process and access UEFI Press F2 to access the UEFI Boot Manager 2 Access the Secure Boot Configuration menu At Boot Manager select the Device Manag...

Страница 51: ...bled state using the show command show npar verbose 4 Power ON the nPartition Disabling Secure Boot with Boot Manager Procedure 1 Interrupt the boot process and access UEFI Press F2 to access the UEFI...

Страница 52: ...n menu At Boot Manager select the Device Manager menu then select the Secure Boot Configuration menu 3 Select the Install Default Keys option This option also changes the system to User Mode and enabl...

Страница 53: ...the Customize Secure Boot menu Install Default Keys Option for installing the default secure boot keys All Secure Boot data is overwritten with a default set for supported operating systems Installin...

Страница 54: ...able on a UEFI file system KEK Options Key Exchange Keys options You can enroll additional signature keys to establish a trusted relationship between an operating system and the system firmware DB Opt...

Страница 55: ...on menu Custom Secure Boot Options menu OS boot fails from boot manager Symptom The OS fails to boot from the boot manager and immediately returns to the boot menu The progress log contains the SECURE...

Страница 56: ...e keys permit execution of images signed by the following certificates HPE KEK 2016 Microsoft Corporation KEK CA 2011 SUSE Linux Enterprise Secure Boot CA HPE DB 2016 HP DB 2013 Microsoft Corporation...

Страница 57: ...led at the RMC CLI enter the following command RMC CLI show npar verbose To enable or disable Secure Boot power off the nPartition and then at the RMC CLI enter the following command RMC CLI modify np...

Страница 58: ...t documentation HPE Superdome Flex Server documentation for support specialists is available at www hpe com support superdome flex docs restricted by signing in to the Hewlett Packard Enterprise Suppo...

Страница 59: ...General websites Hewlett Packard Enterprise Information Library www hpe com info EIL For additional websites see Support and other resources Websites 59...

Страница 60: ...updates Some software products provide a mechanism for accessing software updates through the product interface Review your product documentation to identify the recommended software update method To...

Страница 61: ...w hpe com support ProLiantServers Warranties HPE Enterprise and Cloudline Servers https www hpe com support EnterpriseServers Warranties HPE Storage Products https www hpe com support Storage Warranti...

Страница 62: ...ur needs To help us improve the documentation use the Feedback button and icons located at the bottom of an opened document on the Hewlett Packard Enterprise Support Center portal https www hpe com su...

Отзывы:

Нет отзывов

Похожие инструкции для Superdome Flex

Univerge SV9100

Бренд: NEC Страницы: 78

UNIVERGE SL2100

Бренд: NEC Страницы: 34

Бренд: NEC Страницы: 2

Бренд: NEC Страницы: 975

Бренд: QNAP Страницы: 39

Бренд: sysmik Страницы: 2

UniServer R4900 G5

Бренд: H3C Страницы: 141

SUPERSERVER 6034H-X8R

Бренд: Supermicro Страницы: 128

Бренд: Patton electronics Страницы: 326

Бренд: Gigabyte Страницы: 115

System x3500 M2 Type 7839

Бренд: IBM Страницы: 126

BladeCenter HS20 Type 8843

Бренд: IBM Страницы: 112

Бренд: SmartSight Страницы: 113

Бренд: PRG Страницы: 50

Бренд: Gigabyte Страницы: 120

Бренд: XtendLan Страницы: 28

Бренд: SAFARI Montage Страницы: 5

Бренд: Black Box Страницы: 66

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды