HP BladeSystem Onboard Administrator Command Line Interface User Guide Abstract This guide details using the command-line interface for configuration, operation, and management of the HP BladeSystem Onboard Administrator 4.20 (or later) and the enclosure Insight Display.
© Copyright 2006, 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Confidential computer software.
Contents Introduction ................................................................................................................................ 11 What's new ............................................................................................................................................ 11 Accessing the command line interface ........................................................................................... 13 Remote access to the Onboard Administrator ...........................
SHOW USER .......................................................................................................................................... 31 SLEEP .................................................................................................................................................... 32 UNASSIGN ............................................................................................................................................ 32 UNASSIGN OA .....................................
GENERATE KEY ...................................................................................................................................... 53 PING ..................................................................................................................................................... 54 SET DEVICE SERIAL_NUMBER BLADE ........................................................................................................ 54 SET FACTORY ....................................................
DISABLE TELNET ..................................................................................................................................... 85 DISABLE TRUSTED HOST .......................................................................................................................... 85 DISABLE XMLREPLY .................................................................................................................................. 86 DOWNLOAD CONFIG ..............................................
SHOW SSHFINGERPRINT ...................................................................................................................... 109 SHOW SSHKEY .................................................................................................................................... 109 SHOW VCMODE ................................................................................................................................. 109 TEST ALERTMAIL ...........................................................
SHOW SYSLOG OA ............................................................................................................................. 135 SHOW SYSLOG HISTORY ..................................................................................................................... 136 UPDATE ............................................................................................................................................... 137 UPDATE ILO ...........................................................
ASSIGN INTERCONNECT ..................................................................................................................... 168 CLEAR INTERCONNECT SESSION ......................................................................................................... 168 CONNECT INTERCONNECT ................................................................................................................. 168 POWEROFF INTERCONNECT ........................................................................
SET VLAN IPCONFIG STATIC ................................................................................................................. 191 SET VLAN OA ...................................................................................................................................... 192 SET VLAN REVERT ................................................................................................................................. 192 SET VLAN SERVER.....................................................
Introduction What's new The following changes have been made to this guide, published with the release of Onboard Administrator firmware version 4.20: • The ADD CA CERTIFICATE command restrictions were updated. • The ADD LANGUAGE command description was updated. • The ADD HPSIM CERTIFICATE command restrictions were updated. • The ADD LDAP CERTIFICATE command restrictions were updated. • The ADD OA ADDRESS IPV6 command restrictions were updated.
• The SET EBIPAV6 SERVER command line and restrictions were updated. • The SET FACTORY command description was updated. • The SET FIPS MODE command restrictions were updated. • The SET FIRMWARE MANAGEMENT command restrictions were updated. • The SET INTERCONNECT ADMIN_PASSWORD FACTORY command was added. • The SET INTERCONNECT FACTORY command was added. • The SET OA GATEWAY command line, description, and restrictions were updated.
Accessing the command line interface Remote access to the Onboard Administrator The Onboard Administrator CLI can be accessed remotely through any Telnet or SSH session. Telnet session 1. Open a command-line window from a network-connected client. 2. At the prompt, telnet to the IP address of the Onboard Administrator and press Enter. For example, telnet 192.168.100.130, where the IP address is the address of your Onboard Administrator. 3. Enter a valid user name and press Enter. 4.
Pin Name Signal direction 4 DTR -->> 5 GND 6 DSR <<-- Data set ready 7 RTS -->> Request to send 8 CTS <<-- Clear to send 9 RI <<-- Ring indicator 2. Description Data terminal ready System ground Use any standard communication software to launch a terminal emulation session with the following parameters: Parameter Value Transmission rate 9600 bps Data bits 8 Parity None Stop bits 1 Protocol None 3. When prompted, enter a valid user name, and then press Enter. 4.
Command line Command line overview The CLI can be used as an alternative method for managing the Onboard Administrator. Using the CLI can be useful in the following scenarios: • HP Management Applications (for example: Systems Insight Manager, Insight Control tools, and so on) can query the Onboard Administrator for information these tools need to present a complete management view of HP BladeSystem enclosures and the devices contained within.
• TEST Because these words indicate specific functions within the Onboard Administrator firmware, they are only allowed where explicitly defined in the help documentation for a command. Attempts to use reserved words in a command where not allowed results in an Invalid Arguments error. A local user account cannot be created by using these reserved words. HP Integrity server blade restrictions HP Integrity server blades do not support all commands.
Account classification Capabilities • Account name / Privilege level Bays selected for this account password recovery option Can download, add, and clear SSHKey. This key only works with the Administrator account. OA administrator • • username / administrator OA bays (all bays All commands automatically selected) Allows access to all aspects of the HP BladeSystem Enclosure and Onboard Administrator including configuration, firmware updates, user management, and resetting default settings.
Account classification Capabilities • • user • • • • Account name / Privilege level Bays selected for this account information of enclosure Can view CLI history bays selected, but the capabilities for the other bays are defined in user Can view status and username / user information of selected bays Can view CLI history Can set password for own account Can set user contact information for own account Can show CLI commands No OA bays and some device bays and interconnect bays *EBIPA and VLAN featu
iLO privileges administrator operator Administer user accounts X Remote console access X X Virtual power and reset X X Virtual media X X Configure iLO settings X Login to iLO X X user X Command line 19
General commands CLEAR SCREEN • • Command: CLEAR SCREEN Description: Clears the terminal screen • Access level: Administrator, Operator, User EXIT • • Command: EXIT Description: Exits the command line interpreter • Access level: Administrator, Operator, User HELP • • Command: HELP Description: If you supply a command, the usage and help text for the command appears. If no argument is given, all base commands appear.
• LOGOUT Description: Exits the command line interpreter • Access level: Administrator, Operator, User QUIT • • Command: QUIT Description: Exits the command line interpreter • Access level: Administrator, Operator, User General commands 21
Rack commands SET RACK NAME • • Command: SET RACK NAME Description: Sets the rack name • Access level/Bay level: OA administrator, OA operator • Restrictions: The must be a maximum of 32 characters long and includes all alphanumeric, the dash, and the underscore characters. UnnamedRack is the default rack name.
SHOW RACK NAME • • Command: SHOW RACK NAME Description: Displays the user defined rack name setting for the enclosure • Access level/Bay level: All • Restrictions: None • Example: OA-0018FE27577F> SHOW RACK NAME Rack Name: UnnamedRack SHOW TOPOLOGY • • • Command: SHOW TOPOLOGY [IPV6] Description: o Displays information about the enclosures connected by the enclosure link o Displays a table with the enclosure name, UUID, Enclosure Rack U Position, overall health of the enclosure, and the IP addr
USE813AMMP --data error-- OK No 172.16.1.60 09USE813AMMP OA-E4115BECFBAB> SHOW TOPOLOGY IPV6 Detecting linked enclosures ....
User account commands ADD USER • • Command: ADD USER "" [""] Description: Adds a user to the system. If you do not provide a password, you are prompted for one. If SCRIPT MODE is enabled and the password is not provided, the password is assigned an unmatched string. This unmatched string requires an enclosure administrator to change the password to allow the new user to access the system.
ASSIGN OA • • Command: ASSIGN OA {"" | LDAP GROUP ""} Description: Assigns the Onboard Administrators specified to an existing user or group • Access level/Bay level: OA administrator • Restrictions: The is case sensitive. DISABLE USER • • Command: DISABLE USER "" Description: Disables a user account. The system immediately logs out the user and prevents the user from logging in until the account is enabled.
• ENABLE STRONG PASSWORDS Description: When enabled, this command requires that a user's password contain at least one character from three of the four categories. The four categories include: • o Uppercase o Lowercase o Numeric o Nonalphanumeric Access level/Bay level: OA administrator • Restrictions: o Only Administrators with Onboard Administrator permission are allowed to manage strong passwords. o Strong passwords are enabled by default in FIPS Mode ON/DEBUG.
REMOVE USER • • Command: REMOVE USER {ALL | "" | CERTIFICATE ""} Description: Removes a user from the system and/or any certificate mapped to the user. If you specify ALL, then the command is run for all users except the default system accounts. • Access level/Bay level: OA administrator • Restrictions: o The is case sensitive. o You cannot remove the Administrator account.
o When in FIPS Mode OFF, the character set includes all printable characters. When in FIPS Mode ON/DEBUG, the password must contain at least one character from three of the four types of characters. The four types are upper-case, lower-case, numeric, and non-alphanumeric. SET SESSION TIMEOUT • • Command: SET SESSION TIMEOUT Description: Sets the number of minutes before inactive sessions are removed. The default setting is 1440.
o You must use double quotes if the contact information contains any spaces. SET USER FULLNAME • • Command: SET USER FULLNAME [""] "" Description: Sets a user's full name. If you do not specify a , then the command modifies the full name of the user who is currently logged in. • • Access level/Bay level: o OA administrator o All users can modify their own full name. Restrictions: o The is case sensitive.
• SHOW PASSWORD SETTINGS Description: Displays the current minimum password length and strong password settings • Access level/Bay level: All users • Restrictions: None • Example: OA-0018FE27577F>SHOW PASSWORD SETTINGS Strong Passwords: Disabled Minimum Password Length: 3 SHOW SESSION TIMEOUT • • Command: SHOW SESSION TIMEOUT Description: Displays the current Onboard Administrator user session timeout. The session timeout is the number of minutes before inactive sessions are removed.
o • Users who do not have OA administrator access levels can only view their user information. Example: OA-0018FE27577F> SHOW USER Local User "Administrator" Information: Full name: System Administrator Contact Info: User Rights: Admin Account Status: Enabled Server Bay Access List: 1 1A 1B 2 2A 2B 3 3A 3B 4 4A 4B 5 5A 5B 6 6A 6B 7 7A 7B 8 8A 8B Interconnect Bay Access List: 1 2 3 4 OA Access: Yes SLEEP • • Command: SLEEP Description: Pauses the sessions for a fixed period of time.
• UNASSIGN {SERVER | INTERCONNECT} { | ALL | -} {"" | LDAP GROUP ""} *OR* UNASSIGN OA {"" | LDAP GROUP ""} Description: Removes the Onboard Administrator from the control of the user that it is currently assigned • Access level/Bay level: OA administrator • Restrictions: The is case sensitive.
Two-Factor Authentication commands ADD CA CERTIFICATE • • Command: ADD CA CERTIFICATE <\n> <\n> Description: Adds a CA certificate on the command line. To add the certificate: a. Start with a string that does not appear within the certificate (the end marker). b. Insert a newline character by pressing Enter. c. Paste in the certificate. d. Insert a newline character by pressing Enter. e. Insert the end marker. f. Issue the command by pressing Enter.
• DISABLE TWOFACTOR Description: Disables Two-Factor Authentication • Access level/Bay level: OA administrator • Restrictions: None DOWNLOAD CA CERTIFICATE • • • Command: DOWNLOAD CA CERTIFICATE "" Description: o Downloads a CA certificate to act as the trusted certification authority to validate user certificates when using Two-Factor Authentication. o Specify a URL where this certificate can be found. o Supported protocols are HTTP, FTP, and TFTP.
When the Onboard Administrator is operating in FIPS Mode, the minimum RSA key length is 2048 bits, and the signature hash algorithm must be SHA1, SHA-224, SHA-256, SHA-384, or SHA-512. REMOVE CA CERTIFICATE • Command: REMOVE CA CERTIFICATE "" • Description: • Removes the trust certificate corresponding to the SHA1 . Any users having their certificates issued by this CA can no longer login if Two-Factor Authentication is enabled.
Failure to give a proper end marker before and after the certificate might cause the interface to wait for the appropriate end marker indefinitely. • Access level/Bay level: OA administrator • Restrictions: o This command is only available in script mode. o When the Onboard Administrator is operating in FIPS Mode, the minimum RSA key length is 2048 bits, and the signature hash algorithm must be SHA1, SHA-224, SHA-256, SHA-384, or SHA-512.
• Access level/Bay level: All • Restrictions: None • Example: OA-0018FE27577F> SHOW TWOFACTOR INFO Two Factor Authentication: Enabled : Disabled Certificate Revocation : Disabled Certificate Owner Field : Subject Two-Factor Authentication commands 38
Directory commands ADD LDAP CERTIFICATE • • Command: ADD LDAP CERTIFICATE <\n> <\n> Description: Adds an LDAP certificate on the command line. To add the certificate: a. Start with a string that does not appear within the certificate (the end marker). b. Insert a newline character by pressing Enter. c. Paste in the certificate. d. Insert a newline character by pressing Enter. e. Insert the end marker. f. Issue the command by pressing Enter.
ASSIGN for LDAP • • Command: ASSIGN {SERVER | INTERCONNECT} { | ALL | -} {"" | LDAP GROUP ""} *OR* ASSIGN OA {"" | LDAP GROUP ""} Description: Assigns the bay to a specified LDAP group, providing access to the bay at the access level of the group • Access level/Bay level: OA administrator • Restrictions: None ASSIGN OA LDAP GROUP • • Command: ASSIGN OA {"" | LDAP GROUP ""} Descript
DOWNLOAD LDAP CERTIFICATE • • • Command: DOWNLOAD LDAP CERTIFICATE "" Description: o Downloads an LDAP certificate to establish a trusted relationship with the LDAP server. o The specifies the location of the certificate to be downloaded. o Supported protocols are HTTP, FTP, and TFTP. o Format the URL as protocol://host/path/file. o The URL syntax for IPv4 addresses is protocol:///path/file. o The URL syntax for IPv6 addresses is protocol://[]/path/file.
o • This command revokes trust in the LDAP server associated with the certificate. Access level/Bay level: OA administrator • Restrictions: None REMOVE LDAP GROUP • • Command: REMOVE LDAP GROUP {ALL | ""} Description: Removes the LDAP group from the system. If you specify ALL, then all LDAP groups are removed from the system. • Access level/Bay level: OA administrator • Restrictions: Before you can enable the LDAP group, configuration must be complete.
o Must be 0 to 58 characters in length. o Valid characters are all alphanumeric, the underscore (_), the dash (-), and spaces. o If the group name or description field contains spaces or zero characters, use double quotes.
• SET LDAP SEARCH {1-6 } "
" Description: Sets up to six search contexts in priority order • Access level/Bay level: OA administrator • Restrictions: None SET LDAP SERVER • • • Command: SET LDAP SERVER { | | NONE } Description: o Sets the IP address or the DNS name of the LDAP server used for authentication. o To set the LDAP server field to blank, use keyword NONE.M1owKTEnMCUGA1UEAxMeY2NlZ2NhbTAxLmFtZXJpY2FzLmhwcWNvcnAubmV0MIGf MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNYsB8T6rJhJQXbKvM5JLi6EXNAtFL ayV11QVyrtjRtOjRGySwFCk9KNzRS7PIP/p9gH20Ic+ZvgX0fRPnnU/2imMeTGr2 raIYGRSFBJ4sCpAP87m/7Hzk0kiyZ+7KJq92Q61Pipkea................... -----END CERTIFICATE----- SHOW LDAP GROUP • • Command: SHOW LDAP GROUP {LIST | ""} Description: This command displays the LDAP group information. If you specify LIST, then a list of all the LDAP groups appears.
Search Context #4 Search Context #5 Search Context #6 : : : TEST LDAP • Command: TEST LDAP "" "" • Description: Run LDAP tests and optionally attempt to login to the LDAP server using the username and password.
HP SIM commands ADD HPSIM CERTIFICATE • • Command: ADD HPSIM CERTIFICATE <\n> <\n> Description: Adds an HP SIM certificate on the command line. To add the certificate: a. Start with a string that does not appear within the certificate (the end marker). b. Insert a newline character by pressing Enter. c. Paste in the certificate. d. Insert a newline character by pressing Enter. e. Insert the end marker. f. Issue the command by pressing Enter.
OA administrator • Restrictions: o Do not include the network prefix length with IPv6 addresses. o When the Onboard Administrator is operating in FIPS Mode, the minimum RSA key length is 2048 bits, and the signature hash algorithm must be SHA1, SHA-224, SHA-256, SHA-384, or SHA-512. o Onboard Administrator 4.11 and later contains HP SSO application support for determining the minimum SSO certificate requirements.
The data includes the current HP SIM SSO Trust Mode (see SET HPSIM TRUST MODE) and a list of names that the Onboard Administrator is configured to trust using a trust certificate. • Access level/Bay level: OA administrator • Restrictions: None • Example: OA-0018FE27577F> SHOW HPSIM INFO HPSIM Trust Mode: Disabled Trusted Server Certificates No certificates were found.
General management commands DISABLE URB • • Command: DISABLE URB Description: Disables URB reporting. • Access level/Bay level: OA Administrator, OA Operator • Restrictions: None • Example: OA-0018FE27577F> disable urb Utility Ready Blade (URB) reporting has been disabled. DOWNLOAD OA CERTIFICATE • • • Command: DOWNLOAD OA CERTIFICATE [ | ACTIVE | STANDBY] Description: o Downloads a CA supplied pkcs#7 file to replace the current security certificate on the system.
ENABLE URB • • Command: ENABLE URB { HTTP | SMTP | BOTH } Description: Enables URB reporting • Access level/Bay level: OA Administrator, OA Operator • Restrictions: The URB URL and interval must be set before enabling URB reporting. • Example: OA-0018FE275723> enable urb Utility Ready Blade (URB) reporting has been enabled. FORCE TAKEOVER • • Command: FORCE TAKEOVER Description: Forces the redundant Onboard Administrator to become the active Onboard Administrator.
— Email Address — Surname — Given Name — Alternative Name — Initials — DN Qualifier — Challenge Password — Unstructured Name o • The Alternative Name field is used to create the X509v3 Subject Alternative Name extension attribute. The field must be empty or contain a list of keyword:value pairs separated by commas. The valid keyword:value entries include IP: and DNS:. Access level/Bay level: OA administrator • Restrictions: This command is not valid in SCRIPT MODE.
Prompt Description Organizational Unit Contact Person Email Address Surname Given Name Alternative Name Initials DN Qualifier Challenge Password Unstructured Name where the Onboard Administrator is located. The unit within the company or organization that owns the Onboard Administrator. The person responsible for the Onboard Administrator. The email address of the contact person responsible for the Onboard Administrator. The surname of the person responsible for the Onboard Administrator.
OA administrator • Restrictions: o The SHA-224 hash algorithm may not work with some web browsers without the latest encryption libraries. o When the Onboard Administrator is operating in FIPS Mode, the minimum RSA key length is 2048 bits, and the signature hash algorithm must be SHA1, SHA-224, SHA-256, SHA-384, or SHA-512. PING • • • Command: PING [IPv6 [INTERNAL]] [] {ip address> | ""} Description: o Sends ICMP echo messages to a remote IP device.
SET FACTORY • • Command: SET FACTORY Description: o Restores the Onboard Administrator to its factory defaults. The Administrator account password does not change. o The Onboard Administrator restarts after all changes are made. o All existing settings are lost when this operation is run. IMPORTANT: Before resetting factory defaults, save your configuration. To upload a script containing your current configuration, use the UPLOAD CONFIG (on page 139) command.
SET URB PROXY URL { } sets the proxy URL to use when sending URB messages. • SET URB INTERVAL { HOURLY | DAILY | WEEKLY | MONTHLY } sets the interval at which URB messages are sent. Access level/Bay level: OA Administrator, OA Operator • Restrictions: SET URB URL { }: The URL must be either an HTTP or HTTPS URL and can be no longer than 128 characters. SET URB PROXY URL { }: The URL can be no longer than 128 characters.
>SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW ENCLOSURE POWER_SUMMARY ENCLOSURE STATUS ENCLOSURE TEMP FIPS MODE OA INFO OA NETWORK OA STATUS ALL OA UPTIME ALL OA CERTIFICATE SYSLOG OA 1 SYSLOG OA 2 SYSLO
>SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW >SHOW VLAN URB FIRMWARE SUMMARY FIRMWARE SUMMARY CSV FIRMWARE MANAGEMENT FIRMWARE MANAGEMENT LOG FIRMWARE LOG SERVER ALL SERVER FIRMWARE ALL REMOTE_SUPPORT REMOTE_SUPPORT CERTIFICATE REMOTE_SUPPORT EVENT DEVICE SERIAL_NUMBER BLADE ALL SOLUTIONSID LOGIN_BANNER LANGUAGES VARIABLE LIST SHOW DEVICE SERIAL_NUMBER BLADE • • Command: SHOW DEVICE SERIAL_NUMBER BLADE Description: Shows the specified direct attac
URB Proxy URL: URB Interval: Last Attempt: Daily at hour 0 None TEST URB • • Command: TEST URB Description: Manually sends the URB message to the endpoint. This command can be useful for testing the configuration or resending a message after a failure. If the test fails, executing the TEST URB command updates the last attempt status and log a syslog message.
Enclosure Bay IP Addressing commands ADD EBIPA • • Command: ADD EBIPA {SERVER | INTERCONNECT} DNS [{ , | - } ] Description: Adds a DNS server IP address to the list of DNS servers for either SERVER bays or INTERCONNECT bays • Access Level/Bay level: Administrator, Operator • Restrictions: o A maximum of three DNS servers can be added for EBIPA. o The must be in the form ###.###.###.###, where each ### ranges from 0 to 255.
• Description: Disables the ability of the Onboard Administrator to give devices in the bays IPv6 addresses using DHCPv6. If no bay numbers are specified, then EBIPA IPv6 is disabled for all bays. Devices in bays receive IP addresses from an external server. This causes a reset of the iLO, which causes it to attempt to get an IPv6 address from an external DHCPv6 server. The interconnect is power-cycled.
• Access level/Bay level: OA administrator, OA operator • Restrictions: Before using this command, you must set up the EBIPA IPv6 settings. This includes setting the initial IP address.
• Access level/Bay level: OA administrator, OA operator • Restrictions: If SCRIPT MODE is ON when EBIPA is configured (either by running EBIPA commands manually using the CLI or downloading a configuration script using the DOWNLOAD CONFIG (on page 86) command), you must include the SAVE EBIPA command to ensure all EBIPA settings are saved. SAVE EBIPAV6 • • Command: SAVE EBIPAV6 Description: Saves EBIPA IPv6 settings for device or interconnect bays.
OA administrator, OA operator • Restrictions: o The and must be in the form ###.###.###.###, where each ### ranges from 0 to 255. o Do not use the 169.254.x.x range when configuring EBIPA-assigned addresses, as this network address range is reserved for use by the Onboard Administrator. o The is a string containing letters (a–z, A–Z), digits (0–9), or a dash (-).
o The and must be in the form ###.###.###.###, where each ### ranges from 0 to 255. o Do not use the 169.254.x.x range when configuring EBIPA-assigned addresses, as this network address range is reserved for use by the Onboard Administrator. o The is a string containing letters (a–z, A–Z), digits (0–9), or a dash (-). The OA accepts domain name character strings subject to the following constraints: — The string must be between 1 and 255 characters in length.
o The /prefix length ranges from 0 to 128. The prefix length is mandatory except when specifying the gateway address. o Do not use the fe80::/10 prefix when configuring EBIPA-assigned addresses, as this network prefix is reserved for link local SLAAC addresses. o For the gateway, do not specify a prefix. The gateway is assumed reachable from within the network. Regardless of the type of IPv6 address specified, the interconnect GUI always displays the Link-Local IPv6 address of the gateway.
• SET EBIPAV6 SERVER NONE 3 Access level/Bay level: OA administrator, OA operator • Restrictions: o The must be in the form ####:####:####:####:####:####:####:####/###, where #### ranges from 0 to FFFF. A compressed version of the same IPv6 address is also supported. o The /prefix length ranges from 0 to 128. The prefix length is mandatory except when specifying the address of the gateway.
Successfully Successfully Successfully Successfully set set set set device device device device (iLO) (iLO) (iLO) (iLO) bay bay bay bay #5B #6B #7B #8B to to to to IPv6 IPv6 IPv6 IPv6 address address address address 4001::4bd0/64 4001::4bd1/64 4001::4bd2/64 4001::4bd3/64 For the IPv6 addresses to be assigned EBIPAv6 must be enabled.
3A Yes test.com 172.16.211.121 3B Yes test.com 172.16.211.129 4 Yes test.com 172.16.211.114 4A Yes test.com 172.16.211.122 4B Yes test.com 172.16.211.130 5 Yes test.com 172.16.211.115 5A Yes test.com 172.16.211.123 5B Yes test.com 172.16.211.131 6 Yes test.com 172.16.211.116 6A Yes test.com 172.16.211.124 6B Yes test.com 172.16.211.132 7 Yes test.com 172.16.211.117 7A Yes test.com 172.16.211.125 7B Yes test.com 172.16.211.133 255.255.0.0 255.255.0.0 255.255.0.0 172.16.0.
8 Yes test.com 172.16.211.118 8A Yes test.com 172.16.211.126 8B Yes test.com 172.16.211.134 255.255.0.0 255.255.0.0 255.255.0.0 172.16.0.1 172.16.0.1 172.16.0.1 172.16.0.2 172.16.0.3 172.16.0.1 172.16.0.1 172.16.0.2 172.16.0.3 172.16.0.1 172.16.0.2 172.16.0.3 EBIPA Device Interconnect Settings Bay Enabled EBIPA/Current Netmask Gateway DNS NTP Domain --- ------- --------------- --------------- --------------- ----------------------------- -----1 Yes 172.16.211.183 255.255.0.0 172.16.0.1 172.
Bay: 1B Enabled: No EBIPA: (Not Set) Current: (Not Set) Gateway: (Not Set) DNS 1: (Not Set) DNS 2: (Not Set) DNS 3: (Not Set) Domain: (Not Set) -----------------------------------------------------------------------Bay: 2 Enabled: Yes EBIPA: 1000::500:10:2/64 Current: (Not Set) Gateway: (Not Set) DNS 1: 1000::1 DNS 2: 1000::5 DNS 3: (Not Set) Domain: bladeslab.
DNS 2: (Not Set) DNS 3: (Not Set) Domain: (Not Set) -----------------------------------------------------------------------Bay: 4 Enabled: Yes EBIPA: 1000::500:10:4/64 Current: (Not Set) Gateway: (Not Set) DNS 1: 1000::1 DNS 2: 1000::5 DNS 3: (Not Set) Domain: bladeslab.
EBIPA: 1000::500:10:6/64 Current: (Not Set) Gateway: (Not Set) DNS 1: 1000::1 DNS 2: 1000::5 DNS 3: (Not Set) Domain: bladeslab.
DNS 3: (Not Set) Domain: bladeslab.
Enclosure network configuration commands ADD OA ADDRESS IPV6 • • Command: ADD OA ADDRESS IPV6 [{}| ACTIVE | STANDBY] Description: Adds an IPv6 static address for the Onboard Administrator. If IPv6 is enabled, this setting takes effect immediately. If none of the optional arguments are specified (Onboard Administrator bay number, ACTIVE, or STANDBY), the command defaults to the active Onboard Administrator.
The must be in the form ###.###.###.###, where each ### ranges from 0 to 255. ADD OA DNS IPV6 • • Command: ADD OA DNS IPV6 [] Description: Adds an IPv6 address to the list of DNS servers. The network prefix length is optional.
OA administrator • Restrictions: o SSHKEY is only available for the Administrator local account. o SSHKEY works only in script mode. o SSHKEY string is limited to 4KB on Onboard Administrator versions prior to 2.30. o SSHKEY string is limited to 8KB on Onboard Administrator version 2.30 and later. o This command is only valid in script mode.
• o The value can be an IPv4 address, an IPv6 address, or a DNS name (maximum of 64 characters). o IPv6 addresses must be typed without the network prefix length. Command parameters Name Description User name An SNMPv3 user account used to send the trap/inform • • • Minimal level of security required for operation. By default, operation is required to be signed but not encrypted (authNoPriv).
Name Description Privacy passphrase Privacy passphrase used to encrypt operations. This entry must be at least eight characters in length. If not specified, the authorization passphrase is used. noAuthNoPriv|authN Only applies to local users. A minimal level of security is required for operation. By default, the operation is oPriv|authPriv required to be signed but not encrypted (authNoPriv).
CLEAR LOGIN_BANNER_TEXT • • Command: CLEAR LOGIN_BANNER_TEXT Description: Clears the currently configured login banner text. • Access level /Bay level: OA administrator • Restrictions: Clearing the login banner text disables the login banner option. CLEAR NTP • • Command: CLEAR NTP {PRIMARY | SECONDARY} Description: Disables access to the Primary or Secondary NTP server • Access level/Bay level: OA administrator, OA operator • Restrictions: Clearing the Primary NTP server disables NTP.
OA Administrator OA Bays • Restrictions: o All servers in the enclosure should be powered off before clearing the VCMODE. o The enclosure will no longer be managed by Virtual Connect, and servers will revert to default Ethernet MAC and Fibre Channel WWN assignments. Virtual Connect might disconnect the servers from Ethernet networks and Fibre Channel fabrics.
OA administrator, OA operator • Restrictions: None DISABLE ENCLOSURE_IP_MODE • • Command: DISABLE ENCLOSURE_IP_MODE Description: Disables Enclosure IP Mode. Active and Standby Onboard Administrators retain their current IP addresses. After disabling Enclosure IP Mode and a takeover occurs, there will no longer be a single IP address for the enclosure.
OA administrator, OA operator • Restrictions: None DISABLE IPV6 • • Command: DISABLE IPV6 Description: Disables IPv6 protocol for management interfaces of all devices in the enclosure. CAUTION: If you disable IPv6 in an IPv6-only environment, you will lose your connection to the Onboard Administrator GUI and any SSH sessions.
• Restrictions: None DISABLE NTP • • Command: DISABLE NTP Description: Disables the synchronizing of time and date with a remote server using the NTP protocol. Does not clear any NTP servers that have been configured. • Access level/Bay level: OA administrator, OA operator • Restrictions: None DISABLE SECURESH • • Command: DISABLE SECURESH Description: Disables SSH access to the Onboard Administrator.
None DISABLE SNMP • • Command: DISABLE SNMP Description: Disables SNMP support for the Onboard Administrator. Does not clear the SNMP trap receivers that have been configured. SNMP trap receivers can still be added and removed. If you disable SNMP, then Insight Manager Agents do not work properly. • Access level/Bay level: OA administrator, OA operator • Restrictions: This operation is not allowed in FIPS Mode ON/DEBUG.
DISABLE XMLREPLY • • Command: DISABLE XMLREPLY Description: Disables XML reply data return over the HTTP port • Access level/Bay level: OA administrator, OA operator • Restrictions: None DOWNLOAD CONFIG • • • Command: DOWNLOAD CONFIG Description: o Downloads a previously saved configuration script file from a specific IP host, and then executes it. o Supported protocols are HTTP, FTP, TFTP, and USB. o Format the as protocol://host/path/file.
o • If your FTP server does not support anonymous connections, you can specify a user name and password in the format ftp://username:password@host/path/file. Access level/Bay level: OA administrator • Restrictions: When the Onboard Administrator is operating in FIPS Mode, the minimum RSA key length is 2048 bits, and the signature hash algorithm must be SHA1, SHA-224, SHA-256, SHA-384, or SHA-512.
• ENABLE ENCLOSURE_ILO_FEDERATION_SUPPORT Description: Enables the Onboard Administrator support required to allow peer-to-peer network communication necessary for iLO Federation among suitably capable iLOs within the enclosure. IMPORTANT: Enable Enclosure iLO Federation Support only enables Onboard Administrator support to allow the peer-to-peer network communication necessary for iLO Federation among iLOs within the enclosure.
• Access level/Bay level: OA administrator, OA operator • Restrictions: o An IPv4 DNS server must be configured on the Onboard Administrator, and the devices to be accessed must be registered for reverse lookup with the DNS name server. o A DNS IP address must be configured on the Onboard Administrator (use the ADD OA DNS (on page 75) command).
• Access level /Bay level: OA administrator • Restrictions: None ENABLE IPV6 • • Command: ENABLE IPV6 Description: Enables IPv6 protocol for management interfaces of all devices in the enclosure.
ENABLE SLAAC • • Command: ENABLE SLAAC Description: Enables auto-configuration of IPv6 addresses from SLAAC messages for management interfaces of all devices in the enclosure. NOTE: For SLAAC addresses to be successfully configured, the ENABLE SLAAC setting must be enabled on the enclosure. In addition, an IPv6 router must be configured on the enclosure management network to provide the SLAAC addresses via Router Advertisements. iLOs may need to be configured separately to obtain SLAAC addresses.
ENABLE TRUSTED HOST • • Command: ENABLE TRUSTED HOST Description: Enables IP security for the Onboard Administrator • Access level/Bay level: OA administrator • Restrictions: None ENABLE XMLREPLY • • Command: ENABLE XMLREPLY Description: Enables XML reply data over an HTTP connection • Access Level/Bay Level: OA administrator, OA operator • Restrictions: None REMOVE OA ADDRESS IPV6 • • Command: REMOVE OA ADDRESS IPV6 {} Description: Removes the IPv6 stat
REMOVE OA DNS • • Command: REMOVE OA DNS [] Description: Removes the IP address of a DNS server from the list for the specified Onboard Administrator. The DNS servers are used only if the system is configured to use a static IP address. If no bay number is provided, the command default to the active Onboard Administrator. • Access level/Bay level: OA administrator, OA operator • Restrictions: The must be in the form ###.###.###.
• Access level/Bay level: OA administrator, OA operator • Restrictions: IPv6 addresses cannot specify the network prefix length. REMOVE SNMP TRAPRECEIVER V3 • • • Command: REMOVE SNMP TRAPRECEIVER V3 { []} Description: o Removes an existing trap receiver address from the SNMP configuration. o This command is an extension of the existing REMOVE SNMP TRAPRECEIVER command. If a user name is specified, all traps matching the host/user name combination are removed.
Removes an IPv4 or IPv6 address from the list of addresses being handled by the IP Security feature.
SET ALERTMAIL SENDERNAME • • Command: SET ALERTMAIL SENDERNAME "" Description: Sets the AlertMail sender's name. This name is attached to the email address in the from field in an alertmail message. • Access level/Bay level: OA administrator, OA operator • Restrictions: o o The value may contain alphanumeric, dash(-), underscore(_), and space characters. Maximum length is 40 characters.
o • If the change is to FIPS MODE ON or FIPS MODE DEBUG, strong passwords are enabled, minimum password length is set to eight characters, and a new Administrator account password is requested. Access level/Bay level: OA administrator • Restrictions: o When the Onboard Administrator is operating in FIPS Mode, certificates must have a minimum RSA key length of 2048 bits, and the signature hash algorithm must be SHA1, SHA-224, SHA-256, SHA-384, or SHA-512.
• SET LOGIN_BANNER_TEXT <\n> <\n> Description: Sets the login banner text to be displayed when the user attempts to log in to the Onboard Administrator. To enter the login banner text: a. Start with a string that does not appear within the certificate (the end marker). b. Insert a newline character by pressing Enter. c. Paste in the certificate. d. Insert a newline character by pressing Enter. e. Insert the end marker. f. Issue the command by pressing Enter.
• Description: Sets the primary server used for synchronizing time and date using the NTP. The value can be an IPv4 address, an IPv6 address, or a DNS name. • Access level/Bay level: OA administrator, OA operator • Restrictions: IPv6 addresses cannot specify the network prefix length. SET NTP SECONDARY • • Command: SET NTP SECONDARY Description: Sets the secondary server used for synchronizing time and date using the NTP.
SET OA NAME • • Command: SET OA NAME [ | ACTIVE | STANDBY] "" Description: Sets the Onboard Administrator name. If a bay number is not specified, the command defaults to the active Onboard Administrator. • Access level/Bay level: OA administrator, OA operator • Restrictions: The Onboard Administrator name is 1 to 32 characters long including all alphanumeric characters and the dash (-).
• SET SERIAL BAUD [ 9600 | 19200 | 38400 | 57600 | 115200] Description: Configures the baud rate settings for the OA serial console port. • Access level/Bay level: OA administrator (only allowed from Active OA) • Restrictions: None SET SNMP COMMUNITY • • Command: SET SNMP COMMUNITY {READ | WRITE} "" Description: Sets the community name for the read or write SNMP community.
• Example: OA> set snmp engineid testid SNMP engine id set to "0x8000000b04746573746964" SET SNMP CONTACT • • Command: SET SNMP CONTACT "" Description: Configures the name of the system contact. The default contact is blank. • Access level/Bay level: OA administrator, OA operator • Restrictions: o The must be no more than 20 characters long. o Any printable character is acceptable. If includes spaces or hash signs, include it within double quotes.
• o In ON mode, Onboard Administrator is in a FIPS 140-2-compliant mode, using only FIPS 140-2 approved algorithms such as AES and TLSv1.2. o In DEBUG mode, Onboard Administrator is in a similar state as ON but with option for HP debug support. Example: OA-E4115BECFBAB> show fips mode FIPS Mode is Off SHOW HEALTH • • Command: SHOW HEALTH Description: Displays current health of all components in the enclosure. If a component is degraded or failed, a cause and corrective action are provided.
3 gain insertion. 3b OK 4 Absent 5a OK 5b OK 6 Absent 7 Absent 8a OK 8b OK 9 Subsumed 10 OK 11a OK 11b OK 12a OK 12b OK 13 Absent 14 Absent 15 Absent 16 Absent info.
4 OK 5 OK 6 OK 7 OK 8 OK 9 OK 10 OK Onboard Administrator Health: Bay Status Problem Corrective Action --- -------------------- ----------------------------------------------------1 Absent 2 OK SHOW LOGIN_BANNER • • Command: SHOW LOGIN_BANNER Description: Displays the login banner settings including: • o Login banner display on user login enabled/disabled o Currently configured login banner text (if any) Access level /Bay level: OA administrator, OA operator, OA user • Restrictions: None • Examp
• o IPv4 information o IPv6 information o DHCP state o SLAAC o Dynamic DNS state o Static Default Gateway o Current Default Gateway o IP address subnet mask o Gateway address o Primary and secondary DNS addresses o MAC address o HTTP and HTTPS server status o SNMP status o SSH status o FIPS Mode o Trusted Host status o HPSIM trust mode status o Telnet status o AlertMail status o NTP status o Network link settings o Enclosure IP mode o GUI login status o Active
- - - - - IPv4 Information - - - - DHCP: Enabled - Dynamic DNS IPv4 Address: 16.84.194.23 Netmask: 255.255.252.0 Gateway Address: 16.84.192.
SHOW SNMP • • Command: SHOW SNMP Description: Displays the SNMP configuration, including: • o SNMP system name o Location o Contact o Read community name o Write community name o Engine ID o List of the trap destinations Access level/Bay level: All • Restrictions: None • Example: OA> SHOW SNMP SNMP Configuration: Status: Enabled System Name: USE818AMMS System Location: bottom rack1 System Contact: admin@localhost Read Community Name: public Write Community Name: private Engine ID: 0x800
• Example: OA> show snmp user list SNMPv3 User Local Access Security EngineID -------------------------------- ------ ------ -------- ----------Bob local none none 0x8000000b044866463948746b6773726b694c534756 OA> show snmp user bob User: bob Local: yes Access: read-only Authentication Protocol: MD5 Privacy Protocol: DES Minimum Security Level: auth EngineID: 0x8000000b0466697665 SHOW SSHFINGERPRINT • • Command: SHOW SSHFINGERPRINT Description: Displays the key fingerprint of the Onboard Administrator hos
• SHOW VCMODE Description: Displays Virtual Connect Mode settings • Access level/Bay level: All • Restrictions: None • Example: OA-0018FE27577F> SHOW VCMODE Virtual Connect Mode: Disabled TEST ALERTMAIL • • Command: TEST ALERTMAIL Description: Sends a test AlertMail message to the configured email address • Access level/Bay level: Administrator, operator Restrictions: You must have OA permission to perform this command.
Enclosure management commands ADD LANGUAGE • • • Command: ADD LANGUAGE Description: o Uploads and installs a language pack. o Supported protocols are HTTP, FTP, TFTP, and USB. o The URL should be formatted as protocol://host/path/file. o The URL syntax for IPv4 addresses is protocol:///path/file. o The URL syntax for IPv6 addresses is protocol://[]/path/file.
• • Description: Connects to the OA CLI on a linked enclosure. To get a list of linked enclosure names, use the SHOW TOPOLOGY command. Access level/Bay level: All • Restriction: None DISABLE DHCP_DOMAIN_NAME • • • Command: DISABLE DHCP_DOMAIN_NAME [ | ACTIVE | STANDBY] Description: o Disables the DHCP domain name, allowing the user to enter a domain name instead of the one supplied by DHCP. For more information, see the SET OA DOMAIN_NAME (on page 118) command.
• DISABLE LLF Description: Disables Link Loss Failover for Onboard Administrator Redundancy. • Access level/Bay level:: Operator, Administrator • Restrictions: You must have Onboard Administrator permission to perform this command. ENABLE DHCP_DOMAIN_NAME • • • Command: ENABLE DHCP_DOMAIN_NAME [ | ACTIVE | STANDBY] Description: o Enables the DHCP domain name. o This command requires that Dynamic DNS is enabled.
• Description: Enables Link Loss Failover for Onboard Administrator Redundancy. • Access level/Bay level: Operator, Administrator • Restrictions: You must have OA permission to perform this command REMOVE LANGUAGE • • Command: REMOVE LANGUAGE { | } Description: Removes the user specified language. is the language name. is a two-letter designation for a language (EN—English, JA—Japanese, ZH—Chinese).
o hh: Hour (24-hour time) o mm: Minute o CC: Century o YY: Year o TZ: Time zone If you leave the time zone variable blank, then the current time zone is left in effect. • Access level/Bay level: OA administrator, OA operator • Restrictions: Date and time can only be set if NTP is disabled. MM is an integer from 01 to 12. DD is an integer from 01 to 31. hh is an integer from 00 to 24. mm is an integer from 00 to 60. For valid time zones, see "Time Zone settings (on page 208)".
The must be 0 to 32 characters long and includes all alphanumeric, underscore (_), and dash (-) characters. SET ENCLOSURE NAME • • • Command: SET ENCLOSURE NAME "" Description: o Changes the enclosure name o The default enclosure name is the mid-plane serial number Access level/Bay level: OA administrator, OA operator • Restrictions: The must be 1 to 32 characters long and includes all alphanumeric, underscore (_), and dash (-) characters.
OA administrator • Restrictions: 1, 2, 3, 4, 5 SET ENCLOSURE SERIAL_NUMBER • • Command: SET ENCLOSURE SERIAL_NUMBER "" Description: Sets the enclosure serial number. • Access level/Bay level: OA administrator • Restrictions: o Must be 10 characters in length. Acceptable characters include alphanumeric, dash, and underscore. o Remote Support must be disabled. For more information, see the DISABLE REMOTE_SUPPORT (on page 197) command.
SET OA DOMAIN_NAME • • Command: SET OA DOMAIN_NAME [ | active | standby ] {“” | NONE} Description: o Sets the Onboard Administrator domain name for the active or standby OA. o The combination of Onboard Administrator host name and domain name must be 1-255 characters in length. o The name must not begin or end with a dash (-); it must consist only of letters, numbers, and dashes; and it cannot be entirely numeric. o To clear the current domain name, specify NONE.
The FRONT controller enables the internal DVD drive and the front USB connector. The BACK controller enables the two USB ports on the rear of the KVM Option Module. • This command has no effect on c3000 Onboard Administrator boards that are hardware revision level 'CO' and later as displayed with SHOW OA INFO. Access level/Bay level: OA Administrator • Restrictions: A small number of c3000 Onboard Administrator boards can use only one USB controller at a time.
• • Description: o Turns power savings mode on or off. Enabling power savings (specify ON) turns unneeded power supplies off. (In the Onboard Administrator GUI, you turn power savings mode on or off using the Enable Dynamic Power setting from the Power Management screen.) o The increased load on the remaining power supplies increases their efficiency, resulting in less power consumption. o The default is OFF.
#Generated on: Tue Apr 15 10:34:32 2008 #Set Enclosure Time SET TIMEZONE CST6CDT #SET DATE MMDDhhmm{{CC}YY} #Set Enclosure Information SET ENCLOSURE ASSET TAG "ENC-0000Short" SET ENCLOSURE NAME "Shorty" SET RACK NAME "UnnamedRack" SET POWER MODE NONE SET POWER SAVINGS ON #Power limit must be within the range of 950-8750 SET POWER LIMIT OFF #Set PowerDelay Information SET INTERCONNECT POWERDELAY 1 0 SET INTERCONNECT POWERDELAY 2 0 SET INTERCONNECT POWERDELAY 3 0 SET INTERCONNECT POWERDELAY 4 0 SET SERVER POW
• SHOW DISPLAY EVENTS Description: Displays whether event notification is on or off • Access level/Bay level: All • Restrictions: None • Example: OA-0018FE27577F> SHOW DISPLAY EVENTS Display Events is set to OFF.
• o Enclosure name o Enclosure type o Onboard Administrator hardware version o Enclosure Rack U Position o Enclosure part number o Serial number o Asset tag o Onboard Administrator MAC address Access level/Bay level: All • Restrictions: None • Example: OA-0018FE2F6941> show enclosure info Enclosure Information: Enclosure Name: USE818AMMP Enclosure Type: BladeSystem c7000 Enclosure Enclosure Rack U Position: 6 Part Number: 412152-B21 Serial Number: USE818AMMP UUID: 09USE818AMMP Asset Tag
Name : BladeSystem c3000 Insight Display Spare Part# : 441831-001 Manufacturer: HP Fw Version : 2.0 Diagnostic Status: Internal Data OK SHOW ENCLOSURE POWER_SUMMARY • Command: SHOW ENCLOSURE POWER_SUMMARY • Description: Displays a detailed summary of the enclosure's present power state. • Access level/Bay level: OA Administrator • Restrictions: Administrator account privileges are required.
------= 1314 Interconnect Bay Power Summary: Bay Name --- -------------------------------1 GbE2c Ethernet Blade Switch 2 Fan Power Summary: Total Fans Fan Rule (Number of Fans) (Number of Fans) ---------------- ---------------6 6 Power Allocated (Watts DC) -------------------------25 0 ------= 25 Present Power (Watts DC) -------------148 Power Allocated (Watts DC) --------------480 SHOW ENCLOSURE POWERSUPPLY • • Command: SHOW ENCLOSURE POWERSUPPLY {ALL | [{ , | - }
Spare Part Number: XXXXXX-001 Product Ver: Diagnostic Status: Internal Data OK Device Failure OK Power Cord OK SHOW ENCLOSURE STATUS • • Command: SHOW ENCLOSURE STATUS Description: Displays the basic health and status of the enclosure subsystem • Access level/Bay level: All • Restrictions: None • Example: OA-0018FE27577F> SHOW ENCLOSURE STATUS Enclosure: Status: OK Unit Identification LED: Off Diagnostic Status: Internal Data OK Onboard Administrator: Status: OK Power Subsystem: Status: OK Power Mod
• Access level/Bay level: All Bay specific • Restrictions: None • Example: OA-0018FE27577F> SHOW ENCLOSURE TEMP Locale Temp Status -------------------------- ----------Enclosure N/A Onboard Administrator 1 OK Blade Bay 7 N/A Blade Bay 8 N/A Blade Bay 2A N/A Blade Bay 2B N/A Interconnect Module 1 OK Temp -------26C/ 78F 26C/ 78F 20C/ 68F 25C/ 77F 25C/ 77F 27C/ 80F ---- Caution --------75C 38C 45C 40C 40C --- Critical ---------80C 43C 60C 45C 45C --- SHOW FRU • • • Command: SHOW FRU Description: o
Firmware Version: 2.
Model: Active Cool 200 Fan Part Number: 412140-B21 Spare Part Number: 413996-001 Fan 6 Model: Active Cool 200 Fan Part Number: 412140-B21 Spare Part Number: 413996-001 Power Supply 1 Model: 438203-001 Serial Number: 531300ALL00233 Spare Part Number: XXXXXX-001 Power Supply 2 Model: 438203-001 Serial Number: 531300ALL00014 Spare Part Number: XXXXXX-001 Power Supply 3 Model: 438203-001 Serial Number: 531300ALL00399 Spare Part Number: XXXXXX-001 Insight Display Model: BladeSystem c3000 Insight Display Manuf
SHOW OA • • Command: SHOW OA {CERTIFICATE | INFO | NETWORK | STATUS | UPTIME | USB} [ALL | [{ , | - } ] | ACTIVE | STANDBY]] Description: Displays the certificate information, network configuration, status, uptime, or USB mode of the Onboard Administrator. You can use the alias Active or Standby for the .
• SHOW OA INFO [ALL | [{ , | - } ] | ACTIVE | STANDBY]] Description: Displays information about the Onboard Administrator. If the Onboard Administrator is not specified, the command defaults to the Active Onboard Administrator. • Access level/Bay level: All • Restrictions: None • Example: OA-0018FE27577F> SHOW OA INFO Onboard Administrator #1 information: Product Name : BladeSystem c3000 Onboard Administrator Part Number : 123456-B21 Spare Part No.
DHCPv6: Disabled Stateless address autoconfiguration (SLAAC): Enabled Onboard Administrator #1 Network Information: Name: OA-E4115BECFBAB - - - - - IPv4 Information - - - - DHCP: Enabled - Dynamic DNS DHCP-Supplied Domain Name: Enabled Domain Name: americas.hpqcorp.net IPv4 Address: 16.84.194.23 Netmask: 255.255.252.0 Gateway Address: 16.84.192.
Name: OA-0018FE27577F Role: Active UID: Off Status: OK Diagnostic Status: Internal Data Firmware Mismatch OA Battery OK OK OK SHOW OA UPTIME • • Command: SHOW OA UPTIME [ALL | [{ , | - } ] | ACTIVE | STANDBY]] Description: Displays uptime for the Onboard Administrator. If you do not specify the Onboard Administrator, the command defaults to the Active Onboard Administrator.
Onboard Administrator USB setting = FRONT SHOW POWER • • Command: SHOW POWER Description: Displays the current power configuration • Access level/Bay level: All • Restrictions: None • Example: OA-0018FE27577F> SHOW POWER Power Mode: Not Redundant Dynamic Power: Enabled Set Power Limit: Not Set Power Capacity: Power Available: Power Allocated: Present Power: Power Limit: 3600 2685 915 476 4378 Watts Watts Watts Watts Watts DC DC DC AC AC SHOW SYSLOG • • Command: SHOW SYSLOG {SERVER
COUNT="1" DESCRIPTION="IML Cleared (iLO user:Administrator)" OA-0016355E560A> SHOW SYSLOG ENCLOSURE Apr 23 12:25:03 OA: Authentication failure for user larry from 18.84.33.55, requesting authenticate_user Apr 23 12:25:13 OA: Authentication failure for user larry from 18.84.33.55, requesting authenticate_user Apr 23 12:25:33 OA: Authentication failure for user larry from 18.84.33.55, requesting authenticate_user Apr 23 12:26:36 OA: Authentication failure for user larry from 18.84.33.
Apr 2 19:30:27 in.ftpd[31245]: Can't change directory to standby.xml: No such file or directory Apr 2 19:30:29 in.ftpd[31241]: Can't change directory to standby.xml: No such file or directory Apr 2 19:31:09 in.ftpd[31245]: Apr 2 19:33:55 in.ftpd[31245]: Apr 2 19:37:40 in.ftpd[31245]: Apr 2 19:40:07 in.
UPDATE • • Command: UPDATE {IMAGE | ILO | SHOW | DEVICE | FIRMWARE } Description: o The UPDATE SHOW (or SHOW UPDATE) command displays enclosure devices that are available for firmware upgrade. o The UPDATE DEVICE command executes the firmware upgrade process on one or more available enclosure devices. o The device must be restarted after the firmware update by UPDATE command.
ICBAY 2.10.3 ICBAY 2.10.3 ICBAY 2.10.3 BLD | 1.10 | HP 4Gb Fibre Channel Pass-thru Module for c-C | 6A | 2.4.3 | | HP 4Gb Fibre Channel Pass-thru Module for c-C | 7A | 2.4.3 | | HP 4Gb Fibre Channel Pass-thru Module for c-C | 8A | 2.4.3 | | BladeSystem Location Device | - |1.
• o Updates the Onboard Administrator firmware using an image on a firmware CD. Enclosure Firmware Management must be configured with a valid ISO URL. o Supported protocols are HTTP, FTP, and TFTP. o The URL must be formatted as: protocol://host/path/file. o The URL syntax for IPv4 addresses is protocol:///path/file. o The URL syntax for IPv6 addresses is protocol://[]/path/file.
UPLOAD SUPPORTDUMP • • • Command: UPLOAD SUPPORTDUMP {""} Description: o Uploads supportdump data to the specified URL. o Supported protocols are FTP, TFTP, and USB. o The URL must be formatted as: protocol://host/path/file. o The URL syntax for IPv4 addresses is protocol:///path/file. o The URL syntax for IPv6 addresses is protocol://[]/path/file.
Enclosure Firmware Management commands DISCOVER FIRMWARE SERVER • • Command: DISCOVER FIRMWARE SERVER { ALL | [{- | ,} ] } Description: Manual firmware discovery. The blade is reset, which simulates a removal and insertion of the blade.
• SET FIRMWARE MANAGEMENT { URL | POLICY | POWER | SCHEDULE | BAYS_TO_INCLUDE | FORCE DOWNGRADE } Description: Configures various enclosure firmware management settings • Access level/Bay level: OA administrator • Restrictions: None SET FIRMWARE MANAGEMENT URL • • • Command: SET FIRMWARE MANAGEMENT URL { DVD | | NONE } Description: Sets the location on the management network of the HP Firmware ISO image. Supported protocols are HTTP, USB, and DVD.
• Access level/Bay level: OA administrator • Restrictions: o OFF—The server must be powered off or the Onboard Administrator cancels the operation. This setting is the default. o POWEROFF—The Onboard Administrator attempts to softly shut down the server. This is equivalent to pressing the Momentary Press virtual button for the server. If server power remains on for more than five minutes, the Onboard Administrator cancels the operation.
o The bays_to_include feature only applies to ProLiant server blades. Integrity server blades do not support this feature. Partner blade support is provided through the associated server blade based on whether the firmware ISO supports the PCIe adapter card in the partner blade. SET FIRMWARE MANAGEMENT FORCE DOWNGRADE • • Command: SET FIRMWARE MANAGEMENT FORCE DOWNGRADE { ENABLE| DISABLE } Description: Sets the firmware update force downgrade policy.
• Example: OA-00215AB0EA21> show firmware management Enclosure Firmware Settings Enclosure: OA-984BE1601C55 Firmware Management: Enabled - Force Downgrade: Enabled - Firmware ISO URL: http://16.84.188.24/mycompany.com/FW.
You must have access to the specified bay number. • Example: iLO2 Power Management Controller Device Bay: Discovered: 1.81 Jan 15 2010 12 Mon 2010-09-13 17:18:28 Firmware Component Current Version Firmware ISO Version -------------------------------------- --------------------------------------System ROM A14 2009.12.09 A14 2009.12.09 ILO2 1.81 1.82 Power Management Controller ERROR HP NC532i Dual Port 10GbE Multifunction Boot code: 5.2.7 Boot code: 5.2.7 iSCSI: 3.1.5 iSCSI: 3.1.
System ROM iLO2 Power Management Controller I19 07/10/2009 1.79 Aug 28 2009 3.4 SHOW FIRMWARE SUMMARY CSV • • Command: SHOW FIRMWARE SUMMARY CSV Description: Displays a summary of enclosure firmware components in comma separated value format. An exclamation mark (!) indicates firmware mismatch or missing firmware information. If the CSV keyword is used, the summary will be output in CSV format.
12, ProLiant BL495c G6, Mon 2010-09-13 17:18:28, System ROM, A14 2009.12.09, A14 2009.12.09, ILO2, 1.81, 1.82, Power Management Controller, ERROR, , HP NC532i Dual Port 10GbE Multifunction BL-c Adapter , Boot code: 5.2.7, Boot code: 5.2.7, HP NC532i Dual Port 10GbE Multifunction BL-c Adapter , iSCSI: 3.1.5, iSCSI: 3.1.5, 13, ProLiant BL460c G1, Mon 2010-09-13 17:19:08, System ROM, I15 2009.07.10, I15 2009.07.10, ILO2, 1.70, 1.
SHOW FIRMWARE LOG SESSION • • Command: SHOW FIRMWARE LOG SESSION { ALL | [{ , | - } ] } Description: Displays the firmware log session for the selected server or range of servers • • Access level/Bay level: o All o Bay specific Restrictions: You must have access to the specified bay number. SHOW SERVER FIRMWARE • • Command: SHOW SERVER FIRMWARE { ALL | [{ , | - } ]} Description: Displays the firmware log for the selected server or range of servers.
UPDATE FIRMWARE SERVER • • Command: UPDATE FIRMWARE SERVER { ALL | [{ , | - } ]} Description: Initiates manual update of the selected servers, using the configured HP firmware ISO image URL. • Access level/Bay level: OA administrator, server administrator • Restrictions: You must have access to the specified bay number. CAUTION: When a firmware upgrade is in process, do not disconnect or power down the server or the Onboard Administrator until the upgrade is finished.
Blade management commands CONNECT SERVER • • Command: CONNECT SERVER [SERIAL] Description: Opens a Text Console session to the iLO specified. If the optional argument SERIAL is specified, a Virtual Serial Port session is started. • Access level/Bay level: All Bay specific • Restrictions: The User privilege level cannot use the CONNECT SERVER SERIAL command. User accounts don't have console privileges.
f. • Finish the command with the end marker. To view the RIBCL script that will be sent to the iLO, specify TEST. Access level/Bay level: All Bay specific • Restrictions: o You must have access to the specified bays. o For the iLO Update_Firmware script, the Onboard Administrator must be able to download the iLO firmware file referenced in the script within 2 minutes. o This command is not applicable to HP Integrity server blades. o To use variable substitution, HPONCFG 1.
POWEROFF SERVER CAUTION: This command can cause a server blade to lose data or become unstable. • • • Command: POWEROFF SERVER {ALL | [{ - | , } ]} [FORCE] Description: o Performs a graceful shutdown of the server in the specified bay. o This command returns the user to the CLI immediately but the shutdown actions can take up to 5 minutes to complete. o If the FORCE argument is given, the server blade is immediately shut down and might lose data or become unstable.
REBOOT SERVER • • Command: REBOOT SERVER { ALL | [{ , | - } ]} [FORCE] [{ NORMAL |PXE | HDD | RBSU | CD | FLOPPY | USB }] Description: o Sends a request to the server to perform a system reset. o If the FORCE option is specified, a request is sent to the server to perform a cold boot resulting in the server being power cycled. o When a one-time boot device is specified, the server boots to the target device on the resulting server reboot.
o • SET SERVER BOOT ONCE (on page 155) sets the boot device to be used on the next boot of the bays specified. Access level/Bay level: OA administrator, OA operator Bay specific • Restrictions: o You must have access to the specified bay number. o This command is not applicable to storage blades. o This command is not applicable to HP Integrity server blades. o The RBSU and NORMAL options are only available for SET SERVER BOOT ONCE. o The USB option is only available for SET SERVER BOOT FIRST.
• Description: o Stores a setting for the IPL to be passed to the specified servers at the next reboot. o HDD sets Hard Disk Drive as the boot device to be used on the next boot. o PXE sets the PXE Server as the boot device to be used on the next boot. o RBSU sets the ROM Based Setup Utility as the boot device to be used on the next boot. o • Sets the boot device to be used on the next boot of the bays specified.
Bay specific • Restrictions: You must have access to the specified bay number. SHOW SERVER BOOT • • Command: SHOW SERVER BOOT {ALL | [{ - | , } ]} Description: Displays the boot settings for the specified servers. • Access level/Bay level: All Bay specific • • Restrictions: o You must have access to the specified bay. o This command is not applicable to HP Integrity server blades. o Different sides of the server bay cannot be designated within the same range.
• o NICs name and slot number o iLO name, iLO IP address, and iLO firmware version o Power Management Controller version o VLAN ID o IPv6 information o iLO Federation capability Access level/Bay level: All Bay specific • • Restrictions: o You must have access to the specified bay number. o MAC and WWN information is no longer included in the output for this command with Onboard Administrator firmware version 3.60.
Management Processor IPv6 Information: Link Local Address: fe80::9e8e:99ff:fe17:21e/64 Static Address: 4001::1/64 Stateless address autoconfiguration (SLAAC): 2001:1::9e8e:99ff:fe17:21e/64 Stateless address autoconfiguration (SLAAC): 2003:2::9e8e:99ff:fe17:21e/64 iLO Federation capable: Yes SHOW SERVER LIST • • • Command: SHOW SERVER LIST [IPV6] Description: o Displays a brief description of all server blades to which the current user has access o Displays by default IPv4 information; to display IPv6
10 ILOMXQ1281CDZ LL Static fe80::9e8e:99ff:fe17:b0f9 2001::aaaa:bbbb:6666 2001:acdc:aabb:bbcc:ccdd:dddd:eeee:20b DHCP 11 [Absent] . . . Totals: 1 server blades installed, 0 powered on. SHOW SERVER NAMES • Command: SHOW SERVER NAMES • Description: Displays a brief description of all server blades to which the current user has access • Access level/Bay level: All Bay specific • Restrictions: You must have access to the specified bay number.
Displays the port mapping for the server specified by the bay number • Access level/Bay level: All Bay specific • • Restrictions: o You must have access to the specified bay number. o This command is not applicable to storage blades. o Different sides of the server bay cannot be designated within the same range.
------------------------------- Blade 006 ------------------------------ ------------------------------- Blade 007 ------------------------------ ------------------------------- Blade 008 ------------------------------ SHOW SERVER POWERDELAY • • Command: SHOW SERVER POWERDELAY {ALL | [{ - | , } ]} Description: Displays the PowerDelay status for the specified server blade or range of server blades • Access level/Bay level: All Bay specific • •
8 8A 8B AiO SB600c Storage Absent Absent Disabled Disabled Disabled 0 0 0 SHOW SERVER STATUS • • Command: SHOW SERVER STATUS {ALL | [{ , | - } ]} Description: Displays the following settings of server blade: o Power (OK or off) o Health (OK, CPU failure, or power module failure) o Thermal (OK, warm, caution, or critical) o UID LED If the power management controller is outdated or is in a lockup condition, a power management controller error appears.
Blade Blade Blade Blade Blade • Power OK Cooling OK Location OK Device Failure OK Device Degraded OK #3 Status: Power: No Server Blade Installed #4 Status: Power: No Server Blade Installed #5 Status: Server Blade Type: Bay Subsumed #6 Status: Server Blade Type: Bay Subsumed #7 Status: Power: On Current Wattage used: 153 Health: Degraded Unit Identification LED: On Diagnostic Status: Internal Data OK Management Processor OK I/O Configuration OK Power OK Cooling OK Location OK Device Failure OK Device Degra
• SHOW SERVER TEMP {ALL | [{ , | - } ]} Description: Displays the temperature sensor information for a specified server blade or range of server blades • Access level/Bay level: All Bay specific • • Restrictions: o You must have access to the specified bay number. o Different sides of the server bay cannot be designated within the same range.
CPU Zone CPU 2 CPU 2 Memory Zone Ambient Zone OK OK OK OK OK 35C/ 95F N/A N/A 56C/ 0F 22C/ 71F 70C 75C 85C 38C 100C 43C Virtual Fan: 25% Device Bay #5 Temperature Information Server Blade Type: Bay Subsumed Device Bay #6 Temperature Information Server Blade Type: Bay Subsumed Device Bay #7 Temperature Information No Server Blade Installed Device Bay #8 Temperature Information No Server Blade Installed SHOW SYSLOG SERVER • • Command: SHOW SYSLOG SERVER { All | [{ ,| - } ]} D
INITIAL_UPDATE="10/08/2007 01:31" COUNT="1" DESCRIPTION="Server Blade Enclosure Num ber shorty-lab)" /> PAGE 168
Interconnect management commands ASSIGN INTERCONNECT • • Command: ASSIGN INTERCONNECT {ALL | [{ , | - } ]} {""} Description: Assigns interconnects specified to an existing user or group • Access level/Bay level: OA administrator • Restrictions: None CLEAR INTERCONNECT SESSION • • Command: CLEAR INTERCONNECT SESSION Description: Terminates a serial console session of a user on an interconnect.
You must have explicit access to a bay given by the ASSIGN INTERCONNECT command. POWEROFF INTERCONNECT • • Command: POWEROFF INTERCONNECT {ALL | [{ - | , } ]} Description: Sends a request to power off the interconnect module • Access level/Bay level: Administrator, operator Bay specific • Restrictions: You must have explicit access to a bay given by the ASSIGN INTERCONNECT command.
SET INTERCONNECT ADMIN_PASSWORD FACTORY • • Command: SET INTERCONNECT ADMIN_PASSWORD FACTORY [] Description: Causes the interconnect to change the Administrator password to the factory default. When you issue the command, you are prompted to confirm that this is your intention. To proceed with the change, answer YES.
• Restrictions: You must have access to the specified bay number. SET INTERCONNECT POWERDELAY • • Command: SET INTERCONNECT POWERDELAY {ALL | [{ - | , } ]} {number of seconds to delay power | NOPOWERON} Description: Sets the PowerDelay status for the specified interconnect or range of interconnects. If the delay is zero, the delay has no effect on the device. If the delay is NOPOWERON, the device cannot power on until all devices have completed their delays.
— Product name — Product part number — Product version — Product serial number — Asset tag — VLAN ID • o INTERCONNECT STATUS displays status information, UID state, and health state for the specified interconnects. o INTERCONNECT PORT MAP displays port mapping information for the specified interconnects. o INTERCONNECT SESSIONS shows which users, if any, have serial console sessions in progress for each interconnect.
SHOW INTERCONNECT INFO • • Command: SHOW INTERCONNECT INFO {PORT MAP | POWERDELAY | SESSIONS | STATUS} [ALL | | -] Description: Displays: • o Interconnect type o IPv4 information o IPv6 information o Manufacturer name o Product name o Product part number o Product version o Product serial number o Asset tag o VLAN ID Access level/Bay level: All Bay specific • • Restrictions: You must have explicit access to a bay given by the ASSIGN INTERCONNECT
IPv6 Information: LL Address: fe80::223:7dff:fe43:9c4e/64 LL URL: http://[fe80::223:7dff:fe43:9c4e] SLAAC Address: 1000::223:7dff:fe43:9c4e/64 SLAAC URL: http://[1000::223:7dff:fe43:9c4e] DHCPv6 Address: 1000::56d5:ce5e:3a8e:b91a/64 DHCPv6 URL: http://[1000::56d5:ce5e:3a8e:b91a] 2. Ethernet Product Name: HP VC Flex-10 Enet Module Width: Single URL to Management interface: http://172.16.2.156/ In-Band IPv4 Address: 172.16.2.
External Serial Port Interface: Absent External Ethernet Interface: Absent Manufacturer: HP VLAN ID: 1 SHOW INTERCONNECT LIST • • • Command: SHOW INTERCONNECT LIST [IPV6] Description: o Displays the interconnect list o Displays IPv4 information by default. To display IPv6 information, enter the IPV6 keyword Access level/Bay level: All Bay specific • • Restrictions: You must have explicit access to a bay given by the ASSIGN INTERCONNECT command.
Totals: 2 interconnect modules installed, 2 powered on. SHOW INTERCONNECT PORT MAP • • Command: SHOW INTERCONNECT PORT MAP {ALL | | -} Description: Displays the port mapping for the interconnect specified by the bay number • Access level/Bay level: All Bay specific • • Restrictions: You must have explicit access to a bay given by the ASSIGN INTERCONNECT command.
Current PowerDelay Status: Not in Progress Bay Device PowerDelay State --- -------------------------------- -----------1 Cisco Catalyst Blade Switch 3120 Disabled 2 Absent Disabled 3 Absent Disabled 4 Absent Disabled Delay (seconds) SHOW INTERCONNECT SESSIONS • • Command: SHOW INTERCONNECT SESSIONS Description: Displays which users have serial console sessions in progress for each interconnect • Access level/Bay level: OA administrator, OA operator Bay specific • Restrictions: You must have access to
Internal Data Management Processor Thermal Warning Thermal Danger I/O Configuration Device Failure Device Degraded Interconnect Module #2 Status: Interconnect Module Type: No Interconnect Module #3 Status: Interconnect Module Type: No Interconnect Module #4 Status: Interconnect Module Type: No OK OK OK OK OK OK OK Interconnect Module Installed Interconnect Module Installed Interconnect Module Installed Interconnect management commands 178
Active Health System commands ENABLE ACTIVE HEALTH SYSTEM • Command: ENABLE ACTIVE_HEALTH_SYSTEM • Description: • Enables logging of inventory and health status for shared infrastructure items such as fans and power supplies to the blades that depend upon them.
Enclosure DVD commands SET SERVER DVD • • • Command: SET SERVER DVD {CONNECT | DISCONNECT} [USB://url] {ALL | [{ , | - } ]} Description: Connects or disconnects the specified server or range of servers from the enclosure DVD drive. The DISCONNECT argument detaches any URL in addition to the enclosure DVD. USB://url is an optional parameter that matches the URL to an .iso file displayed by the SHOW USBKEY command.
5 6 7 8 No - [Bay empty] [Bay empty] [Non-server blade] Enclosure DVD commands 181
Remote syslog commands DISABLE SYSLOG REMOTE • • Command: DISABLE SYSLOG REMOTE Description: Disables remote system logging • Access level/Bay level: OA administrator, OA operator Restrictions: To perform this command, you must be an operator or administrator with OA permission.
SET REMOTE SYSLOG SERVER • • Command: SET REMOTE SYSLOG SERVER { | } Description: Sets the IP address or DNS name for remote system log messages • Access level/Bay level: OA administrator, OA operator • Restrictions: None SHOW SYSLOG SETTINGS • • Command: SHOW SYSLOG SETTINGS Description: Displays the remote syslog settings for the Onboard Administrator • Access level/Bay level: Operator, Administrator • Restrictions: You must have OA permission to perform this command.
Remote syslog example The remote syslog consists of a date and time stamp, the Onboard Administrator IP address, text, and a priority number. The date and time stamp, and the text match the Onboard Administrator syslog entry. Sep 9 16:00:28 10.128.126.204 OA: Remote system logging enabled to server 16.83.33.
USB support commands DOWNLOAD CONFIG using USB key • • Command: DOWNLOAD CONFIG Description: Downloads a saved configuration file from a specific IP host. The file is not checked for errors but is automatically executed in SCRIPT MODE. Supported protocols are HTTP, FTP, TFTP, and USB. Format the as protocol://host/path/file.
• Description: Displays a list of Firmware images, configuration scripts, and ISO images present on the enclosure USB media • Access level/Bay level: OA administrator, OA operator • Restriction: None • Example: OA-00215AB195CB> show usbkey Firmware Image Files --------------------------------------usb://d1/hpoa225.bin Image Version ------------2.25 Configuration Script Files --------------------------------------usb://d1/USE62317RY.
You cannot use the FORCE option for downgrade in FIPS Mode ON/DEBUG. CAUTION: When a firmware upgrade is in process, do not disconnect the Onboard Administrator modules. Disconnecting these modules could render the Onboard Administrator unusable. UPLOAD CONFIG using USB key • • • Command: UPLOAD CONFIG {"" | USB ""} Description: o Uploads to the specified URL a script that duplicates the current runtime configuration. o Supported protocols are FTP, TFTP, and USB.
VLAN commands ADD VLAN • Command: ADD VLAN [""] • Description: Creates a VLAN ID and an optional VLAN NAME. • Access level/Bay level: OA administrator, OA operator • Restrictions: o The VLAN ID is an integer from 1 to 4094. o The VLAN Name is limited to 31 alphanumeric characters. DISABLE VLAN • Command: DISABLE VLAN • Description: This command disables or turns off VLAN on the enclosure.
ENABLE VLAN • • Command: ENABLE VLAN Description: This command enables or turns on VLAN on the enclosure. • Access level/Bay level: OA administrator, OA operator • Restrictions: None REMOVE VLAN • • Command: REMOVE VLAN Description: Removes a VLAN ID. All devices currently using that VLAN ID are moved to the default VLAN ID. • Access level/Bay level: OA administrator, OA operator • Restrictions: The user cannot remove the default VLAN ID.
• Access level/Bay level: OA administrator, OA operator • Restrictions: The VLAN ID is a value between 1 and 4094. SET VLAN FACTORY • • Command: SET VLAN FACTORY Description: Restores the VLAN settings to factory defaults. VLAN is disabled and all devices are grouped in VLAN ID 1. To execute the command, enter YES when asked if you are sure you want to restore VLAN settings to factory defaults.
• Access level/Bay level: OA administrator, OA operator • Restrictions: None SET VLAN IPCONFIG DHCP • • Command: SET VLAN IPCONFIG DHCP [] Description: Temporarily sets the OA to DHCP mode and the specified VLAN ID (0 to 4094). Setting the VLAN ID number to 0 disables enclosure VLAN. Any other setting enables enclosure VLAN. • Access level/Bay level: OA administrator, OA operator • Restrictions: VLAN ID must be an integer between 0 and 4094.
SET VLAN OA • • Command: SET VLAN OA Description: Sets or changes the VLAN ID of the Onboard Administrator. Loss of connectivity to the Onboard Administrator will occur if this is improperly set. • Access level/Bay level: OA administrator, OA operator • Restrictions: None SET VLAN REVERT • • Command: SET VLAN REVERT Description: Reverts VLAN settings back to saved FLASH configuration data in seconds. Use a delay of 0 to cancel the command.
• SHOW VLAN Description: Shows VLAN settings. • Access level/Bay level: OA administrator, OA operator, OA user • Restrictions: None • Example: OA-0018FE27577F> show vlan show vlan VLAN is enabled. OA VLAN ID = 1. Default VLAN ID (untagged) = 1.
HP Insight Remote Support commands ADD REMOTE_SUPPORT CERTIFICATE • • Command: ADD REMOTE_SUPPORT CERTIFICATE <\n> <\n> Description: Adds the specified HP Remote Support certificate to the Onboard Administrator. Certificates ensure that the Onboard Administrator sends information securely to the Insight Remote Control server. To add the certificate: a. Start with a string that does not appear within the certificate (the end marker). b.
• o Specify the URL where the certificate can be found. o Supported protocols are HTTP, FTP, and TFTP. o Format the URL as protocol://host/path/file. o The URL syntax for IPv4 addresses is protocol:///path/file. o The URL syntax for IPv6 addresses is protocol://[]/path/file. o If your FTP server does not support anonymous connections, you can specify a user name and password in the format ftp://username:password@host/path/file.
REMOTE_SUPPORT (on page 200) command to send a test event to confirm the connection between OA and Insight Remote Support. • If your enclosure uses a web proxy server to access the Internet, enter proxy information with the SET REMOTE_SUPPORT DIRECT PROXY (on page 198) command. Access level/Bay level: OA administrator • Restrictions Version 4.01 or later of the Onboard Administrator firmware must be installed.
DISABLE REMOTE_SUPPORT • • Command: DISABLE REMOTE_SUPPORT Description: Unregisters the Onboard Administrator from the Remote Support server • Access level/Bay level: OA administrator DISABLE REMOTE_SUPPORT MAINTENANCE • • Command: DISABLE REMOTE_SUPPORT MAINTENANCE Description: Disables the Remote Support maintenance window • Access level/Bay level: OA administrator REMOVE REMOTE_SUPPORT CERTIFICATE • Command: REMOVE REMOTE_SUPPORT CERTIFICATE "" • Description: • Removes the
Remote Support must be enabled before sending a data collection. If the enclosure contains a large number of blades, the test might take several minutes. After the test is complete, the status is reflected in the SHOW REMOTE_SUPPORT command output. SET REMOTE_SUPPORT DIRECT ONLINE_REGISTRATION_COMPLETE • Command: • SET REMOTE_SUPPORT DIRECT ONLINE_REGISTRATION_COMPLETE • Description: Upon entering this command, you are asked to confirm that you registered at the HP Insight Online website (http://www.
Displays Remote Support settings and information such as: • o Remote Support status o Connection type: DIRECT or IRS (Insight Remote Support) o Online passport name o Online Registration status o Web Proxy Server o Data collection status Access level/Bay level: OA administrator • Example: OA-E4115BECFBAB> show remote_support Status : Connection type : Online passport name : Online Registration complete : Web Proxy Server : Collection Interval(days) : Last successful registration : Last succe
Remote Support subjectOrganization subjectOrganizationalUnit = Hewlett-Packard Company = Hewlett-Packard Insight subjectCommonName = pdehost24.ac.hp.
• Restrictions: Remote Support must be enabled before sending a test event. If the enclosure contains a large number of blades, the test might take several minutes. After the test has completed, the status is reflected in the SHOW REMOTE_SUPPORT command output.
Enclosure Dynamic Power Cap commands SET ENCLOSURE POWER_CAP • • Command: SET ENCLOSURE POWER_CAP { [ ] | OFF } Description: Sets the Enclosure Dynamic Power Cap in watts AC. OFF disables the Enclosure Dynamic Power Cap. Average power cannot exceed cap or derated_circuit_capacity. Peak power cannot exceed rated_circuit_capacity. For example, suppose the PDU powering the enclosure has a rated capacity of 30 amps.
If you have previously specified bays to exclude, using this command again replaces that specification rather than augmenting it. • Access level/Bay level: OA administrator, OA operator • Restriction: You can exclude no more than one fourth of the bays. SHOW ENCLOSURE POWER_CAP • • Command: SHOW ENCLOSURE POWER_CAP Description: Displays the current Enclosure Dynamic Power Cap in watts.
Event notifications Enclosure event notifications Enclosure events produce screen messages with the show events option enabled. If you are directly affected by an event, a message is produced whether the show events option is enabled or disabled. Event messages include the device affected, the device name, and the date and time of the event. Some examples of event messages are: • The enclosure is in a degraded state. • Blade X has experienced a failure.
Event Cause Fan Status Change The status of a fan has changed. Fan Inserted A fan has been inserted. Fan Removed A fan has been removed. Interconnect Inserted An interconnect module was inserted into the enclosure. Interconnect Thermal Status Changed The thermal status of an interconnect module changed. Interconnect Removed An interconnect module was removed from the enclosure. Interconnect Power Reset The power of an interconnect module was reset.
Event Cause User Rights The privilege level of a user on the Onboard Administrator was changed. If you are logged in as this user, you are disconnected from the Onboard Administrator. You can log in again with your new privilege level.
Support and other resources Before you contact HP Be sure to have the following information available before you call HP: • Active Health System log (HP ProLiant Gen8 or later products) Download and have available an Active Health System log for 3 days before the failure was detected. For more information, see the HP iLO 4 User Guide or HP Intelligent Provisioning User Guide on the HP website (http://www.hp.com/go/ilo/docs).
Time zone settings Universal time zone settings IMPORTANT: Time zones must be entered exactly as they appear. The following table provides the Universal time zone settings that are supported by the Onboard Administrator.
Africa/Cairo Africa/Khartoum Africa/Nairobi — Africa/Casablanca Africa/Kigali Africa/Ndjamena — Americas time zone settings IMPORTANT: Time zones must be entered exactly as they appear. The following table provides the Americas time zone settings that are supported by the Onboard Administrator.
America/Campo_Grande America/Martinique America/Yellowknife America/Cancun America/Matamoros Brazil/Acre America/Caracas America/Mazatlan Brazil/DeNoronha America/Catamarca America/Mendoza Brazil/East America/Cayenne America/Menominee Brazil/West America/Cayman America/Merida Canada/Atlantic America/Chicago America/Metlakatla Canada/Central America/Chihuahua America/Mexico_City Canada/Eastern America/Coral_Harbour America/Miquelon Canada/East-Saskatchewan America/Cordoba America/
Asia/Amman Asia/Dubai Asia/Krasnoyarsk Asia/Riyadh Asia/Urumqi Asia/Anadyr Asia/Dushanbe Asia/Kuala_Lumpur Asia/Riyadh87 Asia/Ust-Nera Asia/Aqtau Asia/Gaza Asia/Kuching Asia/Riyadh88 Asia/Vientiane Asia/Aqtobe Asia/Harbin Asia/Kuwait Asia/Riyadh89 Asia/Vladivostok Asia/Ashgabat Asia/Hebron Asia/Macao Asia/Saigon Asia/Yakutsk Asia/Ashkhabad Asia/Ho_Chi_Minh Asia/Macau Asia/Sakhalin Asia/Yekaterinburg Asia/Baghdad Asia/Hong_Kong Asia/Magadan Asia/Samarkand Asia/Yerevan Asia/B
Australia/Darwin Indian/Kerguelen Pacific/Honolulu Pacific/Tongatapu Australia/Eucla Indian/Mahe Pacific/Johnston Pacific/Truk Australia/Hobart Indian/Maldives Pacific/Kiritimati Pacific/Wake Australia/LHI Indian/Mauritius Pacific/Kosrae Pacific/Wallis Australia/Lindeman Indian/Mayotte Pacific/Kwajalein Pacific/Yap Australia/Lord_Howe Indian/Reunion Pacific/Majuro US/Hawaii — — — US/Samoa Europe time zone settings IMPORTANT: Time zones must be entered exactly as they appear.
Antarctica/Davis Antarctica/McMurdo Antarctica/Syowa Antarctica/DumontDUrville Antarctica/Palmer Antarctica/Vostok Antarctica/Macquarie Antarctica/Rothera Arctic/Longyearbyen Time zone settings 213
Acronyms and abbreviations BLD BladeSystem Location Device CA certificate authority DDNS Dynamic Domain Name System DHCP Dynamic Host Configuration Protocol DN distinguished name DNS domain name system EBIPA Enclosure Bay IP Addressing EFM Enclosure Firmware Management FQDN Fully Qualified Domain Name FRU field replaceable unit GC global catalog HDD hard drive Acronyms and abbreviations 214
HP SIM HP Systems Insight Manager HTTPS hypertext transfer protocol secure sockets ICMP Internet Control Message Protocol iLO Integrated Lights-Out IPD intelligent power discovery LDAP Lightweight Directory Access Protocol MAC Media Access Control NTP network time protocol PDU power distribution unit PIC peripheral interface controller PKCS Public-Key Cryptography Standards PXE preboot execution environment RBSU ROM-Based Setup Utility RIBCL Remote Insight Board Command Language Acronyms and a
RSA Rivest, Shamir, and Adelman public encryption key SLAAC stateless address autoconfiguration SOAP Simple Object Access Protocol SSH Secure Shell SSO single sign-on TFTP Trivial File Transfer Protocol TPM Trusted Platform Module UEFI Unified Extensible Firmware Interface UID unit identification URB utility ready blade VC Virtual Connect VCM Virtual Connect Manager WWN World Wide Name Acronyms and abbreviations 216
Documentation feedback HP is committed to providing documentation that meets your needs. To help us improve the documentation, send any errors, suggestions, or comments to Documentation Feedback (mailto:docsfeedback@hp.com). Include the document title and part number, version number, or the URL when submitting your feedback.
Index A accessing the CLI 13 account authentication 18 account level 16 ADD CA CERTIFICATE 34 ADD EBIPA 60 ADD EBIPAV6 60 ADD HPSIM CERTIFICATE 47 ADD LANGUAGE 111 ADD LDAP CERTIFICATE 39 ADD LDAP GROUP 39 ADD OA ADDRESS IPV6 75 ADD OA DNS 75 ADD OA DNS IPV6 76 ADD REMOTE_SUPPORT CERTIFICATE 194 ADD SNMP TRAPRECEIVER 77 ADD SNMP USER 78 ADD SSHKEY 76 ADD TRUSTED HOST 79 ADD USER 25 ADD VLAN 188 adding a user account 25 Africa time zone 208 Americas time zone 209 Asia time zone 210 ASSIGN 25 ASSIGN FOR LDAP
command, DISABLE FIRMWARE MANAGEMENT 141 command, DISABLE FQDN_LINK_SUPPORT 82 command, DISABLE GUI_LOGIN_DETAIL 112 command, DISABLE HTTPS 82 command, DISABLE IPV6 83 command, DISABLE IPV6DYNDNS 83 command, DISABLE LDAP 40 command, DISABLE LLF 112 command, DISABLE LOGIN_BANNER 83 command, DISABLE NTP 84 command, DISABLE REMOTE SUPPORT 197 command, DISABLE REMOTE SUPPORT MAINTENANCE 197 command, DISABLE SECURESH 84 command, DISABLE SLAAC 84 command, DISABLE SNMP 85 command, DISABLE STRONG PASSWORDS 26 comma
command, REMOVE TRUSTED HOST 94 command, REMOVE USER 28 command, REMOVE USER CERTIFICATE 36 command, REMOVE VLAN 189 command, RESTART OA 114 command, SAVE EBIPA 62 command, SAVE EBIPAV6 63 command, SAVE VLAN 189 command, SEND REMOTE SUPPORT DATACOLLECTION 197 command, SET ALERTMAIL MAILBOX 95 command, SET ALERTMAIL SENDERDOMAIN 95 command, SET ALERTMAIL SENDERNAME 96 command, SET ALERTMAIL SMTP SERVER 96 command, SET DATE 114 command, SET DEVICE_SERIAL_NUMBER_BLADE 54 command, SET DISPLAY EVENTS 115 command
command, SET USER PASSWORD 30 command, SET VLAN DEFAULT 189 command, SET VLAN FACTORY 190 command, SET VLAN INTERCONNECT 190 command, SET VLAN IPCONFIG SAVE 191 command, SET VLAN IPCONFIG STATIC 191 command, SET VLAN OA 192 command, SET VLAN REVERT 192 command, SET VLAN SERVER 192 command, SHOW ALL 56 command, SHOW CA CERTIFICATE 37 command, SHOW CONFIG 120 command, SHOW DATE 121 command, SHOW DEVICE SERIAL NUMBER BLADE 58 command, SHOW DISPLAY EVENTS 121 command, SHOW EBIPA 68 command, SHOW EBIPAV6 70 comm
command, TEST REMOTE_SUPPORT 200 command, TEST SNMP 110 command, TEST SYSLOG 183 command, TEST URB 59 command, UNASSIGN 32 command, UNASSIGN FOR LDAP 46 command, UNASSIGN OA 32 command, UNASSIGN OA LDAP GROUP 46 command, UNASSIGN SERVER 167 command, UPDATE 137 command, UPDATE FIRMWARE SERVER 150 command, UPDATE ILO 138 command, UPDATE IMAGE using USB key 186 command, UPLOAD CONFIG 139 command, UPLOAD CONFIG using USB key 187 command, UPLOAD SUPPORTDUMP 140 command, UPLOAD SYSLOG 140 commands, directory 39 c
ENABLE SLAAC 91 ENABLE SNMP 91 ENABLE STRONG PASSWORDS 26 ENABLE SYSLOG REMOTE 182 ENABLE TELNET 91 ENABLE TRUSTED HOST 92 ENABLE URB 51 ENABLE USER 27 ENABLE VLAN 189 ENABLE XMLPREPLY 92 Enclosure Bay IP Addressing (EBIPA) commands 60 enclosure DVD commands 180 Enclosure Firmware Management commands 141 enclosure management commands 111 Enclosure network configuration commands 75 Europe time zone 212 event notifications, defining 204 EXIT 20 F force downgrades 138 FORCE TAKEOVER 51 FQDN link support 88 G
S SAVE EBIPA 62 SAVE EBIPA6 63 SAVE VLAN 189 SEND REMOTE SUPPORT DATACOLLECTION 197 serial port 13 SET ALERTMAIL MAILBOX 95 SET ALERTMAIL SENDERDOMAIN 95 SET ALERTMAIL SENDERNAME 96 SET ALERTMAIL SM 96 SET DATE 114 SET DEVICE SERIAL_NUMBER BLADE 54 SET DISPLAY 115 SET EBIPA INTERCONNECT 63 SET EBIPA SERVER 64 SET EBIPAV6 INTERCONNECT 65 SET EBIPAV6 SERVER 66 SET ENCLOSURE ASSET 115 SET ENCLOSURE NAME 116 SET ENCLOSURE PART NUMBER 116 SET ENCLOSURE PDU TYPE 116 SET ENCLOSURE POWER_CAP 202 SET ENCLOSURE POWER
SET VLAN REVERT 192 SET VLAN SERVER 192 SHOW ALL 56 SHOW CA CERTIFICATE 37 SHOW CONFIG 120 SHOW DATE 121 SHOW DEVICE SERIAL_NUMBER BLADE 58 SHOW DISPLAY EVENTS 121 SHOW EBIPA 68 SHOW EBIPAV6 70 SHOW ENCLOSURE FAN 122 SHOW ENCLOSURE INFO 122 SHOW ENCLOSURE LCD 123 SHOW ENCLOSURE POWER_CAP 203 SHOW ENCLOSURE POWER_CAP_BAYS_TO_EXCLUDE 203 SHOW ENCLOSURE POWER_SUMMARY 124 SHOW ENCLOSURE POWERSUPPLY 125 SHOW ENCLOSURE STATUS 126 SHOW ENCLOSURE TEMP 126 SHOW FIPS MODE 102 SHOW FIRMWARE 144 SHOW FIRMWARE LOG SERVE
U UNASSIGN 32 UNASSIGN FOR LDAP 46 UNASSIGN OA 32 UNASSIGN OA LDAP GROUP 46 UNASSIGN SERVER 167 universal time zone 208 UPDATE 137 UPDATE FIRMWARE SERVER 150 UPDATE ILO 138 UPDATE IMAGE 138 UPDATE IMAGE using USB key 186 UPLOAD CONFIG 139 UPLOAD CONFIG using USB key 187 UPLOAD SUPPORTDUMP 140 UPLOAD SYSLOG 140 USB key command 185, 187 User account commands 25 V VLAN commands 188 W what's new 11 Index 226
