Home > HP > Server > HP Ilo 4 User Guide

HP Ilo 4 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual HP Ilo 4 User Guide. The HP manuals for Server are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 71

    Page 71 •OrganizationalUnit(OU)—(Optional)Theunitwithinthecompanyororganizationthat ownsthisiLOsubsystem •CommonName(CN)—TheFQDNofthisiLOsubsystem 4.ClickGenerateCSR. Thefollowingmessageappears: The iLO subsystem is currently generating a Certificate Signing Request (CSR). This may take 10 minutes or more. In order to view the CSR, wait 10 minutes or more, and then click the Generate CSR button again. 5.After10minutesormore,clicktheGenerateCSRbuttonagain. AnewwindowdisplaystheCSR.... 
    •OrganizationalUnit(OU)—(Optional)Theunitwithinthecompanyororganizationthat
ownsthisiLOsubsystem
•CommonName(CN)—TheFQDNofthisiLOsubsystem
4.ClickGenerateCSR.
Thefollowingmessageappears:
The iLO subsystem is currently generating a Certificate Signing
Request (CSR). This may take 10 minutes or more. In order to view
the CSR, wait 10 minutes or more, and then click the Generate CSR
button again.
5.After10minutesormore,clicktheGenerateCSRbuttonagain.
AnewwindowdisplaystheCSR....

    Page 72

    Page 72 13.ResetiLO. Forinstructions,see“UsingiLOdiagnostics”(page180). Configuringdirectorysettings TheiLOfirmwareconnectstoMicrosoftActiveDirectoryforuserauthenticationandauthorization. YoucanconfigureiLOtoauthenticateandauthorizeusersbyusingtheHPExtendedSchema directoryintegrationortheschema-freedirectoryintegration.TheHPExtendedSchemaworksonly withMicrosoftWindows.TheiLOfirmwareconnectstodirectoryservicesbyusingSSLconnections tothedirectoryserverLDAPport.ThedefaultsecureLDAPportis636.... 
    13.ResetiLO.
Forinstructions,see“UsingiLOdiagnostics”(page180).
Configuringdirectorysettings
TheiLOfirmwareconnectstoMicrosoftActiveDirectoryforuserauthenticationandauthorization.
YoucanconfigureiLOtoauthenticateandauthorizeusersbyusingtheHPExtendedSchema
directoryintegrationortheschema-freedirectoryintegration.TheHPExtendedSchemaworksonly
withMicrosoftWindows.TheiLOfirmwareconnectstodirectoryservicesbyusingSSLconnections
tothedirectoryserverLDAPport.ThedefaultsecureLDAPportis636....

    Page 73

    Page 73 Configuringauthenticationanddirectoryserversettings 1.NavigatetotheAdministration→Security→Directorypage. 2.Configurethefollowingoptions: •LDAPDirectoryAuthentication—Enablesordisablesdirectoryauthentication.Ifdirectory authenticationisenabledandconfiguredcorrectly,userscanloginbyusingdirectory credentials. Choosefromthefollowingoptions: ◦Disabled—Usercredentialsarenotvalidatedbyusingadirectory. ◦UseHPExtendedSchema—Selectsdirectoryauthenticationandauthorizationby... 
    Configuringauthenticationanddirectoryserversettings
1.NavigatetotheAdministration→Security→Directorypage.
2.Configurethefollowingoptions:
•LDAPDirectoryAuthentication—Enablesordisablesdirectoryauthentication.Ifdirectory
authenticationisenabledandconfiguredcorrectly,userscanloginbyusingdirectory
credentials.
Choosefromthefollowingoptions:
◦Disabled—Usercredentialsarenotvalidatedbyusingadirectory.
◦UseHPExtendedSchema—Selectsdirectoryauthenticationandauthorizationby...

    Page 74

    Page 74 networkinformation,clickAdministerGroups,andthenenteroneormorevalid directoryDNsandprivilegestograntusersaccesstoiLO. •KerberosAuthentication—EnablesordisablesKerberoslogin.IfKerberosloginisenabled andconfiguredcorrectly,theHPZeroSignInbuttonappearsontheloginpage. •LocalUserAccounts—Enablesordisableslocaluseraccountaccess. Enabled—Ausercanloginbyusinglocallystoredusercredentials.HPrecommends enablingthisoptionandconfiguringauseraccountwithadministratorprivileges.... 
    networkinformation,clickAdministerGroups,andthenenteroneormorevalid
directoryDNsandprivilegestograntusersaccesstoiLO.
•KerberosAuthentication—EnablesordisablesKerberoslogin.IfKerberosloginisenabled
andconfiguredcorrectly,theHPZeroSignInbuttonappearsontheloginpage.
•LocalUserAccounts—Enablesordisableslocaluseraccountaccess.
Enabled—Ausercanloginbyusinglocallystoredusercredentials.HPrecommends
enablingthisoptionandconfiguringauseraccountwithadministratorprivileges....

    Page 75

    Page 75 •LOMObjectDistinguishedName—SpecifieswherethisiLOinstanceislistedinthedirectory tree(forexample,cn=iLO Mail Server,ou=Management Devices,o=hp).This optionisavailablewhenUseHPExtendedSchemaisselected. UsersearchcontextsarenotappliedtotheLOMobjectDNwheniLOaccessesthe directoryserver. •DirectoryUserContexts—Theseboxesenableyoutospecifycommondirectorysubcontexts sothatusersdonotneedtoentertheirfullDNsatlogin.Directoryusercontextscanbe upto128characters.... 
    •LOMObjectDistinguishedName—SpecifieswherethisiLOinstanceislistedinthedirectory
tree(forexample,cn=iLO Mail Server,ou=Management Devices,o=hp).This
optionisavailablewhenUseHPExtendedSchemaisselected.
UsersearchcontextsarenotappliedtotheLOMobjectDNwheniLOaccessesthe
directoryserver.
•DirectoryUserContexts—Theseboxesenableyoutospecifycommondirectorysubcontexts
sothatusersdonotneedtoentertheirfullDNsatlogin.Directoryusercontextscanbe
upto128characters....

    Page 76

    Page 76 1.ClickTestSettingsontheSecurity→Directorypage. TheDirectoryTestspageopens. Thispagedisplaystheresultsofaseriesofsimpletestsdesignedtovalidatethecurrentdirectory settings.Also,itincludesatestlogthatshowstestresultsanddetectedissues.Afteryour directorysettingsareconfiguredcorrectly,youdonotneedtorerunthesetests.TheDirectory Testspagedoesnotrequireyoutologinasadirectoryuser. 2.IntheDirectoryTestControlssection,entertheDNandpasswordofadirectoryadministrator.... 
    1.ClickTestSettingsontheSecurity→Directorypage.
TheDirectoryTestspageopens.
Thispagedisplaystheresultsofaseriesofsimpletestsdesignedtovalidatethecurrentdirectory
settings.Also,itincludesatestlogthatshowstestresultsanddetectedissues.Afteryour
directorysettingsareconfiguredcorrectly,youdonotneedtorerunthesetests.TheDirectory
Testspagedoesnotrequireyoutologinasadirectoryuser.
2.IntheDirectoryTestControlssection,entertheDNandpasswordofadirectoryadministrator....

    Page 77

    Page 77 Whilethetestsarerunning,thepagerefreshesperiodically.Youcanstopthetestsormanually refreshthepageatanytime. Viewingdirectorytestresults TheDirectoryTestResultssectionshowsthedirectoryteststatuswiththedateandtimeofthelast update. •OverallStatus—Summarizestheresultsofthetests. NotRun—Notestswererun.◦ ◦Inconclusive—Noresultswerereported. ◦Passed—Nofailureswerereported. ◦ProblemDetected—Aproblemwasreported. ◦Failed—Aspecificsubtestfailed.Checktheonscreenlogtoidentifytheproblem.... 
    Whilethetestsarerunning,thepagerefreshesperiodically.Youcanstopthetestsormanually
refreshthepageatanytime.
Viewingdirectorytestresults
TheDirectoryTestResultssectionshowsthedirectoryteststatuswiththedateandtimeofthelast
update.
•OverallStatus—Summarizestheresultsofthetests.
NotRun—Notestswererun.◦
◦Inconclusive—Noresultswerereported.
◦Passed—Nofailureswerereported.
◦ProblemDetected—Aproblemwasreported.
◦Failed—Aspecificsubtestfailed.Checktheonscreenlogtoidentifytheproblem....

    Page 78

    Page 78 AbouttheiLOdirectorytests Descriptionsofthedirectorytestsfollow: •DirectoryServerDNSName—IfthedirectoryserverisdefinedinFQDNformat (directory.company.com),iLOresolvesthenamefromFQDNformattoIPformat,and queriestheconfiguredDNSserver. Ifthetestissuccessful,iLOobtainedanIPaddressfortheconfigureddirectoryserver.IfiLO cannotobtainanIPaddressforthedirectoryserver,thistestandallsubsequenttestsfail. IfthedirectoryserverisconfiguredwithanIPaddress,iLOskipsthistest. Ifafailureoccurs:... 
    AbouttheiLOdirectorytests
Descriptionsofthedirectorytestsfollow:
•DirectoryServerDNSName—IfthedirectoryserverisdefinedinFQDNformat
(directory.company.com),iLOresolvesthenamefromFQDNformattoIPformat,and
queriestheconfiguredDNSserver.
Ifthetestissuccessful,iLOobtainedanIPaddressfortheconfigureddirectoryserver.IfiLO
cannotobtainanIPaddressforthedirectoryserver,thistestandallsubsequenttestsfail.
IfthedirectoryserverisconfiguredwithanIPaddress,iLOskipsthistest.
Ifafailureoccurs:...

    Page 79

    Page 79 3.Ifyouverifiedthattheusernameiscorrect,tryusingotheruser-nameformats;forexample, user@domain.com,DOMAIN\username,username(calledDisplayNameinActive Directory),oruserlogin. 4.Verifythatthespecifieduserisallowedtologinandisenabled. •DirectoryAdministratorLogin—IfDirectoryAdministratorDistinguishedNameandDirectory AdministratorPasswordwerespecified,iLOusesthesevaluestologintothedirectoryserver asanadministrator.Theseboxesareoptional.... 
    3.Ifyouverifiedthattheusernameiscorrect,tryusingotheruser-nameformats;forexample,
[email protected],DOMAIN\username,username(calledDisplayNameinActive
Directory),oruserlogin.
4.Verifythatthespecifieduserisallowedtologinandisenabled.
•DirectoryAdministratorLogin—IfDirectoryAdministratorDistinguishedNameandDirectory
AdministratorPasswordwerespecified,iLOusesthesevaluestologintothedirectoryserver
asanadministrator.Theseboxesareoptional....

    Page 80

    Page 80 Usingencryption iLOprovidesenhancedsecurityforremotemanagementindistributedITenvironments.SSL encryptionprotectswebbrowserdata.SSLencryptionofHTTPdataensuresthatthedataissecure asitistransmittedacrossthenetwork.iLOsupportsthefollowingcipherstrengths: •256-bitAESwithRSA,DHE,andaSHA1MAC •256-bitAESwithRSA,andaSHA1MAC •128-bitAESwithRSA,DHE,andaSHA1MAC •128-bitAESwithRSA,andaSHA1MAC •168-bit3DESwithRSA,andaSHA1MAC •168-bit3DESwithRSA,DHE,andaSHA1MAC... 
    Usingencryption
iLOprovidesenhancedsecurityforremotemanagementindistributedITenvironments.SSL
encryptionprotectswebbrowserdata.SSLencryptionofHTTPdataensuresthatthedataissecure
asitistransmittedacrossthenetwork.iLOsupportsthefollowingcipherstrengths:
•256-bitAESwithRSA,DHE,andaSHA1MAC
•256-bitAESwithRSA,andaSHA1MAC
•128-bitAESwithRSA,DHE,andaSHA1MAC
•128-bitAESwithRSA,andaSHA1MAC
•168-bit3DESwithRSA,andaSHA1MAC
•168-bit3DESwithRSA,DHE,andaSHA1MAC...
    Start reading HP Ilo 4 User Guide

    Related Manuals for HP Ilo 4 User Guide

    All HP manuals