Home > HP > Server > HP Ilo 4 User Guide

HP Ilo 4 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual HP Ilo 4 User Guide. The HP manuals for Server are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 81

    Page 81 TheEncryptionSettingspagedisplaysthecurrentencryptionsettingsforiLO. •CurrentNegotiatedCipher—Thecipherinuseforthecurrentbrowsersession.Afteryoulog intoiLOthroughthebrowser,thebrowserandiLOnegotiateaciphersettingtouseduring thesession. •EncryptionEnforcementSettings—ThecurrentencryptionsettingsforiLO: FIPSMode—IndicateswhetherFIPSModeisenabledordisabledforthisiLOsystem.◦ ◦EnforceAES/3DESEncryption—IndicateswhetherAES/3DESencryptionisenforcedfor thisiLO.... 
    TheEncryptionSettingspagedisplaysthecurrentencryptionsettingsforiLO.
•CurrentNegotiatedCipher—Thecipherinuseforthecurrentbrowsersession.Afteryoulog
intoiLOthroughthebrowser,thebrowserandiLOnegotiateaciphersettingtouseduring
thesession.
•EncryptionEnforcementSettings—ThecurrentencryptionsettingsforiLO:
FIPSMode—IndicateswhetherFIPSModeisenabledordisabledforthisiLOsystem.◦
◦EnforceAES/3DESEncryption—IndicateswhetherAES/3DESencryptionisenforcedfor
thisiLO....

    Page 82

    Page 82 ConnectingtoiLObyusingAESor3DESencryption AfteryouenabletheEnforceAES/3DESEncryptionsetting,iLOrequiresthatyouconnectthrough securechannels(webbrowser,SSHconnection,orXMLchannel)byusingacipherstrengthofat leastAESor3DES. •Webbrowser—YoumustconfigurethebrowserwithacipherstrengthofatleastAESor3DES. IfthebrowserisnotusingAESor3DESciphers,iLOdisplaysanerrormessage.Theerrortext variesdependingontheinstalledbrowser. Differentbrowsersusedifferentmethodsforselectinganegotiatedcipher.Formoreinformation,... 
    ConnectingtoiLObyusingAESor3DESencryption
AfteryouenabletheEnforceAES/3DESEncryptionsetting,iLOrequiresthatyouconnectthrough
securechannels(webbrowser,SSHconnection,orXMLchannel)byusingacipherstrengthofat
leastAESor3DES.
•Webbrowser—YoumustconfigurethebrowserwithacipherstrengthofatleastAESor3DES.
IfthebrowserisnotusingAESor3DESciphers,iLOdisplaysanerrormessage.Theerrortext
variesdependingontheinstalledbrowser.
Differentbrowsersusedifferentmethodsforselectinganegotiatedcipher.Formoreinformation,...

    Page 83

    Page 83 DisablingFIPSMode IfyouwanttodisableFIPSModeforiLO(forexample,ifaserverisdecommissioned),youmust setiLOtothefactorydefaultsettings.YoucanperformthistaskbyusingRIBCLscripts,iLORBSU, ortheiLO4ConfigurationUtility. Forinstructions,see“ResettingiLOtothefactorydefaultsettingsbyusingiLORBSU”(page311), “ResettingiLOtothefactorydefaultsettingsbyusingtheiLO4ConfigurationUtility”(page312), ortheHPiLO4ScriptingandCommandLineGuide.... 
    DisablingFIPSMode
IfyouwanttodisableFIPSModeforiLO(forexample,ifaserverisdecommissioned),youmust
setiLOtothefactorydefaultsettings.YoucanperformthistaskbyusingRIBCLscripts,iLORBSU,
ortheiLO4ConfigurationUtility.
Forinstructions,see“ResettingiLOtothefactorydefaultsettingsbyusingiLORBSU”(page311),
“ResettingiLOtothefactorydefaultsettingsbyusingtheiLO4ConfigurationUtility”(page312),
ortheHPiLO4ScriptingandCommandLineGuide....

    Page 84

    Page 84 ConfiguringiLOforHPSSO 1.NavigatetotheAdministration→Security→HPSSOpage. 2.MakesureyouhaveaniLOlicensekeyinstalled. 3.EnableSingleSign-OnTrustModebyselectingTrustbyCertificate,TrustbyName,orTrust All. TheiLOfirmwaresupportsconfigurabletrustmodes,whichenablesyoutomeetyoursecurity requirements.ThetrustmodeaffectshowiLOrespondstoHPSSOrequests.Ifyouenable supportforHPSSO,HPrecommendsusingtheTrustbyCertificatemode.Theavailablemodes follow: •TrustNone(SSOdisabled)(default)—RejectsallSSOconnectionrequests... 
    ConfiguringiLOforHPSSO
1.NavigatetotheAdministration→Security→HPSSOpage.
2.MakesureyouhaveaniLOlicensekeyinstalled.
3.EnableSingleSign-OnTrustModebyselectingTrustbyCertificate,TrustbyName,orTrust
All.
TheiLOfirmwaresupportsconfigurabletrustmodes,whichenablesyoutomeetyoursecurity
requirements.ThetrustmodeaffectshowiLOrespondstoHPSSOrequests.Ifyouenable
supportforHPSSO,HPrecommendsusingtheTrustbyCertificatemode.Theavailablemodes
follow:
•TrustNone(SSOdisabled)(default)—RejectsallSSOconnectionrequests...

    Page 85

    Page 85 4.ConfigureiLOprivilegesforeachroleintheSingleSign-OnSettingssection. WhenyoulogintoanHPSSO-compliantapplication,youareauthorizedbasedonyourHP SSO-compliantapplicationroleassignment.TheroleassignmentispassedtoiLOwhenSSO isattempted.Formoreinformationabouteachprivilege,see“ManagingiLOusersbyusing theiLOwebinterface”(page46). SSOattemptstoreceiveonlytheprivilegesassignedinthissection.iLOdirectorysettingsdo notapply.Defaultprivilegeassignmentsareasfollows: •User—Loginonly... 
    4.ConfigureiLOprivilegesforeachroleintheSingleSign-OnSettingssection.
WhenyoulogintoanHPSSO-compliantapplication,youareauthorizedbasedonyourHP
SSO-compliantapplicationroleassignment.TheroleassignmentispassedtoiLOwhenSSO
isattempted.Formoreinformationabouteachprivilege,see“ManagingiLOusersbyusing
theiLOwebinterface”(page46).
SSOattemptstoreceiveonlytheprivilegesassignedinthissection.iLOdirectorysettingsdo
notapply.Defaultprivilegeassignmentsareasfollows:
•User—Loginonly...

    Page 86

    Page 86 Viewingtrustedcertificates TheManageTrustedCertificatestableontheSingleSign-OnSettingspagedisplaysthestatusof thetrustedcertificatesconfiguredtouseSSOwiththecurrentiLOmanagementprocessor. •Status—Thestatusofthecertificate(ifanyareinstalled).Thepossiblestatusvaluesfollow: —Therecordisvalid.◦ ◦—ThereisaproblemwiththetrustsettingsortheiLOlicense.Possiblereasonsfollow: ThisrecordcontainsaDNSname,andthetrustmodeissettoTrustbyCertificate (onlycertificatesarevalid). – –TrustNone(SSOdisabled)isselected.... 
    Viewingtrustedcertificates
TheManageTrustedCertificatestableontheSingleSign-OnSettingspagedisplaysthestatusof
thetrustedcertificatesconfiguredtouseSSOwiththecurrentiLOmanagementprocessor.
•Status—Thestatusofthecertificate(ifanyareinstalled).Thepossiblestatusvaluesfollow:
—Therecordisvalid.◦
◦—ThereisaproblemwiththetrustsettingsortheiLOlicense.Possiblereasonsfollow:
ThisrecordcontainsaDNSname,andthetrustmodeissettoTrustbyCertificate
(onlycertificatesarevalid).
–
–TrustNone(SSOdisabled)isselected....

    Page 87

    Page 87 NOTE:iLO41.20orlatermightberequiredtoinstallthelargercertificatesusedwithrecent versionsofHPSIM. NOTE:HPSIM7.3.2orlatersupports2048-bitcertificates. •Enteroneofthefollowinglinksinawebbrowser: ForHPSIMversionsearlierthan7.0: http://:280/GetCertificate ◦ https://:50000/GetCertificate ◦ForHPSIM7.0orlater: http://:280/GetCertificate?certtype=sso https://:50000/GetCertificate?certtype=sso NOTE:Allrequestparametersarecase-sensitive.Ifyoucapitalizethelowercase... 
    NOTE:iLO41.20orlatermightberequiredtoinstallthelargercertificatesusedwithrecent
versionsofHPSIM.
NOTE:HPSIM7.3.2orlatersupports2048-bitcertificates.
•Enteroneofthefollowinglinksinawebbrowser:
ForHPSIMversionsearlierthan7.0:
http://:280/GetCertificate
◦
https://:50000/GetCertificate
◦ForHPSIM7.0orlater:
http://:280/GetCertificate?certtype=sso
https://:50000/GetCertificate?certtype=sso
NOTE:Allrequestparametersarecase-sensitive.Ifyoucapitalizethelowercase...

    Page 88

    Page 88 ConfiguringRemoteConsoleComputerLocksettings RemoteConsoleComputerLockenhancesthesecurityofaniLO-managedserverbyautomatically lockinganoperatingsystemorloggingoutauserwhenaRemoteConsolesessionendsorthe networklinktoiLOislost.Thisfeatureisstandardanddoesnotrequireanadditionallicense.As aresult,ifyouopena.NETIRCorJavaIRCwindowandthisfeatureisalreadyconfigured,the operatingsystemwillbelockedwhenyouclosethewindow,evenifaniLOlicenseisnotinstalled. TheRemoteConsoleComputerLockfeatureissettoDisabledbydefault.... 
    ConfiguringRemoteConsoleComputerLocksettings
RemoteConsoleComputerLockenhancesthesecurityofaniLO-managedserverbyautomatically
lockinganoperatingsystemorloggingoutauserwhenaRemoteConsolesessionendsorthe
networklinktoiLOislost.Thisfeatureisstandardanddoesnotrequireanadditionallicense.As
aresult,ifyouopena.NETIRCorJavaIRCwindowandthisfeatureisalreadyconfigured,the
operatingsystemwillbelockedwhenyouclosethewindow,evenifaniLOlicenseisnotinstalled.
TheRemoteConsoleComputerLockfeatureissettoDisabledbydefault....

    Page 89

    Page 89 Table1RemoteConsoleComputerLockkeys(continued) s\F11END t]F12PG_UP u'""(space)PG_DN va'ENTER wb,TAB xc-BREAK yd.BACKSPACE ze/NUMPLUS f0NUMMINUS 3.ClickApplytosavethechanges. ConfiguringtheIntegratedRemoteConsoleTrustsetting(.NETIRC) The.NETIRCislaunchedthroughMicrosoftClickOnce,whichispartoftheMicrosoft.NET Framework.ClickOncerequiresthatanyapplicationinstalledfromanSSLconnectionbefroma trustedsource.IfabrowserisnotconfiguredtotrustaniLOprocessor,andtheIntegratedRemote... 
    Table1RemoteConsoleComputerLockkeys(continued)
s\F11END
t]F12PG_UP
u'""(space)PG_DN
va'ENTER
wb,TAB
xc-BREAK
yd.BACKSPACE
ze/NUMPLUS
f0NUMMINUS
3.ClickApplytosavethechanges.
ConfiguringtheIntegratedRemoteConsoleTrustsetting(.NETIRC)
The.NETIRCislaunchedthroughMicrosoftClickOnce,whichispartoftheMicrosoft.NET
Framework.ClickOncerequiresthatanyapplicationinstalledfromanSSLconnectionbefroma
trustedsource.IfabrowserisnotconfiguredtotrustaniLOprocessor,andtheIntegratedRemote...

    Page 90

    Page 90 1.NavigatetotheAdministration→Security→LoginSecurityBannerpage. 2.SelecttheEnableLoginSecurityBannercheckbox. iLOusesthefollowingdefaulttextfortheLoginSecurityBanner: This is a private system. It is to be used solely by authorized users and may be monitored for all lawful purposes. By accessing this system, you are consenting to such monitoring. 3.Optional:Tocustomizethesecuritymessage,enteracustommessageintheSecurityMessage textbox.... 
    1.NavigatetotheAdministration→Security→LoginSecurityBannerpage.
2.SelecttheEnableLoginSecurityBannercheckbox.
iLOusesthefollowingdefaulttextfortheLoginSecurityBanner:
This is a private system. It is to be used solely by authorized
users and may be monitored for all lawful purposes. By accessing
this system, you are consenting to such monitoring.
3.Optional:Tocustomizethesecuritymessage,enteracustommessageintheSecurityMessage
textbox....
    Start reading HP Ilo 4 User Guide

    Related Manuals for HP Ilo 4 User Guide

    All HP manuals