HP iLO 3 Scripting and Command Line Guide - Business Support ...
HP iLO 3 Scripting and Command Line Guide - Business Support ...
HP iLO 3 Scripting and Command Line Guide - Business Support ...
Erfolgreiche ePaper selbst erstellen
Machen Sie aus Ihren PDF Publikationen ein blätterbares Flipbook mit unserer einzigartigen Google optimierten e-Paper Software.
<strong>HP</strong> <strong>iLO</strong> 3 <strong>Scripting</strong> <strong>and</strong> Comm<strong>and</strong> <strong>Line</strong><br />
<strong>Guide</strong><br />
Abstract<br />
This document describes the syntax <strong>and</strong> tools available for use with the <strong>HP</strong> <strong>iLO</strong> firmware through the comm<strong>and</strong> line or a scripted<br />
interface. This document is for the person who installs, administers, <strong>and</strong> troubleshoots servers <strong>and</strong> storage systems. <strong>HP</strong> assumes<br />
you are qualified in the servicing of computer equipment <strong>and</strong> trained in recognizing hazards in products with hazardous energy<br />
levels.<br />
Use this guide for <strong>HP</strong> <strong>iLO</strong> ProLiant servers <strong>and</strong> ProLiant BladeSystem server blades. For information about <strong>iLO</strong> for Integrity<br />
servers <strong>and</strong> server blades, see the <strong>HP</strong> website at http://www.hp.com/go/integrity<strong>iLO</strong>.<br />
<strong>HP</strong> Part Number: 616297-004<br />
Published: October 2012<br />
Edition: 1
© Copyright 2010, 2011, 2012 Hewlett-Packard Development Company, L.P<br />
Confidential computer software. Valid license from <strong>HP</strong> required for possession, use or copying. Consistent with FAR 12.211 <strong>and</strong> 12.212, Commercial<br />
Computer Software, Computer Software Documentation, <strong>and</strong> Technical Data for Commercial Items are licensed to the U.S. Government under<br />
vendor’s st<strong>and</strong>ard commercial license.<br />
The information contained herein is subject to change without notice. The only warranties for <strong>HP</strong> products <strong>and</strong> services are set forth in the express<br />
warranty statements accompanying such products <strong>and</strong> services. Nothing herein should be construed as constituting an additional warranty. <strong>HP</strong> shall<br />
not be liable for technical or editorial errors or omissions contained herein.<br />
Microsoft® <strong>and</strong> Windows®, are U.S. registered trademarks of Microsoft Corporation.<br />
Intel is a trademark of Intel Corporation in the U.S. <strong>and</strong> other countries.<br />
Java is a registered trademark of Oracle <strong>and</strong>/or its affiliates.
Contents<br />
1 Introduction.............................................................................................10<br />
<strong>Scripting</strong> <strong>and</strong> comm<strong>and</strong> line guide overview..............................................................................10<br />
<strong>Scripting</strong> <strong>and</strong> comm<strong>and</strong> line utilities..........................................................................................10<br />
CPQLOCFG Utility.............................................................................................................10<br />
LOCFG.PL Script................................................................................................................11<br />
<strong>HP</strong>ONCFG Utility..............................................................................................................11<br />
SMASH CLP......................................................................................................................11<br />
IPMI.................................................................................................................................11<br />
New in this version.................................................................................................................11<br />
<strong>HP</strong> Insight Control server deployment........................................................................................12<br />
2 CPQLOCFG usage...................................................................................13<br />
CPQLOCFG Utility..................................................................................................................13<br />
Unauthenticated XML query.....................................................................................................13<br />
Creating a system collection in <strong>HP</strong> SIM......................................................................................15<br />
Application Launch using <strong>HP</strong> SIM.............................................................................................15<br />
Batch processing using CPQLOCFG..........................................................................................15<br />
CPQLOCFG parameters..........................................................................................................16<br />
3 LOCFG.PL usage......................................................................................18<br />
LOCFG.PL Utility.....................................................................................................................18<br />
4 <strong>HP</strong>ONCFG online configuration utility.........................................................19<br />
<strong>HP</strong>ONCFG............................................................................................................................19<br />
<strong>HP</strong>ONCFG supported operating systems...................................................................................19<br />
<strong>HP</strong>ONCFG requirements.........................................................................................................19<br />
Installing <strong>HP</strong>ONCFG...............................................................................................................19<br />
Windows server installation.................................................................................................19<br />
Linux server installation ......................................................................................................20<br />
<strong>HP</strong>ONCFG utility....................................................................................................................20<br />
<strong>HP</strong>ONCFG comm<strong>and</strong> line parameters..................................................................................20<br />
Using <strong>HP</strong>ONCFG on Windows servers............................................................................21<br />
Using <strong>HP</strong>ONCFG on Linux servers...................................................................................21<br />
Obtaining the basic configuration........................................................................................22<br />
Obtaining a specific configuration.......................................................................................23<br />
Setting a configuration.......................................................................................................23<br />
Using variable substitution...................................................................................................24<br />
Capturing <strong>and</strong> restoring a configuration................................................................................25<br />
5 SMASH CLP usage...................................................................................27<br />
SMASH CLP ..........................................................................................................................27<br />
6 IPMI usage..............................................................................................28<br />
The IPMI utility........................................................................................................................28<br />
Basic IPMI tool usage..............................................................................................................28<br />
Advanced IPMI tool usage on Linux...........................................................................................28<br />
Advanced IPMI util usage on Windows.....................................................................................29<br />
7 SMASH CLP <strong>Scripting</strong> Language................................................................30<br />
SMASH CLP comm<strong>and</strong> line overview........................................................................................30<br />
SMASH CLP comm<strong>and</strong> line access............................................................................................30<br />
Using the comm<strong>and</strong> line..........................................................................................................30<br />
Escape comm<strong>and</strong>s..................................................................................................................31<br />
Base comm<strong>and</strong>s.....................................................................................................................32<br />
Contents 3
Specific comm<strong>and</strong>s.................................................................................................................33<br />
User comm<strong>and</strong>s.................................................................................................................34<br />
<strong>HP</strong> SIM SSO settings..........................................................................................................34<br />
Network comm<strong>and</strong>s...........................................................................................................36<br />
<strong>iLO</strong> 3 settings....................................................................................................................39<br />
<strong>iLO</strong> 3 embedded health settings...........................................................................................41<br />
SNMP settings...................................................................................................................43<br />
License comm<strong>and</strong>s.............................................................................................................44<br />
Directory comm<strong>and</strong>s..........................................................................................................44<br />
Virtual Media comm<strong>and</strong>s....................................................................................................45<br />
Start <strong>and</strong> Reset comm<strong>and</strong>s..................................................................................................48<br />
Firmware update................................................................................................................49<br />
Eventlog comm<strong>and</strong>s...........................................................................................................49<br />
Blade comm<strong>and</strong>s...............................................................................................................50<br />
Boot comm<strong>and</strong>s.................................................................................................................50<br />
LED comm<strong>and</strong>s..................................................................................................................51<br />
System properties <strong>and</strong> targets..............................................................................................52<br />
Other comm<strong>and</strong>s...............................................................................................................55<br />
8 RIBCL XML <strong>Scripting</strong> Language...................................................................56<br />
Overview of the RIBCL.............................................................................................................56<br />
XML header......................................................................................................................56<br />
Data types........................................................................................................................56<br />
String..........................................................................................................................56<br />
Specific string...............................................................................................................56<br />
Boolean string..............................................................................................................56<br />
Response definitions...........................................................................................................56<br />
RIBCL....................................................................................................................................57<br />
RIBCL parameters...............................................................................................................57<br />
RIBCL runtime errors...........................................................................................................57<br />
RIBCL boot order...............................................................................................................57<br />
Get Persistent Boot Order...............................................................................................58<br />
Get One Time Boot Order..............................................................................................58<br />
Set Persistent Boot Order................................................................................................58<br />
Set One Time Boot Order...............................................................................................58<br />
LOGIN..................................................................................................................................59<br />
LOGIN parameters.............................................................................................................59<br />
LOGIN runtime errors.........................................................................................................59<br />
USER_INFO...........................................................................................................................59<br />
ADD_USER.......................................................................................................................60<br />
ADD_USER parameters..................................................................................................60<br />
ADD_USER runtime errors..............................................................................................61<br />
DELETE_USER....................................................................................................................61<br />
DELETE_USER parameter................................................................................................61<br />
DELETE_USER runtime errors...........................................................................................62<br />
DEL_USERS_SSH_KEY........................................................................................................62<br />
DEL_SSH_KEY parameters..............................................................................................62<br />
DEL_SSH_KEY runtime errors..........................................................................................62<br />
GET_USER........................................................................................................................62<br />
GET_USER parameter....................................................................................................63<br />
GET_USER runtime errors...............................................................................................63<br />
GET_USER return messages............................................................................................63<br />
MOD_USER......................................................................................................................63<br />
MOD_USER parameters.................................................................................................64<br />
MOD_USER runtime errors.............................................................................................65<br />
4 Contents
GET_ALL_USERS................................................................................................................65<br />
GET_ALL_USERS parameters...........................................................................................65<br />
GET_ALL_USERS runtime errors.......................................................................................65<br />
GET_ALL_USERS return messages....................................................................................65<br />
GET_ALL_USER_INFO........................................................................................................66<br />
GET_ALL_USER_INFO parameters...................................................................................66<br />
GET_ALL_USER_INFO runtime errors................................................................................66<br />
GET_ALL_USER_INFO return messages............................................................................66<br />
RIB_INFO..............................................................................................................................67<br />
RESET_RIB.........................................................................................................................67<br />
RESET_RIB parameters...................................................................................................67<br />
RESET_RIB runtime errors................................................................................................67<br />
GET_EVENT_LOG..............................................................................................................68<br />
GET_EVENT_LOG parameters........................................................................................68<br />
GET_EVENT_LOG runtime errors.....................................................................................68<br />
GET_EVENT_LOG return messages..................................................................................68<br />
CLEAR_EVENTLOG............................................................................................................69<br />
CLEAR_EVENTLOG parameters.......................................................................................69<br />
CLEAR_EVENTLOG runtime errors...................................................................................70<br />
COMPUTER_LOCK_CONFIG..............................................................................................70<br />
COMPUTER_LOCK_CONFIG parameters.........................................................................71<br />
COMPUTER_LOCK_CONFIG runtime errors.....................................................................71<br />
GET_NETWORK_SETTINGS................................................................................................71<br />
GET_NETWORK_SETTINGS parameters..........................................................................71<br />
GET_NETWORK_SETTINGS runtime errors.......................................................................71<br />
GET_NETWORK_SETTINGS return messages....................................................................71<br />
MOD_NETWORK_SETTINGS..............................................................................................73<br />
MOD_NETWORK_SETTINGS runtime errors.....................................................................78<br />
MOD_NETWORK_SETTINGS parameters........................................................................78<br />
GET_GLOBAL_SETTINGS....................................................................................................81<br />
GET_GLOBAL_SETTINGS parameters...............................................................................81<br />
GET_GLOBAL_SETTINGS runtime errors...........................................................................81<br />
GET_GLOBAL_SETTINGS return messages........................................................................81<br />
MOD_GLOBAL_SETTINGS..................................................................................................82<br />
MOD_GLOBAL_SETTINGS parameters.............................................................................83<br />
MOD_GLOBAL_SETTINGS runtime errors.........................................................................84<br />
BROWNOUT_RECOVERY...................................................................................................84<br />
BROWNOUT_RECOVERY parameters.............................................................................84<br />
BROWNOUT_RECOVERY runtime errors..........................................................................85<br />
GET_SNMP_IM_SETTINGS.................................................................................................85<br />
GET_SNMP_IM_SETTINGS parameters............................................................................85<br />
GET_SNMP_IM_SETTINGS runtime errors........................................................................85<br />
GET_SNMP_IM_SETTINGS return messages.....................................................................85<br />
MOD_SNMP_IM_SETTINGS...............................................................................................85<br />
MOD_SNMP_IM_SETTINGS parameters..........................................................................86<br />
MOD_SNMP_IM_SETTINGS runtime errors......................................................................86<br />
UPDATE_FIRMWARE..........................................................................................................86<br />
UPDATE_FIRMWARE parameters.....................................................................................87<br />
UPDATE_FIRMWARE runtime errors.................................................................................87<br />
GET_FW_VERSION...........................................................................................................87<br />
GET_FW_VERSION parameters......................................................................................88<br />
GET_FW_VERSION runtime errors...................................................................................88<br />
GET_FW_VERSION return messages...............................................................................88<br />
LICENSE...........................................................................................................................88<br />
LICENSE parameters.....................................................................................................88<br />
Contents 5
6 Contents<br />
LICENSE runtime errors..................................................................................................89<br />
INSERT_VIRTUAL_MEDIA....................................................................................................89<br />
INSERT_VIRTUAL_MEDIA parameters...............................................................................89<br />
INSERT_VIRTUAL_FLOPPY runtime errors...........................................................................90<br />
EJECT_VIRTUAL_MEDIA......................................................................................................90<br />
EJECT_VIRTUAL_MEDIA parameters.................................................................................90<br />
EJECT_VIRTUAL_MEDIA runtime errors.............................................................................90<br />
GET_VM_STATUS..............................................................................................................90<br />
GET_VM_STATUS parameters.........................................................................................91<br />
GET_VM_STATUS runtime errors......................................................................................91<br />
GET_VM_STATUS return messages..................................................................................91<br />
SET_VM_STATUS...............................................................................................................91<br />
SET_VM_STATUS parameters..........................................................................................92<br />
SET_VM_STATUS runtime errors.......................................................................................93<br />
CERTIFICATE_SIGNING_REQUEST.......................................................................................93<br />
CERTIFICATE_SIGNING_REQUEST parameters (for custom CSR).........................................94<br />
CERTIFICATE_SIGNING_REQUEST errors.........................................................................94<br />
IMPORT_CERTIFICATE........................................................................................................94<br />
IMPORT_CERTIFICATE parameters...................................................................................95<br />
IMPORT_CERTIFICATE errors...........................................................................................95<br />
SET_LANGUAGE...............................................................................................................95<br />
SET_LANGUAGE parameters..........................................................................................95<br />
SET_LANGUAGE runtime errors......................................................................................95<br />
GET_LANGUAGE..............................................................................................................95<br />
GET_LANGUAGE parameters.........................................................................................96<br />
GET_LANGUAGE runtime errors.....................................................................................96<br />
GET_ALL_LANGUAGES......................................................................................................96<br />
GET_ALL_LANGUAGES parameters.................................................................................96<br />
GET_ALL_LANGUAGES runtime errors.............................................................................96<br />
SET_ASSET_TAG................................................................................................................96<br />
SET_ASSET_TAG parameters...........................................................................................96<br />
SET_ASSET_TAG runtime errors.......................................................................................97<br />
GET_SECURITY_MSG.........................................................................................................97<br />
GET_SECURITY_MSG parameters....................................................................................97<br />
GET_SECURITY_MSG return messages.............................................................................97<br />
GET_SECURITY_MSG runtime errors................................................................................97<br />
SET_SECURITY_MSG..........................................................................................................97<br />
SET_SECURITY_MSG parameters....................................................................................98<br />
SET_SECURITY_MSG runtime errors.................................................................................98<br />
HOTKEY_CONFIG.............................................................................................................98<br />
HOTKEY_CONFIG parameters.......................................................................................99<br />
HOTKEY_CONFIG runtime errors....................................................................................99<br />
GET_HOTKEY_CONFIG...................................................................................................100<br />
GET_HOTKEY_CONFIG parameters..............................................................................100<br />
GET_HOTKEY_CONFIG runtime errors..........................................................................100<br />
GET_HOTKEY_CONFIG return messages.......................................................................100<br />
SET_FIPS_ENABLE............................................................................................................100<br />
SET_FIPS_ENABLE parameters......................................................................................100<br />
SET_FIPS_ENABLE runtime errors...................................................................................101<br />
GET_FIPS_STATUS............................................................................................................101<br />
GET_FIPS_STATUS parameters......................................................................................101<br />
GET_FIPS_STATUS runtime errors...................................................................................101<br />
FACTORY_DEFAULTS........................................................................................................101<br />
FACTORY_DEFAULTS parameters...................................................................................101<br />
FACTORY_DEFAULTS runtime errors...............................................................................101
DIR_INFO............................................................................................................................101<br />
GET_DIR_CONFIG..........................................................................................................102<br />
GET_DIR_CONFIG parameters.....................................................................................102<br />
GET_DIR_CONFIG runtime errors..................................................................................102<br />
GET_DIR_CONFIG return messages..............................................................................102<br />
IMPORT_SSH_KEY...........................................................................................................104<br />
IMPORT_SSH_KEY parameters......................................................................................105<br />
IMPORT_SSH_KEY runtime errors..................................................................................105<br />
MOD_DIR_CONFIG........................................................................................................105<br />
MOD_DIR_CONFIG parameters...................................................................................108<br />
MOD_DIR_CONFIG runtime errors................................................................................109<br />
MOD_KERBEROS........................................................................................................109<br />
BLADESYSTEM_INFO............................................................................................................110<br />
GET_OA_INFO...............................................................................................................110<br />
GET_OA_INFO parameters..........................................................................................110<br />
GET_OA_INFO runtime errors......................................................................................110<br />
GET_OA_INFO return messages...................................................................................111<br />
SERVER_INFO......................................................................................................................111<br />
GET_SERVER_NAME........................................................................................................111<br />
GET_SERVER_NAME return message.............................................................................112<br />
GET_SERVER_NAME runtime errors...............................................................................112<br />
SERVER_NAME...............................................................................................................112<br />
SERVER_NAME parameters..........................................................................................112<br />
SERVER_NAME return message....................................................................................112<br />
SERVER_NAME runtime errors......................................................................................112<br />
GET_EMBEDDED_HEALTH................................................................................................113<br />
GET_EMBEDDED_HEALTH parameters...........................................................................113<br />
GET_EMBEDDED_HEALTH return messages....................................................................113<br />
GET_POWER_READINGS.................................................................................................120<br />
GET_POWER_READINGS parameters............................................................................120<br />
GET_POWER_READINGS return messages.....................................................................120<br />
GET_PWREG..................................................................................................................120<br />
GET_PWREG parameters.............................................................................................121<br />
GET_PWREG return messages......................................................................................121<br />
GET_PWREG runtime errors..........................................................................................121<br />
SET_PWREG...................................................................................................................121<br />
SET_PWREG parameters..............................................................................................121<br />
SET_PWREG runtime errors..........................................................................................122<br />
GET_POWER_CAP..........................................................................................................122<br />
GET_POWER_CAP parameters.....................................................................................122<br />
GET_POWER_CAP return messages..............................................................................122<br />
SET_POWER_CAP...........................................................................................................122<br />
SET_POWER_CAP parameters......................................................................................123<br />
SET_POWER_CAP runtime errors...................................................................................123<br />
GET_HOST_POWER_SAVER_STATUS.................................................................................123<br />
GET_HOST_POWER_SAVER_STATUS parameters............................................................123<br />
GET_HOST_POWER_SAVER_STATUS runtime errors.........................................................123<br />
GET_HOST_POWER_SAVER_STATUS return messages.....................................................124<br />
SET_HOST_POWER_SAVER..............................................................................................124<br />
SET_HOST_POWER_SAVER parameters.........................................................................124<br />
SET_HOST_POWER_SAVER runtime errors......................................................................124<br />
GET_HOST_POWER_STATUS............................................................................................124<br />
GET_HOST_POWER_STATUS Parameters.......................................................................125<br />
GET_HOST_POWER_STATUS Runtime Errors...................................................................125<br />
GET_HOST_POWER_STATUS Return Messages...............................................................125<br />
Contents 7
SET_HOST_POWER.........................................................................................................125<br />
SET_HOST_POWER Parameters....................................................................................125<br />
SET_HOST_POWER Runtime Errors................................................................................125<br />
GET_HOST_PWR_MICRO_VER..........................................................................................126<br />
GET_HOST_PWR_MICRO_VER parameters....................................................................126<br />
GET_HOST_PWR_MICRO_VER runtime errors.................................................................126<br />
GET_HOST_PWR_MICRO_VER return messages..............................................................126<br />
RESET_SERVER................................................................................................................126<br />
RESET_SERVER error messages......................................................................................127<br />
RESET_SERVER parameters...........................................................................................127<br />
PRESS_PWR_BTN.............................................................................................................127<br />
PRESS_PWR_BTN parameters.......................................................................................127<br />
PRESS_PWR_BTN runtime errors....................................................................................127<br />
SERVER_AUTO_PWR........................................................................................................127<br />
SERVER_AUTO_PWR parameters..................................................................................128<br />
SERVER_AUTO_PWR runtime errors...............................................................................128<br />
GET_SERVER_AUTO_PWR................................................................................................128<br />
GET_SERVER_AUTO_PWR parameters...........................................................................128<br />
GET_SERVER_AUTO_PWR return message.....................................................................128<br />
GET_UID_STATUS............................................................................................................129<br />
GET_UID_STATUS parameters.......................................................................................129<br />
GET_UID_STATUS response..........................................................................................129<br />
UID_CONTROL...............................................................................................................129<br />
UID_CONTROL parameters..........................................................................................129<br />
UID_CONTROL errors..................................................................................................129<br />
SSO_INFO..........................................................................................................................130<br />
GET_SSO_SETTINGS.......................................................................................................130<br />
GET_SSO_SETTINGS parameters..................................................................................130<br />
GET_SSO_SETTINGS return messages...........................................................................130<br />
MOD_SSO_SETTINGS.....................................................................................................131<br />
MOD_SSO_SETTINGS parameters................................................................................132<br />
MOD_SSO_SETTINGS runtime errors.............................................................................132<br />
SSO_SERVER..................................................................................................................133<br />
SSO_SERVER parameters.............................................................................................133<br />
SSO_SERVER runtime errors..........................................................................................134<br />
DELETE_SERVER...............................................................................................................134<br />
DELETE_SERVER parameters.........................................................................................135<br />
DELETE_SERVER runtime errors......................................................................................135<br />
9 Secure Shell...........................................................................................136<br />
SSH overview.......................................................................................................................136<br />
<strong>Support</strong>ed SSH features.........................................................................................................136<br />
Using Secure Shell................................................................................................................136<br />
SSH key authorization...........................................................................................................137<br />
Tool definition files...........................................................................................................137<br />
Mxagentconfig utility........................................................................................................137<br />
Importing SSH keys from PuTTY...............................................................................................138<br />
Importing SSH keys generated using ssh-keygen........................................................................140<br />
10 PERL scripting.......................................................................................141<br />
Using PERL with the XML scripting interface..............................................................................141<br />
XML enhancements...............................................................................................................141<br />
Opening an SSL connection...................................................................................................142<br />
Sending the XML header <strong>and</strong> script body................................................................................142<br />
8 Contents
11 <strong>iLO</strong> 3 ports...........................................................................................144<br />
Enabling the Shared Network Port feature through XML scripting.................................................144<br />
Re-enabling the dedicated NIC management port.....................................................................144<br />
12 <strong>Support</strong> <strong>and</strong> other resources...................................................................145<br />
Information to collect before contacting <strong>HP</strong>...............................................................................145<br />
How to contact <strong>HP</strong>................................................................................................................145<br />
Registering for software technical support <strong>and</strong> update service.....................................................145<br />
How to use your software technical support <strong>and</strong> update service.............................................145<br />
<strong>HP</strong> authorized resellers..........................................................................................................146<br />
Related information...............................................................................................................146<br />
13 Documentation feedback.......................................................................147<br />
Glossary..................................................................................................148<br />
Index.......................................................................................................150<br />
Contents 9
1 Introduction<br />
<strong>Scripting</strong> <strong>and</strong> comm<strong>and</strong> line guide overview<br />
<strong>HP</strong> <strong>iLO</strong> 3 provides multiple ways to configure, update, <strong>and</strong> operate <strong>HP</strong> ProLiant servers remotely.<br />
The <strong>HP</strong> <strong>iLO</strong> User <strong>Guide</strong> describes each feature <strong>and</strong> explains how to use these features with the<br />
browser-based interface <strong>and</strong> RBSU. For more information, see the <strong>HP</strong> <strong>iLO</strong> User <strong>Guide</strong> on the <strong>HP</strong><br />
website at http://www.hp.com/go/ilo3 <strong>and</strong> click More <strong>iLO</strong> Documentation.<br />
The <strong>HP</strong> <strong>iLO</strong> <strong>Scripting</strong> <strong>and</strong> Comm<strong>and</strong> <strong>Line</strong> <strong>Guide</strong> describes the syntax <strong>and</strong> tools available to use<br />
<strong>iLO</strong> 3 through a comm<strong>and</strong> line or scripted interface.<br />
Sample XML scripts downloaded from the <strong>HP</strong> website contain comm<strong>and</strong>s for all <strong>iLO</strong> firmware.<br />
Unless otherwise specified, the examples in this guide are for <strong>iLO</strong> 3 firmware version 1.50 <strong>and</strong><br />
later. Before using the sample scripts, review the firmware support information in each script to<br />
tailor the script for the intended firmware <strong>and</strong> version. Download the sample scripts from the <strong>HP</strong><br />
website at http://www.hp.com/go/<strong>iLO</strong>3. Click <strong>iLO</strong> Sample Scripts under <strong>iLO</strong> <strong>Support</strong> <strong>and</strong><br />
Downloads.<br />
Throughout this manual, <strong>iLO</strong> 3 is referred to as <strong>iLO</strong>.<br />
In addition to the GUI, the <strong>iLO</strong> firmware provides multiple ways to configure <strong>and</strong> control <strong>iLO</strong> <strong>and</strong><br />
the server using scripts <strong>and</strong> comm<strong>and</strong> line instructions.<br />
The scripting tools provide a method to configure multiple <strong>iLO</strong> systems, to incorporate a st<strong>and</strong>ard<br />
configuration into the deployment process, <strong>and</strong> to control servers <strong>and</strong> subsystems. Using the scripting<br />
tools enables you to:<br />
• Change the Administrator password on all your <strong>iLO</strong> systems<br />
• Configure LDAP directory service settings<br />
• Control the server power state<br />
• Attach a virtual media CD/DVD to the host server<br />
• Update the <strong>iLO</strong> firmware<br />
• Retrieve power consumption data<br />
• Issue various configuration <strong>and</strong> control comm<strong>and</strong>s<br />
The comm<strong>and</strong> line tools provide quick <strong>and</strong> easy methods to send comm<strong>and</strong>s to the <strong>iLO</strong> firmware<br />
<strong>and</strong> host servers.<br />
<strong>Scripting</strong> <strong>and</strong> comm<strong>and</strong> line utilities<br />
This section describes the following scripting <strong>and</strong> comm<strong>and</strong> line tools:<br />
• CPQLOCFG.EXE<br />
• LOCFG.PL<br />
• <strong>HP</strong>ONCFG.EXE<br />
• SMASH CLP<br />
• IPMI<br />
CPQLOCFG Utility<br />
10 Introduction<br />
The CPQLOCFG.EXE utility is a Windows comm<strong>and</strong> line utility that sends XML configuration <strong>and</strong><br />
control scripts over the network to <strong>iLO</strong>. Run this utility manually from a Windows comm<strong>and</strong> prompt,<br />
or create a batch file to run the same script to many <strong>iLO</strong> devices. CPQLOCFG also integrates with<br />
<strong>HP</strong> SIM for easy launching of the same script on multiple devices.<br />
CPQLOCFG version 3.5.0 is required for use with <strong>iLO</strong> firmware version3.
LOCFG.PL Script<br />
The LOCFG.PL scripting utility is a PERL script that provides similar functionality as the CPQLOCFG<br />
utility. Run this tool on any client that has a compatible PERL environment (including OpenSSL)<br />
installed. This tool uses the same XML scripts as CPQLOCFG input files.<br />
<strong>HP</strong>ONCFG Utility<br />
SMASH CLP<br />
IPMI<br />
Use the <strong>HP</strong>ONCFG.EXE utility to send XML configuration <strong>and</strong> control scripts (the same scripts as<br />
CPQLOCFG) from the server host operating system to <strong>iLO</strong>. <strong>HP</strong>ONCFG has both Windows <strong>and</strong><br />
Linux versions. One common usage is to run an <strong>HP</strong>ONCFG script to configure <strong>iLO</strong> to a st<strong>and</strong>ard<br />
configuration at the end of your server deployment process. <strong>HP</strong>ONCFG integrates with <strong>HP</strong> RDP<br />
<strong>and</strong> also runs at the end of an unattended OS installation.<br />
When you run <strong>HP</strong>ONCFG from the host operating system, you must be logged in to the host server<br />
using an Administrator or root level user account. An <strong>iLO</strong> user ID <strong>and</strong> password is not required.<br />
Windows server operating systems also have the <strong>HP</strong>ONCFG_GUI.EXE utility. This utility provides<br />
the same basic configuration capabilities as the <strong>iLO</strong> F8 ROM-RBSU during the server boot-up<br />
process.<br />
Version 3.5.0 of <strong>HP</strong>ONCFG is required for use with the <strong>iLO</strong> 3 firmware.<br />
SMASH CLP is the DMTF suite of specifications that deliver industry-st<strong>and</strong>ard protocols <strong>and</strong> profiles<br />
to unify the management of the data center. The SMASH CLP specification enables simple <strong>and</strong><br />
intuitive management of heterogeneous servers in a data center.<br />
SMASH CLP provides a st<strong>and</strong>ardized set of comm<strong>and</strong>s for configuration <strong>and</strong> control of management<br />
processors (called Management Access Points) <strong>and</strong> host systems. On <strong>iLO</strong>, access SMASH CLP<br />
through the SSH port.<br />
The IPMI specification is a st<strong>and</strong>ard that defines a set of common interfaces to a computer system.<br />
System administrators can use IPMI to monitor system health <strong>and</strong> manage the system. IPMI 2.0<br />
defines a m<strong>and</strong>atory system interface, <strong>and</strong> an optional LAN interface. The <strong>iLO</strong> processor supports<br />
both interfaces.<br />
The IPMI specification defines a st<strong>and</strong>ardized interface for platform management. The IPMI<br />
specification defines the following types of platform management:<br />
• Monitors the status of system information, such as fans, temperatures, <strong>and</strong> power supplies<br />
• Recovery capabilities, such as system resets <strong>and</strong> power on/off operations<br />
• Logging capabilities for abnormal events, such as over-temperature readings or fan failures<br />
• Inventory capabilities, such as identifying failed hardware components<br />
IPMI comm<strong>and</strong>s are sent to <strong>iLO</strong> using a third-party or open source utility, such as IPMITOOL,<br />
IPMIUTIL, OpenIPMI or FreeIPMI.<br />
You must be familiar with IPMI specifications when issuing raw comm<strong>and</strong>s. For additional<br />
information, see the IPMI specification on the Intel website at http://www.intel.com/design/servers/<br />
ipmi/tools.htm.<br />
New in this version<br />
This guide reflects changes in the <strong>iLO</strong> 3 firmware. This guide covers <strong>iLO</strong> 3 version 1.50 <strong>and</strong> later.<br />
Updated/added RIBCL comm<strong>and</strong>s:<br />
• Added<br />
• Added GET_SECURITY_MSG comm<strong>and</strong><br />
New in this version 11
• Added SET_SECURITY_MSG comm<strong>and</strong><br />
• Added GET_ASSET_TAG comm<strong>and</strong><br />
• Added SET_ASSET_TAG comm<strong>and</strong><br />
• Added FIPS_ENABLE comm<strong>and</strong><br />
• Added GET_FIPS_STATUS comm<strong>and</strong><br />
• Updated CERTIFICATE_SIGNING_REQUEST comm<strong>and</strong><br />
• Updated SET_ONE_TIME_BOOT comm<strong>and</strong><br />
• Updated HOLD_PWR_BTN comm<strong>and</strong><br />
• Updated MOD_NETWORK_SETTINGS comm<strong>and</strong><br />
• Updated MOD_DIR_CONFIG comm<strong>and</strong> (for schema-free directory scripts)<br />
<strong>HP</strong> Insight Control server deployment<br />
12 Introduction<br />
<strong>HP</strong> Insight Control server deployment integrates with <strong>iLO</strong> to enable the management of remote<br />
servers <strong>and</strong> to monitor the performance of remote console operations, regardless of the state of<br />
the operating system or hardware.<br />
The deployment server provides the capability to use the power management features of <strong>iLO</strong> to<br />
power on, power off, or cycle power on the target server. Each time a server connects to the<br />
deployment server, the deployment server polls the target server to verify the presence of a LOM<br />
management device. If installed, the server gathers information, including the DNS name, IP<br />
address, <strong>and</strong> user login name. Security is maintained by requiring the user to enter the correct<br />
password for that user name.<br />
For more information about the <strong>HP</strong> Insight Control server deployment, see the documentation that<br />
ships on the <strong>HP</strong> Insight software DVD, or the <strong>HP</strong> website at http://www.hp.com/go/insightcontrol.
2 CPQLOCFG usage<br />
CPQLOCFG Utility<br />
The CPQLOCFG.EXE utility is a Windows-based utility that connects to <strong>iLO</strong> using a secure connection<br />
over the network. RIBCL scripts are passed to <strong>iLO</strong> over the secure connection to CPQLOCFG. This<br />
utility requires a valid user ID <strong>and</strong> password with the appropriate privileges. Launch the CPQLOCFG<br />
utility from <strong>HP</strong> SIM for Group Administration, or launch it independently from a comm<strong>and</strong> prompt<br />
for batch processing.<br />
Download this utility from the <strong>HP</strong> website at: http://www.hp.com/support/ilo3.<br />
Version 3.5.0 or later of CPQLOCFG is required to support all features of <strong>iLO</strong> 3 v1.50.<br />
<strong>HP</strong> SIM discovers <strong>iLO</strong> devices as management processors. CPQLOCFG sends a RIBCL file to a<br />
group of <strong>iLO</strong> devices to manage the user accounts for those <strong>iLO</strong> devices. The <strong>iLO</strong> devices then<br />
perform the action designated by the RIBCL file <strong>and</strong> send a response to the log file.<br />
Use CPQLOCFG to execute RIBCL scripts on <strong>iLO</strong>. CPQLOCFG must reside on the same server as<br />
<strong>HP</strong> SIM. CPQLOCFG generates two types of error messages; runtime errors, <strong>and</strong> syntax errors.<br />
• Runtime errors occur when an invalid action is requested. Runtime errors are logged to the<br />
following directory:<br />
C:\Program Files\<strong>HP</strong>\Systems Insight Manager\<br />
• Syntax errors occur when an invalid XML tag is encountered. When a syntax error occurs,<br />
CPQLOCFG stops running <strong>and</strong> logs the error in the runtime script <strong>and</strong> output log file.<br />
Syntax errors use the following format:<br />
Syntax error: expected X but found Y.<br />
For example:<br />
Syntax error: expected USER_LOGIN=userlogin<br />
but found USER_NAME=username<br />
Unauthenticated XML query<br />
If configured to do so, the <strong>iLO</strong> device returns identifying information in response to an<br />
unauthenticated XML query. By default, the <strong>iLO</strong> device is configured to return this information. To<br />
disable this feature, set the CIM_SECURITY_MASK in the MOD_SNMP_IM_SETTINGS comm<strong>and</strong><br />
to disable unauthenticated XML query return information.<br />
You can also disable the unauthenticated XML query information through the <strong>iLO</strong> web interface:<br />
1. Go to Administration→Management.<br />
The Management page appears.<br />
2. Under the Insight Management Integration heading, click the menu for the Level of Data<br />
Returned option.<br />
There are two options in the menu:<br />
• 1) Enabled (<strong>iLO</strong>+Server Association Data)<br />
• 2) Disabled (No Response to Request)<br />
3. Select 2) Disabled (No Response to Request) to disable unauthenticated XML query return<br />
information<br />
NOTE: You must have unauthenticated XML query enabled if you are performing device discoveries<br />
with <strong>HP</strong> SIM.<br />
CPQLOCFG Utility 13
To obtain unauthenticated identifying information, submit the following comm<strong>and</strong> to the <strong>iLO</strong> web<br />
server port (or select option 1) Enabled (<strong>iLO</strong>+Server Association Data) from <strong>iLO</strong>):<br />
https://iloaddress/xmldata?item=all<br />
A typical response is:<br />
<br />
<br />
ABC12345678<br />
ProLiant BL460c Gen8<br />
BL4608CN71320ZNN<br />
0<br />
36344C42-4E43-3830-3731-33305A4E4E32<br />
<br />
Inactive<br />
<br />
<br />
<br />
<br />
<br />
BL4608-101<br />
<br />
<br />
1<br />
00:17:a4:77:08:02<br />
<br />
<br />
2<br />
00:17:a4:77:08:04<br />
<br />
<br />
3<br />
00:17:a4:77:08:00<br />
<br />
<br />
4<br />
9c:8e:99:13:20:cd<br />
<br />
<br />
5<br />
9c:8e:99:13:20:ca<br />
<br />
<br />
6<br />
9c:8e:99:13:20:ce<br />
<br />
<br />
7<br />
9c:8e:99:13:20:cb<br />
<br />
<br />
8<br />
9c:8e:99:13:20:cf<br />
<br />
<br />
<br />
<br />
1<br />
Integrated Lights-Out 4 (<strong>iLO</strong> 4)<br />
1.01<br />
08/30/2011<br />
ASIC: 16<br />
ILOABC12345678<br />
ILOBL4608ABC12345678<br />
14 CPQLOCFG usage
1<br />
0<br />
3.0<br />
0<br />
1<br />
<br />
<br />
1<br />
<br />
Onboard Administrator<br />
123.456.78.90<br />
TestRACK<br />
TestRACKEnc-C<br />
2<br />
<br />
<br />
<br />
Creating a system collection in <strong>HP</strong> SIM<br />
To quickly see all system management processors, login to SIM <strong>and</strong> in the System <strong>and</strong> Event<br />
Collections panel, scroll down to <strong>and</strong> select All Management Processors. The All Management<br />
Processors page appears.<br />
To create a custom group of all <strong>iLO</strong> devices (or by <strong>iLO</strong> version), create a system collection.<br />
1. In the System <strong>and</strong> Event Collections panel, click Customize. The Customize Collections page<br />
appears.<br />
2. In the Show collections of dropdown list, select Systems. All available system or cluster<br />
collections appear.<br />
3. Click New. The New Collection section appears.<br />
4. Select Choose members by attributes.<br />
5. In the Search for dropdown list, select systems .<br />
6. In the where dropdown, select system sub type, <strong>and</strong> select is from the inclusion/exclusion<br />
dropdown.<br />
7. Select an Integrated Lights-Out choice from the system sub type dropdown at the right.<br />
8. Click one of the following:<br />
• View — to run the search <strong>and</strong> display results immediately.<br />
• Save as Collection — to save the collection.<br />
• Cancel — to close the New Collection section without saving any changes.<br />
Application Launch using <strong>HP</strong> SIM<br />
Use custom tools in <strong>HP</strong> SIM to combine RIBCL, CPQLOCFG, <strong>and</strong> system collection to manage<br />
Group Administration of <strong>iLO</strong> devices. Custom tools are executed on the CMS <strong>and</strong> on target systems.<br />
You can create a remote tool that runs on selected targeted systems, <strong>and</strong> even schedule it execution.<br />
For more information about custom tools, see the <strong>HP</strong> SIM help.<br />
Batch processing using CPQLOCFG<br />
Group Administration is also delivered to <strong>iLO</strong> through batch processing. The components used by<br />
batch processing are CPQLOCFG, an RIBCL file, <strong>and</strong> a batch file.<br />
The following example shows a sample batch file used to perform the Group Administration for<br />
<strong>iLO</strong>:<br />
REM Updating the <strong>HP</strong> Integrated Lights-Out 3 board<br />
REM Repeat line for each board to be updated<br />
Creating a system collection in <strong>HP</strong> SIM 15
REM<br />
CPQLOCFG -S RIB1 -F C:\...SCRIPT.XML -L RIB1LOG.TXT -V<br />
CPQLOCFG -S RIB2 -F C:\...SCRIPT.XML -L RIB2LOG.TXT -V<br />
CPQLOCFG -S RIB3 -F C:\...SCRIPT.XML -L RIB3LOG.TXT -V<br />
.<br />
.<br />
.<br />
RIBNLOG -S RIBN -F C:\...SCRIPT.XML -L LOGFILE.TXT -V<br />
CPQLOCFG overwrites any existing log files.<br />
CPQLOCFG parameters<br />
• The -S switch determines the <strong>iLO</strong> that is to be updated. This switch is either the DNS name<br />
or IP address of the target server. When using IPv6 addresses, you can optionally add the<br />
port number preceded by a colon ().<br />
NOTE: Do not use this switch if you are launching from <strong>HP</strong> SIM. <strong>HP</strong> SIM automatically<br />
provides the address of the <strong>iLO</strong> when you launch CPQLOCFG.<br />
• The -F switch gives the full path location <strong>and</strong> name of the RIBCL file that contains the actions<br />
to be performed on the board.<br />
• The -U <strong>and</strong> -P switches specify the user login name <strong>and</strong> password. These options enable the<br />
login information within the script file to be overridden.<br />
Ensure that CPQLOCFG is in a directory referenced by the PATH environment variable. Any log<br />
files generated are placed in the same directory as the CPQLOCFG executable.<br />
NOTE:<br />
• If you are not using the comm<strong>and</strong> line to enter the user name <strong>and</strong> password, <strong>and</strong> are using<br />
an XML file, use the double-quotes special character (") as delimeters. However, if you must<br />
use " inside the user name or password in the XML file, change the outside double quote<br />
delimeters to single quotes (').<br />
For example:<br />
("Username") must be entered via XML file as '("Username")'.<br />
If you use CPQLOCFG or LOCFG, <strong>and</strong> enter the password or comm<strong>and</strong> on the comm<strong>and</strong> line<br />
with the -p option, you cannot use the double-quotes special character ("). There are two<br />
other special characters, the ampers<strong>and</strong> (&) <strong>and</strong> the less-than sign (
NOTE: Do not use this switch if launching from <strong>HP</strong> SIM.<br />
The output values may need to be modified to match the RIBCL syntax.<br />
The –L switch cannot designate an output log file. A default log file named with the DNS<br />
name or the IP address is created in the same directory where CPQLOCFG is launched.<br />
• The optional -V switch turns on the verbose message return. The resulting log file contains all<br />
comm<strong>and</strong>s sent to the Remote Insight board, all responses from the Remote Insight board, <strong>and</strong><br />
any errors. By default, only errors <strong>and</strong> responses from GET comm<strong>and</strong>s are logged without<br />
this switch.<br />
• The -t namevaluepairs switch substitutes variables (%variable%) in the input file with<br />
values specified in name-value pairs. Separate multiple name-value pairs with a comma.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
From the comm<strong>and</strong> line, enter:<br />
cpqlocfg -f filename -s serverip -t user=Admin,password=pass<br />
If the parameter contains multiple words, you must enclose the phrase within double quotes<br />
(" "). Up to 25 variables are supported in an XML file. The maximum length of variable name<br />
is 48 characters.<br />
Web agent example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Invoke the script using:<br />
Cpqlocfg –s ipV4 addr –f file name –u username –p password –t substitute variable<br />
For IPv6, without specifying the port number, invoke the script using:<br />
Cpqlocfg –s [ipV6 addr] –f file name –u username –p password –t substitute variable<br />
or<br />
Cpqlocfg –s ipV6 addr –f file name –u username –p password –t substitute variable<br />
For IPv6, when specifying the port number, invoke the script using the following:<br />
Cpqlocfg –s [ipV6 addr]:443 –f file name –u username –p password –t substitute variable<br />
When replacing a token that requires double quotes, use single quotes around the token.<br />
For information on the syntax of the XML data files, see “RIBCL XML <strong>Scripting</strong> Language” (page 56).<br />
Sample XML scripts are available on the <strong>HP</strong> website at www.hp.com/go/<strong>iLO</strong>3.<br />
CPQLOCFG parameters 17
3 LOCFG.PL usage<br />
LOCFG.PL Utility<br />
To use the LOCFG.PL utility, you must have the following PERL modules:<br />
• Net::SSLeay<br />
• IO::Socket::SSL<br />
You must also have a valid <strong>iLO</strong> user account <strong>and</strong> password for each XML script to use LOCFG.PL.<br />
To process the request, your account must have the appropriate <strong>iLO</strong> privileges.<br />
The LOCFG.PL script connects to <strong>iLO</strong> using an SSL connection.<br />
For example:<br />
perl locfg.pl -s {servername|ipaddress}[:port] [-l logfilename]-f<br />
input_filename [-u username -p password] [<strong>iLO</strong> 3]<br />
Where:<br />
-s servername DNS name of target server.<br />
Do not use this switch if launching from <strong>HP</strong> SIM.<br />
-s ipaddress IP address of the target server.<br />
Do not use this switch if launching from <strong>HP</strong> SIM.<br />
:port If a port is not specified, the port defaults to :443.<br />
-l logfilename Name of the file to log all output to.<br />
A default file with the server name <strong>and</strong> IP address is created if this<br />
option is not specified.<br />
Do not use this switch if launching from <strong>HP</strong> SIM.<br />
-f input_filename Filename containing the RIB comm<strong>and</strong>s.<br />
-u username Comm<strong>and</strong> line user name.<br />
-p password Comm<strong>and</strong> line password.<br />
The comm<strong>and</strong> line user name <strong>and</strong> password override the user name<br />
<strong>and</strong> password in the script file.<br />
<strong>iLO</strong> 3 Specifies the type of targeted management processor.<br />
This flag is optional. Without this flag, LOCFG.PL detects the <strong>iLO</strong> type<br />
automatically. The <strong>iLO</strong> 3 firmware performs better when this flag is<br />
present.<br />
NOTE: Use -u <strong>and</strong> -p with caution, because comm<strong>and</strong> line options are visible on Linux systems.<br />
For more information, see “RIBCL XML <strong>Scripting</strong> Language” (page 56).<br />
18 LOCFG.PL usage
4 <strong>HP</strong>ONCFG online configuration utility<br />
<strong>HP</strong>ONCFG<br />
The <strong>HP</strong>ONCFG utility is an online configuration tool used to set up <strong>and</strong> configure <strong>iLO</strong> from within<br />
Windows <strong>and</strong> Linux operating systems without requiring a reboot of the server operating system.<br />
<strong>HP</strong>ONCFG runs in a comm<strong>and</strong> line mode <strong>and</strong> must be executed from an operating system comm<strong>and</strong><br />
line using an account with administrator or root access. <strong>HP</strong>ONCFG provides a limited graphical<br />
interface for servers that use Windows operating systems.<br />
<strong>HP</strong>ONCFG supported operating systems<br />
• Windows<br />
◦<br />
Windows Server 2008 R1 <strong>and</strong> R2<br />
◦ Windows Server 2012<br />
◦ Windows Server 2003<br />
• Red Hat Linux<br />
◦<br />
Red Hat Linux Enterprise Linux 5<br />
◦ Red Hat Linux Enterprise Linux 6<br />
• SUSE Linux<br />
◦<br />
SUSE Linux Enterprise Server 10<br />
◦ SUSE Linux Enterprise Server 11<br />
• VMware<br />
◦ VMware 5<br />
<strong>HP</strong>ONCFG requirements<br />
Windows-based servers—The <strong>iLO</strong> Management Interface Driver must be loaded on the server. The<br />
SmartStart operating system installation process normally installs this driver. During execution,<br />
<strong>HP</strong>ONCFG issues a warning if it cannot locate the driver. If the driver is not installed, you must<br />
download <strong>and</strong> install the driver on the server. Download the driver from the <strong>HP</strong> website at:<br />
http://www.hp.com/support/ilo3<br />
Installing <strong>HP</strong>ONCFG<br />
The <strong>HP</strong>ONCFG utility is delivered in separate packages for Windows <strong>and</strong> Linux operating systems.<br />
For Windows operating systems, it is included as a smart component. For Linux operating systems,<br />
it is included as an RPM package file. <strong>HP</strong>ONCFG packages are included in the ProLiant <strong>Support</strong><br />
Pack.<br />
Windows server installation<br />
<strong>HP</strong>ONCFG installs automatically when the ProLiant <strong>Support</strong> Pack is installed. To install <strong>HP</strong>ONCFG<br />
manually, run the self-extracting executable.<br />
<strong>HP</strong>ONCFG creates a directory at:<br />
%Program files%\<strong>HP</strong>\hponcfg.<br />
<strong>HP</strong>ONCFG 19
Linux server installation<br />
<strong>HP</strong>ONCFG is installed automatically when ProLiant <strong>Support</strong> Pack is installed. Download the<br />
<strong>HP</strong>ONCFG RPM package for Linux distributions from the <strong>HP</strong> website. Install the appropriate<br />
package using the RPM installation utility.<br />
For example, for a package installation, install the <strong>HP</strong>ONCFG RPM package on Red Hat Enterprise<br />
Linux 5 by entering the following comm<strong>and</strong>:<br />
rpm -ivh hponcfg-3.5.0.linux.rpm<br />
If you have an older version of the <strong>HP</strong>ONCFG RPM package installed on the system, run the<br />
following comm<strong>and</strong> to remove the older version before installing the new version of <strong>HP</strong>ONCFG:<br />
rpm –e hponcfg<br />
The hp-ilo rpm package <strong>and</strong> the hp-health rpm package must be installed on the system<br />
before installing the hponcfg rpm package.<br />
After installation, the <strong>HP</strong>ONCFG executable is located in the /sbin directory. Be sure that the<br />
appropriate Management Interface Driver is installed. For details about where to obtain this driver<br />
<strong>and</strong> file, see “<strong>HP</strong>ONCFG requirements” (page 19).<br />
<strong>HP</strong>ONCFG utility<br />
The <strong>HP</strong>ONCFG configuration utility reads an XML input file, formatted according to the rules of<br />
the RIBCL language, <strong>and</strong> produces a log file containing the requested output. A few sample scripts<br />
are included in the <strong>HP</strong>ONCFG delivery package. A package containing various <strong>and</strong> comprehensive<br />
sample scripts is available for download on the <strong>HP</strong> website at: http://www.hp.com/go/ilo. Click<br />
<strong>iLO</strong> Sample Scripts under <strong>iLO</strong> <strong>Support</strong> <strong>and</strong> Downloads.<br />
Typical usage is to select a script that is similar to the desired functionality <strong>and</strong> modify it for your<br />
exact requirements. Although no authentication to <strong>iLO</strong> is required, the XML syntax requires that<br />
the USER_LOGIN <strong>and</strong> PASSWORD tags are present in the LOGIN tag, <strong>and</strong> that these fields contain<br />
data. Any data is accepted in these fields. To successfully execute <strong>HP</strong>ONCFG, the utility must be<br />
invoked as Administrator on Windows servers <strong>and</strong> as root on Linux servers. <strong>HP</strong>ONCFG returns<br />
an error message if you do not possess sufficient privileges.<br />
<strong>HP</strong>ONCFG comm<strong>and</strong> line parameters<br />
<strong>HP</strong>ONCFG accepts the following comm<strong>and</strong> line parameters:<br />
/help or ? Displays the help page<br />
/reset Resets the <strong>iLO</strong> to factory default values<br />
/f filename Sets <strong>and</strong> receives the <strong>iLO</strong> configuration from the information<br />
given in the XML input file that has name filename<br />
/i filename Sets <strong>and</strong> receives <strong>iLO</strong> configuration from XML input received<br />
through the st<strong>and</strong>ard input stream<br />
/w filename Writes the <strong>iLO</strong> configuration obtained from the device to<br />
the XML output file named filename<br />
/l filename Logs replies to the text log file that has name filename<br />
/s namevaluepairs or<br />
/substitute namevaluepairs<br />
Substitutes variables present in the input config file with<br />
values specified in namevaluepairs<br />
/get_hostinfo Receives the host information. Returns the server name <strong>and</strong><br />
server serial number<br />
/m Indicates the minimum firmware level that should be present<br />
in the management device to execute the RIBCL script. If at<br />
least this level of firmware is not present, <strong>HP</strong>ONCFG returns<br />
an error without performing any additional action<br />
20 <strong>HP</strong>ONCFG online configuration utility
mouse Configures the server for optimized mouse h<strong>and</strong>ling to<br />
improve graphical remote console performance. By default,<br />
it optimizes for remote console single cursor mode for the<br />
current user. The dualcursor comm<strong>and</strong> line option, along<br />
with the mouse option, optimizes mouse h<strong>and</strong>ling as suited<br />
for remote console dual-cursor mode. The allusers<br />
comm<strong>and</strong> line option optimizes mouse h<strong>and</strong>ling for all users<br />
on the system. This option is available only for Windows<br />
/display Configures Windows display parameters to optimize<br />
graphical remote console display performance<br />
These options must be preceded by a slash (/) for Windows <strong>and</strong> Linux as specified in the usage<br />
string.<br />
For example:<br />
hponcfg /f add_user.xml /l log.txt > output.txt<br />
Using <strong>HP</strong>ONCFG on Windows servers<br />
Start the <strong>HP</strong>ONCFG configuration utility from the comm<strong>and</strong> line. When using Windows, cmd.exe<br />
is available by selecting Start→Run→cmd. <strong>HP</strong>ONCFG displays a usage page if <strong>HP</strong>ONCFG is<br />
entered with no parameters. <strong>HP</strong>ONCFG accepts a correctly formatted XML script. <strong>HP</strong>ONCFG<br />
sample scripts are included in the <strong>HP</strong>ONCFG package.<br />
For more information about formatting XML scripts, see “RIBCL XML <strong>Scripting</strong> Language” (page 56).<br />
The comm<strong>and</strong> line format is:<br />
hponcfg [ /help | /? | /m firmwarelevel | /reset [/m firmwarelevel]<br />
| /f filename [/l filename] [/s namevaluepairs]<br />
[/xmlverbose or /v][/m firmwarelevel]<br />
| /i [/l filename] [/s namevaluepairs]<br />
[/xmlverbose or /v] [/m firmwarelevel]<br />
| /w filename [/m firmwarelevel]<br />
| /get_hostinfo [/m firmwarelevel]<br />
| /mouse [/dualcursor][/allusers] ]<br />
For more information on using these parameters, see “<strong>HP</strong>ONCFG comm<strong>and</strong> line parameters”<br />
(page 20).<br />
Using <strong>HP</strong>ONCFG on Linux servers<br />
Invoke the <strong>HP</strong>ONCFG configuration utility from the comm<strong>and</strong> line. <strong>HP</strong>ONCFG displays a usage<br />
page if it is entered with no comm<strong>and</strong> line parameters.<br />
The comm<strong>and</strong> line format is:<br />
hponcfg -?<br />
hponcfg -h<br />
hponcfg -m minFw<br />
hponcfg -r [-m minFw ]<br />
hponcfg -w filename [-m minFw]<br />
hponcfg -g [-m minFw]<br />
hponcfg -f filename [-l filename] [-s namevaluepairs] [-v] [-m minFw]<br />
hponcfg -i [-l filename] [-s namevaluepairs] [-v] [-m minFw]<br />
For more information on using these parameters, see “<strong>HP</strong>ONCFG comm<strong>and</strong> line parameters”<br />
(page 20).<br />
<strong>HP</strong>ONCFG utility 21
Obtaining the basic configuration<br />
Use <strong>HP</strong>ONCFG to obtain a basic configuration from <strong>iLO</strong> 3 by executing the utility from the comm<strong>and</strong><br />
line without specifying an input file. You must provide the name of the output file on the comm<strong>and</strong><br />
line.<br />
For example:<br />
hponcfg /w config.xml<br />
In this example, the utility indicates that it obtained the data successfully <strong>and</strong> wrote the data to the<br />
output file.<br />
The following is an example of a typical output file:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
22 <strong>HP</strong>ONCFG online configuration utility
<br />
<br />
<br />
<br />
NOTE: For security reasons, user passwords are not returned.<br />
Obtaining a specific configuration<br />
Obtain a specific configuration using the appropriate XML input file.<br />
For example, the following is the contents of a typical XML input file:<br />
get_global.xml<br />
:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
The XML comm<strong>and</strong>s are read from the input file get_global.xml <strong>and</strong> are processed by the<br />
device:<br />
hponcfg /f get_global.xml /l log.txt > output.txt<br />
The requested information is returned in the log file, which, in this example, is named log.txt.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Setting a configuration<br />
Set a specific configuration by using the comm<strong>and</strong> format:<br />
hponcfg /f add_user.xml /l log.txt<br />
In this example, the input file has contents:<br />
<strong>HP</strong>ONCFG utility 23
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
The specified user is added to the device.<br />
Using variable substitution<br />
<strong>HP</strong>ONCFG version 1.2 <strong>and</strong> later enables you to specify variables in the XML RIBCL script <strong>and</strong> to<br />
assign values to those variables when you run <strong>HP</strong>ONCFG. This feature helps to avoid rewriting<br />
the XML script file every time with different values. Anything enclosed by two percent sign (%)<br />
characters in the XML file is considered a variable.<br />
In this example, %username%, %loginname%, <strong>and</strong> %password% are variables:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Specify values for these variables when you run <strong>HP</strong>ONCFG by using the substitute option. The<br />
argument must be a string or variable name <strong>and</strong> value pairs separated by a comma (,). The variable<br />
name <strong>and</strong> its value must be separated by an equal sign (=):<br />
hponcfg /f add_user.xml /s username=test<br />
user,login=testlogin,password=testpasswd<br />
In this example, %host_power% is a variable:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
24 <strong>HP</strong>ONCFG online configuration utility
• To power the system on, enter:<br />
hponcfg /f Set_Host_Power.xml /s host_power=YES<br />
• To power the system off, enter:<br />
hponcfg /f Set_Host_Power.xml /s host_power=NO<br />
Capturing <strong>and</strong> restoring a configuration<br />
Use <strong>HP</strong>ONCFG to capture basic configuration information in an XML readable file format. Use<br />
this file to set or restore the <strong>iLO</strong> configuration. This feature is available with <strong>HP</strong>ONCFG version<br />
1.2 <strong>and</strong> later. <strong>HP</strong>ONCFG writes the configuration information in the <strong>HP</strong> RIBCL format.<br />
• To capture a configuration, you must specify the name <strong>and</strong> location of the output file on the<br />
comm<strong>and</strong> line.<br />
For example:<br />
hponcfg /w config.xml<br />
<strong>HP</strong>ONCFG displays a message when it successfully writes the configuration information to<br />
the output file as requested. The following is an example of the contents of the output file:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<strong>HP</strong>ONCFG utility 25
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
For security reasons, the default user administrator <strong>and</strong> user passwords are not captured in<br />
the configuration file or returned in the response. A variable is provided in its place to use<br />
with the substitute option to provide a default password for all users when restoring a<br />
configuration. Manually change the password before using the file to restore the configuration.<br />
• To restore a configuration, the file must be sent to <strong>HP</strong>ONCFG as input using the /f or -f<br />
option. Add a default password for all users using the substitute or s option.<br />
For example:<br />
hponcfg /f config.xml /s user_password=password<br />
26 <strong>HP</strong>ONCFG online configuration utility
5 SMASH CLP usage<br />
SMASH CLP<br />
The DMTF SMASH initiative is a suite of specifications that deliver architectural semantics, industry<br />
st<strong>and</strong>ard protocols <strong>and</strong> profiles to unify the management of the data center. The SMASH CLP<br />
specification enables simple <strong>and</strong> intuitive management of heterogeneous servers in the data center.<br />
For more information, see “SMASH CLP <strong>Scripting</strong> Language” (page 30).<br />
SMASH CLP 27
6 IPMI usage<br />
The IPMI utility<br />
Use the Linux IPMI tool <strong>and</strong> Windows IPMI util applications to test the IPMI interfaces on server<br />
platforms. The Linux IPMI tool is used in environments where scripting is used as the base for<br />
platform monitoring.<br />
The Windows IPMI util has a dependency on the IPMI driver if using "in-b<strong>and</strong>" (or from a comm<strong>and</strong><br />
prompt). The Windows IPMI driver is delivered in Windows Server 2008 R2. IPMI support might<br />
be available in later updates of Windows Server 2003 R2.<br />
The Linux IPMI tool also requires the IPMI drivers (delivered in the distribution) to be enabled if<br />
utilized in-b<strong>and</strong>. The IPMI device drivers are not typically enabled to automatically start when the<br />
Linux operating system is started. If you are logged on to a Linux console (comm<strong>and</strong> prompt) as a<br />
root user, use the following comm<strong>and</strong> to initiate the IPMI device drivers for Linux:<br />
service ipmi start<br />
For more information, see the documentation provided by the specific Linux distribution.<br />
The IPMI tool supports remote IPMI protocols that provide the capability to power the server on<br />
<strong>and</strong> off, <strong>and</strong> to remotely monitor the platform. The <strong>iLO</strong> firmware supports the IPMI 2.0 RMCP+<br />
protocol for the highest level of authentication, encryption <strong>and</strong> integrity. The legacy IPMI 1.5 IPMI<br />
over LAN protocol is not supported.<br />
Basic IPMI tool usage<br />
The Linux IPMI tool is fully documented in the Linux MAN page. The man ipmitool comm<strong>and</strong><br />
provides extended documentation beyond the scope of this guide. To use IPMI tool from the Linux<br />
operating system to locally monitor a system, the IPMI drivers must be enabled. Typical in-b<strong>and</strong><br />
comm<strong>and</strong>s include the following.<br />
• To retrieve the <strong>iLO</strong> status, enter:<br />
# ipmitool mc info<br />
• To retrieve the status of <strong>iLO</strong> monitored sensors, enter:<br />
# ipmitool sensor list<br />
• To retrieve the contents of the IPMI SEL, enter:<br />
# ipmitool sel list<br />
Advanced IPMI tool usage on Linux<br />
28 IPMI usage<br />
The Linux IPMI tool has the capability to securely communicate with <strong>iLO</strong> using the IPMI 2.0 RMCP+<br />
protocol. This is the ipmitool lanplus protocol feature. For most comm<strong>and</strong>s, a valid <strong>iLO</strong> user<br />
name <strong>and</strong> password is required. Typical out-of-b<strong>and</strong> (or IPMI over LAN) comm<strong>and</strong>s include the<br />
following.<br />
• To retrieve the general <strong>iLO</strong> status, enter:<br />
# ipmitool -H IP Address or FQDN -I lanplus -U user name mc info<br />
• To power on the <strong>HP</strong> ProLiant Server, enter:<br />
# ipmitool -H IP Address or FQDN -I lanplus -U user name chassis<br />
power on<br />
• To turn on the <strong>HP</strong> ProLiant Server UID, enter:<br />
# ipmitool -H IP Address or FQDN -I lanplus -U user name chassis<br />
identify on
Most Linux IPMI tool comm<strong>and</strong>s can be issued remotely, including retrieving the IML entries <strong>and</strong><br />
current sensor readings. The following parameter is required to enable the IPMI 2.0 RMCP+<br />
protocol:<br />
-l lanplus<br />
Advanced IPMI util usage on Windows<br />
Use the Windows IPMI util application for remote IPMI access to <strong>iLO</strong>. The comm<strong>and</strong>s, although<br />
different, provide similar functionality.<br />
• To retrieve the general status of <strong>iLO</strong>, enter:<br />
C:\> ipmiutil.exe health -N IP ADDRESS -J 3 -U user name -P Password<br />
• To power the <strong>HP</strong> ProLiant server on, enter:<br />
C:\> ipmiutil.exe reset -u -N IP ADDRESS -J 3 -U user name -P<br />
Password<br />
• To power the <strong>HP</strong> ProLiant server off, enter:<br />
C:\> ipmiutil.exe reset -d -N IP ADDRESS -J 3 -U user name-P Password<br />
• To turn on the <strong>HP</strong> ProLiant server UID, enter:<br />
C:\> ipmiutil.exe led -i5 -N IP ADDRESS -J 3 -U user name -P Password<br />
NOTE: The IPMI util application only enables turning on the UID for five seconds. To keep<br />
the UID light on persistently, the IPMI util needs to be scripted in a loop with a four second<br />
delay.<br />
Advanced IPMI util usage on Windows 29
7 SMASH CLP <strong>Scripting</strong> Language<br />
SMASH CLP comm<strong>and</strong> line overview<br />
SMASH CLP provides a st<strong>and</strong>ardized set of comm<strong>and</strong>s for the configuration <strong>and</strong> control of<br />
management processors (called Management Access Points) <strong>and</strong> host systems. On <strong>iLO</strong>, SMASH<br />
CLP is accessed through the SSH port.<br />
SMASH CLP comm<strong>and</strong> line access<br />
The <strong>iLO</strong> 3 firmware features enable you to execute the supported comm<strong>and</strong>s from a SMASH CLP<br />
comm<strong>and</strong> line. Access the comm<strong>and</strong> line option from the one of the following interfaces:<br />
• A serial port using one connection<br />
• A network using SSH. This enables three simultaneous connections (an IP address or DNS<br />
name, login name, <strong>and</strong> password are required to start a session using SSH)<br />
Five network connections can be active simultaneously. After the serial CLI is enabled on the Global<br />
Settings screen, access the <strong>iLO</strong> CLI by entering:<br />
ESC (<br />
The SSH session starts after authentication.<br />
Using the comm<strong>and</strong> line<br />
After initiating a comm<strong>and</strong> line session, the <strong>iLO</strong> CLI prompt appears. Each time you execute a<br />
comm<strong>and</strong> (or you exit the Remote Console or VSP), you return to the CLI prompt as shown in the<br />
following example:<br />
hp<strong>iLO</strong>-><br />
Each time a CLI comm<strong>and</strong> executes, the returned output follows this general format:<br />
hp<strong>iLO</strong>-> CLI comm<strong>and</strong><br />
status=0<br />
status_tag=COMMAND COMPLETED<br />
… output returned…<br />
hp<strong>iLO</strong>-><br />
If an invalid comm<strong>and</strong> is entered, then the status <strong>and</strong> status_tag values reflect the error as<br />
shown:<br />
hp<strong>iLO</strong>-> boguscomm<strong>and</strong><br />
status=2<br />
status_tag=COMMAND PROCESSING FAILED<br />
error_tag=COMMAND NOT RECOGNIZED<br />
If an invalid parameter is given to a valid comm<strong>and</strong>, the response is slightly different:<br />
hp<strong>iLO</strong>-> show /bad<br />
status=2<br />
status_tag=COMMAND PROCESSING FAILED<br />
error_tag=COMMAND ERROR-UNSPECIFIED<br />
Invalid property.<br />
hp<strong>iLO</strong>-><br />
The following comm<strong>and</strong>s are supported in this release of CLP. The same comm<strong>and</strong> set is supported<br />
through the serial port <strong>and</strong> SSH connections.<br />
30 SMASH CLP <strong>Scripting</strong> Language
The privilege level of the logged in user is verified against the privilege required for the comm<strong>and</strong>.<br />
The comm<strong>and</strong> is only executed if the privilege levels match. If the serial comm<strong>and</strong> line session<br />
status is set to Enabled-No Authentication, then all the comm<strong>and</strong>s are executed without<br />
verifying the privilege level.<br />
The general syntax of a CLP comm<strong>and</strong> is:<br />
<br />
• Verbs—The supported verbs are:<br />
◦<br />
cd<br />
◦ create<br />
◦ delete<br />
◦ help<br />
◦ load<br />
◦ reset<br />
◦ set<br />
◦ show<br />
◦ start<br />
◦ stop<br />
◦ exit<br />
◦ version<br />
• Target—The default target is the /. Change the target using the cd comm<strong>and</strong>, or by specifying<br />
a target on the comm<strong>and</strong> line.<br />
• Options—The valid options are:<br />
◦<br />
-help/-h<br />
◦ -all/-a<br />
• Properties — Are the attributes of the target that can be modified.<br />
• Output — The output syntax is:<br />
◦<br />
status<br />
◦ status_tag<br />
◦ status_msg<br />
The valid Boolean values for any comm<strong>and</strong> are yes, no, true, false, y, n, t, f, 1, <strong>and</strong> 0.<br />
NOTE: If a CLP comm<strong>and</strong> spans more than one line, you cannot navigate between different lines.<br />
In the Windows PuTTy client, map the Backspace key to a value of 0x8 by changing the setting<br />
for Terminal Keyboard to Ctrl+H.<br />
Escape comm<strong>and</strong>s<br />
The escape key comm<strong>and</strong>s are shortcuts to popular tasks.<br />
Escape comm<strong>and</strong>s 31
ESC ( Invokes the serial CLI connection. This is not necessary for SSH sessions<br />
because they automatically start a CLI session after a successful login.<br />
ESC R ESC r ESC R Resets the system.<br />
ESC ^ Powers on the system.<br />
ESC ESC Erases the current line.<br />
There is a one second timeout for entering any of the escape sequence characters.<br />
Base comm<strong>and</strong>s<br />
Following are the base comm<strong>and</strong>s for use on the comm<strong>and</strong> line:<br />
help Displays context-sensitive help <strong>and</strong> all supported comm<strong>and</strong>s<br />
comm<strong>and</strong> help/? Displays the help message specific to that comm<strong>and</strong><br />
exit Terminates the CLP session<br />
cd The comm<strong>and</strong> sets the current default target. The context works like a<br />
directory path. The root context for the server is a forward slash (/) <strong>and</strong> is<br />
the starting point for a CLP system. Shorten comm<strong>and</strong>s by changing the<br />
context.<br />
For example, to find the current <strong>iLO</strong> firmware version, enter the following<br />
comm<strong>and</strong>:<br />
show /map1/firmware1<br />
show The comm<strong>and</strong> displays values of a property or contents of a collection<br />
target.<br />
For example:<br />
hp<strong>iLO</strong>-> show<br />
status=0<br />
status_tag=COMMAND COMPLETED<br />
/<br />
Targets<br />
system1<br />
map1<br />
Properties<br />
Verbs<br />
cd version exit show<br />
The first line of information returned by the show comm<strong>and</strong> is the current<br />
context. In the example, / is the current context. Following the context is a<br />
list of sub-targets (Targets) <strong>and</strong> properties (Properties) applicable to the<br />
current context. The verbs (Verbs) section shows which comm<strong>and</strong>s are<br />
applicable to this context.<br />
Specify the show comm<strong>and</strong> with an explicit or implicit context as well as<br />
a specific property. For example, an explicit context is /map1/firmware1<br />
<strong>and</strong> is not dependent on the current context, while an implicit context<br />
assumes that the context specified is a child of the current context. If the<br />
current context is /map1 then a show firmware comm<strong>and</strong> displays the<br />
/map1/firmware1 data.<br />
If you do not specify a property, then all properties are shown. In the case<br />
of the /map1/firmware1 context, two properties are available: version,<br />
<strong>and</strong> date. If you execute show /map1/firmware1 date, only the date<br />
is shown.<br />
create Creates a new instance of the MAP in the name space.<br />
32 SMASH CLP <strong>Scripting</strong> Language
delete Removes instances of the MAP in the name space.<br />
load Moves a binary image from a URL to the MAP.<br />
reset Causes a target to cycle from enabled to disabled, <strong>and</strong> back to enabled.<br />
set Sets a property or set of properties to a specific value, <strong>and</strong> resets <strong>iLO</strong> to<br />
implement the changes.<br />
start Causes a target to change the state to a higher run level.<br />
stop Causes a target to change the state to a lower run level.<br />
version The comm<strong>and</strong> queries the version of the CLP implementation or other CLP<br />
elements.<br />
For example:<br />
hp<strong>iLO</strong>-> version<br />
status=0<br />
status_tag=COMMAND COMPLETED<br />
SM-CLP Version 1.0<br />
oemhp_ping The comm<strong>and</strong> determines if an IP address is reachable from the current<br />
<strong>iLO</strong> session.<br />
Specific comm<strong>and</strong>s<br />
For example:<br />
oemhp_ping 192.168.1.1<br />
Where 192.168.1.1 is the IP address you are testing.<br />
The following sections cover <strong>iLO</strong> 3-specific comm<strong>and</strong>s available when using the comm<strong>and</strong> line,<br />
including:<br />
• “User comm<strong>and</strong>s” (page 34)<br />
• “<strong>HP</strong> SIM SSO settings” (page 34)<br />
• “Network comm<strong>and</strong>s” (page 36)<br />
• “<strong>iLO</strong> 3 settings” (page 39)<br />
• “<strong>iLO</strong> 3 embedded health settings” (page 41)<br />
• “SNMP settings” (page 43)<br />
• “License comm<strong>and</strong>s” (page 44)<br />
• “Directory comm<strong>and</strong>s” (page 44)<br />
• “Virtual Media comm<strong>and</strong>s” (page 45)<br />
• “Start <strong>and</strong> Reset comm<strong>and</strong>s” (page 48)<br />
• “Firmware update” (page 49)<br />
• “Eventlog comm<strong>and</strong>s” (page 49)<br />
• “Blade comm<strong>and</strong>s” (page 50)<br />
• “Boot comm<strong>and</strong>s” (page 50)<br />
• “LED comm<strong>and</strong>s” (page 51)<br />
• “System properties <strong>and</strong> targets” (page 52)<br />
• “Other comm<strong>and</strong>s” (page 55)<br />
Specific comm<strong>and</strong>s 33
User comm<strong>and</strong>s<br />
User comm<strong>and</strong>s enable you to view <strong>and</strong> modify user settings. Table 1 (page 34) shows the User<br />
Comm<strong>and</strong> properties. User settings are located at:<br />
/map1/accounts1.<br />
Targets<br />
All local users are valid targets. For example, if three local users have the login names<br />
Administrator, admin, <strong>and</strong> test, then valid targets are:<br />
• Administrator<br />
• admin<br />
• test<br />
Table 1 User Comm<strong>and</strong> Properties<br />
Property<br />
username<br />
password<br />
name<br />
group<br />
sshkeyhash<br />
For example<br />
Access<br />
read/write<br />
read/write<br />
read/write<br />
read/write<br />
read/write<br />
The current path is:<br />
/map1/accounts1.<br />
Description<br />
Corresponds to the <strong>iLO</strong> 3 login name.<br />
Corresponds to the password for the current user.<br />
Displays the name of the user. If a name is not specified, the parameter uses the<br />
same value as the login name (username). This value corresponds to the <strong>iLO</strong> 3<br />
user name property.<br />
Specifies the privilege level. The valid values are as follows:<br />
• admin<br />
• config<br />
• oemhp_power<br />
• oemhp_rc<br />
• oemhp_vm<br />
If you do not specify a group, no privileges are assigned to the user.<br />
Displays or modifies the user SSH key.<br />
• create username=lname1 password=password<br />
In this example, username corresponds to the login name.<br />
• create /map1/accounts1 username= password=<br />
name= group=<br />
In this example, lname1 is the login name of the user.<br />
• oemhp_loadsshkey -source http://192.168.100.1/pubkey.ppk<br />
/map1/accounts1/<br />
This example loads the SSH key to the specified user 1name1.<br />
• oemhp_deletesshkey /map1/accounts1/<br />
<strong>HP</strong> SIM SSO settings<br />
This example removes the SSH key from the account 1name1.<br />
<strong>HP</strong> SIM SSO settings comm<strong>and</strong>s are accessed using:<br />
/map1/oemhp_ssocfg1.<br />
34 SMASH CLP <strong>Scripting</strong> Language
You must have the Configure <strong>iLO</strong> Settings privilege to change these properties. SSO is only<br />
supported for browser access from trusted <strong>HP</strong> SIM servers. SSO is a licensed feature. Table 2 (page<br />
35) shows the <strong>HP</strong> SIM SSO properties. For more information, see the <strong>HP</strong> <strong>iLO</strong> User <strong>Guide</strong> on the<br />
<strong>HP</strong> website at http://www.hp.com/go/ilo3 <strong>and</strong> click More <strong>iLO</strong> Documentation.<br />
Targets<br />
None<br />
Table 2 <strong>HP</strong> SIM SSO Properties<br />
Property<br />
oemhp_ssotrust<br />
oemhp_ssouser<br />
oemhp_ssooperator<br />
oemhp_ssoadministrator<br />
oemhp_ssoserver<br />
For example<br />
Access<br />
Read/write<br />
Read/write<br />
Read/write<br />
Read/write<br />
Read<br />
Description<br />
The Single Sign-On required trust level. Valid values are:<br />
• disabled<br />
• all<br />
• name<br />
• To set the SSO trust level to trust by certificate:<br />
• certificate<br />
The privileges associated with the user role. Valid values are:<br />
• login<br />
• oemhp_rc<br />
• oemhp_power<br />
• oemhp_vm<br />
• config<br />
• admin<br />
The privileges associated with the operator role. Valid values<br />
are:<br />
• login<br />
• oemhp_rc<br />
• oemhp_power<br />
• oemhp_vm<br />
• config<br />
• admin<br />
The privileges associated with the administrator role. Valid<br />
values are:<br />
• login<br />
• oemhp_rc<br />
• oemhp_power<br />
• oemhp_vm<br />
• config<br />
• admin<br />
Contains 0 or more <strong>HP</strong> SIM Trusted Server records. Each<br />
record contains a server name or a server certificate.<br />
hp<strong>iLO</strong>-> set /map1/oemhp_ssocfg1 oemhp_ssotrust=certificate<br />
• To assign user roles the Login privilege:<br />
hp<strong>iLO</strong>-> set /map1/oemhp_ssocfg1 oemhp_ssouser=login<br />
Specific comm<strong>and</strong>s 35
• To assign the operator role Login, Remote Console, Virtual Power <strong>and</strong> Reset, <strong>and</strong> Virtual Media<br />
privileges:<br />
hp<strong>iLO</strong>-> set /map1/oemhp_ssocfg1<br />
oemhp_ssooperator=login,oemhp_rc,oemhp_power,oemhp_vm<br />
• To Add an <strong>HP</strong> SIM Trusted Server name record:<br />
hp<strong>iLO</strong>-> cd map1/oemhp_ssocfg1<br />
hp<strong>iLO</strong>-> create hpsim1.corp.net<br />
• To move a binary image from an URL to the MAP (URL limit of 80 characters):<br />
protocol://username:password@hostname:port/filename<br />
◦ The protocol field is m<strong>and</strong>atory <strong>and</strong> must be either HTTP or HTTPS.<br />
◦ The username:password field is optional.<br />
◦ The hostname field is m<strong>and</strong>atory.<br />
◦ The port field is optional.<br />
◦ The filename field is m<strong>and</strong>atory.<br />
For example:<br />
hp<strong>iLO</strong>-> load -source<br />
http://192.168.1.1/images/fw/<strong>iLO</strong>3_100.bin<br />
Add –TPM_force if a TPM is installed <strong>and</strong> enabled.<br />
• To delete oemhp_ssoserver with index 5:<br />
hp<strong>iLO</strong>-> delete 5<br />
• To display the complete <strong>iLO</strong> SSO configuration:<br />
Network comm<strong>and</strong>s<br />
hp<strong>iLO</strong>-> cd map1/oemhp_ssocfg1<br />
hp<strong>iLO</strong>->show<br />
The network subsystems are located at:<br />
• /map1/enetport1<br />
• /map1/dhcpendpt1<br />
• /map1/dnsendpt1<br />
• /map1/gateway1<br />
• /map1/dnsserver1<br />
• /map1/dnsserver2<br />
• /map1/dnsserver3<br />
• /map1/settings1<br />
• /map1/vlan1<br />
36 SMASH CLP <strong>Scripting</strong> Language
Properties, Targets, <strong>and</strong> Verbs:<br />
• enetport1<br />
Targets<br />
◦ lanendpt1<br />
Properties<br />
◦ EnabledState<br />
◦ OtherTypeDescription<br />
◦ Autosense<br />
◦ PermanentAddress<br />
◦ LinkTechnology<br />
◦ Speed<br />
◦ SystemName<br />
◦ Fullduplex<br />
Verbs<br />
◦ cd<br />
◦ version<br />
◦ exit<br />
◦ show<br />
◦ set<br />
For example<br />
set /map1/enetport1 Speed=100<br />
set /map1/enetport1/lanendpt1/ipendpt1 IPv4Address=15.255.102.245<br />
SubnetMask=255.255.248.0<br />
• dhcpendpt1<br />
Properties<br />
◦ EnabledState<br />
◦ OtherTypeDescription<br />
• dnsendpt1<br />
Properties<br />
◦ EnabledState<br />
◦ HostName<br />
◦ DomainName<br />
◦ OtherTypeDescription<br />
Specific comm<strong>and</strong>s 37
• gateway1<br />
Properties<br />
◦ AccessInfo<br />
◦ AccessContext<br />
• dnsserver1<br />
Properties<br />
◦ AccessInfo<br />
◦ AccessContext<br />
Verbs<br />
◦ cd<br />
◦ version<br />
◦ exit<br />
◦ show<br />
◦ set<br />
• dnsserver2<br />
Properties<br />
◦ AccessInfo<br />
◦ AccessContext<br />
• dnsserver3<br />
Properties<br />
◦ AccessInfo<br />
◦ AccessContext<br />
• settings1<br />
◦<br />
Targets<br />
DNSSettings1<br />
Properties<br />
– DNSServerAddress<br />
– RegisterThisConnection<br />
– DomainName<br />
– DHCPOptionToUse<br />
WINSSettingData1<br />
38 SMASH CLP <strong>Scripting</strong> Language
<strong>iLO</strong> 3 settings<br />
Properties<br />
– WINSServerAddress<br />
– RegisterThisConnection<br />
– DHCPOptionToUse<br />
◦ Verbs<br />
– cd<br />
– version<br />
– exit<br />
– show<br />
• StaticIPSettings1<br />
Properties<br />
◦ oemhp_SRoute1Address<br />
◦ oemhp_Mask1Address<br />
◦ oemhp_Gateway1Address<br />
◦ oemhp_SRoute2Address<br />
◦ oemhp_Mask2Address<br />
◦ oemhp_Gateway2Address<br />
◦ oemhp_SRoute3Address<br />
◦ oemhp_Mask3Address<br />
◦ oemhp_Gateway3Address<br />
◦ DHCPOptionToUse<br />
Specify one or more properties on the comm<strong>and</strong> line. If multiple properties are on the same<br />
comm<strong>and</strong> line, they must be separated by a space.<br />
The <strong>iLO</strong> firmware resets after the network settings have been applied.<br />
The <strong>iLO</strong> 3 settings comm<strong>and</strong>s enable you to view or modify <strong>iLO</strong> 3 settings. Table 3 (page 39)<br />
shows the <strong>iLO</strong> 3 properties. The <strong>iLO</strong> 3 settings are located at:<br />
/map1/config1<br />
Targets<br />
No targets<br />
Properties<br />
Table 3 <strong>iLO</strong> Properties<br />
Property<br />
oemhp_mapenable<br />
oemhp_timeout<br />
Access<br />
Read/Write<br />
Read/Write<br />
Description<br />
Enables or disables <strong>iLO</strong>. Boolean values are accepted.<br />
Sets session timeout in minutes. Valid values are 15, 30, 60,<br />
<strong>and</strong> 120.<br />
Specific comm<strong>and</strong>s 39
Table 3 <strong>iLO</strong> Properties (continued)<br />
Property<br />
oemhp_rbsuenable<br />
oemhp_rbsulogin<br />
oemhp_rbsushowip<br />
oemhp_httpport<br />
oemhp_sslport<br />
oemhp_rcport<br />
oemhp_vmport<br />
oemhp_sshport<br />
oemhp_sshstatus<br />
oemhp_serialclistatus<br />
oemhp_serialcliauth<br />
oemhp_serialclispeed<br />
oemhp_minpwdlen<br />
oemhp_enforce_aes<br />
oemhp_authfailurelogging<br />
oemhp_computer_lock<br />
oemhp_hotkey_ctrl_t<br />
oemhp_hotkey_ctrl_u<br />
oemhp_hotkey_ctrl_v<br />
oemhp_hotkey_ctrl_w<br />
oemhp_hotkey_ctrl_x<br />
oemhp_hotkey_ctrl_y<br />
Verbs<br />
• cd<br />
• version<br />
• exit<br />
• show<br />
• set<br />
• oemhp_loadSSHkey<br />
• oemhp_resetHotkeys<br />
For example<br />
Access<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Description<br />
Enables or disables RBSU prompt during POST. Boolean values<br />
are accepted.<br />
Enables or disables login requirement for accessing RBSU.<br />
Boolean values are accepted.<br />
Enables or disables <strong>iLO</strong> IP address display during POST.<br />
Boolean values are accepted.<br />
Sets the HTTP port value.<br />
Sets the SSL port value.<br />
Sets remote console port value.<br />
Sets virtual media port value.<br />
Sets the SSH port value.<br />
Enables or disables SSH. Boolean values are accepted.<br />
Enables or disables CLP session through serial port. Boolean<br />
values are accepted.<br />
Enables or disables authorization requirement for CLP session<br />
through serial port. Boolean values are accepted.<br />
Sets the serial port speed for the CLP session. The valid values<br />
are 9600, 19200, 38400, 57600, <strong>and</strong> 115200.<br />
Sets the minimum password length requirement.<br />
Enable or disable enforcing AES/3DES encryption<br />
Sets the logging criteria for failed authentications.<br />
Enables or disables the Remote Console Computer Lock.<br />
Sets the value for hotkey Ctrl+T.<br />
Sets the value for hotkey Ctrl+U.<br />
Sets the value for hotkey Ctrl+V.<br />
Sets the value for hotkey Ctrl+W.<br />
Sets the value for hotkey Ctrl+X.<br />
Sets the value for hotkey Ctrl+Y.<br />
set /map1/config1 oemhp_mapenable=yes oemhp_timeout=30<br />
40 SMASH CLP <strong>Scripting</strong> Language
Specify one or more properties in the comm<strong>and</strong> line. If multiple properties are on the same comm<strong>and</strong><br />
line, they must be separated by a space.<br />
For example:<br />
set /map1/config1 oemhp_computer_lock=windows<br />
set /map1/config1 oemhp_computer_lock=custom,l_gui,l<br />
set /map1/config1 oemhp_computer_lock=disabled<br />
For a complete list of oemhp_computer_lock custom keys, see the <strong>HP</strong> <strong>iLO</strong> User <strong>Guide</strong> on the<br />
<strong>HP</strong> website at: http://www.hp.com/go/ilo3 <strong>and</strong> click More <strong>iLO</strong> Documentation. Keys with a<br />
space must have the space replaced with an underscore.<br />
For example:<br />
set /map1/config1 oemhp_computer_lock=custom,SYS_RQ<br />
<strong>iLO</strong> 3 embedded health settings<br />
<strong>iLO</strong> 3 embedded health comm<strong>and</strong>s enable you to display system embedded health information<br />
for fans, temperature sensors, voltage sensors, <strong>and</strong> power supplies. Table 4 (page 41) shows the<br />
<strong>iLO</strong> 3 Embedded Health properties.<br />
The <strong>iLO</strong> 3 embedded health CLP settings are:<br />
• /system1/fan*<br />
• /system1/sensor*<br />
• /system1/powersupply*<br />
Targets<br />
• Fan<br />
• Sensor<br />
• Powersupply<br />
Table 4 Embedded Health Properties<br />
Property<br />
DeviceID<br />
ElementName<br />
OperationalStatus<br />
VariableSpeed<br />
DesiredSpeed<br />
HealthState<br />
RateUnits<br />
CurrentReading<br />
SensorType<br />
Oemhp_CautionValue<br />
Oemhp_CriticalValue<br />
Access<br />
Read<br />
Read<br />
Read<br />
Read<br />
Read<br />
Read<br />
Read<br />
Read<br />
Read<br />
Read<br />
Read<br />
Description<br />
Displays fan, sensor, or power supply label number<br />
Displays fan, sensor, or power supply location<br />
Displays fan, sensor, or power supply operational status<br />
Displays if fan is operating at variable speed<br />
Displays the current fan speed<br />
Displays the health status of the fan, sensor, or power supply<br />
Displays the reading units for temperature <strong>and</strong> voltage sensors<br />
Displays the current reading of sensor<br />
Displays the sensor type<br />
Displays temperature sensor caution value<br />
Displays temperature sensor critical value<br />
NOTE: All available embedded health properties from all targets are shown in Table 4 (page<br />
41). The actual properties returned depend on the comm<strong>and</strong>.<br />
For example<br />
The following comm<strong>and</strong> displays the system fan1 properties:<br />
Specific comm<strong>and</strong>s 41
hp<strong>iLO</strong>-> show<br />
For example:<br />
/system1/fan1<br />
Targets<br />
Properties<br />
DeviceID=Fan 1<br />
ElementName=System<br />
OperationalStatus=Ok<br />
VariableSpeed=Yes<br />
DesiredSpeed=14 percent<br />
HealthState=Ok<br />
VRM power supplies are usually mapped to the sensor targets. The following comm<strong>and</strong> displays<br />
the VRM 1 properties:<br />
show system1/sensor1<br />
For example:<br />
/system1/sensor1<br />
Targets<br />
Properties<br />
DeviceID=VRM 1<br />
ElementName=CPU 1<br />
OperationalStatus=Ok<br />
RateUnits=Volts<br />
CurrentReading=0<br />
SensorType=Voltage<br />
HealthState=Ok<br />
oemhp_CautionValue=0<br />
oemhp_CriticalValue=0<br />
When VRM power supplies are not mapped to sensor targets, the following comm<strong>and</strong> displays<br />
power supply properties:<br />
hp<strong>iLO</strong>-> show<br />
For example:<br />
/system1/powersupply1<br />
Targets<br />
Properties<br />
ElementName=Power Supply<br />
OperationalStatus=Ok<br />
HealthState=Ok<br />
Other sensor targets show system temperatures. The following comm<strong>and</strong> displays one of the<br />
temperature zone properties:<br />
hp<strong>iLO</strong>-> show<br />
For example:<br />
/system1/sensor1<br />
Targets<br />
Properties<br />
DeviceID=Temp 1<br />
ElementName=Ambient<br />
OperationalStatus=Ok<br />
RateUnits=Celsius<br />
CurrentReading=20<br />
SensorType=Temperature<br />
HealthState=Ok<br />
42 SMASH CLP <strong>Scripting</strong> Language
SNMP settings<br />
oemhp_CautionValue=41<br />
oemhp_CriticalValue=45<br />
SNMP settings comm<strong>and</strong>s enable you to view <strong>and</strong> modify SNMP settings. Table 5 (page 43) shows<br />
the SNMP comm<strong>and</strong> properties. SNMP settings are available at:<br />
/map1/snmp1<br />
Targets<br />
None<br />
Properties<br />
Table 5 SNMP Comm<strong>and</strong> Properties<br />
Property<br />
accessinfo<br />
readcom<br />
oemhp_iloalert<br />
oemhp_agentalert<br />
oemhp_snmppassthru<br />
oemhp_imagenturl<br />
oemhp_imdatalevel<br />
• Verbs<br />
◦ cd<br />
◦ version<br />
◦ exit<br />
◦ show<br />
◦ set<br />
For example<br />
Access<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Description<br />
Sets the SNMP trap destination address, where is 1, 2, or 3.<br />
Displays or modifies SNMP read community address for when Agentless<br />
Management is enabled, where is 1, 2, or 3.<br />
Enables or disables <strong>iLO</strong> SNMP alerts. Boolean values accepted.<br />
Enables or disables host agent SNMP alerts. Boolean values accepted.<br />
Enables or disables <strong>iLO</strong> SNMP pass-through. Boolean values accepted.<br />
Sets the Insight Manager Agent URL.<br />
The following comm<strong>and</strong> displays the SNMP properties:<br />
hp<strong>iLO</strong>-> show<br />
For example:<br />
/map1/snmp1<br />
Targets<br />
Properties<br />
accessinfo1=0<br />
accessinfo2=0<br />
accessinfo3=0<br />
oemhp_iloalert=yes<br />
oemhp_agentalert=yes<br />
oemhp_snmppassthru=yes<br />
oemhp_imagenturl=DUSTIN_DL385G7<br />
oemhp_imdatalevel=enabled<br />
Determines if the LOM device responds to anonymous XML queries.<br />
Enable or disable valid selections.<br />
Specific comm<strong>and</strong>s 43
License comm<strong>and</strong>s<br />
License comm<strong>and</strong>s enable you to display <strong>and</strong> modify the <strong>iLO</strong> license. Table 6 (page 44) shows<br />
the License comm<strong>and</strong> properties. License comm<strong>and</strong>s are available at:<br />
/map1/<br />
Targets<br />
None<br />
Comm<strong>and</strong>s<br />
Table 6 License Comm<strong>and</strong>s<br />
Comm<strong>and</strong><br />
cd<br />
show<br />
set<br />
For example<br />
Description<br />
Changes the current directory<br />
Displays license information<br />
Changes the current license<br />
• set /map1 license=1234500000678910000000001<br />
• show /map1 license<br />
Directory comm<strong>and</strong>s<br />
Directory comm<strong>and</strong>s enable you to view <strong>and</strong> modify directory settings. Table 8 (page 44) shows<br />
the Directory comm<strong>and</strong> properties. Directory comm<strong>and</strong> settings are available at:<br />
/map1/oemhp_dircfg1<br />
Targets<br />
The Directory Comm<strong>and</strong> Targets are shown in Table 7 (page 44).<br />
Table 7 Directory Comm<strong>and</strong> Targets<br />
Target<br />
/map1/oemhp_dircfg1/<br />
oemhp_keytab1<br />
Properties<br />
Description<br />
Table 8 Directory Comm<strong>and</strong> Properties<br />
Property<br />
oemhp_dirauth<br />
oemhp_localacct<br />
oemhp_dirsrvaddr<br />
44 SMASH CLP <strong>Scripting</strong> Language<br />
Access<br />
Contains a load verb used to load the binary keytab file from a given URL.<br />
The keytab file may be up to 1024 bytes in length.<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Description<br />
Enables or disables directory authentication. Valid settings are as<br />
follows:<br />
• extended_schema<br />
Uses <strong>HP</strong> extended schema<br />
• default_schema<br />
Uses schema-free directories<br />
• disabled<br />
Directory-based authentication is disabled<br />
Enables or disables local account authentication. This property can<br />
be disabled only if directory authentication is enabled. Boolean<br />
values accepted.<br />
Sets the directory server IP address or DNS name. The schema-free<br />
directory configuration requires a DNS name.
Table 8 Directory Comm<strong>and</strong> Properties (continued)<br />
Property<br />
oemhp_ldapport<br />
oemhp_dirdn<br />
oemhp_usercntxt1, 2 ...<br />
(up to 15)<br />
oemhp_group(n)_name<br />
where n = 1..6<br />
oemhp_group(n)_priv<br />
Access<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Description<br />
where n = 1..6 • login<br />
oemhp_dir_kerberos_enabled<br />
oemhp_dir_kerberos_kdc_port<br />
oemhp_dir_kerberos_kdc_address<br />
oemhp_dir_kerberos_realm<br />
For example<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
Read/Write<br />
• set /map1/oemhp_dircfg1<br />
Sets the directory server port.<br />
Displays the LOM object distinguished name. This field is ignored<br />
when the schema-free directory configuration is used.<br />
Displays the directory user login search context. This field is not<br />
necessary when the schema-free directory configuration is used.<br />
Displays security group distinguished name. Used within the<br />
schema-free directory configuration only.<br />
The privileges associated with a group. Valid values are:<br />
• oemhp_rc<br />
• oemhp_power<br />
• oemhp_vm<br />
• config<br />
• admin<br />
Enables or disables Kerberos authentication. Boolean values are<br />
accepted.<br />
Specifies the port number used to connect to the domain controller.<br />
The Kerberos port number is 88, but the domain controller can be<br />
configured for a different port number.<br />
The location of the domain controller. The domain controller location<br />
is specified as an IP address or DNS name.<br />
Specifies the Kerberos realm for which the domain controller is<br />
configured. By convention, the Kerberos realm name for a given<br />
domain is the domain name converted to uppercase.<br />
• set /map1/oemhp_dircfg1 oemhp_dirauth=default_schema<br />
oemhp_dirsrvaddr=adserv.demo.com<br />
Define additional groups using additional set comm<strong>and</strong>s.<br />
Specify one or more properties on the comm<strong>and</strong> line. If multiple properties are on the same<br />
comm<strong>and</strong> line, they must be separated by a space.<br />
Virtual Media comm<strong>and</strong>s<br />
Access to the <strong>iLO</strong> virtual media is supported through the CLP. Table 9 (page 46) shows the Virtual<br />
Media comm<strong>and</strong> targets. Table 10 (page 46) shows the Virtual Media comm<strong>and</strong> properties. The<br />
virtual media subsystem is located at:<br />
/map1/oemhp_vm1.<br />
For more information, see the <strong>HP</strong> <strong>iLO</strong> User <strong>Guide</strong> on the <strong>HP</strong> website at: http://www.hp.com/go/<br />
ilo3 <strong>and</strong> click More <strong>iLO</strong> Documentation.<br />
Targets<br />
The virtual media targets are shown in Table 9 (page 46).<br />
Specific comm<strong>and</strong>s 45
Table 9 Virtual Media Comm<strong>and</strong> Targets<br />
Target<br />
/map1/oemhp_vm1/floppydr1<br />
/map1/oemhp_vm1/cddr1<br />
Description<br />
Virtual floppy or key drive device<br />
Virtual CD-ROM device<br />
Table 10 Virtual Media Comm<strong>and</strong> Properties<br />
Property<br />
oemhp_image<br />
oemhp_connect<br />
oemhp_boot<br />
oemhp_wp<br />
Image URL<br />
Access<br />
Read/Write<br />
Read<br />
Read/Write<br />
Read/Write<br />
Description<br />
The image path <strong>and</strong> name for virtual media access. The value is a URL with a<br />
maximum length of 80 characters.<br />
Displays if a virtual media device is already connected through the CLP or<br />
scriptable virtual media.<br />
Sets the boot flag. The valid values are:<br />
• Never<br />
Do not boot from the device. The value appears as No_Boot.<br />
• Once<br />
Boot from the device only once. The value appears as Once.<br />
• Always<br />
Boot from the device each time the server is rebooted. The value is displayed<br />
as Always.<br />
• Connect<br />
Connect the virtual media device. Sets oemhp_connect to Yes <strong>and</strong><br />
oemhp_boot to Always.<br />
• Disconnect<br />
Disconnects the virtual media device <strong>and</strong> sets the oemhp_boot to No_Boot.<br />
Enables or disables the write-protect flag. Boolean values accepted.<br />
The oemhp image value is a URL. The URL, which is limited to 80 characters, specifies the location<br />
of the virtual media image file on an HTTP server <strong>and</strong> is in the same format as the scriptable virtual<br />
media image location.<br />
URL example:<br />
protocol://username:password@hostname:port/filename<br />
• protocol—M<strong>and</strong>atory field that must be HTTP or HTTPS<br />
• username:password—Optional field<br />
• hostname—M<strong>and</strong>atory field<br />
• port—Optional field<br />
• filename—M<strong>and</strong>atory field<br />
The CLP performs only a cursory syntax verification of the URL value. You must visually verify that<br />
the URL is valid.<br />
For example<br />
• set oemhp_image=http://imgserver.company.com/image/dosboot.bin<br />
• set oemhp_image=http://john:abc123@imgserver.company.com/VMimage/<br />
installDisk.iso<br />
46 SMASH CLP <strong>Scripting</strong> Language
Tasks<br />
• To insert a floppy USB key image into the Virtual Floppy/USBKey, enter:<br />
cd /map1/oemhp_vm1/floppydr1<br />
show<br />
set oemhp_image=http://my.imageserver.com/floppyimg.bin<br />
set oemhp_boot=connect<br />
show<br />
This example executes the following comm<strong>and</strong>s:<br />
◦ Changes the current context to the floppy or key drive<br />
◦ Shows the current status to verify that the media is not in use<br />
◦ Inserts the desired image into the drive<br />
◦ Connects the media. The boot setting always connects automatically<br />
• To eject a floppy or USB key image from the Virtual Floppy/USBKey, enter:<br />
cd /map1/oemhp_vm1/floppydr1<br />
set oemhp_boot=disconnect<br />
This example executes the following comm<strong>and</strong>s:<br />
◦ Changes the current context to the floppy or key drive<br />
◦ Issues the disconnect comm<strong>and</strong> that disconnects the media <strong>and</strong> clears the oemhp_image<br />
• To insert a CD-ROM image into the virtual CD-ROM, enter:<br />
cd /map1/oemhp_vm1/cddr1<br />
show<br />
set oemhp_image=http://my.imageserver.com/ISO/install_disk1.iso<br />
set oemhp_boot=connect<br />
show<br />
This example executes the following comm<strong>and</strong>s:<br />
◦ Changes the current context to the CD-ROM drive<br />
◦ Shows the current status to verify that the media is not in use<br />
◦ Inserts the desired image into the drive<br />
◦ Connects the media. The boot setting always connects automatically<br />
• To eject a CD-ROM image from the Virtual CD-ROM, enter:<br />
cd /map1/oemhp_vm1/cddr1<br />
set oemhp_boot=disconnect<br />
This example executes the following comm<strong>and</strong>s:<br />
◦ Changes the current context to the CD-ROM drive<br />
◦ Issues the disconnect comm<strong>and</strong> that disconnects the media <strong>and</strong> clears the oemhp_image<br />
Specific comm<strong>and</strong>s 47
• To insert a CD-ROM image <strong>and</strong> set for single boot, enter:<br />
cd /map1/oemhp_vm1/cddr1<br />
set oemhp_image=http://my.imageserver.com/ISO/install_disk1.iso<br />
set oemhp_boot=connect<br />
set oemhp_boot=once<br />
show<br />
This example executes the following comm<strong>and</strong>s:<br />
◦ Changes the current context to the CD-ROM drive<br />
◦ Shows the current status to verify that the media is not in use<br />
◦ Inserts the desired image into the drive<br />
◦ Connects the media. The boot setting always connects automatically<br />
◦ Overrides the boot setting to Once<br />
• To eject a CD-ROM image from the virtual CD-ROM in a single comm<strong>and</strong>, enter:<br />
set /map1/oemhp_vm1/cddr1 oemhp_boot=disconnect<br />
If you attempt to disconnect when the drive is not connected, you receive an error.<br />
Start <strong>and</strong> Reset comm<strong>and</strong>s<br />
Start <strong>and</strong> reset comm<strong>and</strong>s enable you to power on <strong>and</strong> reboot the server containing <strong>iLO</strong> 3 or <strong>iLO</strong><br />
3 itself. Table 11 (page 48) shows the Start <strong>and</strong> Reset comm<strong>and</strong> properties.<br />
Table 11 Start <strong>and</strong> Reset Comm<strong>and</strong>s<br />
Comm<strong>and</strong><br />
start<br />
stop<br />
Description<br />
Table 12 Manual Reset Comm<strong>and</strong><br />
Property<br />
manual_<strong>iLO</strong>_reset<br />
For example<br />
Turns server power on<br />
Turns server power off<br />
Access<br />
Read/Write<br />
Description<br />
The following comm<strong>and</strong>s are supported if the current target is:<br />
/system1<br />
• start<br />
• stop<br />
The following comm<strong>and</strong>s are supported if the current target is:<br />
/map1<br />
• reset<br />
Allows a delay to <strong>iLO</strong> resets, which is useful when changing multiple<br />
properties. When enabled, the <strong>iLO</strong> will reset only when a user logs<br />
out, is disconnected from <strong>iLO</strong>, or issues a ‘reset/map1’ comm<strong>and</strong>.<br />
Set the status of the manual_<strong>iLO</strong>_reset property using the following comm<strong>and</strong>s:<br />
• set /map1/ manual_ilo_reset=yes<br />
• set /map1/ manual_ilo_reset=no<br />
48 SMASH CLP <strong>Scripting</strong> Language
Firmware update<br />
Firmware comm<strong>and</strong>s enable you to display <strong>and</strong> modify the <strong>iLO</strong> 3 firmware version. Table 13 (page<br />
49) shows the Firmware Update properties. Firmware settings are available at:<br />
/map1/firmware1<br />
Targets<br />
No targets<br />
Table 13 Firmware Update Properties<br />
Property<br />
version<br />
date<br />
Comm<strong>and</strong> format<br />
Access<br />
read<br />
read<br />
Description<br />
load -source URL [target]<br />
Displays the current firmware version.<br />
Displays the release date of the current firmware version.<br />
where URL is the URL of a firmware update image file on a web server. The URL is limited to 80<br />
characters.<br />
URL example:<br />
protocol://username:password@hostname:port/filename<br />
• protocol—M<strong>and</strong>atory field that must be HTTP or HTTPS.<br />
• username:password—Optional field<br />
• hostname—M<strong>and</strong>atory field<br />
• port—Optional field<br />
• filename—M<strong>and</strong>atory field<br />
The CLP only performs a cursory syntax verification of the URL value. You must visually ensure that<br />
the URL is valid.<br />
For example<br />
load -source http://imgserver.company.com/firmware/iloFWimage.bin<br />
load -source http://john:abc123@imgserver.company.com/firmware/ilo.bin<br />
load /map1/firmware1 -source<br />
http://imgserver.company.com/firmware/iloFWimage.bin<br />
The [target] field is:<br />
/map1/firmware1—This field is optional if it is already the current target.<br />
Eventlog comm<strong>and</strong>s<br />
Eventlog comm<strong>and</strong>s enable you to display or delete the logs of both the system <strong>and</strong> <strong>iLO</strong> 3.<br />
Table 14 (page 50) shows the Eventlog comm<strong>and</strong> properties. Eventlog settings are available at:<br />
• /system1/log1—IML<br />
• /map1/log1—<strong>iLO</strong> event log<br />
Targets<br />
record:1..n<br />
Where n is the total number of records.<br />
Specific comm<strong>and</strong>s 49
Table 14 Eventlog Comm<strong>and</strong> Properties<br />
Property<br />
number<br />
severity<br />
date<br />
time<br />
description<br />
For example<br />
Access<br />
read<br />
read<br />
read<br />
read<br />
read<br />
Description<br />
Displays the record number for the event.<br />
Displays the severity of the event. Severity levels are informational,<br />
noncritical, critical, or unknown.<br />
Displays the event date.<br />
Displays the event time.<br />
Displays a description of the event.<br />
• show /system1/log1—Displays the IML.<br />
• show /map1/log1—Displays the <strong>iLO</strong> event log.<br />
• show /system1/log1/recordn—Displays record n from the Integrated Management<br />
log.<br />
• show /map1/log1/recordn—Displays record n from the <strong>iLO</strong> event log.<br />
• delete /system1/log1—Deletes the IML.<br />
• delete /map1/log1—Deletes <strong>iLO</strong> event log.<br />
Blade comm<strong>and</strong>s<br />
Blade comm<strong>and</strong>s enable you to view <strong>and</strong> modify the values on a c-Class server. Table 15 (page<br />
50) shows the Blade comm<strong>and</strong> targets. Table 16 (page 50) shows the Blade comm<strong>and</strong> properties.<br />
These values are available at:<br />
/system1/map1/blade1<br />
Table 15 Blade Comm<strong>and</strong> Targets<br />
Target<br />
/map1/blade1/rack<br />
/map1/blade1/rack/enclosure<br />
Table 16 Blade Comm<strong>and</strong> Properties<br />
Property<br />
bay_number<br />
auto_power<br />
For example<br />
Boot comm<strong>and</strong>s<br />
Access<br />
Read<br />
Read<br />
Description<br />
Displays <strong>and</strong> modifies the blade rack settings.<br />
Displays <strong>and</strong> modifies the blade enclosure settings.<br />
Description<br />
Displays the blade bay number.<br />
Displays <strong>and</strong> modifies if the blade is enabled to automatically power<br />
up.<br />
Boot comm<strong>and</strong>s enable you to modify the boot source <strong>and</strong> boot order of the system. Table 17 (page<br />
51) shows the Boot comm<strong>and</strong> properties. Boot settings are available at:<br />
/system1/bootconfig1<br />
Targets<br />
bootsource1..n<br />
Where n is the total number of boot sources.<br />
50 SMASH CLP <strong>Scripting</strong> Language
The following Boot comm<strong>and</strong>s set the boot source for the system. Possible values are:<br />
• BootFmCd : bootsource1<br />
• BootFmFloppy : bootsource2<br />
• BootFmDrive : bootsource3<br />
• BootFmUSBKey : bootsource4<br />
• BootFmNetwork : bootsource5<br />
Table 17 Boot Comm<strong>and</strong> Properties<br />
Property<br />
bootorder<br />
For example<br />
Access<br />
Read/write<br />
Description<br />
Sets the boot order for a given boot source<br />
• set /system1/bootconfig1/bootsource(n) bootorder=(num)<br />
• show /system/bootconfig1—Displays the complete boot configuration<br />
• show /system1/bootconfig1/bootsource1—Displays boot order for bootsource1.<br />
LED comm<strong>and</strong>s<br />
LED comm<strong>and</strong>s are used to change the state of the UID light on the server. Table 18 (page 51)<br />
shows the LED comm<strong>and</strong> properties. LED settings are available at:<br />
/system1/led1<br />
Table 18 LED Comm<strong>and</strong> Properties<br />
Property<br />
start<br />
stop<br />
show<br />
For example<br />
Description<br />
Turns the LED on.<br />
Turns the LED off.<br />
Displays the LED status.<br />
• show /system1/led1—Displays current LED status<br />
• start /system1/led1—Turns LED on<br />
• stop /system1/led1—Turns LED off<br />
<strong>iLO</strong> 3 CLI support<br />
Simple UID CLI comm<strong>and</strong>s are supported:<br />
• uid—Displays the current UID state on the server.<br />
• uid on—Turns the UID light on.<br />
• uid off—Turns the UID light off.<br />
The CLP format is supported as well:<br />
• show /system1/led1—Verifies LED status<br />
• start /system1/led1—Turns LED on<br />
• stop /system1/led1—Turns LED off<br />
Specific comm<strong>and</strong>s 51
System properties <strong>and</strong> targets<br />
The properties <strong>and</strong> targets described in this section provide information about the server.<br />
Table 19 (page 52) shows the System targets. Table 20 (page 53) shows the System properties.<br />
System properties settings are available at:<br />
/system1/oemhp_power1<br />
Table 19 System Targets<br />
Target<br />
oemhp_PresentPower<br />
oemhp_AvgPower<br />
oemhp_MaxPower<br />
oemhp_MinPower<br />
warning_type<br />
warning_threshold<br />
warning_duration<br />
oemhp_powerreg<br />
oemhp_pwrcap<br />
oemhp_powersupplycapacity<br />
oemhp_servermaxpower<br />
oemhp_serverminpower<br />
oemhp_power_micro_ver<br />
oemhp_auto_pwr<br />
Verbs:<br />
• cd<br />
• version<br />
• exit<br />
• show<br />
• set<br />
For example:<br />
Description<br />
Displays the average power reading from the last sample<br />
Displays the average power reading from the past 24 hours<br />
Displays the greatest peak power reading from the past 24 hours<br />
Displays the minimum average power reading from the past 24 hours<br />
Displays <strong>and</strong> modifies the warning type<br />
Displays <strong>and</strong> modifies the warning threshold for power consumption<br />
Displays <strong>and</strong> modifies the duration the power threshold must be exceeded before a<br />
warning is generated<br />
Displays <strong>and</strong> modifies the Power Regulator for ProLiant state. Valid values are dynamic,<br />
max, min, or os.<br />
Displays <strong>and</strong> modifies the power cap setting for the server in watts. A wattage of<br />
zero indicates that power capping is disabled. The value must be an integer cap<br />
value that is greater than or equal to oemhp_serverminpower, <strong>and</strong> must be less than<br />
or equal to oemhp_powersupplycapacity.<br />
Displays the power supply's total capacity in Watts.<br />
Displays the server's maximum power capacity in Watts.<br />
Displays the server's minimum power capacity in Watts.<br />
Displays the firmware version number for the Power Micro Controller.<br />
Displays <strong>and</strong> modifies Server Automatic Power On setting. Valid values are on,<br />
restore, <strong>and</strong> off. On turns on automatic power on with minimum delay. Restore restores<br />
the last power state (ML/DL servers only). Off turns off automatic power on.<br />
• show /system1/oemhp_power1 oemhp_powerreg<br />
• set /system1/oemhp_power1 oemhp_powerreg=<br />
• show /system1/oemhp_power1 oemhp_pwrcap<br />
• set /system1/oemhp_power1 oemhp_pwrcap=0<br />
• show /system1/oemhp_power1 oemhp_power_micro_ver<br />
The following comm<strong>and</strong> shows all the properties for oemhp_power1:<br />
show /system1/oemhp_power1<br />
52 SMASH CLP <strong>Scripting</strong> Language
Example output:<br />
/system1/oemhp_power1<br />
Targets<br />
Properties<br />
oemhp_powerreg=os<br />
oemhp_pwrcap=0 Watts<br />
oemhp_PresentPower=147 Watts<br />
oemhp_AvgPower=146 Watts<br />
oemhp_MaxPower=180 Watts<br />
oemhp_MinPower=146 Watts<br />
oemhp_powersupplycapacity=750 Watts<br />
oemhp_servermaxpower=361 Watts<br />
oemhp_serverminpower=144 Watts<br />
warning_type=disabled<br />
warning_threshold=750 Watts<br />
warning_duration=240 Minutes<br />
oemhp_power_micro_ver=1.6<br />
oemhp_auto_pwr=OFF<br />
The following properties are available in:<br />
/system1<br />
Table 20 System Properties<br />
Property<br />
name<br />
number<br />
oemhp_server_name<br />
enabledstate<br />
processor_number<br />
For example<br />
• show /system1<br />
Access<br />
Read<br />
Read<br />
Read<br />
Read<br />
Read<br />
• show /system1 name<br />
Description<br />
• set /system1 oemhp_powerreg=auto<br />
Displays the system name.<br />
Displays the system serial number.<br />
Displays the host server name string. This string can be up to 50<br />
characters in length, <strong>and</strong> requires the Configure <strong>iLO</strong> Settings privilege<br />
to change.<br />
Appears if the server is powered up.<br />
Displays the number of logical processors in the system.<br />
The CPU property is a target of /system1 <strong>and</strong> displays information about the system processor.<br />
Table 21 (page 53) shows the System CPU properties. The properties are available at:<br />
/system1/cpun<br />
Where n is the processor number.<br />
Table 21 System CPU Properties<br />
Property<br />
number_cores<br />
active_cores<br />
threads<br />
speed<br />
memory_technology<br />
cachememory1<br />
Access<br />
Read<br />
Read<br />
Read<br />
Read<br />
Read<br />
Read<br />
Description<br />
Displays the number of processor cores.<br />
Displays the number of active processor cores.<br />
Displays the total number of threads on the active processor cores.<br />
Displays the processor speed.<br />
Displays the bit level technology of the memory.<br />
Displays the size of the processor level-1 cache.<br />
Specific comm<strong>and</strong>s 53
Table 21 System CPU Properties (continued)<br />
Property<br />
cachememory2<br />
cachememory3<br />
For example:<br />
show /system1/cpu1<br />
Access<br />
Read<br />
Read<br />
Description<br />
/system1/cpu1<br />
Targets<br />
Properties<br />
number_cores=12<br />
active_cores=12<br />
threads=12<br />
speed=1900MHz<br />
memory_technology=64-bit Capable<br />
cachememory1=1536KB<br />
cachememory2=6144KB<br />
cachememory3=10240KB<br />
Displays the size of the processor level-2 cache.<br />
Displays the size of the processor level-3 cache.<br />
The memory property displays information about the system memory.<br />
Table 22 (page 54) shows the System memory properties. The properties are available at:<br />
/system1/memoryn<br />
Where n is the memory DIMM number.<br />
Table 22 System Memory Properties<br />
Property<br />
size<br />
speed<br />
location<br />
Access<br />
Read<br />
Read<br />
Read<br />
Description<br />
Displays the memory size.<br />
Displays the memory speed.<br />
Displays the location of the memory.<br />
The Slot property displays information about the system slots.<br />
Table 23 (page 54) shows the System Slot properties. The properties are available at:<br />
/system1/slotn<br />
Where n is the slot number.<br />
Table 23 System Slot Properties<br />
Property<br />
type<br />
width<br />
Access<br />
Read<br />
Read<br />
Description<br />
Displays the slot type.<br />
Displays the slot width.<br />
The Firmware property displays information about the system ROM.<br />
Table 24 (page 54) shows the System Firmware properties. The properties are available at:<br />
/system1/firmware1<br />
Table 24 System Firmware Properties<br />
Property<br />
version<br />
date<br />
Access<br />
Read<br />
Read<br />
54 SMASH CLP <strong>Scripting</strong> Language<br />
Description<br />
Displays the version of the system ROM.<br />
Displays the date the system ROM.
For example:<br />
• show /system1/cpu1—Displays information on one CPU.<br />
• show /system1/memory1—Displays information on one memory slot.<br />
• show /system1/slot1—Displays information on one slot.<br />
• show /system1/firmware1—Displays information about system ROM.<br />
For example:<br />
Other comm<strong>and</strong>s<br />
/system1/firmware1<br />
Targets<br />
Properties<br />
version=P56<br />
date=01/05/2010<br />
Other comm<strong>and</strong>s include the following:<br />
start /system1/oemhp_vsp1 Starts a virtual serial port session. Press Esc ( to return to the<br />
CLI session.<br />
nmi server Generates <strong>and</strong> sends an NMI to the server. It is limited to<br />
users with the Virtual Power <strong>and</strong> Reset privilege.<br />
Specific comm<strong>and</strong>s 55
8 RIBCL XML <strong>Scripting</strong> Language<br />
Overview of the RIBCL<br />
XML header<br />
Data types<br />
String<br />
RIBCL enables you to write XML scripts to configure <strong>and</strong> manage <strong>iLO</strong> 3 configuration settings, user<br />
accounts, directory settings, server settings, <strong>and</strong> <strong>HP</strong> SIM SSO settings. Download sample scripts<br />
for all <strong>iLO</strong> 3 comm<strong>and</strong>s described in this section from the <strong>HP</strong> website at: www.hp.com/go/<strong>iLO</strong>3.<br />
Click <strong>iLO</strong> Sample Scripts under <strong>iLO</strong> <strong>Support</strong> <strong>and</strong> Downloads. Before using the XML sample scripts<br />
downloaded from the <strong>HP</strong> website, read the firmware support information in each sample script to<br />
tailor the script for the intended firmware <strong>and</strong> version.<br />
When writing your XML scripts, write comments in the comm<strong>and</strong> as needed. If a comment falls in<br />
the comm<strong>and</strong> line, an error message is generated. Unless otherwise specified, examples in this<br />
guide are specifically for <strong>iLO</strong> 3 firmware version 1.50 <strong>and</strong> later.<br />
This section describes the XML comm<strong>and</strong>s <strong>and</strong> their parameters common to most LOM products<br />
<strong>and</strong> servers. For more information about the ProLiant BL c-Class server <strong>and</strong> rack XML comm<strong>and</strong>s,<br />
see the <strong>HP</strong> <strong>iLO</strong> User <strong>Guide</strong> on the <strong>HP</strong> website at: http://www.hp.com/go/ilo3 <strong>and</strong> click More<br />
<strong>iLO</strong> Documentation.<br />
The XML header ensures the connection is an XML connection, not an HTTP connection. The XML<br />
header is built into the CPQLOCFG.EXE utility <strong>and</strong> has the following format:<br />
<br />
The three data types allowed in the parameter are:<br />
• String<br />
Specific string<br />
Boolean string<br />
• Specific string<br />
• Boolean string<br />
A string is any text enclosed in quotes. It can include spaces, numbers, or any printable character.<br />
A string must start with either a double or single quote, <strong>and</strong> it must end with the same type of quote.<br />
The string can contain a quote if it is different from the string delimiter quotes.<br />
For example, if a string starts with a double quote, a single quote can be used within the string<br />
<strong>and</strong> the string must be closed with a double quote.<br />
A specific string is one that is required to contain certain characters. In general, you have a choice<br />
of words that are accepted as correct syntax <strong>and</strong> all other words produce an error.<br />
A Boolean string is a specific string that specifies a yes or no condition. Acceptable Boolean<br />
strings are yes, no, true, false, y, n, t, f, 1, <strong>and</strong> 0. These strings are not case sensitive.<br />
Response definitions<br />
Every comm<strong>and</strong> that is sent to <strong>iLO</strong> generates a response. The response indicates whether the<br />
comm<strong>and</strong> succeeded or failed. Some comm<strong>and</strong>s generate additional information. The additional<br />
information appears in execution sequence, provided no errors occurred.<br />
For example:<br />
56 RIBCL XML <strong>Scripting</strong> Language
RIBCL<br />
<br />
• RESPONSE<br />
This tag name indicates that <strong>iLO</strong> is sending a response to the previous comm<strong>and</strong>s back to the<br />
client application to indicate the success or failure of the comm<strong>and</strong>s that have been sent to<br />
<strong>iLO</strong>.<br />
• STATUS<br />
This parameter contains an error number. The number 0x0000 indicates that no error exists.<br />
• MSG<br />
This element contains a message describing the error that happened. If there is no error, the<br />
No error message appears.<br />
This comm<strong>and</strong> is used to start <strong>and</strong> end an RIBCL session. You can use it only once to start an RIBCL<br />
session, <strong>and</strong> it must be the first comm<strong>and</strong> to display in the script. The RIBCL tags are required to<br />
mark the beginning <strong>and</strong> the end of the RIBCL document.<br />
For example:<br />
<br />
<br />
RIBCL parameters<br />
VERSION is a string that indicates the version of the RIBCL that the client application is expecting<br />
to use. The VERSION string is compared to the version of the RIBCL that is expected, <strong>and</strong> an error<br />
is returned if the string <strong>and</strong> the version do not match. The preferred value for the VERSION parameter<br />
is 2.0. The VERSION parameter is no longer verified for an exact match; however, this parameter<br />
must not be blank.<br />
RIBCL runtime errors<br />
The possible RIBCL error messages include:<br />
• Version must not be blank.<br />
• RIBCL via IPv6 is not supported.<br />
RIBCL boot order<br />
For <strong>iLO</strong>3 1.50, the RIBCL interface is not available over IPv6 — only IPv6 configuration <strong>and</strong><br />
status using RIBCL over IPv4 is available.<br />
You can modify the boot order using RIBCL. In order to provide this capability, a few tags were<br />
added. the following partial scripts are provided for clarity.<br />
This code modifies EVs to achieve the results shown. The one time boot EV is:<br />
CQTBT1.<br />
This was modified to set the one-time boot <strong>and</strong> to display the current status. The persistent boot is<br />
accomplished by reading <strong>and</strong> modifying CQHIPL, <strong>and</strong> reading CQHNIPL to determine the number<br />
of valid boot devices.<br />
RIBCL 57
Get Persistent Boot Order<br />
<br />
<br />
<br />
This retrieves the current state of the boot order. The returned data has the following format:<br />
<br />
<br />
/<br />
<br />
<br />
<br />
<br />
<br />
Get One Time Boot Order<br />
<br />
<br />
<br />
This retrieves the current state of the one-time boot. The returned data has the following format:<br />
<br />
<br />
<br />
Value can be:<br />
• normal<br />
• floppy<br />
• cdrom<br />
• hdd<br />
• usb<br />
• rbsu<br />
• network<br />
Set Persistent Boot Order<br />
This takes one or more boot devices from cdrom, floppy, hdd, usb, or network. If you do not<br />
list every option, the remaining options are shifted toward the bottom of the list.<br />
<br />
<br />
<br />
<br />
Set One Time Boot Order<br />
This takes one boot device from the following:<br />
• NORMAL<br />
• FLOPPY<br />
58 RIBCL XML <strong>Scripting</strong> Language
LOGIN<br />
• CDROM<br />
• HDD<br />
• USB<br />
• RBSU<br />
• NETWORK<br />
For example:<br />
<br />
The LOGIN comm<strong>and</strong> provides the information that is used to authenticate the user whose permission<br />
level is used when performing RIBCL actions. The specified user must have a valid <strong>iLO</strong> account to<br />
execute RIBCL comm<strong>and</strong>s. The user privileges are verified against the required privilege for a<br />
particular comm<strong>and</strong>, <strong>and</strong> an error is returned if the privilege level does not match.<br />
For example:<br />
<br />
<br />
Alternatively, the CPQLOCFG utility specifies the login information as parameters on the comm<strong>and</strong><br />
line:<br />
cpqlocfg -u username -p password<br />
When using this format, the utility returns an Overriding credentials warning message but<br />
still shows the error log message entry as:<br />
Login name must not be blank.<br />
LOGIN parameters<br />
USER_LOGIN is the login name of the user account. This parameter is case sensitive <strong>and</strong> must not<br />
be blank.<br />
PASSWORD is the password associated with the user. This parameter is case sensitive <strong>and</strong> can<br />
be a combination of any printable characters.<br />
LOGIN runtime errors<br />
USER_INFO<br />
Possible runtime error messages include:<br />
• User login name was not found.<br />
• Password must not be blank.<br />
• Logged-in user does not have required privilege for this comm<strong>and</strong>.<br />
The USER_INFO comm<strong>and</strong> can only appear within a LOGIN comm<strong>and</strong> block. When the comm<strong>and</strong><br />
is parsed, it reads the local user information database into memory <strong>and</strong> prepares to edit it. Only<br />
comm<strong>and</strong>s that are USER_INFO type comm<strong>and</strong>s are valid inside the USER_INFO comm<strong>and</strong> block.<br />
The USER_INFO comm<strong>and</strong> generates a response that indicates to the host application whether the<br />
database was successfully read or not. If the database is open for writing by another application,<br />
then this call fails.<br />
USER_INFO requires the MODE parameter with a value of read or write. MODE is a specific string<br />
parameter with a maximum length of 10 characters that specifies what you intend to do with the<br />
information.<br />
LOGIN 59
ADD_USER<br />
Write mode enables both reading <strong>and</strong> writing of <strong>iLO</strong> information. Read mode prevents modification<br />
of the <strong>iLO</strong> information.<br />
For example:<br />
<br />
……… USER_INFO comm<strong>and</strong>s ……<br />
<br />
The ADD_USER comm<strong>and</strong> is used to add a local user account. The USER_NAME <strong>and</strong> USER_LOGIN<br />
parameters must not exist in the current user database. Use the MOD_USER comm<strong>and</strong> to change<br />
existing user information. For this comm<strong>and</strong> to parse correctly, the comm<strong>and</strong> must appear within<br />
a USER_INFO comm<strong>and</strong> block, <strong>and</strong> USER_INFO MODE must be set to write. The user must have<br />
the Administer User Accounts privilege.<br />
All of the attributes that pertain to the user are set using the following parameters:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
ADD_USER parameters<br />
USER_NAME is the actual name of the user. This parameter can be a combination of any printable<br />
characters up to a maximum length of 39 characters. This parameter is not case sensitive <strong>and</strong> must<br />
not be blank.<br />
USER_LOGIN is the name used to gain access to the respective <strong>iLO</strong>. This parameter can be a<br />
combination of any printable characters up to a maximum length of 39 characters. This parameter<br />
is not case sensitive <strong>and</strong> must not be left blank.<br />
PASSWORD is the password associated with the user. This parameter is case sensitive <strong>and</strong> can<br />
be a combination of any printable characters. The length is user defined <strong>and</strong> can be a minimum<br />
of zero characters <strong>and</strong> a maximum of 39 characters. The minimum length is defined in the <strong>iLO</strong><br />
Global Settings <strong>and</strong> has a default value of eight characters.<br />
ADMIN_PRIV is a Boolean parameter that enables the user to administer user accounts. The user<br />
can modify account settings, modify other user account settings, add users, <strong>and</strong> delete users.<br />
Omitting this parameter prevents the user from adding, deleting, or configuring user accounts.<br />
REMOTE_CONS_PRIV is a Boolean parameter that gives permission for the user to access the<br />
Remote Console functionality. This parameter is optional, <strong>and</strong> the Boolean string must be set to<br />
Yes if the user is allowed this privilege. If this parameter is used, the Boolean string value must<br />
not be left blank. Omitting this parameter denies the user access to Remote Console functionality.<br />
RESET_SERVER_PRIV is a Boolean parameter that gives the user permission to remotely manipulate<br />
the server power setting. This parameter is optional, <strong>and</strong> the Boolean string must be set to Yes if<br />
60 RIBCL XML <strong>Scripting</strong> Language
the user is allowed this privilege. If this parameter is used, the Boolean string value must not be<br />
left blank. Omitting this parameter prevents the user from manipulating the server power settings.<br />
VIRTUAL_MEDIA_PRIV is a Boolean parameter that gives the user permission to access the virtual<br />
media functionality. This parameter is optional, <strong>and</strong> the Boolean string must be set to Yes if the<br />
user is allowed this privilege. If this parameter is used, the Boolean string value must not be left<br />
blank. Omitting this parameter denies the user the Virtual Media privilege.<br />
CONFIG_ILO_PRIV is a Boolean parameter that enables the user to configure <strong>iLO</strong> settings. This<br />
privilege includes network settings, global settings, Insight Manager settings, <strong>and</strong> SNMP settings.<br />
This parameter is optional, <strong>and</strong> the Boolean string must be set to Yes if the user is allowed this<br />
privilege. If this parameter is used, the Boolean string value must not be blank. Omitting this<br />
parameter prevents the user from manipulating the current <strong>iLO</strong> configuration.<br />
ADD_USER runtime errors<br />
DELETE_USER<br />
Possible ADD_USER error messages include:<br />
• Login name is too long.<br />
• Password is too short.<br />
• Password is too long.<br />
• User table is full. No room for new user.<br />
• Cannot add user. The user name already exists.<br />
• User information is open for read-only access. Write access is<br />
required for this operation.<br />
• User name cannot be blank.<br />
• User login ID cannot be blank.<br />
• Boolean value not specified.<br />
• User does not have correct privilege for action. ADMIN_PRIV required.<br />
The DELETE_USER comm<strong>and</strong> is used to remove an existing local user account. The USER_LOGIN<br />
parameter must exist in the current user database. For this comm<strong>and</strong> to parse correctly, the comm<strong>and</strong><br />
must appear within a USER_INFO comm<strong>and</strong> block, <strong>and</strong> USER_INFO MODE must be set to write.<br />
The user must have the Administer User Accounts privilege.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
DELETE_USER parameter<br />
USER_LOGIN is the login name of the user account. This parameter is case sensitive <strong>and</strong> must not<br />
be blank.<br />
USER_INFO 61
DELETE_USER runtime errors<br />
Possible DELETE_USER errors include:<br />
• User information is open for read-only access. Write access is<br />
required for this operation.<br />
• Cannot delete user information for currently logged in user.<br />
• User login name was not found.<br />
• User login name must not be blank.<br />
• User does not have correct privilege for action. ADMIN_PRIV required.<br />
DEL_USERS_SSH_KEY<br />
Deletes any SSH keys associated with USER_LOGIN. The DEL_USERS_SSH_KEY comm<strong>and</strong> is<br />
implemented as a subcomm<strong>and</strong> <strong>and</strong> must appear within a MOD_USER comm<strong>and</strong> block. This<br />
comm<strong>and</strong> requires CPQLOCFG.EXE version 4.0 or later.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
DEL_SSH_KEY parameters<br />
None<br />
DEL_SSH_KEY runtime errors<br />
GET_USER<br />
Possible DEL_SSH_KEY runtime errors include:<br />
• User login name must not be blank<br />
• User does not have correct privilege for action. ADMIN_PRIV required.<br />
• Unable to clear the SSH key.<br />
The GET_USER comm<strong>and</strong> returns local user information, excluding the password. The USER_LOGIN<br />
parameter must exist in the current user database. For this comm<strong>and</strong> to parse correctly, the comm<strong>and</strong><br />
must appear within a USER_INFO comm<strong>and</strong> block, <strong>and</strong> USER_INFO MODE can be in read or<br />
write. The user must have the Administer User Accounts privilege to retrieve other user accounts.<br />
Otherwise, the user can only view their individual account information.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
62 RIBCL XML <strong>Scripting</strong> Language
GET_USER parameter<br />
USER_LOGIN is the login name of the user account. This parameter is case sensitive <strong>and</strong> must not<br />
be blank.<br />
GET_USER runtime errors<br />
Possible GET_USER error messages include:<br />
• User login name must not be blank.<br />
• User login name was not found.<br />
• User does not have correct privilege for action. ADMIN_PRIV required.<br />
GET_USER return messages<br />
MOD_USER<br />
A possible GET_USER return message includes:<br />
<br />
<br />
The MOD_USER comm<strong>and</strong> is used to modify an existing local user account. The USER_LOGIN<br />
parameter must exist in the current user database. For this comm<strong>and</strong> to parse correctly, the comm<strong>and</strong><br />
must appear within a USER_INFO comm<strong>and</strong> block, <strong>and</strong> USER_INFO MODE must be set to write.<br />
The user must have the Administer User Accounts privilege. Otherwise, the user can only modify<br />
their individual account password.<br />
To see a video demonstration of using the MOD_USER comm<strong>and</strong> to change a user password,<br />
see How to use <strong>HP</strong> <strong>iLO</strong>'s XML scripting interface, RIBCL, to change an user password. at http://<br />
www.hp.com/go/ilo/videos.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Reset administrator password example:<br />
<br />
<br />
<br />
<br />
USER_INFO 63
<br />
<br />
<br />
<br />
Change password example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
MOD_USER parameters<br />
LOGIN USER_LOGIN is the login name of the user account. This parameter is not case sensitive<br />
<strong>and</strong> must not be left blank.<br />
If the following parameters are not specified, then the parameter value for the specified user is<br />
preserved.<br />
USER_NAME is the actual name of the user to be modified. This parameter is not case sensitive,<br />
can be any valid string, <strong>and</strong> has a maximum length of 39 characters. This string is used for display<br />
only <strong>and</strong> must not be left blank.<br />
MOD_USER USER_LOGIN is the name used to gain access to <strong>iLO</strong>. This parameter can be a<br />
combination of any printable characters up to a maximum length of 39 characters. This parameter<br />
is not case sensitive <strong>and</strong> must not be left blank.<br />
PASSWORD is the password associated with the user. This parameter is case sensitive <strong>and</strong> can<br />
be a combination of any printable characters. The length is user defined <strong>and</strong> can be a minimum<br />
of zero characters <strong>and</strong> a maximum of 39 characters. The minimum length is defined in the <strong>iLO</strong><br />
Global Settings <strong>and</strong> has a default value of eight characters.<br />
ADMIN_PRIV is a Boolean parameter that enables the user to administer user accounts. The user<br />
can modify their account settings, modify other user account settings, add users, <strong>and</strong> delete users.<br />
Omitting this parameter prevents the user from adding, deleting, or configuring user accounts.<br />
REMOTE_CONS_PRIV is a Boolean parameter that gives permission for the user to access the<br />
Remote Console functionality. This parameter is optional, <strong>and</strong> the Boolean string must be set to<br />
Yes if the user is allowed this privilege. If this parameter is used, the Boolean string value must<br />
not be left blank. Omitting this parameter denies the user access to Remote Console functionality.<br />
RESET_SERVER_PRIV is a Boolean parameter that gives the user permission to remotely manipulate<br />
the server power setting. This parameter is optional, <strong>and</strong> the Boolean string must be set to Yes if<br />
the user is allowed this privilege. If this parameter is used, the Boolean string value must not be<br />
left blank. Omitting this parameter prevents the user from manipulating the server power settings.<br />
VIRTUAL_MEDIA_PRIV is a Boolean parameter that gives the user permission to access the virtual<br />
media functionality. This parameter is optional, <strong>and</strong> the Boolean string must be set to Yes if the<br />
user is allowed this privilege. If this parameter is used, the Boolean string value must not be left<br />
blank. Omitting this parameter denies the user The Virtual Media privilege.<br />
CONFIG_ILO_PRIV is a Boolean parameter that enables the user to configure <strong>iLO</strong> settings. This<br />
privilege includes network settings, global settings, Insight Manager settings, <strong>and</strong> SNMP settings.<br />
This parameter is optional, <strong>and</strong> the Boolean string must be set to Yes if the user is allowed this<br />
privilege. If this parameter is used, the Boolean string value must not be left blank. Omitting this<br />
parameter prevents the user from manipulating the current <strong>iLO</strong> configuration.<br />
64 RIBCL XML <strong>Scripting</strong> Language
MOD_USER runtime errors<br />
Possible MOD_USER error messages include:<br />
• Login name is too long.<br />
• Password is too short.<br />
• Password is too long.<br />
• User information is open for read-only access. Write access is<br />
required for this operation.<br />
• User login name must not be blank.<br />
• Cannot modify user information for currently logged user.<br />
• User does not have correct privilege for action. ADMIN_PRIV required.<br />
GET_ALL_USERS<br />
The GET_ALL_USERS comm<strong>and</strong> returns all USER_LOGIN parameters in the user database. For this<br />
comm<strong>and</strong> to parse correctly, the comm<strong>and</strong> must appear within a USER_INFO comm<strong>and</strong> block,<br />
<strong>and</strong> USER_INFO MODE can be in read or write. The user must have the Administer User Accounts<br />
privilege to retrieve all user accounts.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_ALL_USERS parameters<br />
None<br />
GET_ALL_USERS runtime errors<br />
The possible GET_ALL_USERS error messages include:<br />
• User does not have correct privilege for action. ADMIN_PRIV required.<br />
GET_ALL_USERS return messages<br />
A possible GET_ALL_USERS return message is:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
USER_INFO 65
A possible unsuccessful request is:<br />
<br />
GET_ALL_USER_INFO<br />
The GET_ALL_USER_INFO comm<strong>and</strong> returns all local user information in the user database, excluding<br />
passwords. For this comm<strong>and</strong> to parse correctly, the comm<strong>and</strong> must appear within a USER_INFO<br />
comm<strong>and</strong> block, <strong>and</strong> USER_INFO MODE can be in read or write. The user must have the Administer<br />
User Accounts privilege to execute this comm<strong>and</strong>.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_ALL_USER_INFO parameters<br />
None<br />
GET_ALL_USER_INFO runtime errors<br />
The possible GET_ALL_USER_INFO error messages include:<br />
User does not have correct privilege for action. ADMIN_PRIV required.<br />
GET_ALL_USER_INFO return messages<br />
A possible GET_ALL_USER_INFO return message is:<br />
<br />
......<br />
The same information will be repeated for all the users.<br />
<br />
A possible unsuccessful request is:<br />
<br />
66 RIBCL XML <strong>Scripting</strong> Language
RIB_INFO<br />
RESET_RIB<br />
The RIB_INFO comm<strong>and</strong> can only appear within a LOGIN comm<strong>and</strong> block. When the comm<strong>and</strong><br />
is parsed, it reads the <strong>iLO</strong> configuration information database into memory <strong>and</strong> prepares to edit<br />
it. Only comm<strong>and</strong>s that are RIB_INFO type comm<strong>and</strong>s are valid inside the RIB_INFO comm<strong>and</strong><br />
block. The RIB_INFO comm<strong>and</strong> generates a response that indicates to the host application whether<br />
the database was successfully read or not. If the database is open for writing by another application,<br />
then this call fails.<br />
RIB_INFO requires the MODE parameter with a value of read or write. MODE is a specific string<br />
parameter with a maximum length of 10 characters that specifies what you intend to do with the<br />
information.<br />
Write mode enables both reading <strong>and</strong> writing of <strong>iLO</strong> information. Read mode prevents modification<br />
of the <strong>iLO</strong> information.<br />
For example:<br />
<br />
……… RIB_INFO comm<strong>and</strong>s ……<br />
<br />
Clear <strong>iLO</strong> event log example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
The RESET_RIB comm<strong>and</strong> is used to reset <strong>iLO</strong>. For this comm<strong>and</strong> to parse correctly, the comm<strong>and</strong><br />
must appear within a RIB_INFO comm<strong>and</strong> block, <strong>and</strong> RIB_INFO MODE can be set to read or<br />
write. The user must have the Configure <strong>iLO</strong> Settings privilege to execute this comm<strong>and</strong>.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
RESET_RIB parameters<br />
None<br />
RESET_RIB runtime errors<br />
The possible RESET_RIB error message include:<br />
User does not have correct privilege for action. CONFIG_ILO_PRIV<br />
required.<br />
RIB_INFO 67
GET_EVENT_LOG<br />
The GET_EVENT_LOG comm<strong>and</strong> retrieves the <strong>iLO</strong> Event Log or the Integrated Management log,<br />
depending on the context of the comm<strong>and</strong>. For this comm<strong>and</strong> to parse correctly, the comm<strong>and</strong><br />
must appear within a RIB_INFO or SERVER_INFO comm<strong>and</strong> block. To retrieve the <strong>iLO</strong> Event Log,<br />
use the RIB_INFO comm<strong>and</strong> block. To retrieve the Integrated Management log use, the<br />
SERVER_INFO comm<strong>and</strong> block.<br />
For example:<br />
• <strong>iLO</strong> Event Log example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
• Integrated Management log example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_EVENT_LOG parameters<br />
None<br />
GET_EVENT_LOG runtime errors<br />
GET_EVENT_LOG returns a runtime error if it is not called from within the RIB_INFO or<br />
SERVER_INFO block.<br />
For example:<br />
<br />
<br />
<br />
GET_EVENT_LOG return messages<br />
The response includes all of the events recorded, in the order that they occurred. Events are not<br />
sorted by severity or other criteria. Each event includes a common set of attributes:<br />
• SEVERITY indicates the importance of the error <strong>and</strong> how it might impact server or <strong>iLO</strong><br />
availability:<br />
◦ FAILED indicates a problem or component failure that might impact operational time if it<br />
is not addressed.<br />
◦ CAUTION indicates an event that is not expected during normal system operation. This<br />
might not indicate a platform issue.<br />
◦ DEGRADED indicates the device or subsystem is operating at a reduced capacity.<br />
68 RIBCL XML <strong>Scripting</strong> Language
◦ REPAIRED indicates that an event or component failure has been addressed.<br />
◦ INFORMATIONAL indicates that something noteworthy occurred, but operational time is<br />
not impacted.<br />
• CLASS indicates the subsystem that generated the event, <strong>and</strong> can include <strong>iLO</strong>, environment,<br />
power, system error, rack infrastructure, <strong>and</strong> more.<br />
• LAST_UPDATE indicates the most recent time this event was modified.<br />
• INITIAL_UPDATE indicates when this event first occurred.<br />
• COUNT indicates the number of times a duplicate event happened.<br />
• DESCRIPTION indicates the nature of the event <strong>and</strong> all recorded details.<br />
The following response is typical of the data returned from the <strong>iLO</strong> Event Log:<br />
<br />
<br />
...<br />
<br />
The following response is typical of the data returned from the Integrated Management Log:<br />
<br />
<br />
...<br />
<br />
CLEAR_EVENTLOG<br />
The CLEAR_EVENTLOG comm<strong>and</strong> clears the <strong>iLO</strong> Event Log. For this comm<strong>and</strong> to parse correctly,<br />
the comm<strong>and</strong> must appear within a RIB_INFO comm<strong>and</strong> block, <strong>and</strong> RIB_INFO MODE must be set<br />
to write. The user must have the Configure <strong>iLO</strong> Settings privilege to execute this comm<strong>and</strong>.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
CLEAR_EVENTLOG parameters<br />
None<br />
RIB_INFO 69
CLEAR_EVENTLOG runtime errors<br />
The possible CLEAR_EVENTLOG error messages are:<br />
• RIB information is open for read-only access. Write access is<br />
required for this operation.<br />
• User does not have correct privilege for action. CONFIG_ILO_PRIV<br />
required.<br />
COMPUTER_LOCK_CONFIG<br />
The COMPUTER_LOCK_CONFIG comm<strong>and</strong> is used to configure the Remote Console Computer<br />
Lock feature. For this comm<strong>and</strong> to parse correctly, the comm<strong>and</strong> must appear within a RIB_INFO<br />
comm<strong>and</strong> block, <strong>and</strong> RIB_INFO MODE must be set to write. The user must have the Configure <strong>iLO</strong><br />
Settings privilege to execute this comm<strong>and</strong>.<br />
Uppercase letters are not supported, <strong>and</strong> are converted automatically to lowercase. If either a<br />
double quote or a single quote is used, it must be different from the delimiter. For a complete list<br />
of the supported custom keys, see the <strong>HP</strong> <strong>iLO</strong> User <strong>Guide</strong> on the <strong>HP</strong> website at: http://www.hp.com/<br />
go/ilo3 <strong>and</strong> click More <strong>iLO</strong> Documentation.<br />
Windows example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Custom example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Disabled example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
70 RIBCL XML <strong>Scripting</strong> Language
<br />
<br />
COMPUTER_LOCK_CONFIG parameters<br />
The computer lock on Windows based operating systems defaults to the Windows logo + L keys.<br />
You can customize Linux <strong>and</strong> other operating systems by setting the following parameter:<br />
<br />
For example:<br />
<br />
COMPUTER_LOCK_CONFIG runtime errors<br />
Possible COMPUTER_LOCK_CONFIG error messages include:<br />
• RIB information is open for read-only access. Write access is<br />
required for this operation.<br />
• Invalid number of parameters. The maximum allowed is five.<br />
• User does not have correct privilege for action. CONFIG_ILO_PRIV<br />
required.<br />
• Invalid COMPUTER_LOCK option; value must be windows, custom, or<br />
disabled.<br />
• COMPUTER_LOCK value must be set to custom to use the<br />
COMPUTER_LOCK_KEY tag.<br />
• The COMPUTER_LOCK key comm<strong>and</strong> was used without a preceding<br />
COMPUTER_LOCK value comm<strong>and</strong> equal to custom.<br />
• The key parameter specified is not valid.<br />
GET_NETWORK_SETTINGS<br />
The GET_NETWORK_SETTINGS comm<strong>and</strong> requests the respective <strong>iLO</strong> network settings. For this<br />
comm<strong>and</strong> to parse correctly, the comm<strong>and</strong> must appear within a RIB_INFO comm<strong>and</strong> block, <strong>and</strong><br />
RIB_INFO MODE can be set to read or write.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_NETWORK_SETTINGS parameters<br />
None<br />
GET_NETWORK_SETTINGS runtime errors<br />
None<br />
GET_NETWORK_SETTINGS return messages<br />
A possible GET_NETWORK_SETTINGS return message is:<br />
RIB_INFO 71
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
PREFIXLEN="64"<br />
IPV6_GATEWAY="fe80::1:2:3"<br />
ADDR_STATUS="ACTIVE"/><br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
If the request is unsuccessful, you might receive the following message:<br />
<br />
• For IPV6_ADDRESS the ADDR_STATUS=”string”, will report status of “Pending”, “Active”, or<br />
“Failed” for each address. Pending indicates the Duplicate Address Detection (DAD) test is<br />
still in progress, Failed indicates that a duplicate address was found on the network <strong>and</strong> the<br />
address is not currently in use by <strong>iLO</strong>, <strong>and</strong> Active indicates that DAD passed <strong>and</strong> the address<br />
is in use by <strong>iLO</strong>.<br />
• For IPV6_ADDRESS the ADDR_SOURCE=”string” will report status of “Static” or “SLAAC”<br />
indicating the configuration source for that address. SLAAC indicates RFC 4862 Stateless<br />
Address Auto Configuration.<br />
• For IPV6_STATIC_ROUTE_[1:3] the ADDR_STATUS=”string” will report status of “Active” or<br />
“Failed” for each static route configured. Active indicates the route was accepted by the<br />
networking stack <strong>and</strong> is in use. Failed indicates the route was rejected by the networking<br />
stack, typically this is due to a “No route to source” error for the specified gateway. In this<br />
case, <strong>iLO</strong> will periodically retry setting the static route as long as it remains configured (a<br />
route to the gateway may be discovered in the future through router advertisements or further<br />
<strong>iLO</strong> address configuration.)<br />
MOD_NETWORK_SETTINGS<br />
MOD_NETWORK_SETTINGS is used to modify network settings. For this comm<strong>and</strong> to parse<br />
correctly, the comm<strong>and</strong> must appear within a RIB_INFO comm<strong>and</strong> block, <strong>and</strong> RIB_INFO MODE<br />
must be set to write. The user must have the Configure <strong>iLO</strong> Settings privilege to execute this<br />
comm<strong>and</strong>.<br />
The <strong>iLO</strong> scripting firmware does not attempt to decipher if the network modifications are appropriate<br />
for the network environment. When modifying network settings, be aware of the network comm<strong>and</strong>s<br />
provided to the management processor. In some cases, the management processor ignores<br />
comm<strong>and</strong>s <strong>and</strong> no error is returned.<br />
For example, when a script includes the comm<strong>and</strong> to enable DHCP <strong>and</strong> a comm<strong>and</strong> to modify the<br />
IP address, the IP address is ignored. Changing the network settings to values that are not correct<br />
for the network environment might cause a loss of connectivity to <strong>iLO</strong>.<br />
RIB_INFO 73
Once the script has successfully completed, the <strong>iLO</strong> management processor reboots to apply the<br />
changes. If connectivity to <strong>iLO</strong> is lost, use RBSU to reconfigure the network settings to values that<br />
are compatible with the network environment.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
74 RIBCL XML <strong>Scripting</strong> Language
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
RIB_INFO 75
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Modify VLAN example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
RBSU POST IP example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Shared network port example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
76 RIBCL XML <strong>Scripting</strong> Language
IPv6_ADDRESS support<br />
MOD_NETWORK_SETTINGS in <strong>iLO</strong> 3 v1.50 <strong>and</strong> later supports IPv6. This section of the sample<br />
script (shown below) <strong>and</strong> available from www.hp.com, is commented out. Uncomment the<br />
parameters as needed to enable them, <strong>and</strong> disable (comment out) the equivalent IPv4 parameters.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
RIB_INFO 77
MOD_NETWORK_SETTINGS runtime errors<br />
Possible MOD_NETWORK_SETTINGS error messages include:<br />
• RIB information is open for read-only access. Write access is<br />
required for this operation.<br />
• User does not have correct privilege for action. CONFIG_ILO_PRIV<br />
required.<br />
• Invalid DNS name, IPv4 address, or IPv6 address. This indicates an invalid<br />
SNTP_SERVERx value address or FQDN string.<br />
• Invalid IPv6 Address. This indicates an invalid IPv6 address <strong>and</strong>/or prefix length was<br />
entered.<br />
• Duplicate IPv6 Address. An address was duplicated in the script, or also possibly an<br />
address specified in the script is already in use by <strong>iLO</strong>.<br />
• IPv6 Addresses <strong>and</strong> Static Routes are in conflict. Indicates you tried to use<br />
an address prefix as a static route destination when it is already in use for a static address.<br />
Static addresses are assumed to be on-link by default, <strong>and</strong> therefore cannot also require<br />
routing.<br />
MOD_NETWORK_SETTINGS parameters<br />
If the following parameters are not specified, then the parameter value for the specified setting is<br />
preserved. Zero values are not permitted in some fields. Consequently, an empty string deletes the<br />
current value in some fields.<br />
ENABLE_NIC enables the NIC to reflect the state of <strong>iLO</strong>. The values are Yes or No. It is case<br />
insensitive.<br />
SHARED_NETWORK_PORT sets the Shared Network Port value. The values are Yes or No. For<br />
<strong>iLO</strong>, the Shared Network Port feature is only available on servers with hardware, NIC firmware,<br />
<strong>and</strong> <strong>iLO</strong> firmware that supports this feature. For <strong>iLO</strong>, the Shared Network Port is supported on all<br />
firmware versions, <strong>and</strong> the feature is available if the hardware is supported. This comm<strong>and</strong> is<br />
supported on all 300, 500, <strong>and</strong> 700 ML/DL servers.<br />
When using the <strong>iLO</strong> Shared Network Port, flashing the <strong>iLO</strong> firmware through the XML interface<br />
takes approximately 7 minutes to complete. Flashing the firmware using Shared Network Port with<br />
<strong>iLO</strong> does not take any longer to complete than using the dedicated <strong>iLO</strong> management port.<br />
SHARED_NETWORK_PORT_VLAN VALUE enables <strong>iLO</strong> 3 Shared Network Port VLAN ID tagging.<br />
The possible values are Yes or No<br />
SHARED_NETWORK_PORT_VLAN_ID VALUE sets the VLAN ID value. Values must be between 1<br />
<strong>and</strong> 4094.<br />
REG_DDNS_SERVER VALUE instructs <strong>iLO</strong> to register the management port with a DDNS server.<br />
The possible values are Yes or No.<br />
SPEED_AUTOSELECT is a Boolean parameter to enable or disable the <strong>iLO</strong> transceiver to auto-detect<br />
the speed <strong>and</strong> duplex of the network. This parameter is optional, <strong>and</strong> the Boolean string must be<br />
set to Yes if this behavior is desired. If this parameter is used, the Boolean string value must not<br />
be left blank. The possible values are Yes or No. It is case insensitive.<br />
FULL_DUPLEX is used to decide if <strong>iLO</strong> is to support full-duplex or half-duplex mode. It is only<br />
applicable if SPEED_AUTOSELECT was set to No. The possible values are Yes or No. It is case<br />
insensitive.<br />
NIC_SPEED is used to set the transceiver speed if SPEED_AUTOSELECT was set to No. The possible<br />
values are 10 or 100. Any other values result in a syntax error.<br />
DHCP_ENABLE is used to enable DHCP. The possible values are Yes or No. It is case insensitive.<br />
78 RIBCL XML <strong>Scripting</strong> Language
IP_ADDRESS is used to select the IP address for <strong>iLO</strong> if DHCP is not enabled. If an empty string is<br />
entered, the current value is deleted.<br />
SUBNET_MASK is used to select the subnet mask for <strong>iLO</strong> if DHCP is not enabled. If an empty string<br />
is entered, the current value is deleted.<br />
GATEWAY_IP_ADDRESS is used to select the default gateway IP address for <strong>iLO</strong> if DHCP is not<br />
enabled. If an empty string is entered, the current value is deleted.<br />
DNS_NAME is used to specify the DNS name for <strong>iLO</strong>. If an empty string is entered, the current<br />
value is deleted.<br />
DOMAIN_NAME is used to specify the domain name for the network where <strong>iLO</strong> resides. If an<br />
empty string is entered, the current value is deleted.<br />
DHCP_GATEWAY specifies if the DHCP-assigned gateway address is to be used. The possible<br />
values are Yes or No. It is case sensitive. This selection is only valid if DHCP is enabled.<br />
DHCP_DNS_SERVER specifies if the DHCP-assigned DNS server is to be used. The possible values<br />
are Yes or No. It is case sensitive. This selection is only valid if DHCP is enabled.<br />
DHCP_WINS_SERVER specifies if the DHCP-assigned WINS server is to be used. The possible<br />
values are Yes or No. It is case sensitive. This selection is only valid if DHCP is enabled.<br />
DHCP_STATIC_ROUTE specifies if the DHCP-assigned static routes are to be used. The possible<br />
values are Yes or No. It is case sensitive. This selection is only valid if DHCP is enabled.<br />
REG_WINS_SERVER specifies if <strong>iLO</strong> must be registered with the WINS server. The possible values<br />
are Yes or No. It is case sensitive. This selection is only valid if DHCP is enabled.<br />
PRIM_DNS_SERVER specifies the IP address of the primary DNS server. This parameter is only<br />
relevant if the DHCP-assigned DNS server address feature is disabled. If an empty string is entered,<br />
the current value is deleted.<br />
SEC_DNS_SERVER specifies the IP address of the secondary DNS server. This parameter is only<br />
relevant if the DHCP-assigned DNS server address feature is disabled. If an empty string is entered,<br />
the current value is deleted.<br />
TER_DNS_SERVER specifies the IP address of the tertiary DNS server. This parameter is only relevant<br />
if the DHCP-assigned DNS server address feature is disabled. If an empty string is entered, the<br />
current value is deleted.<br />
PRIM_WINS_SERVER specifies the IP address of the primary WINS server. This parameter is only<br />
relevant if the DHCP-assigned WINS server address feature is disabled. If an empty string is entered,<br />
the current value is deleted.<br />
SEC_WINS_SERVER specifies the IP address of the secondary WINS server. This parameter is only<br />
relevant if the DHCP-assigned WINS server address feature is disabled. If an empty string is entered,<br />
the current value is deleted.<br />
STATIC_ROUTE_1, STATIC_ROUTE_2, <strong>and</strong> STATIC_ROUTE_3 are used to specify the destination<br />
<strong>and</strong> gateway IP addresses of the static routes. The following two parameters are used within the<br />
static route comm<strong>and</strong>s. If an empty string is entered, the current value is deleted.<br />
• DEST specifies the destination IP addresses of the static route. This parameter is only relevant<br />
if the DHCP-assigned static route feature is disabled. If an empty string is entered, the current<br />
value is deleted.<br />
• GATEWAY specifies the gateway IP addresses of the static route. This parameter is only<br />
relevant if the DHCP-assigned static route feature is disabled. If an empty string is entered,<br />
the current value is deleted.<br />
DHCP_SNTP_SETTINGS is used to determine whether <strong>iLO</strong> is to get the SNTP time servers <strong>and</strong><br />
timezone from the DHCP server or whether the user enters that information manually.<br />
SNTP_SERVER1 specifies the IP address of an IPv4 or IPv6 SNTP server or the FQDN of an SNTP<br />
server. The FQDN must adhere to the DNS st<strong>and</strong>ard, for example time.nist.gov. The <strong>iLO</strong> firmware<br />
contacts this server for the UTC time. If <strong>iLO</strong> is unable to contact this server, it attempts to contact<br />
RIB_INFO 79
the Secondary Time Server. This parameter is only relevant if DHCP_SNTP_SETTINGS is set to No.<br />
If an empty string is entered, the current value is deleted.<br />
SNTP_SERVER2 specifies the IP address of an IPv4 or IPv6 SNTP server or the FQDN of an SNTP<br />
server. The FQDN must adhere to the DNS st<strong>and</strong>ard, for example time.nist.gov. The <strong>iLO</strong> firmware<br />
contacts this server for the UTC time. If <strong>iLO</strong> cannot contact the Primary Time Server, it contacts this<br />
server. This parameter is only relevant if DHCP_SNTP_SETTINGS is set to No. If an empty string is<br />
entered, the current value is deleted.<br />
TIMEZONE specifies the current time zone from the Olson database. Using a web browser, in <strong>iLO</strong><br />
3 v1.40 or earlier, go to Administration→Network→SNTP Settings <strong>and</strong> select the correct time<br />
zone from the Timezone list box. The text of the time zone name must be entered exactly as it<br />
appears in the SNTP Settings time zone list box, (minus the GMT offset). America/Anchorage or<br />
Europe/Zurich are two examples of a valid time zone.<br />
For <strong>iLO</strong> 3 v1.50 <strong>and</strong> later, depending on which NIC is presently in use, navigate to Network+<strong>iLO</strong><br />
Dedicated Network Port <strong>and</strong> then select the SNTP tab, or navigate to Network+Shared Network<br />
Port <strong>and</strong> then select the SNTP tab.<br />
WEB_AGENT_IP_ADDRESS specifies the address for the Web-enabled agents. If an empty string<br />
is entered, the current value is deleted.<br />
IPv6 MOD_NETWORK_SETTINGS parameters<br />
If the following parameters are not specified, then the parameter value for the specified setting is<br />
preserved. Zero values are not permitted in some fields. Consequently, an empty string deletes the<br />
current value in some fields.<br />
IPV6_ADDRESS is used to configure a static IPv6 address on <strong>iLO</strong>. When IPV6_ADDRESS entries<br />
are included in a script, all previously configured IPv6 static addresses are deleted. Only the<br />
addresses specified in the script will be in use by <strong>iLO</strong> after the script successfully completes. All<br />
static address entries on <strong>iLO</strong> can be cleared by specifying a single blank IPV6_ADDRESS entry.<br />
• ADDR_SOURCE may be included for ease in turning around GET_NETWORK_SETTINGS<br />
output as input to MOD_NETWORK_SETTINGS. However, if the value is not STATIC the<br />
entire entry is ignored.<br />
• ADDR_STATUS may be included for ease in turning using GET_NETWORK_SETTINGS output<br />
as input to MOD_NETWORK_SETTINGS. It’s value is always ignored as input.<br />
IPV6_STATIC_ROUTE_[1:3] is used to configure static routes for IPv6 on <strong>iLO</strong>.<br />
• IPV6_DEST specifies the destination address prefix, limited by PREFIXLEN. Must be a valid<br />
literal IPv6 address in string form.<br />
• IPV6_GATEWAY specifies the IPv6 address to which the prefixes should be routed. Must be<br />
a valid literal IPv6 address in string form.<br />
• ADDR_STATUS is used for ease in turning GET_NETWORK_SETTINGS output around as input<br />
to MOD_NETWORK_SETTINGS, but is always ignored as input.<br />
NOTE: To clear a static route, enter blank addresses (“::”) for IPV6_DEST <strong>and</strong> IPV6_GATEWAY,<br />
with “0” (zero) PREFIXLEN.<br />
IPV6_PRIM_DNS_SERVER, IPV6_SEC_DNS_SERVER, <strong>and</strong> IPV6_TER_DNS_SERVER are used to<br />
specify primary, secondary, <strong>and</strong> tertiary IPv6 DNS server addresses. Values must be valid literal<br />
IPv6 addresses in string form. These addresses are used in addition to the IPv4 DNS server<br />
addresses. Clear address entries by specifying blank IPv6 addresses (“::”). When <strong>iLO</strong> Client<br />
applications are configured to prefer IPv6 (see IPV6_PREFFERED_PROTOCOL) the order of use will<br />
be:<br />
1. IPV6_PRIM_DNS_SERVER<br />
2. PRIM_DNS_SERVER<br />
3. IPV6_SEC_DNS_SERVER<br />
80 RIBCL XML <strong>Scripting</strong> Language
4. SEC_DNS_SERVER<br />
5. IPV6_TER_DNS_SERVER<br />
6. TER_DNS_SERVER<br />
When IPv4 protocol is preferred by <strong>iLO</strong> clients, the order of IPv6 <strong>and</strong> IPv4 is reversed for each of<br />
primary, secondary, <strong>and</strong> then tertiary settings respectively.<br />
IPV6_DEFAULT_GATEWAY allows you to add an IPv6 address to the default gateway address list<br />
maintained by the ILO network stack. This is primarily for environments when no RA (router<br />
advertised) messages are present on the network. The value must be a valid literal IPv6 address<br />
in string form. Clear address entry by specifying a blank IPv6 address (“::”).<br />
IPV6_ADDR_AUTOCFG enables or disables RFC 4862 SLAAC (Stateless Address Auto<br />
Configuration). Value must be either “Y” (enabled) or “N” (disabled). When enabled, <strong>iLO</strong> creates<br />
IPv6 addresses for itself from RA prefixes as appropriate. When disabled, only the link-local address<br />
is automatically configured. Router advertisements are still monitored but not used for SLAAC<br />
address creation.<br />
IPV6_REG_DDNS_SERVER enables or disables automatic DNS server IPv6 address registration.<br />
Value must be either “Y” (enabled) or “N” (disabled). When enabled, <strong>iLO</strong> attempts to register<br />
AAAA <strong>and</strong> PTR records for its IPv6 addresses with the DNS server.<br />
IPV6_PREFERRED_PROTOCOL enables or disables using IPv6 addresses as preferred. Value must<br />
be either “Y” (enabled) or “N” (disabled). When enabled, <strong>iLO</strong> client applications use IPv6 service<br />
addresses before IPv4 service addresses when both are configured. Client applications affected<br />
by this setting currently are the DNS name resolver <strong>and</strong> SNTP. In SNTP, if FQDNs are configured,<br />
<strong>and</strong> the DNS name resolver returns both A (IPv4) <strong>and</strong> AAAA (IPv6) records, the addresses are<br />
tried in order specified by this setting. For the DNS name resolver, if both IPv4 <strong>and</strong> IPv6 DNS<br />
addresses are configured, this setting determines the order of use for the primary addresses, then<br />
the secondary addresses, <strong>and</strong> finally the tertiary addresses.<br />
GET_GLOBAL_SETTINGS<br />
The GET_GLOBAL_SETTINGS comm<strong>and</strong> requests the respective <strong>iLO</strong> global settings. For this<br />
comm<strong>and</strong> to parse correctly, the comm<strong>and</strong> must appear within a RIB_INFO comm<strong>and</strong> block, <strong>and</strong><br />
RIB_INFO MODE can be set to read or write.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_GLOBAL_SETTINGS parameters<br />
None<br />
GET_GLOBAL_SETTINGS runtime errors<br />
None<br />
GET_GLOBAL_SETTINGS return messages<br />
A possible GET_GLOBAL_SETTINGS return message is as follows:<br />
<br />
<br />
<br />
RIB_INFO 81
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
MOD_GLOBAL_SETTINGS<br />
The MOD_GLOBAL_SETTINGS comm<strong>and</strong> modifies global settings. For this comm<strong>and</strong> to parse<br />
correctly, the comm<strong>and</strong> must appear within a RIB_INFO comm<strong>and</strong> block, <strong>and</strong> RIB_INFO MODE<br />
must be set to write. The user must have the Configure <strong>iLO</strong> Settings privilege to execute this<br />
comm<strong>and</strong>.<br />
The <strong>iLO</strong> device (not the server) resets automatically to make changes to port settings effective.<br />
Setting the ILO_FUNCT_ENABLED to No disables the <strong>iLO</strong> management functions. If disabled, you<br />
must use the <strong>iLO</strong> Security Override Switch on the server system board <strong>and</strong> the <strong>iLO</strong> RBSU (F8 key)<br />
to re-enable <strong>iLO</strong>.<br />
Example 1: Use CPQLOCFG.EXE version 4.01 or later with the following scripts.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
82 RIBCL XML <strong>Scripting</strong> Language
As of release <strong>iLO</strong> 3 version 1.05, the Virtual Serial Port supports automatically enabling <strong>and</strong><br />
disabling software flow control. By default, this behavior is disabled. You can enable this<br />
configuration option using the RIBCL only. To enable this option, execute the following script:<br />
Example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
The VSP_SOFTWARE_FLOW_CONTROL feature is not supported in <strong>iLO</strong> 3.<br />
MOD_GLOBAL_SETTINGS parameters<br />
The following parameters are optional. If you do not specify a parameter, then the parameter value<br />
for the specified setting is preserved.<br />
NOTE: If any port changes are detected, <strong>iLO</strong> reboots to apply the changes after the script has<br />
completed successfully.<br />
SSH_STATUS—Determines if SSH is enabled. The valid values are Yes or No, which enable or<br />
disable SSH functionality.<br />
SSH_PORT—Specifies the port used for SSH connection on <strong>iLO</strong> 3. The processor must be reset if<br />
this value is changed.<br />
REMOTE_CONSOLE_PORT—Specifies the port used for remote console.<br />
HTTP_PORT—Specifies the HTTP port number.<br />
HTTPS_PORT—Specifies the HTTPS (SSL) port number.<br />
VIRTUAL_MEDIA_PORT—Specifies the port used for virtual media.<br />
SESSION_TIMEOUT—Determines the maximum session timeout value in minutes. The accepted<br />
values are 0, 15, 30, 60, <strong>and</strong> 120. A value of 0 specifies infinite timeout.<br />
ILO_FUNCT_ENABLED—Determines if the Lights-Out functionality is enabled or disabled for <strong>iLO</strong>.<br />
The possible values are Yes or No. This parameter is case insensitive.<br />
F8_PROMPT_ENABLED—Determines if the F8 prompt for ROM-based configuration appears during<br />
POST. The possible values are Yes or No.<br />
F8_LOGIN_REQUIRED—Determines if login credentials are required to access the RBSU for <strong>iLO</strong>.<br />
The possible values are Yes or No.<br />
MIN_PASSWORD—Specifies how many characters are required in all user passwords. The value<br />
can be from zero to 39 characters.<br />
ENFORCE_AES—Determines if <strong>iLO</strong> enforces the use of AES/3DES encryption ciphers over the <strong>iLO</strong><br />
interface, SSH, <strong>and</strong> XML connections. The possible values are Yes or No.<br />
AUTHENTICATION_FAILURE_LOGGING—Specifies logging criteria for failed authentications.<br />
Possible values include:<br />
• 0—Disabled<br />
• 1—Enabled (records every authentication failure)<br />
• 2—Enabled (records every second authentication failure)<br />
RIB_INFO 83
• 3—Enabled (records every third authentication failure: this is the default value.)<br />
• 5—Enabled (records every fifth authentication failure)<br />
SERIAL_CLI_STATUS—Specifies the status of the CLI. The possible values include:<br />
• 0—No change<br />
• 1—Disabled<br />
• 2—Enabled (no authentication required)<br />
• 3—Enabled (authentication required)<br />
SERIAL_CLI_SPEED—Specifies the CLI port speed.<br />
NOTE: The serial port speed set using this parameter must match the speed of the serial port set<br />
in the RBSU.<br />
The possible values include:<br />
• 0—No change<br />
• 1—9,600 bps<br />
• 2—19,200 bps<br />
• 3—38,400 bps<br />
• 4—57,600 bps<br />
• 5—115,200 bps<br />
MOD_GLOBAL_SETTINGS runtime errors<br />
Possible MOD_GLOBAL_SETTINGS error messages include:<br />
• RIB information is open for read-only access. Write access is<br />
required for this operation.<br />
• User does not have correct privilege for action. CONFIG_ILO_PRIV<br />
required.<br />
• Unrecognized keyboard model.<br />
BROWNOUT_RECOVERY<br />
The BROWNOUT_RECOVERY comm<strong>and</strong> turns the brownout recovery feature on or off. For this<br />
comm<strong>and</strong> to parse correctly, it must appear within a RIB_INFO comm<strong>and</strong> block, <strong>and</strong> must appear<br />
within a MOD_GLOBAL_SETTINGS comm<strong>and</strong> block. RIB_INFO MODE must be set to write. This<br />
comm<strong>and</strong> requires CPQLOCFG.EXE version 4.01 or later. This comm<strong>and</strong> requires the <strong>iLO</strong> 3<br />
firmware version to be v1.25 or later. The user must have the Configure <strong>iLO</strong> Settings privilege to<br />
execute this comm<strong>and</strong>.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
BROWNOUT_RECOVERY parameters<br />
—Disables brownout recovery<br />
84 RIBCL XML <strong>Scripting</strong> Language
—Enables brownout recovery<br />
BROWNOUT_RECOVERY runtime errors<br />
None<br />
GET_SNMP_IM_SETTINGS<br />
The GET_SNMP_IM_SETTINGS comm<strong>and</strong> requests the respective <strong>iLO</strong> SNMP IM settings. For this<br />
comm<strong>and</strong> to parse correctly, the GET_SNMP_IM_SETTINGS comm<strong>and</strong> must appear within a<br />
RIB_INFO comm<strong>and</strong> block, <strong>and</strong> RIB_INFO MODE can be set to read or write.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_SNMP_IM_SETTINGS parameters<br />
None<br />
GET_SNMP_IM_SETTINGS runtime errors<br />
None<br />
GET_SNMP_IM_SETTINGS return messages<br />
A possible GET_SNMP_IM_SETTINGS return message is:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
MOD_SNMP_IM_SETTINGS<br />
MOD_SNMP_IM_SETTINGS is used to modify SNMP <strong>and</strong> Insight Manager settings. For this<br />
comm<strong>and</strong> to parse correctly, the comm<strong>and</strong> must appear within a RIB_INFO comm<strong>and</strong> block, <strong>and</strong><br />
RIB_INFO MODE must be set to write. The user must have the Configure <strong>iLO</strong> Settings privilege to<br />
execute this comm<strong>and</strong>.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
RIB_INFO 85
<br />
<br />
<br />
<br />
<br />
<br />
MOD_SNMP_IM_SETTINGS parameters<br />
All of the following parameters are optional. If a parameter is not specified, then the parameter<br />
value for the specified setting is preserved.<br />
SNMP_ADDRESS_1, SNMP_ADDRESS_2, <strong>and</strong> SNMP_ADDRESS_3 are the addresses that receive<br />
traps sent to the user. Each of these parameters can be any valid IP address.<br />
OS_TRAPS determines if the user is allowed to receive SNMP traps that are generated by the<br />
operating system. The possible values are Yes <strong>and</strong> No. By default, the value is set to No.<br />
RIB_TRAPS determines if the user is allowed to receive SNMP traps that are generated by the RIB.<br />
The possible values are Yes <strong>and</strong> No. By default, the value is set to No.<br />
WEB_AGENT_IP_ADDRESS is the address for the Web-enabled agents. The value for this element<br />
has a maximum length of 50 characters. It can be any valid IP address. If an empty string is entered,<br />
the current value is deleted.<br />
SNMP_PASSTHROUGH_STATUS determines if <strong>iLO</strong> can receive <strong>and</strong> send SNMP requests to <strong>and</strong><br />
from the host OS. By default, the value is set to Yes.<br />
CIM_SECURITY_MASK accepts an integer between 0 <strong>and</strong> 4. The possible values are:<br />
• 0—No change<br />
• 1—None (no data is returned)<br />
• 2—Low (name <strong>and</strong> status data are returned. Associations are present if SNMP pass-through<br />
is supported. If not, the server <strong>and</strong> management processor are separate entities in the device<br />
list.)<br />
• 3—Medium (<strong>iLO</strong> <strong>and</strong> server associations are present but the summary page contains less<br />
detail than at high security)<br />
• 4—High (associations are present <strong>and</strong> all data is present on the summary page)<br />
Each value indicates the level of data returned over the HTTP port.<br />
MOD_SNMP_IM_SETTINGS runtime errors<br />
Possible MOD_SNMP_IM_SETTINGS error messages include:<br />
• RIB information is open for read-only access. Write access is<br />
required for this operation.<br />
• User does not have correct privilege for action. CONFIG_ILO_PRIV<br />
required.<br />
UPDATE_FIRMWARE<br />
The UPDATE_FIRMWARE comm<strong>and</strong> copies a specified file to <strong>iLO</strong>, starts the upgrade process, <strong>and</strong><br />
reboots the board after the image has been successfully flashed. For this comm<strong>and</strong> to parse correctly,<br />
the comm<strong>and</strong> must appear within a RIB_INFO comm<strong>and</strong> block, <strong>and</strong> RIB_INFO MODE must be set<br />
to write. The user must have the Configure <strong>iLO</strong> Settings privilege to execute this comm<strong>and</strong>.<br />
Example 1:<br />
<br />
<br />
<br />
86 RIBCL XML <strong>Scripting</strong> Language
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
When you send an XML script to update the <strong>iLO</strong> firmware, it verifies the TPM configuration status<br />
of option ROM measuring. If it is enabled, the <strong>iLO</strong> firmware returns the same warning message<br />
as stated in the web interface. You can add the TPM_ENABLE comm<strong>and</strong> to the script file. <strong>HP</strong><br />
recommends using XML script syntax to execute firmware updates. To enable the firmware update<br />
to continue, you must set TPM_ENABLE to a value of Y or Yes.<br />
Example 2:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
UPDATE_FIRMWARE parameters<br />
IMAGE_LOCATION is the full path file name of the firmware upgrade file.<br />
TPM_ENABLE enables the firmware to continue updating when the option ROM measuring is<br />
enabled. To enable the firmware update to continue, you must set TPM_ENABLE to a value of Y<br />
or Yes.<br />
UPDATE_FIRMWARE runtime errors<br />
Possible UPDATE_FIRMWARE error messages include:<br />
• RIB information is open for read-only access. Write access is<br />
required for this operation.<br />
• Unable to open the firmware image update file.<br />
• Unable to read the firmware image update file.<br />
• The firmware upgrade file size is too big.<br />
• The firmware image file is not valid.<br />
• A valid firmware image has not been loaded.<br />
• The flash process could not be started.<br />
• IMAGE_LOCATION must not be blank.<br />
• User does not have correct privilege for action. CONFIG_ILO_PRIV<br />
required.<br />
GET_FW_VERSION<br />
The GET_FW_VERSION comm<strong>and</strong> requests the respective <strong>iLO</strong> firmware information. For this<br />
comm<strong>and</strong> to parse correctly, the comm<strong>and</strong> must appear within a RIB_INFO comm<strong>and</strong> block, <strong>and</strong><br />
RIB_INFO MODE must be set to write. The user must have the Configure <strong>iLO</strong> Settings privilege to<br />
execute this comm<strong>and</strong>.<br />
For example:<br />
RIB_INFO 87
<br />
<br />
<br />
<br />
<br />
<br />
GET_FW_VERSION parameters<br />
None<br />
GET_FW_VERSION runtime errors<br />
None<br />
GET_FW_VERSION return messages<br />
LICENSE<br />
The following information is returned within the response:<br />
<br />
The LICENSE comm<strong>and</strong> activates or deactivates <strong>iLO</strong> advanced features. For this comm<strong>and</strong> to parse<br />
correctly, the comm<strong>and</strong> must appear within a RIB_INFO comm<strong>and</strong> block, <strong>and</strong> RIB_INFO MODE<br />
must be set to write. The user must have the Configure <strong>iLO</strong> Settings privilege to execute this<br />
comm<strong>and</strong>.<br />
To see a video demonstration of LICENSE comm<strong>and</strong>, see Installing an <strong>iLO</strong> License Key through<br />
scripting at:<br />
http://www.hp.com/go/ilo/videos<br />
You do not have to use a licensing key on a ProLiant BL Class server. Advanced features are<br />
automatically activated.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
LICENSE parameters<br />
ACTIVATE followed by a valid KEY value signals the activation of the <strong>iLO</strong> 3 advanced pack<br />
licensing.<br />
KEY specifies the license key value. The key must be entered as one continuous string. Commas,<br />
periods, or other characters must not separate the key value. The key only accepts 25 characters;<br />
other characters entered to separate key values are interpreted as a part of the key, <strong>and</strong> results in<br />
the wrong key being entered.<br />
88 RIBCL XML <strong>Scripting</strong> Language
LICENSE runtime errors<br />
Possible LICENSE error messages include:<br />
• License key error.<br />
• License is already active.<br />
• User does not have correct privilege for action. CONFIG_ILO_PRIV<br />
required.<br />
INSERT_VIRTUAL_MEDIA<br />
This comm<strong>and</strong> notifies <strong>iLO</strong> of the location of a diskette image. The INSERT_VIRTUAL_MEDIA<br />
comm<strong>and</strong> must display within a RIB_INFO element, <strong>and</strong> RIB_INFO must be in write mode. You<br />
must purchase the <strong>iLO</strong> Advanced license to enable this feature.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
INSERT_VIRTUAL_MEDIA parameters<br />
DEVICE specifies the Virtual Media device target. The possible values are FLOPPY or CDROM. If<br />
the DEVICE is not specified, FLOPPY is assumed. This value is case-sensitive.<br />
IMAGE_URL specifies the URL for the diskette image. The URL format is as follows:<br />
protocol://username:password@hostname:port/filename,cgi-helper<br />
• protocol is m<strong>and</strong>atory <strong>and</strong> must be either http or https.<br />
• username:password is optional.<br />
• hostname is m<strong>and</strong>atory.<br />
• port is optional.<br />
• filename is m<strong>and</strong>atory.<br />
• cgi-helper is optional. This enables the virtual floppy to be writable.<br />
In addition, the filename field can contain tokens that exp<strong>and</strong> to host-specific strings:<br />
• %m exp<strong>and</strong>s to the <strong>iLO</strong> 3 MAC address.<br />
• %i exp<strong>and</strong>s to the <strong>iLO</strong> 3 IP address in dotted-quad form.<br />
• %h exp<strong>and</strong>s to the <strong>iLO</strong> 3 hostname.<br />
For example:<br />
http://john:abc123@imgserver.company.com/disk/win98dos.bin,/cgi-bin/<br />
hpvfhelp.pl<br />
http://imgserver.company.com/disk/boot%m.bin<br />
This comm<strong>and</strong> specifies only the location of the image to be used. For the image to be connected<br />
to the server, the appropriate BOOT_OPTION must be specified using the SET_VM_STATUS<br />
comm<strong>and</strong>. If BOOT_OPTION is set to BOOT_ONCE <strong>and</strong> the server is rebooted, any subsequent<br />
server reboots eject the image.<br />
RIB_INFO 89
INSERT_VIRTUAL_FLOPPY runtime errors<br />
The possible INSERT_VIRTUAL_FLOPPY error messages include:<br />
• RIB information is open for read-only access. Write access is<br />
required for this operation.<br />
• IMAGE_URL must not be blank.<br />
• User does not have correct privilege for action. VIRTUAL_MEDIA_PRIV<br />
required.<br />
• Unable to parse Virtual Media URL<br />
• An invalid Virtual Media option has been given.<br />
• Virtual Media already connected through a script. You must eject or<br />
disconnect before inserting new media.<br />
EJECT_VIRTUAL_MEDIA<br />
EJECT_VIRTUAL_MEDIA ejects the Virtual Media image if one is inserted. The EJECT_VIRTUAL_MEDIA<br />
comm<strong>and</strong> must display within a RIB_INFO element <strong>and</strong> RIB_INFO must be in write mode. You must<br />
purchase the <strong>iLO</strong> Advanced license to enable this feature.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
EJECT_VIRTUAL_MEDIA parameters<br />
DEVICE specifies the Virtual Media device target. The possible values are FLOPPY or CDROM. If<br />
the DEVICE is not specified, FLOPPY is assumed. This value is case-sensitive.<br />
EJECT_VIRTUAL_MEDIA runtime errors<br />
Possible EJECT_VIRTUAL_MEDIA errors are:<br />
• RIB information is open for read-only access. Write access is<br />
required for this operation.<br />
• User does not have correct privilege for action. VIRTUAL_MEDIA_PRIV<br />
required.<br />
• No image present in the Virtual Media drive.<br />
• An invalid Virtual Media option has been given.<br />
GET_VM_STATUS<br />
GET_VM_STATUS returns the Virtual Media drive status. This comm<strong>and</strong> must display within a<br />
RIB_INFO element.<br />
For example:<br />
<br />
<br />
<br />
90 RIBCL XML <strong>Scripting</strong> Language
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_VM_STATUS parameters<br />
DEVICE specifies the Virtual Media device target. The possible values are FLOPPY or CDROM. If<br />
the DEVICE is not specified, FLOPPY is assumed. These values are not case-sensitive.<br />
GET_VM_STATUS runtime errors<br />
The possible GET_VM_STATUS error is:<br />
An invalid Virtual Media option has been given.<br />
GET_VM_STATUS return messages<br />
The return message displays the current state of the Virtual Media. The VM_APPLET parameter<br />
shows if a virtual media device is already connected through the Integrated Remote Console, Java<br />
Integrated Remote Console, or the <strong>iLO</strong> 3 graphical interface. If the VM_APPLET = CONNECTED,<br />
then the (non-URL based) Virtual Media is already in use <strong>and</strong> cannot be connected through scriptable<br />
Virtual Media or Virtual Media XML comm<strong>and</strong>s.<br />
NOTE: Only URL-based Virtual Media can be connected through scriptable Virtual Media or<br />
Virtual Media XML. However, URL-based Virtual Media will display as DISCONNECTED through<br />
VM_APPLET even if an URL-based VM is configured via the <strong>iLO</strong>, Integrated Remote Console, Java<br />
Integrated Remote Console, CLI, or RIBCL.<br />
The DEVICE parameter tells which device this return message is for. The BOOT_OPTION shows<br />
the current setting; BOOT_ALWAYS means that the server always use the Virtual Media device for<br />
booting, BOOT_ONCE means that the server boots to the Virtual Device once <strong>and</strong> then disconnects<br />
the Virtual Media on the subsequent server reboot, <strong>and</strong> NO_BOOT means that the Virtual Media<br />
does not connect during a server reboot. The WRITE_PROTECT_FLAG parameter shows if the<br />
Virtual Media image can be written to. The IMAGE_INSERTED parameter tells if the Virtual Media<br />
device is connected via the scriptable Virtual Media or the Virtual Media XML comm<strong>and</strong>.<br />
A possible GET_VM_STATUS return message is:<br />
VM_APPLET = CONNECTED | DISCONNECTED<br />
DEVICE = FLOPPY | CDROM<br />
BOOT_OPTION = BOOT_ALWAYS | BOOT_ONCE | NO_BOOT<br />
WRITE_PROTECT_FLAG = YES | NO<br />
IMAGE_INSERTED = YES | NO<br />
NOTE: If the BOOT_ONCE boot option is selected, all scriptable virtual media parameters are<br />
reset to default settings after the server boots. Specifically BOOT_OPTION = NO_BOOT,<br />
WRITE_PROTECT = NO, <strong>and</strong> IMAGE_INSERTED = NO.<br />
SET_VM_STATUS<br />
The SET_VM_STATUS comm<strong>and</strong> sets the Virtual Media drive status. This comm<strong>and</strong> must appear<br />
within a RIB_INFO element, <strong>and</strong> RIB_INFO must be set to write. All the parameters in the comm<strong>and</strong><br />
are optional. You must purchase the <strong>iLO</strong> Advanced license to enable this feature.<br />
For example:<br />
<br />
<br />
<br />
RIB_INFO 91
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SET_VM_STATUS parameters<br />
DEVICE specifies the Virtual Media device target. The possible values are FLOPPY or CDROM. If<br />
the DEVICE is not specified, FLOPPY is assumed. The value is not case-sensitive.<br />
VM_BOOT_OPTION specifies the boot option parameter for the Virtual Media. The possible values<br />
are BOOT_ALWAYS, BOOT_ONCE, or NO_BOOT. These values control how the Virtual Media<br />
device behaves during the boot phase of the server. Setting these values does not affect the current<br />
state of the Virtual Media device. These settings only take affect if the Virtual Media device is<br />
connected at server boot.<br />
• BOOT_ALWAYS sets the VM_BOOT_OPTION to BOOT_ALWAYS. The Virtual Media device<br />
is always connected during server boot. The Virtual Media device is not connected immediately<br />
when the VM_BOOT_OPTION is set. The Virtual Media device is connected on the next server<br />
boot after setting of the VM_BOOT_OPTION.<br />
• BOOT_ONCE sets the VM_BOOT_OPTION to BOOT_ONCE. The Virtual Media device is<br />
connected during the next server boot, but on any subsequent server boots, it does not connect.<br />
The BOOT_ONCE option is intended to boot one time to the Virtual Media device, use that<br />
device while the server is running, <strong>and</strong> then not have the Virtual Media device available on<br />
subsequent server reboots. The Virtual Media device is not connected immediately when the<br />
VM_BOOT_OPTION is set. The Virtual Media device is connected on the next server boot<br />
following the setting of the VM_BOOT_OPTION. After the server has booted once with the<br />
Virtual Media device connected, on the subsequent server reboot, the Virtual Media device<br />
does not connect <strong>and</strong> the following Virtual Media device settings reset to their default values:<br />
◦ BOOT_OPTION=NO_BOOT<br />
◦ IMAGE_INSERTED = NO<br />
• NO_BOOT sets the VM_BOOT_OPTION to NO_BOOT. The Virtual Media device is not<br />
connected during the next server boot. The Virtual Media device is not disconnected<br />
immediately when the VM_BOOT_OPTION is set. The Virtual Media device is disconnected<br />
on the next server boot following the setting of the VM_BOOT_OPTION. After the server has<br />
booted, the Virtual Media device does not connect <strong>and</strong> the following Virtual Media device<br />
settings reset to their default values:<br />
◦ BOOT_OPTION = NO_BOOT<br />
◦ IMAGE_INSERTED = NO<br />
In addition to the VM_BOOT_OPTIONS, CONNECT <strong>and</strong> DISCONNECT are also possible values.<br />
The CONNECT <strong>and</strong> DISCONNECT settings can be used to control the Virtual Media devices in<br />
the same way that they are controlled in the Virtual Media applet. Whenever the CONNECT or<br />
DISCONNECT parameters are set, the Virtual Media device immediately connects or disconnects,<br />
respectively, to the server.<br />
• CONNECT sets the VM_BOOT_OPTION to CONNECT. The Virtual Media device is<br />
immediately connected to the server. Setting the VM_BOOT_OPTION to CONNECT is<br />
equivalent to clicking the device Connect button on the Virtual Media Applet. After setting the<br />
92 RIBCL XML <strong>Scripting</strong> Language
VM_BOOT_OPTION to CONNECT, the VM_GET_STATUS comm<strong>and</strong> shows the<br />
VM_BOOT_OPTION as BOOT_ALWAYS. This is by design <strong>and</strong> shows that the Virtual Media<br />
device is connected like the Virtual Media device in the applet which is always connected<br />
during all server boots.<br />
• DISCONNECT sets the VM_BOOT_OPTION to DISCONNECT. The Virtual Media device is<br />
immediately disconnected from the server. Setting the VM_BOOT_OPTION to DISCONNECT<br />
is equivalent to clicking the device Disconnect button on the Virtual Media Applet. Additionally,<br />
setting the VM_BOOT_OPTION to DISCONNECT is equivalent to issuing the<br />
EJECT_VIRTUAL_MEDIA comm<strong>and</strong>. When the VM_BOOT_OPTION is set to DISCONNECT,<br />
the Virtual Media device does not connect <strong>and</strong> the following Virtual Media device settings<br />
are reset to their default values:<br />
◦ BOOT_OPTION = NO_BOOT<br />
◦ IMAGE_INSERTED = NO<br />
VM_WRITE_PROTECT sets the write protect flag value for the Virtual Floppy. This value is not<br />
significant for the Virtual Media CD-ROM. The possible values are Y or N.<br />
SET_VM_STATUS runtime errors<br />
The possible runtime errors are:<br />
• RIB information is open for read-only access. Write access is<br />
required for this operation.<br />
• User does not have correct privilege for action. VIRTUAL_MEDIA_PRIV<br />
required.<br />
• An invalid Virtual Media option has been given.<br />
CERTIFICATE_SIGNING_REQUEST<br />
This comm<strong>and</strong> requests a certificate from <strong>iLO</strong>. When this comm<strong>and</strong> is received, <strong>iLO</strong> generates a<br />
certificate signing request. The request is returned to the user enclosed in a<br />
CERTIFICATE_SIGNING_REQUEST tag. This comm<strong>and</strong> requires CPQLOCFG.EXE version 4.01 or<br />
later.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
For the custom CERTIFICATE_SIGNING_REQUEST script, you must specify all tags, except for<br />
CSR_ORGANIZATIONAL_UNIT. If you run the script with any missing tags, then the default is used<br />
for the missing tag. If a required tag is left blank, an error message appears.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
RIB_INFO 93
<br />
<br />
<br />
CERTIFICATE_SIGNING_REQUEST parameters (for custom CSR)<br />
CSR_STATE - Specifies state in which the company or organization that owns the <strong>iLO</strong> subsystem<br />
is located.<br />
CSR_COUNTRY - Specifies the two-character country code for the country in which the company<br />
or organization that owns the <strong>iLO</strong> subsystem is located.<br />
CSR_LOCALITY - Specifies the city or locality in which the company or organization that owns the<br />
<strong>iLO</strong> subsystem is located.<br />
CSR_ORGANIZATION - Specifies the name of the company or organization that owns the <strong>iLO</strong><br />
subsystem.<br />
CSR_ORGANIZATIONAL_UNIT - The unit within the company or organization that owns the <strong>iLO</strong><br />
subsystem<br />
CSR_COMMON_NAME - The FQDN of the <strong>iLO</strong> subsystem.<br />
CERTIFICATE_SIGNING_REQUEST errors<br />
Possible error messages for CERTIFICATE_SIGNING_REQUEST for custom CSR scripts include:<br />
• CSR_STATE is too long.<br />
• Need a value for the CSR_STATE tag.<br />
• CSR_COUNTRY is too long.<br />
• Need a value for the CSR_COUNTRY tag.<br />
• CSR_LOCALITY is too long.<br />
• Need a value for the CSR_LOCALITY tag.<br />
• CSR_ORGANIZATION is too long.<br />
• Need a value for the CSR_ORGANIZATION tag.<br />
• CSR_ORGANIZATIONAL_UNIT is too long.<br />
• CSR_COMMON_NAME is too long.<br />
• Need a value for the CSR_COMMON_NAME tag.<br />
• User does NOT have correct privilege for action. CONFIG_ILO_PRIV<br />
required.<br />
When you first request a new CSR, or if the system is already working on another CSR, you will<br />
see this message:<br />
The <strong>iLO</strong> subsystem is currently generating a Certificate Signing<br />
Request(CSR), run script after 10 minutes or more to receive the CSR.<br />
IMPORT_CERTIFICATE<br />
The IMPORT_CERTIFICATE comm<strong>and</strong> imports a signed certificate into <strong>iLO</strong>. The signed certificate<br />
must be a signed version of a certificate signing request. This comm<strong>and</strong> requires CPQLOCFG.EXE<br />
version 4.00 or later.<br />
For example:<br />
<br />
<br />
<br />
<br />
94 RIBCL XML <strong>Scripting</strong> Language
<br />
<br />
-----BEGIN CERTIFICATE-----<br />
<br />
-----END CERTIFICATE-----<br />
<br />
<br />
<br />
<br />
<br />
<br />
IMPORT_CERTIFICATE parameters<br />
None<br />
IMPORT_CERTIFICATE errors<br />
The possible IMPORT_CERTIFICATE error messages include:<br />
• RIB information is open for read-only access. Write access is<br />
required for this operation.<br />
• Error reading certificate: The imported certificate is invalid.<br />
• Invalid certificate common name: The common name in the certificate<br />
does not match <strong>iLO</strong> 3 hostname.<br />
• Certificate signature does not match private key: The certificate<br />
does not correspond to the private key stored in <strong>iLO</strong> 3.<br />
SET_LANGUAGE<br />
Use this comm<strong>and</strong> to set the default language on <strong>iLO</strong>. Use this comm<strong>and</strong> with <strong>iLO</strong> 3 v1.20 or later.<br />
Use CPQLOCFG.EXE version 4.00 or later with this comm<strong>and</strong>.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SET_LANGUAGE parameters<br />
LANG_ID is the two letter designation for a language. This parameter is case sensitive, <strong>and</strong> must<br />
not be blank.<br />
Possible values for LANG_ID are:<br />
• EN (English)<br />
• JA (Japanese)<br />
• ZH (Simplified Chinese)<br />
SET_LANGUAGE runtime errors<br />
None<br />
GET_LANGUAGE<br />
Use this comm<strong>and</strong> to read the default language on <strong>iLO</strong>. Use this comm<strong>and</strong> with <strong>iLO</strong> 3 v1.20 or<br />
later. Use CPQLOCFG.EXE version 4.00 or later with this comm<strong>and</strong>.<br />
RIB_INFO 95
<br />
<br />
<br />
<br />
<br />
<br />
GET_LANGUAGE parameters<br />
None<br />
GET_LANGUAGE runtime errors<br />
None<br />
GET_ALL_LANGUAGES<br />
Use this comm<strong>and</strong> to read all languages on <strong>iLO</strong>. Use this comm<strong>and</strong> with <strong>iLO</strong> 3 v1.20 or later. Use<br />
CPQLOCFG.EXE version 4.00 or later with this comm<strong>and</strong>.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_ALL_LANGUAGES parameters<br />
None<br />
GET_ALL_LANGUAGES runtime errors<br />
None<br />
SET_ASSET_TAG<br />
Use this comm<strong>and</strong> to set or clear the asset tag. Use this comm<strong>and</strong> with <strong>iLO</strong> 3 v1.50 or later. Use<br />
CPQLOCFG.EXE version 4.00 or later with this script.<br />
You must have the following privileges to execute this comm<strong>and</strong>: Virtual Media, Virtual Power <strong>and</strong><br />
Reset, Remote Console.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SET_ASSET_TAG parameters<br />
SET_ASSET_TAG sets or clears the asset tag. Enter a string to add or modify the asset tag, or enter<br />
an empty string to clear the asset tag.<br />
96 RIBCL XML <strong>Scripting</strong> Language
SET_ASSET_TAG runtime errors<br />
A possible SET_ASSET_TAG error message is:<br />
Problem manipulating EV<br />
This message means that the asset tag was not set. Retry the procedure later.<br />
Other possible error message for SET_ASSET_TAG include:<br />
• User does NOT have correct privilege for action. VIRTUAL_MEDIA_PRIV<br />
required.<br />
• User does NOT have correct privilege for action. RESET_SERVER_PRIV<br />
required.<br />
• User does NOT have correct privilege for action. REMOTE_CONS_PRIV<br />
required.<br />
• String too long, maximum string length is 32 characters.<br />
GET_SECURITY_MSG<br />
Use this comm<strong>and</strong> to retrieve the security message for the <strong>iLO</strong> login screen. Use this comm<strong>and</strong> with<br />
<strong>iLO</strong> 3 v1.50 or later.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_SECURITY_MSG parameters<br />
None<br />
GET_SECURITY_MSG return messages<br />
The following information is returned with the response:<br />
• SECURITY_MSG value=”Enabled” or “Disabled”<br />
• SECURITY_MSG_TEXT:<br />
<br />
<br />
<br />
GET_SECURITY_MSG runtime errors<br />
None<br />
SET_SECURITY_MSG<br />
Use this comm<strong>and</strong> to the configure the security text message in the <strong>iLO</strong> Login Banner. The Login<br />
Security Banner feature allows you to configure the security banner displayed on the <strong>iLO</strong> login<br />
screen. You need to have configure <strong>iLO</strong> Setting privileges to make changes to the banner.Use this<br />
comm<strong>and</strong> with <strong>iLO</strong> 3 v1.50 or later.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
RIB_INFO 97
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SET_SECURITY_MSG parameters<br />
None<br />
SET_SECURITY_MSG runtime errors<br />
The value for the SECURITY_MESSAGE parameter must a Y or an N, otherwise the comm<strong>and</strong><br />
reports an error. You may also see this error:<br />
User does NOT have correct privilege for action. CONFIG_ILO_PRIV<br />
required.<br />
HOTKEY_CONFIG<br />
The HOTKEY_CONFIG comm<strong>and</strong> configures the remote console hot key settings in <strong>iLO</strong>. For this<br />
comm<strong>and</strong> to parse correctly, the comm<strong>and</strong> must appear within a RIB_INFO comm<strong>and</strong> block, <strong>and</strong><br />
RIB_INFO MODE must be set to write. The user must have the configure <strong>iLO</strong> privilege to execute<br />
this comm<strong>and</strong>.<br />
Upper or lower case values are automatically changed to the proper case as needed (lower case<br />
is changed to upper case if needed, <strong>and</strong> upper case is changed to lower case if needed.) If you<br />
use double or single quotes, it must be different from the delimiter. Specifying a blank string removes<br />
the current value.<br />
NOTE: Each hot key can have up to five selections (for example, CTRL_T="CTRL,ALT,ESC,F2,F4").<br />
Do not use spaces (“ “) in the values; to set a space in a value type SPACE.<br />
Use this comm<strong>and</strong> to configure hotkeys in <strong>iLO</strong> 3 v1.50 or later. Use CPQLOCFG.EXE version 4.01<br />
or later with this comm<strong>and</strong>. Replace USER_LOGIN <strong>and</strong> PASSWORD values with values that are<br />
appropriate for your environment.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
98 RIBCL XML <strong>Scripting</strong> Language
HOTKEY_CONFIG parameters<br />
The following parameters are optional. If a parameter is not specified, then the parameter value<br />
remains as previously set. Separated multiple setting values with commas (see example script<br />
above.) Up to five keystrokes can be configured for each hot key.<br />
• CTRL+T<br />
• CTRL+U<br />
• CTRL+V<br />
• CTRL+W<br />
• CTRL+X<br />
• CTRL+Y<br />
<strong>Support</strong>ed hot keys<br />
The Program Remote Console Hot Keys page allows you to define up to six different sets of hot<br />
keys for use during a Remote Console session. Each hot key represents a combination of up to five<br />
different keys which are sent to the host machine whenever the hot key is pressed during a Remote<br />
Console session. The selected key combination (all keys pressed at the same time) are transmitted<br />
in its place. The following table lists keys available to combine in a Remote Console hot key<br />
sequence.<br />
ESC<br />
L_ALT<br />
R_ALT<br />
L_SHIFT<br />
R_SHIFT<br />
INS<br />
DEL<br />
HOME<br />
END<br />
PG UP<br />
PG DN<br />
ENTER<br />
TAB<br />
BREAK<br />
COMMA<br />
F1<br />
F2<br />
F3<br />
F4<br />
F5<br />
F6<br />
F7<br />
F8<br />
F9<br />
F10<br />
F11<br />
F12<br />
SPACE<br />
HOTKEY_CONFIG runtime errors<br />
/<br />
.<br />
The possible HOTKEY_CONFIG error messages include:<br />
–<br />
(<br />
)<br />
*<br />
+<br />
:<br />
<<br />
><br />
=<br />
[<br />
]<br />
\<br />
a<br />
b<br />
c<br />
d<br />
e<br />
f<br />
g<br />
h<br />
I<br />
j<br />
k<br />
l<br />
m<br />
n<br />
o<br />
p<br />
q<br />
r<br />
s<br />
t<br />
u<br />
v<br />
w<br />
x<br />
y<br />
z<br />
;<br />
‘<br />
L_CTRL<br />
R_CTRL<br />
NUM PLUS<br />
NUM MINUS<br />
SCRL LCK<br />
BACKSPACE<br />
SYS RQ<br />
1<br />
2<br />
3<br />
4<br />
5<br />
6<br />
7<br />
8<br />
9<br />
0<br />
NONE<br />
L_GUI<br />
R_GUI<br />
• RIB information is open for read-only access. Write access is<br />
required for this operation.<br />
• The hot key parameter specified is not valid.<br />
• Invalid number of hot keys. The maximum allowed is five.<br />
RIB_INFO 99
• User does not have correct privilege for action. CONFIG_ILO_PRIV<br />
required.<br />
• Failed to update the hot key.<br />
GET_HOTKEY_CONFIG<br />
Use this comm<strong>and</strong> to retrieve hotkeys available for use in remote console sessions. Use<br />
CPQLOCFG.EXE version 4.00 or later with this script. Replace USER_LOGIN <strong>and</strong> PASSWORD<br />
values with values that are appropriate for your environment.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_HOTKEY_CONFIG parameters<br />
None<br />
GET_HOTKEY_CONFIG runtime errors<br />
A possible GET_HOTKEY_CONFIG error message is:<br />
Unable to get the hot keys.<br />
GET_HOTKEY_CONFIG return messages<br />
An example of the information returned with the response:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SET_FIPS_ENABLE<br />
Use this script to enable the Federal Information Processing St<strong>and</strong>ard Enforce AES/3DES Encryption<br />
setting, in <strong>iLO</strong> 3 v1.50 or later. Use CPQLOCFG.EXE version 2.26 or later with this script. Replace<br />
USER_LOGIN <strong>and</strong> PASSWORD values with values that are appropriate for your environment.<br />
NOTE: All active connections (including Remote Console <strong>and</strong> Virtual Media sessions) to the <strong>iLO</strong><br />
device are dropped immediately when this script executes.<br />
To disable FIPS, use the FACTORY_DEFAULTS comm<strong>and</strong>.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SET_FIPS_ENABLE parameters<br />
None<br />
100 RIBCL XML <strong>Scripting</strong> Language
SET_FIPS_ENABLE runtime errors<br />
When running the FIPS_ENABLE comm<strong>and</strong>, FIPS status is checked. If FIPS is already enabled, the<br />
following message appears:<br />
FIPS is already enabled.<br />
GET_FIPS_STATUS<br />
Use this script to retrieve the current Enforce AES/3DES Encryption status, in <strong>iLO</strong> 3 v1.50 or later.<br />
Use CPQLOCFG.EXE version 4.00 or later with this script. Replace USER_LOGIN <strong>and</strong> PASSWORD<br />
values with values that are appropriate for your environment.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_FIPS_STATUS parameters<br />
None<br />
GET_FIPS_STATUS runtime errors<br />
None<br />
FACTORY_DEFAULTS<br />
Use this comm<strong>and</strong> to set the <strong>iLO</strong> device to factory default settings. Use CPQLOCFG.EXE version<br />
4.00 or later with this script. Replace USER_LOGIN <strong>and</strong> PASSWORD values with values that are<br />
appropriate for your environment.<br />
WARNING! Resetting an <strong>iLO</strong> device to factory defaults changes the the DNS name to the default,<br />
<strong>and</strong> the <strong>iLO</strong> device can be accessed using only the default Administrator user account <strong>and</strong> default<br />
password. Without these defaults, <strong>iLO</strong> access must be reconfigured using the RBSU.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
FACTORY_DEFAULTS parameters<br />
None<br />
FACTORY_DEFAULTS runtime errors<br />
None<br />
DIR_INFO<br />
The DIR_INFO comm<strong>and</strong> can only appear within a LOGIN comm<strong>and</strong> block. When the comm<strong>and</strong><br />
is parsed, it reads the local directory information database into memory <strong>and</strong> prepares to edit it.<br />
Only comm<strong>and</strong>s that are DIR_INFO type comm<strong>and</strong>s are valid inside the DIR_INFO comm<strong>and</strong><br />
block. The DIR_INFO comm<strong>and</strong> generates a response that indicates to the host application whether<br />
the database was successfully read or not. If the database is open for writing by another application,<br />
then this call fails.<br />
DIR_INFO 101
DIR_INFO requires the MODE parameter with a value of read or write. MODE is a specific string<br />
parameter with a maximum length of 10 characters that specifies what you intend to do with the<br />
information.<br />
Write mode enables both reading <strong>and</strong> writing of <strong>iLO</strong> information. Read mode prevents modification<br />
of the <strong>iLO</strong> information.<br />
For example:<br />
<br />
……… DIR_INFO comm<strong>and</strong>s ……<br />
<br />
GET_DIR_CONFIG<br />
The GET_DIR_CONFIG comm<strong>and</strong> requests the respective <strong>iLO</strong> directory settings. For this comm<strong>and</strong><br />
to parse correctly, the GET_DIR_CONFIG comm<strong>and</strong> must appear within a DIR_INFO comm<strong>and</strong><br />
block, <strong>and</strong> DIR_INFO MODE can be set to read or write.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_DIR_CONFIG parameters<br />
None<br />
GET_DIR_CONFIG runtime errors<br />
None<br />
GET_DIR_CONFIG return messages<br />
Starting with <strong>iLO</strong> 3 1.05, directory integration can work with <strong>HP</strong> Lights-Out schema with or without<br />
extensions (schema-free). Depending on your directory configuration, the response to<br />
GET_DIR_CONFIG contains different data.<br />
Possible GET_DIR_CONFIG return messages are:<br />
• A directory services (with schema extension) return message:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
102 RIBCL XML <strong>Scripting</strong> Language
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
• A schema-free directory (without schema extension) return message:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
• A Kerberos-enabled directory return message:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
DIR_INFO 103
IMPORT_SSH_KEY<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
The IMPORT_SSH_KEY comm<strong>and</strong> imports a SSH_KEY <strong>and</strong> associated <strong>iLO</strong> user name into <strong>iLO</strong>. This<br />
comm<strong>and</strong> requires CPQLOCFG.EXE version 4.0 or later.<br />
After generating an SSH key using ssh-keygen, puttygen.exe, or another SSH key generating<br />
utility to produce a 1024 bit DSA key, <strong>and</strong> creating the key.pub file, perform the following:<br />
1. Locate the key.pub file <strong>and</strong> insert the contents between<br />
-----BEGIN SSH KEY----<br />
<strong>and</strong><br />
-----END SSH KEY-----.<br />
The file begins with the text:<br />
ssh-dss .<br />
2. At the end of the key, append a space <strong>and</strong> the name of a valid <strong>iLO</strong> 3 user name as displayed<br />
on the Modify User page. For example:<br />
xxx_some text_xxx ASmith.<br />
The user name is case-sensitive <strong>and</strong> must match the case of the <strong>iLO</strong> 3 user name to associate the<br />
SSH key with the correct user.<br />
For example:<br />
<br />
<br />
<br />
<br />
-----BEGIN SSH KEY-----<br />
ssh-dss<br />
ASampleKeyAAALftnNE12JR8T8XQqyzqc1tt6FLFRXLRM5PJpOf/IG4hN45<br />
+x+JbaqkhH+aKqFjlfO1NjszHrFN26H1AhWOjY2bEwj2wlJzBMAhXwnPQelQsCnJDf+<br />
zCzbDn+5Va86+qWxm0lsDEChvZPM6wpjkXvHwuInjxTzOGQTq++vmYlo1/AAAAFQC1M<br />
FaZjE995QhX9H1DaDzpsVTXvwAAAIA6ec/hAkas2N762jtlHvSuvZaQRzu49DOtjXVI<br />
pNdJAhTC8O2505PzkGLf5qhrbDnusclCvoH7DuxyHjeOUVxbC5wFQBcGF4VnpYZ8nGQ<br />
104 RIBCL XML <strong>Scripting</strong> Language
Gt9TQ0iUV+NRwn4CR5ESoi63zTJIvKIYZDT2ISeXhF2iU6txjZzdeEm7vQz3slaY3dg<br />
AAAIAQ46i6FBzJAYXziF/qmWMt4y6SlylOQDAsxPKk7rpxegv8RlTeon/aeL7ojb9GQ<br />
2xnEN5gobaNZxKz2d4/jwg3+qgTDT6V1G+b7+nEI/XHIc717/7oqgiOv4VE3WxN+HE9<br />
JWsv2jwUpAzRGqJOoojRG/CCru0K+jgTOf/di1o0sw== ASmith<br />
-----END SSH KEY-----<br />
<br />
<br />
<br />
<br />
IMPORT_SSH_KEY parameters<br />
None<br />
IMPORT_SSH_KEY runtime errors<br />
The possible IMPORT_SSH_KEY error messages include:<br />
• RIB information is open for read-only access. Write access is<br />
required for this operation.<br />
• Duplicate of existing SSH key.<br />
• Invalid SSH key data.<br />
• There is no user name or the user name appended to SSH key does not<br />
exist.<br />
• SSH key is too large for storage space.<br />
MOD_DIR_CONFIG<br />
The MOD_DIR_CONFIG comm<strong>and</strong> modifies the directory settings on <strong>iLO</strong>. For this comm<strong>and</strong> to<br />
parse correctly, the MOD_DIR_CONFIG comm<strong>and</strong> must appear within a DIR_INFO comm<strong>and</strong><br />
block, <strong>and</strong> DIR_INFO MODE must be set to write. The user must have the Configure <strong>iLO</strong> Settings<br />
privilege to execute this comm<strong>and</strong>.<br />
The MOD_DIR_CONFIG is used in different ways depending on the environment. See<br />
MOD_DIRECTORY.XML (example below) for an example suitable for use in an environment with<br />
directory integration <strong>and</strong> existing schemas. See MOD_SCHEMALESS_DIRECTORY.XML for an<br />
example suitable for use in a schemaless directory configuration.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
DIR_INFO 105
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
-----BEGIN KEYTAB-----<br />
VGhpcyBpcyBhIHRlc3Qgb2YgdGhlIEJhc2U2NCBlbmNvZGVyLiAgVGhpcy<br />
BpcyBvbmx5IGEgdGVz<br />
dC4=<br />
-----END KEYTAB-----<br />
<br />
<br />
<br />
<br />
<br />
NOTE: To modify only the kerberos authentication, start with the sample script<br />
Mod_Kerberos_Config.xml.<br />
NOTE: Do not use the following tags when using directory integration with schema extension:<br />
• DIR_ENABLE_GRP_ACCT<br />
• DIR_GRPACCT1_NAME<br />
• DIR_GRPACCT1_PRIV<br />
Do not use the following tags when using schema-free directories:<br />
• DIR_OBJECT_DN<br />
• DIR_OBJECT_PASSWORD<br />
Schemaless directory example (MOD_SCHEMALESS_DIR.XML)<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
106 RIBCL XML <strong>Scripting</strong> Language
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
DIR_INFO 107
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
MOD_DIR_CONFIG parameters<br />
All of the following parameters are optional. If a parameter is not specified, then the parameter<br />
value for the specified setting is preserved.<br />
DIR_AUTHENTICATION_ENABLED enables or disables directory authentication. The possible<br />
values are Yes <strong>and</strong> No.<br />
DIR_ENABLE_GRP_ACCT causes <strong>iLO</strong> to use schema-less directory integration. The possible values<br />
are Yes <strong>and</strong> No.<br />
When using schema-free directory integration, <strong>iLO</strong> supports variable privileges associated with<br />
different directory groups. These groups are contained in the directory, <strong>and</strong> the corresponding<br />
member <strong>iLO</strong> privileges are stored in <strong>iLO</strong>.<br />
DIR_KERBEROS_ENABLED enables or disables Kerberos authentication. The possible values are<br />
Yes <strong>and</strong> No.<br />
DIR_KERBEROS_REALM specifies the Kerberos realm for which the domain controller is configured.<br />
By convention, the Kerberos realm name for a given domain is the domain name converted to<br />
uppercase.<br />
DIR_KERBEROS_KDC_ADDRESS specifies the location of the domain controller. The domain<br />
controller location is specified as an IP address or DNS name.<br />
DIR_KERBEROS_KDC_PORT specifies the port number used to connect to the domain controller.<br />
The Kerberos port number is 88, but the domain controller can be configured for a different port<br />
number.<br />
DIR_KERBEROS_KEYTAB specifies the contents of the keytab file which is a binary file containing<br />
pairs of principals <strong>and</strong> encrypted passwords. In the Windows environment, the keytab file is<br />
generated with a ktpass utility. After generating a binary keytab file using the appropriate utility,<br />
use a Base64 encoder to convert the binary file to ASCII format.<br />
Place the Base64 contents between:<br />
-----BEGIN KEYTAB-----<br />
<strong>and</strong><br />
-----END KEYTAB-----<br />
• DIR_GRPACCT1_NAME identifies a group container in the directory, such as Administrators,<br />
Users, or Power Users.<br />
• DIR_GRPACCT1_PRIV numerically identifies <strong>iLO</strong> privileges for members of the group. You can<br />
mix <strong>and</strong> match privileges by including more than one value. These privileges are expressed<br />
as a comma separated list of numbers (1,2,3,4,5) which correlate to:<br />
1—Administer Group Accounts<br />
2—Remote Console Access<br />
3—Virtual Power <strong>and</strong> Reset<br />
108 RIBCL XML <strong>Scripting</strong> Language
4—Virtual Media<br />
5—Configure <strong>iLO</strong> 3 Settings<br />
NOTE: Do not use the following tags when using directory integration with schema extension:<br />
◦ DIR_ENABLE_GRP_ACCT<br />
◦ DIR_GRPACCT1_NAME<br />
◦ DIR_GRPACCT1_PRIV<br />
Do not use the following tags when using schema-free directories<br />
◦ DIR_OBJECT_DN<br />
◦ DIR_OBJECT_PASSWORD<br />
DIR_LOCAL_USER_ACCT enables or disables local user accounts. The possible values are Yes<br />
<strong>and</strong> No.<br />
DIR_SERVER_ADDRESS specifies the location of the directory server. The directory server location<br />
is specified as an IP address or DNS name.<br />
DIR_SERVER_PORT specifies the port number used to connect to the directory server. This value is<br />
obtained from the directory administrator. The secure LDAP port is 636, but the directory server<br />
can be configured for a different port number.<br />
DIR_OBJECT_DN specifies the unique name of <strong>iLO</strong> 3 in the directory server. This value is obtained<br />
from the directory administrator. Distinguished names are limited to 256 characters.<br />
DIR_OBJECT_PASSWORD specifies the password associated with the <strong>iLO</strong> 3 object in the directory<br />
server. Passwords are limited to 39 characters.<br />
DIR_USER_CONTEXT_1, DIR_USER_CONTEXT_2, <strong>and</strong> DIR_USER_CONTEXT_15 specify searchable<br />
contexts used to locate the user when the user is trying to authenticate using directories. If the user<br />
is not located using the first path, then the parameters specified in the second <strong>and</strong> third paths are<br />
used. The values for these parameters are obtained from the directory administrator. Directory User<br />
Contexts are limited to 128 characters each.<br />
MOD_DIR_CONFIG runtime errors<br />
Possible MOD_DIR_CONFIG error messages include:<br />
• Directory information is open for read-only access. Write access is<br />
required for this operation.<br />
• User does not have correct privilege for action. CONFIG_ILO_PRIV<br />
required.<br />
MOD_KERBEROS<br />
The MOD_KERBEROS comm<strong>and</strong> modifies the directory settings in <strong>iLO</strong>. For this comm<strong>and</strong> to parse<br />
correctly, the MOD_KERBEROS comm<strong>and</strong> must appear within a MOD_DIR_CONFIG comm<strong>and</strong><br />
block, <strong>and</strong> DIR_INFO MODE must be set to write. The user must be running <strong>iLO</strong> 3 1.20 or later<br />
to run Kerberos. The user must have the Configure <strong>iLO</strong> Settings privilege to execute this comm<strong>and</strong>.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
DIR_INFO 109
<br />
-----BEGIN KEYTAB-----<br />
VGhpcyBpcyBhIHRlc3Qgb2YgdGhlIEJhc2U2NCBlbmNvZGVyLiAgVGhpcy<br />
BpcyBvbmx5IGEgdGVz<br />
dC4=<br />
-----END KEYTAB-----<br />
<br />
<br />
<br />
<br />
<br />
BLADESYSTEM_INFO<br />
The BLADESYSTEM_INFO comm<strong>and</strong> only appears within a LOGIN comm<strong>and</strong> block. Only comm<strong>and</strong>s<br />
that are BLADESYSTEM_INFO type comm<strong>and</strong>s are valid inside the BLADESYSTEM_INFO comm<strong>and</strong><br />
block.<br />
This comm<strong>and</strong> block is only valid on ProLiant BL c-Class blade servers. BLADESYSTEM_INFO<br />
requires the MODE parameter with a value of read or write. MODE is a specific string parameter<br />
with a maximum length of 10 characters that specifies what you intend to do with the information.<br />
Write mode enables both reading <strong>and</strong> writing of information to the blade system. Read mode<br />
prevents modification of the blade system information.<br />
The possible BLADESYSTEM_INFO error messages include:<br />
• Invalid Mode<br />
• Server is not a rack server; rack comm<strong>and</strong>s do not apply<br />
For example:<br />
<br />
……… BLADESYSTEM_INFO comm<strong>and</strong>s ………<br />
<br />
GET_OA_INFO<br />
The GET_OA_INFO comm<strong>and</strong> requests the Onboard Administrator information from the enclosure<br />
where <strong>iLO</strong> 3 is located. For this comm<strong>and</strong> to parse correctly, the GET_OA_INFO comm<strong>and</strong> must<br />
appear within a BLADESYSTEM_INFO comm<strong>and</strong> block, <strong>and</strong> BLADESYSTEM_INFO MODE can be<br />
set to read or write.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_OA_INFO parameters<br />
None<br />
GET_OA_INFO runtime errors<br />
None<br />
110 RIBCL XML <strong>Scripting</strong> Language
GET_OA_INFO return messages<br />
A possible GET_OA_INFO return message is:<br />
<br />
192.168.1.105<br />
00:22:44:55:33:77<br />
1<br />
On<br />
South Park<br />
Kenny<br />
7<br />
<br />
SERVER_INFO<br />
The SERVER_INFO comm<strong>and</strong> can only appear within a LOGIN comm<strong>and</strong> block. Only comm<strong>and</strong>s<br />
that are SERVER_INFO type comm<strong>and</strong>s are valid inside the SERVER_INFO comm<strong>and</strong> block.<br />
SERVER_INFO requires the MODE parameter with a value of read or write. MODE is a specific<br />
string parameter with a maximum length of 10 characters that specifies what you intend to do with<br />
the information.<br />
Write mode enables both the reading <strong>and</strong> writing of <strong>iLO</strong> information. Read mode prevents<br />
modification of <strong>iLO</strong> information.<br />
For example:<br />
<br />
……… SERVER_INFO comm<strong>and</strong>s ………<br />
<br />
Reset server example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Set host power example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_SERVER_NAME<br />
The GET_SERVER_NAME comm<strong>and</strong> is used to retrieve the host server name used by <strong>iLO</strong>. You can<br />
set this parameter using several methods, including the SERVER_NAME comm<strong>and</strong>, host RBSU, <strong>iLO</strong><br />
browser-based interface, <strong>and</strong> loading <strong>HP</strong> ProLiant Management Agents.<br />
This comm<strong>and</strong> is supported by <strong>iLO</strong> 3 firmware version 1.20 or later.<br />
For example:<br />
SERVER_INFO 111
<br />
<br />
<br />
<br />
<br />
<br />
The <strong>iLO</strong> firmware maintains consistency between the various places the server name is used. The<br />
host RBSU has a two-line limitation of 14 characters each, or 28 characters of total server name<br />
text length.<br />
Normally, <strong>HP</strong> ProLiant Management Agents are used to forward the server name attribute to <strong>iLO</strong>.<br />
This comm<strong>and</strong> can be used in instances where management agents are not used. However, the<br />
host operating system remains unaffected.<br />
GET_SERVER_NAME return message<br />
GET_SERVER_NAME returns the currently stored server name, if available. The server name is a<br />
quoted ASCII string <strong>and</strong> cannot be a network name.<br />
For example:<br />
<br />
GET_SERVER_NAME runtime errors<br />
None<br />
SERVER_NAME<br />
The SERVER_NAME comm<strong>and</strong> is used to assign the Server Name attribute shown in the user<br />
interface <strong>and</strong> host RBSU. This setting is not forwarded to the host operating system <strong>and</strong> does not<br />
affect the host operating system.<br />
You must have the Configure <strong>iLO</strong> Settings privilege to change this attribute using the scripting<br />
interface. The SERVER_INFO section must be set to WRITE mode or an error is returned.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SERVER_NAME parameters<br />
VALUE is a quoted ASCII string less than 50 characters in total length.<br />
SERVER_NAME return message<br />
If this attribute is successfully set, no specific message returns.<br />
SERVER_NAME runtime errors<br />
• If the configure <strong>iLO</strong> settings privilege is absent, a runtime error is returned.<br />
• If SERVER_INFO is not opened for write, a runtime error is returned.<br />
112 RIBCL XML <strong>Scripting</strong> Language
GET_EMBEDDED_HEALTH<br />
The GET_EMBEDDED_HEALTH comm<strong>and</strong> is used to retrieve health information of the server. For<br />
this comm<strong>and</strong> to parse correctly, the GET_EMBEDDED_HEALTH comm<strong>and</strong> must appear within a<br />
SERVER_INFO comm<strong>and</strong> block. You can set SERVER_INFO MODE to read.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_EMBEDDED_HEALTH parameters<br />
None<br />
GET_EMBEDDED_HEALTH return messages<br />
A possible GET_EMBEDDED_HEALTH_DATA return message is:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SERVER_INFO 113
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
114 RIBCL XML <strong>Scripting</strong> Language
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SERVER_INFO 115
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
116 RIBCL XML <strong>Scripting</strong> Language
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SERVER_INFO 117
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
118 RIBCL XML <strong>Scripting</strong> Language
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SERVER_INFO 119
GET_POWER_READINGS<br />
The GET_POWER_READINGS comm<strong>and</strong> is used to get the power readings from the server power<br />
supply.<br />
GET_POWER_READINGS parameters<br />
None<br />
GET_POWER_READINGS return messages<br />
GET_PWREG<br />
Two types of responses are available from the GET_POWER_READINGS comm<strong>and</strong>, depending<br />
on whether or not an advanced license is applied.<br />
If an advanced license is not applied, a typical response is:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
cpqlocfg.exe: Script succeeded on "16.100.100.100:100"<br />
If an advanced license is applied, a typical response is:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
The GET_PWREG comm<strong>and</strong> gets the power alert threshold for <strong>iLO</strong> 2, <strong>iLO</strong> 3, <strong>and</strong> <strong>iLO</strong> 4 devices.<br />
For this comm<strong>and</strong> to parse correctly, the GET_PWREG comm<strong>and</strong> must appear within a<br />
SERVER_INFO comm<strong>and</strong> block, <strong>and</strong> SERVER_INFO MODE can be set to read. You must purchase<br />
the <strong>iLO</strong> Advanced license to enable this feature.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
120 RIBCL XML <strong>Scripting</strong> Language
GET_PWREG parameters<br />
None<br />
GET_PWREG return messages<br />
A GET_PWREG return message includes:<br />
<br />
<br />
Where:<br />
• PCAP mode is either set to MAN followed by a positive integer, or set to OFF.<br />
• EFFICIENCY_MODE is a number between 1 <strong>and</strong> 4:<br />
◦<br />
1 — PWRREGMODE_OS_CONTROL<br />
◦ 2 — PWRREGMODE_STATIC_LOW<br />
◦ 3 — PWRREGMODE_DYNAMIC<br />
◦ 4 — PWRREGMODE_STATIC_HIGH<br />
• GET_HOST_POWER reports whether the virtual power button is enabled.<br />
GET_PWREG runtime errors<br />
SET_PWREG<br />
Possible GET_PWREG runtime errors:<br />
• Feature not supported.<br />
• This feature requires an installed license key.<br />
The SET_PWREG comm<strong>and</strong> sets the power alert threshold for <strong>iLO</strong> 2, <strong>iLO</strong> 3, <strong>and</strong> <strong>iLO</strong> 4 devices.<br />
For this comm<strong>and</strong> to parse correctly, the SET_PWREG comm<strong>and</strong> must appear within a SERVER_INFO<br />
comm<strong>and</strong> block, <strong>and</strong> SERVER_INFO MODE can be set to write. You must purchase the <strong>iLO</strong><br />
Advanced license to enable this feature.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SET_PWREG parameters<br />
PWRALERT TYPE — Valid values are:<br />
• DISABLED — No power alerts are set.<br />
• PEAK — Represents the half-second average power reading during the sample.<br />
• AVERAGE — Represents the mean power reading during the sample.<br />
SERVER_INFO 121
PWRALERT_SETTINGS<br />
• THRESHOLD — Sets the alert threshold, in watts.<br />
• DURATION — Sets the length of the sample time, in minutes, starting at 5. Duration will always<br />
be in 5 minute intervals up to 240 minutes maximum. Any positive integer can be used, but<br />
it will be rounded off to the nearest 5.<br />
SET_PWREG runtime errors<br />
Possible SET_PWREG error messages include:<br />
• Server information is open for read-only access. Write access is<br />
required for this operation.<br />
• Internal error.<br />
• The value specified is invalid.<br />
• This feature requires an installed license key.<br />
• User does NOT have correct privilege for action. CONFIG_ILO_PRIV<br />
required.<br />
• The PWRALERT value is invalid.<br />
• The THRESHOLD value is invalid.<br />
• The DURATION value is invalid. Values supported are between 1 <strong>and</strong><br />
240.<br />
• Invalid integer.<br />
GET_POWER_CAP<br />
The GET_POWER_CAP comm<strong>and</strong> is used to get the power cap of the server. For this comm<strong>and</strong><br />
to parse correctly, the GET_POWER_CAP comm<strong>and</strong> must appear within a SERVER_INFO comm<strong>and</strong><br />
block, <strong>and</strong> SERVER_INFO MODE can be set to read. You must purchase the <strong>iLO</strong> Advanced license<br />
to enable this feature.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_POWER_CAP parameters<br />
None<br />
GET_POWER_CAP return messages<br />
A cap value of zero indicates a power cap is not currently set on the server.<br />
SET_POWER_CAP<br />
The SET_POWER_CAP comm<strong>and</strong> is used to set a power cap on the server. For this comm<strong>and</strong> to<br />
parse correctly, the SET_POWER_CAP comm<strong>and</strong> must appear within a SERVER_INFO comm<strong>and</strong><br />
block, <strong>and</strong> SERVER_INFO MODE must be set to write. You must have the Configure <strong>iLO</strong> Settings<br />
privilege to execute this comm<strong>and</strong>.<br />
122 RIBCL XML <strong>Scripting</strong> Language
You cannot set this property if a dynamic power cap is set for the server. Dynamic power capping<br />
is set <strong>and</strong> modified using either Onboard Administrator or Insight Power Manager. You must<br />
purchase the <strong>iLO</strong> Advanced license to enable this feature.<br />
For example, enabling the power cap:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SET_POWER_CAP parameters<br />
SET_POWER_CAP POWER_CAP is the power cap on the server. Valid power cap values are<br />
determined using a power test run on the server at boot. The possible values are 0 to disable the<br />
power cap, or a numeric value in watts (as determined in the power test.)<br />
SET_POWER_CAP runtime errors<br />
The possible SET_POWER_CAP error messages include:<br />
• Server information is open for read-only access. Write access is<br />
required for this operation.<br />
• Power Regulator feature is not supported on this server.<br />
• User does not have correct privilege for action.<br />
• The power cap value is invalid.<br />
GET_HOST_POWER_SAVER_STATUS<br />
The GET_HOST_POWER_SAVER_STATUS comm<strong>and</strong> requests the state of the processor power<br />
regulator feature of the server. For this comm<strong>and</strong> to parse correctly, the<br />
GET_HOST_POWER_SAVER_STATUS comm<strong>and</strong> must appear within a SERVER_INFO comm<strong>and</strong><br />
block. You can set SERVER_INFO MODE to read or write.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_HOST_POWER_SAVER_STATUS parameters<br />
None<br />
GET_HOST_POWER_SAVER_STATUS runtime errors<br />
The possible GET_HOST_POWER_SAVER_STATUS error messages include:<br />
Feature not supported<br />
SERVER_INFO 123
GET_HOST_POWER_SAVER_STATUS return messages<br />
The following information is returned within one of the following responses:<br />
• <br />
• <br />
• <br />
• <br />
SET_HOST_POWER_SAVER<br />
The SET_HOST_POWER_SAVER comm<strong>and</strong> is used to set the Power Regulator Setting for the server<br />
processor. For this comm<strong>and</strong> to parse correctly, the SET_HOST_POWER_SAVER comm<strong>and</strong> must<br />
appear within a SERVER_INFO comm<strong>and</strong> block, <strong>and</strong> SERVER_INFO MODE must be set to write.<br />
The user must have the Virtual Power <strong>and</strong> Reset privilege to execute this comm<strong>and</strong>.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SET_HOST_POWER_SAVER parameters<br />
The HOST_POWER_SAVER comm<strong>and</strong> controls the Dynamic Power Saver feature of the server<br />
processor if the feature is supported. The possible values are:<br />
• 1—Operating system control mode<br />
• 2—<strong>HP</strong> Static Low Power mode<br />
• 3—<strong>HP</strong> Dynamic Power Savings mode<br />
• 4—<strong>HP</strong> Static High Performance mode<br />
SET_HOST_POWER_SAVER runtime errors<br />
The possible SET_HOST_POWER error messages include:<br />
• Server information is open for read-only access. Write access is<br />
required for this operation.<br />
• Power Regulator feature is not supported on this server.<br />
• User does not have correct privilege for action. RESET_SERVER_PRIV<br />
required.<br />
GET_HOST_POWER_STATUS<br />
The GET_HOST_POWER_STATUS comm<strong>and</strong> requests the power state of the server. For this comm<strong>and</strong><br />
to parse correctly, the GET_HOST_POWER_STATUS comm<strong>and</strong> must appear within a SERVER_INFO<br />
comm<strong>and</strong> block. You can set SERVER_INFO MODE to read or write.<br />
For example:<br />
<br />
<br />
124 RIBCL XML <strong>Scripting</strong> Language
<br />
<br />
<br />
<br />
GET_HOST_POWER_STATUS Parameters<br />
None<br />
GET_HOST_POWER_STATUS Runtime Errors<br />
The possible GET_HOST_POWER_STATUS error messages include:<br />
• Host power is OFF.<br />
• Host power is ON.<br />
GET_HOST_POWER_STATUS Return Messages<br />
The following information is returned within the response:<br />
<br />
SET_HOST_POWER<br />
The SET_HOST_POWER comm<strong>and</strong> is used to toggle the power button of server. For this comm<strong>and</strong><br />
to parse correctly, the SET_HOST_POWER comm<strong>and</strong> must appear within a SERVER_INFO comm<strong>and</strong><br />
block, <strong>and</strong> SERVER_INFO MODE must be set to write. The user must have the Virtual Power <strong>and</strong><br />
Reset privilege to execute this comm<strong>and</strong>.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SET_HOST_POWER Parameters<br />
HOST_POWER enables or disables the Virtual Power Button. The possible values are Yes or No.<br />
SET_HOST_POWER Runtime Errors<br />
The possible SET_HOST_POWER error messages include:<br />
• Server information is open for read-only access. Write access is<br />
required for this operation.<br />
• Virtual Power Button feature is not supported on this server.<br />
• Host power is already ON.<br />
• Host power is already OFF.<br />
• User does not have correct privilege for action. RESET_SERVER_PRIV<br />
required.<br />
SERVER_INFO 125
GET_HOST_PWR_MICRO_VER<br />
The GET_HOST_PWR_MICRO_VER comm<strong>and</strong> provides the power micro version number. The<br />
GET_HOST_PWR_MICRO_VER comm<strong>and</strong> must appear within a SERVER_INFO comm<strong>and</strong> block<br />
to parse correctly. SERVER_INFO must be set to read.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_HOST_PWR_MICRO_VER parameters<br />
None<br />
GET_HOST_PWR_MICRO_VER runtime errors<br />
The possible GET_HOST_PWR_MICRO_VER error messages include:<br />
• Error—if the power micro cannot be read (hardware problem).<br />
• Power Off—if the server is powered off.<br />
• N/A—if the server does not support a power micro.<br />
GET_HOST_PWR_MICRO_VER return messages<br />
• No errors <strong>and</strong> displays version information:<br />
<br />
<br />
<br />
• Server powered off:<br />
<br />
<br />
<br />
• Power micro not supported on the server:<br />
<br />
<br />
<br />
• Failed to read power micro version:<br />
RESET_SERVER<br />
<br />
<br />
<br />
The RESET_SERVER comm<strong>and</strong> forces a warm boot of the server if the server is currently on. For this<br />
comm<strong>and</strong> to parse correctly, the RESET_SERVER comm<strong>and</strong> must appear within a SERVER_INFO<br />
comm<strong>and</strong> block, <strong>and</strong> SERVER_INFO MODE must be set to write. The user must have the Virtual<br />
Power <strong>and</strong> Reset privilege to execute this comm<strong>and</strong>.<br />
For example:<br />
<br />
<br />
<br />
126 RIBCL XML <strong>Scripting</strong> Language
<br />
<br />
<br />
RESET_SERVER error messages<br />
The possible RESET_SERVER error messages include:<br />
• Server information is open for read-only access. Write access is<br />
required for this operation.<br />
• Server is currently powered off.<br />
• User does NOT have correct privilege for action. RESET_SERVER_PRIV<br />
required.<br />
RESET_SERVER parameters<br />
None<br />
PRESS_PWR_BTN<br />
This PRESS_PWR_BTN comm<strong>and</strong> is used to simulate a physical press (or press <strong>and</strong> hold) of the<br />
server power button. For this comm<strong>and</strong> to parse correctly, the PRESS_PWR_BTN comm<strong>and</strong> must<br />
appear within a SERVER_INFO comm<strong>and</strong> block, <strong>and</strong> SERVER_INFO MODE must be set to write.<br />
The user must have the Virtual Power <strong>and</strong> Reset privilege to execute this comm<strong>and</strong>.<br />
For example:<br />
PRESS_PWR_BTN parameters<br />
None<br />
PRESS_PWR_BTN runtime errors<br />
The possible error messages include:<br />
• Server information is open for read-only access. Write access is<br />
required for this operation.<br />
• User does not have correct privilege for action. RESET_SERVER_PRIV<br />
required.<br />
SERVER_AUTO_PWR<br />
The SERVER_AUTO_PWR comm<strong>and</strong> is used to set the automatic power on <strong>and</strong> power on delay<br />
settings.<br />
The comm<strong>and</strong> is supported by <strong>iLO</strong> 3 firmware version 1.05 or later.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SERVER_INFO 127
SERVER_AUTO_PWR parameters<br />
The parameters are:<br />
• Yes—Enables APO with a minimum delay.<br />
• No—APO restores last power state.<br />
• 15, 30, 45, 60—(Deprecated) Defaults to R<strong>and</strong>om.<br />
• R<strong>and</strong>om—Enables automatic power on with r<strong>and</strong>om delay up to 2 minutes.<br />
• On—APO always powers on.<br />
• Off—APO restores last power state.<br />
• Restore—APO restores last power state.<br />
SERVER_AUTO_PWR runtime errors<br />
The possible errors include:<br />
• User does not have correct privilege for action. Configure <strong>iLO</strong><br />
privilege is required<br />
• SERVER_INFO mode is not WRITE<br />
• The value specified for SERVER_AUTO_PWR is invalid or not accepted<br />
on blades<br />
GET_SERVER_AUTO_PWR<br />
The GET_SERVER_AUTO_PWR comm<strong>and</strong> is used to get the automatic power on <strong>and</strong> power on<br />
delay settings of the server.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_SERVER_AUTO_PWR parameters<br />
None<br />
GET_SERVER_AUTO_PWR return message<br />
Possible GET_SERVER_AUTO_PWR return is:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
128 RIBCL XML <strong>Scripting</strong> Language
GET_UID_STATUS<br />
The GET_UID_STATUS comm<strong>and</strong> requests the state of the server UID. For this comm<strong>and</strong> to parse<br />
correctly, the GET_UID_STATUS comm<strong>and</strong> must appear within a SERVER_INFO comm<strong>and</strong> block.<br />
You can set SERVER_INFO MODE to read.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_UID_STATUS parameters<br />
None<br />
GET_UID_STATUS response<br />
The following information is returned within the response:<br />
<br />
UID_CONTROL<br />
The UID_CONTROL comm<strong>and</strong> toggles the server UID. For this comm<strong>and</strong> to parse correctly, the<br />
UID_CONTROL comm<strong>and</strong> must appear within a SERVER_INFO comm<strong>and</strong> block, <strong>and</strong> SERVER_INFO<br />
MODE must be set to write.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
UID_CONTROL parameters<br />
UID determines the state of the UID. A value of Yes turns the UID light on, <strong>and</strong> a value of No turns<br />
the UID light off.<br />
UID_CONTROL errors<br />
The possible UID_CONTROL error messages include:<br />
• UID is already ON.<br />
• UID is already OFF.<br />
SERVER_INFO 129
SSO_INFO<br />
The SSO_INFO MODE comm<strong>and</strong> can only appear within a LOGIN comm<strong>and</strong> block. Only<br />
comm<strong>and</strong>s that are SSO_INFO MODE-type comm<strong>and</strong>s are valid inside the SSO_INFO MODE<br />
comm<strong>and</strong> block.<br />
SSO_INFO MODE requires the MODE parameter with a value of read or write. MODE is a specific<br />
string parameter with a maximum length of 10 characters that specifies what you intend to do with<br />
the information.<br />
Write mode enables both reading <strong>and</strong> writing of <strong>iLO</strong> information. Read mode prevents modification<br />
of the <strong>iLO</strong> information. You must have the Configure <strong>iLO</strong> Settings privilege to execute this comm<strong>and</strong>.<br />
For example:<br />
<br />
……… SSO_INFO comm<strong>and</strong>s ………<br />
<br />
Deleting a SSO <strong>HP</strong> SIM Server Record by index number example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SSO_INFO is only supported on licensed, <strong>iLO</strong> 3 v1.05 <strong>and</strong> later firmware. If <strong>iLO</strong> 3 is not licensed,<br />
you can still modify these settings. <strong>iLO</strong> 3 does not return an error. However, any SSO attempt is<br />
rejected if a license is not present. For more information, see the <strong>HP</strong> <strong>iLO</strong> User <strong>Guide</strong> on the <strong>HP</strong><br />
website at: http://www.hp.com/go/ilo3 <strong>and</strong> click More <strong>iLO</strong> Documentation.<br />
GET_SSO_SETTINGS<br />
The GET_SSO_SETTINGS comm<strong>and</strong> is used to retrieve SSO settings for <strong>iLO</strong>. For this comm<strong>and</strong> to<br />
parse correctly, the GET_SSO_SETTINGS comm<strong>and</strong> must appear within a SSO_INFO comm<strong>and</strong><br />
block, <strong>and</strong> SSO_INFO MODE can be set to read or write.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
GET_SSO_SETTINGS parameters<br />
None<br />
GET_SSO_SETTINGS return messages<br />
The following is an example of an SSO settings response from a configured <strong>iLO</strong> device. There are<br />
0 or more SSO_SERVER records reflecting the number of stored server records in each.<br />
<br />
<br />
130 RIBCL XML <strong>Scripting</strong> Language
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
-----BEGIN CERTIFICATE-----<br />
.<br />
.<br />
.<br />
-----END CERTIFICATE-----<br />
<br />
<br />
ant.hp.com<br />
<br />
<br />
MOD_SSO_SETTINGS<br />
The MOD_SSO_SETTINGS comm<strong>and</strong> is used to modify the <strong>HP</strong> SSO settings for <strong>iLO</strong> 3. For this<br />
comm<strong>and</strong> to parse correctly, the MOD_SSO_SETTINGS comm<strong>and</strong> must appear within a SSO_INFO<br />
comm<strong>and</strong> block, <strong>and</strong> SSO_INFO MODE must be set to write. The user must have the Configure<br />
<strong>iLO</strong> Settings privilege to execute this comm<strong>and</strong>.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
SSO_INFO 131
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
MOD_SSO_SETTINGS parameters<br />
TRUST_MODE sets the Single Sign-On trust mode. The current setting is unchanged if this setting<br />
is omitted from the script. Accepted values are:<br />
• Disabled—Disables <strong>HP</strong> SIM SSO on this processor.<br />
• Certificate—Accepts only SSO requests authenticated using a certificate.<br />
• Name—Trusts SSO requests from the named <strong>HP</strong> SIM Server.<br />
• All—Accepts any SSO request from the network.<br />
Role names are used to associate <strong>iLO</strong> privileges. The specified privileges are set accordingly for<br />
that role, <strong>and</strong> a privilege that is omitted is unchanged. Enable a privilege for the role using the<br />
argument Y <strong>and</strong> disable the privilege for the role using the argument N.<br />
There are three roles for privilege assignment. Omitting a role leaves the current assignment<br />
unchanged:<br />
• USER_ROLE—Privileges associated with User<br />
• OPERATOR_ROLE—Privileges associated with Operator<br />
• ADMINISTRATOR_ROLE—Privileges associated with Administrator<br />
For each role, you can manipulate multiple privileges. The privilege is specified within the role<br />
tag. If a privilege is omitted, the current value is unchanged. Each privilege assignment is Boolean<br />
<strong>and</strong> can be set to Y (privilege granted) or N (privilege denied). For more details on account<br />
privileges, see the User Administration section of the <strong>HP</strong> <strong>iLO</strong> User <strong>Guide</strong> on the <strong>HP</strong> website at<br />
http://www.hp.com/go/ilo3 <strong>and</strong> click More <strong>iLO</strong> Documentation.<br />
• LOGIN_PRIV—Allows login for this role.<br />
• REMOTE_CONS_PRIV—Grants access to remote console resources.<br />
• RESET_SERVER_PRIV—Grants access to power <strong>and</strong> reset controls.<br />
• VIRTUAL_MEDIA_PRIV—Grants access to virtual media resources.<br />
• CONFIG_ILO_PRIV—Allows settings modification.<br />
• ADMIN_PRIV—Allows local user account modification.<br />
MOD_SSO_SETTINGS runtime errors<br />
Possible MOD_SSO_SETTINGS error messages include:<br />
• Incorrect firmware version. SSO is only supported on <strong>iLO</strong> 3 v1.05<br />
firmware or later.<br />
• User does not have correct privilege for action. CONFIG_ILO_PRIV<br />
required.<br />
• SSO_INFO must be in write mode.<br />
132 RIBCL XML <strong>Scripting</strong> Language
SSO_SERVER<br />
The SSO_SERVER comm<strong>and</strong> is used to create <strong>HP</strong> SIM Trusted SSO Server records. For this comm<strong>and</strong><br />
to parse correctly, it must appear within an SSO_INFO comm<strong>and</strong> block, <strong>and</strong> SSO_INFO MODE<br />
must be set to write. You must have the Configure <strong>iLO</strong> Settings privilege to execute this comm<strong>and</strong>.<br />
This comm<strong>and</strong> can be combined with MOD_SSO_SETTINGS.<br />
You can specify multiple SSO server records by using multiple instances of this comm<strong>and</strong>. The<br />
servers are added in the order that the records are specified. Duplicate records might be rejected<br />
<strong>and</strong> generate an error. The number of records stored by the lights-out processor depends on the<br />
size of the entries because certificates do not have a fixed size. Multiple certificates can normally<br />
be stored.<br />
There are three ways to add an <strong>HP</strong> SIM Trusted Server record using the SSO_SERVER comm<strong>and</strong>:<br />
• The server can be specified by network name (requires SSO trust level set to trust by name or<br />
trust all, but is not supported for trust by certificate). Use the fully qualified network name.<br />
• The server certificate can be imported by <strong>iLO</strong> 3 (the LOM processor requests the certificate<br />
from the specified <strong>HP</strong> SIM server using anonymous HTTP request). The <strong>iLO</strong> 3 processor must<br />
be able to contact the <strong>HP</strong> SIM server on the network at the time this comm<strong>and</strong> is processed<br />
for this method to work.<br />
• The server certificate can be directly installed on <strong>iLO</strong> 3. However, you must obtain the x.509<br />
certificate in advance. This method enables you to configure the <strong>iLO</strong> 3 in advance of placing<br />
it on the network with the <strong>HP</strong> SIM server. The method also enables you to verify the contents<br />
of the <strong>HP</strong> SIM server certificate. For additional methods of obtaining the certificate from the<br />
<strong>HP</strong> SIM server, see the <strong>HP</strong> <strong>iLO</strong> User <strong>Guide</strong> on the <strong>HP</strong> website at: http://www.hp.com/go/<br />
ilo3 <strong>and</strong> click More <strong>iLO</strong> Documentation, or the <strong>HP</strong> SIM User <strong>Guide</strong> on the <strong>HP</strong> website at:<br />
http://h18000.www1.hp.com/products/servers/management/hpsim/infolibrary.html.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
-----BEGIN CERTIFICATE-----<br />
.<br />
.<br />
.<br />
-----END CERTIFICATE-----<br />
<br />
<br />
<br />
<br />
SSO_SERVER parameters<br />
NAME indicates that the server is being specified by network name. It receives a quoted string<br />
containing the fully qualified network name of the <strong>HP</strong> SIM Trusted Server. The name is not validated<br />
by <strong>iLO</strong> until an SSO login is attempted. For example, the syntax to add an <strong>HP</strong> SIM Trusted Server<br />
name:<br />
<br />
SSO_INFO 133
IMPORT_FROM indicates that <strong>iLO</strong> must request the <strong>HP</strong> SIM Trusted Server certificate from <strong>HP</strong> SIM.<br />
This request is implemented using an anonymous HTTP request similar to:<br />
http://:280/GetCertificate<br />
The <strong>iLO</strong> firmware requests the certificate when this comm<strong>and</strong> is processed. If the <strong>HP</strong> SIM server is<br />
unreachable, then an error occurs.<br />
For example, the syntax to have <strong>iLO</strong> import a server certificate resembles:<br />
<br />
IMPORT_CERTIFICATE indicates that <strong>iLO</strong> must import the literal .PEM encoded x.509 certificate<br />
data that follows. The data is encoded in a block of text that includes:<br />
-----BEGIN CERTIFICATE-----<br />
<strong>and</strong><br />
-----END CERTIFICATE-----<br />
For example, the syntax to import an <strong>HP</strong> SIM Trusted Server certificate resembles the following:<br />
<br />
-----BEGIN CERTIFICATE-----<br />
MIIC3TCCAkYCBESzwFUwDQYJKoZIhvcNAQEFBQAwgbUxCzAJBgNVBAYTAlVTMRMwE...<br />
kXzhuVzPfWzQ+a2E9tGAE/YgNGTfS9vKkVLUf6QoP/RQpYpkl5BxrsN3gM/PeT3zrxyTleE=<br />
-----END CERTIFICATE-----<br />
<br />
The certificate is validated by <strong>iLO</strong> to ensure that it can be decoded before it is stored. An error<br />
results if the certificate is a duplicate or corrupt.<br />
The <strong>iLO</strong> firmware does not support certificate revocation <strong>and</strong> does not honor certificates that appear<br />
expired. You must remove revoked or expired certificates.<br />
SSO_SERVER runtime errors<br />
A runtime error is generated if the:<br />
• Certificate is a duplicate.<br />
• Certificate is corrupt.<br />
• <strong>HP</strong> SIM server cannot be contacted using IMPORT_FROM.<br />
• <strong>HP</strong> SIM Trusted Server database is full (you must delete other records to make sufficient room<br />
to add a new entry).<br />
• Trust mode is set incorrectly.<br />
DELETE_SERVER<br />
The DELETE_SERVER comm<strong>and</strong> is used to remove an <strong>HP</strong> SIM Trusted SSO Server record. For this<br />
comm<strong>and</strong> to parse correctly, it must appear within an SSO_INFO comm<strong>and</strong> block, <strong>and</strong> SSO_INFO<br />
MODE must be set to write. You must have the Configure <strong>iLO</strong> Settings privilege to execute this<br />
comm<strong>and</strong>.<br />
You can specify multiple SSO server records by using multiple instances of this comm<strong>and</strong>. The<br />
servers are deleted in the order that the records are specified, <strong>and</strong> the records are renumbered<br />
by each deletion. Delete records in the highest-to-lowest order if you want to delete multiple records<br />
at the same time.<br />
For example:<br />
<br />
<br />
<br />
134 RIBCL XML <strong>Scripting</strong> Language
<br />
<br />
<br />
DELETE_SERVER parameters<br />
INDEX indicates the record number to delete. This number is consistent with the index returned<br />
using a GET_SSO_SETTINGS comm<strong>and</strong>. The index is 0-based; that is the first record is index 0,<br />
the second record is index 1, <strong>and</strong> so on.<br />
DELETE_SERVER runtime errors<br />
A runtime error is generated if the index is invalid.<br />
SSO_INFO 135
9 Secure Shell<br />
SSH overview<br />
SSH is a Telnet-like program for logging into <strong>and</strong> executing comm<strong>and</strong>s on a remote machine,<br />
which includes security with authentication, encryption, <strong>and</strong> data integrity features. The <strong>iLO</strong> firmware<br />
can support simultaneous access from five SSH clients. After SSH is connected <strong>and</strong> authenticated,<br />
the comm<strong>and</strong> line interface is available.<br />
<strong>iLO</strong>3 supports:<br />
• SSH protocol version 2<br />
• PuTTY is a free version of the SSH protocol, <strong>and</strong> is available for download on the Internet.<br />
When using PuTTY, versions before 0.54 might display 2 line feeds instead of a single line<br />
feed when the ENTER key is pressed. To avoid this issue, <strong>and</strong> for best results, <strong>HP</strong> recommends<br />
using version 0.54 or later.<br />
• OpenSSH, which is a free version of the SSH protocol available for download on the Internet.<br />
When upgrading the firmware, a one-time 25-second delay occurs before SSH functionality is<br />
available. During this time, <strong>iLO</strong> generates the 1024-bitDSA keys. These keys are saved by <strong>iLO</strong> for<br />
future use. If <strong>iLO</strong> is reset to factory defaults, the DSA keys are erased <strong>and</strong> are regenerated on the<br />
next boot.<br />
<strong>Support</strong>ed SSH features<br />
The library supports only version 2 (SSH-2) of the protocol. Table 25 (page 136) shows the SSH<br />
features supported by <strong>iLO</strong>.<br />
Table 25 <strong>Support</strong>ed SSH Features<br />
Feature<br />
Server host key algorithms<br />
Encryption (same set supported both ways)<br />
Hashing algorithms<br />
Public key algorithms<br />
Key exchange<br />
Compression<br />
Language<br />
Client/User authentication method<br />
Authentication timeout<br />
Authentication attempts<br />
Default SSH port<br />
Using Secure Shell<br />
Using SSH<br />
136 Secure Shell<br />
<strong>Support</strong>ed Algorithm<br />
ssh-dsa<br />
3des-cbc, aes128-cbc<br />
hmac-sha1, hmac-md5<br />
ssh-dsa<br />
Diffie-hellman-group1-sha1<br />
None<br />
English<br />
Password<br />
2 minutes<br />
3<br />
22<br />
1. Open an SSH window.<br />
2. When prompted, enter the IP address or DNS name, login name, <strong>and</strong> password.<br />
Using OpenSSH<br />
To start an OpenSSH client in Linux, use:<br />
ssh -l loginname ipaddress/dns name
Using PuTTY<br />
• To start a PuTTY session, double-click the PuTTY icon in the directory where PuTTY is installed.<br />
• To start a PuTTY session from the comm<strong>and</strong> line, do the following:<br />
◦<br />
Start a connection to a server called host by entering:<br />
putty.exe [-ssh | -rlogin | -raw] [user@]host<br />
◦ Start an existing saved session called sessionname by entering:<br />
SSH key authorization<br />
putty.exe -load session name<br />
SSH key-based authentication enables <strong>HP</strong> SIM to connect to LOM devices through SSH <strong>and</strong> be<br />
authenticated <strong>and</strong> authorized to perform administrative-level tasks. The CLP is utilized to perform<br />
tasks. <strong>HP</strong> SIM can perform these tasks on multiple LOM devices nearly simultaneously, at scheduled<br />
times. <strong>HP</strong> SIM provides a menu-driven interface to manage <strong>and</strong> configure multiple targets.<br />
Enhancements to <strong>HP</strong> SIM are provided by tool definition files.<br />
<strong>HP</strong> SIM can perform actions on target devices utilizing an SSH interface that requires private<br />
key-based authentication. If <strong>HP</strong> SIM is enabled to integrate more fully with LOM devices, SSH<br />
key-based authentication is implemented in <strong>iLO</strong>.<br />
An <strong>HP</strong> SIM instance is established as a trusted SSH client by installing the public key in <strong>iLO</strong>. This<br />
is completed either manually through a Web-based GUI, or automatically with the mxagentconfig<br />
utility.<br />
SSH keys do not need to be created to use SSH in interactive mode. For information about using<br />
SSH in interactive mode, see “SSH overview” (page 136).<br />
Tool definition files<br />
TDEF files extend the menu system of <strong>HP</strong> SIM to provide the CLP comm<strong>and</strong>s that <strong>HP</strong> SIM transmits<br />
to <strong>iLO</strong> 3 through an SSH connection.<br />
Figure 1 <strong>HP</strong> Systems Insight Manager menus<br />
Mxagentconfig utility<br />
Mxagentconfig is a utility used to export <strong>and</strong> install <strong>HP</strong> SIM public SSH keys into other systems.<br />
This utility simplifies the process <strong>and</strong> can install the public key on many systems simultaneously.<br />
SSH key authorization 137
Mxagentconfig makes an SSH connection to <strong>iLO</strong>, authenticates with a user name <strong>and</strong> password,<br />
<strong>and</strong> transmits the necessary public key. The <strong>iLO</strong> firmware stores this key as a trusted SSH client<br />
key.<br />
Importing SSH keys from PuTTY<br />
138 Secure Shell<br />
The public key file format generated by PuTTY is not compatible with <strong>iLO</strong> 3. The following example<br />
illustrates, a PuTTY generated public key file:<br />
---- BEGIN SSH2 PUBLIC KEY ----<br />
Comment: "Administrator"<br />
AAAAB3NzaC1yc2EAAAABJQAAAIB0x0wVO9itQB11o+tHnY3VvmsGgwghCyLOVzJl<br />
3A9F5yzKj+RXJVPxOGusAhmJwF8PBQ9wV5E0Rumm6gNOaPyvAMJCG/l0PW7Fhac1<br />
VLt8i5F3Lossw+/LWa+6H0da13TF2vq3ZoYFUT4esC6YbAACM7kLuGwxF5XMNR2E<br />
Foup3w==<br />
---- END SSH2 PUBLIC KEY ----<br />
Note that this sample key conforms to RFC 4716 (SSH Public Key File Format). The <strong>iLO</strong> interface<br />
supports two key formats, OpenSSH 2 <strong>and</strong> RFC 4716. A third format is supported only in scripting<br />
(see “IMPORT_SSH_KEY” (page 104)).<br />
The <strong>iLO</strong> firmware expects public key file information on a single line. You can use the PuTTY Key<br />
Generator utility (puttygen.exe) to generate <strong>and</strong> properly format a key file for import into <strong>iLO</strong>.<br />
To import SSH keys to <strong>iLO</strong> from PuTTY:<br />
1. Double-click the PuTTY Key Generator icon to launch the utility.<br />
2. Select SSH-2 DSA.<br />
3. Click Generate.<br />
On the key area, move the mouse around to generate the key. You must keep moving the<br />
mouse until the key generation process completes.
Figure 2 PuTTY Key Generator<br />
4. Click Save public key <strong>and</strong> then enter a file name when prompted.<br />
5. Click Save private key <strong>and</strong> then enter a file name when prompted. Note that you have the<br />
option to enter <strong>and</strong> confirm a Key passphrase.<br />
6. Open your public key in a text editor, <strong>and</strong> copy the contents to the clipboard.<br />
7. Log in to <strong>iLO</strong> (if not already open).<br />
8. On the <strong>iLO</strong> SSH Key Adminstration page, select a user from the Authorized SSH Keys list,<br />
<strong>and</strong> then click Authorize New Key.<br />
A DSA Public Key Import Data box appears.<br />
9. Paste the PEM encoded DSA public key in the box, <strong>and</strong> then click Import Public Key.<br />
A new Public Key Hash appears for the user in the list of authorized SSH keys.<br />
10. Launch PuTTY.<br />
11. Select Session, <strong>and</strong> then configure your <strong>iLO</strong> 3 IP address.<br />
12. Select Connection+SSH→Auth.<br />
13. Click Browse, <strong>and</strong> then locate the private key file.<br />
Importing SSH keys from PuTTY 139
Figure 3 PuTTY Configuration window<br />
14. Click Open.<br />
The <strong>iLO</strong> firmware prompts for a user name.<br />
15. Enter the logon name associated with the public key.<br />
The public key in <strong>iLO</strong> authenticates with the private key in PuTTY. If the keys match, you are<br />
logged in to <strong>iLO</strong> without using a password.<br />
Keys can be created with a key passphrase. If a key passphrase was used to generate the<br />
public key, you are prompted for the key passphrase before you log in to <strong>iLO</strong>.<br />
Importing SSH keys generated using ssh-keygen<br />
140 Secure Shell<br />
After generating an SSH key using ssh-keygen <strong>and</strong> creating the key.pub file, perform the<br />
following steps:<br />
1. Locate <strong>and</strong> open the key.pub file with a text editor. The file begins with the text ssh-dsa.<br />
2. Save <strong>and</strong> close the file.<br />
The key file is ready to import <strong>and</strong> authorize.
10 PERL scripting<br />
Using PERL with the XML scripting interface<br />
The scripting interface provided enables administrators to manage virtually every aspect of the<br />
device in an automated fashion. Primarily, administrators use tools like CPQLOCFG to assist<br />
deployment efforts. Administrators using a non-Windows client can use PERL scripts to send XML<br />
scripts to the <strong>iLO</strong> devices. Administrators can also use PERL to perform more complex tasks than<br />
CPQLOCFG can perform.<br />
This section discusses how to use PERL scripting in conjunction with the Lights-Out XML scripting<br />
language. PERL scripts require a valid user ID <strong>and</strong> password with appropriate privileges.<br />
Sample XML scripts for <strong>iLO</strong> devices <strong>and</strong> a sample PERL script are available on the <strong>HP</strong> website at:<br />
http://www.hp.com/go/<strong>iLO</strong>3. Click <strong>iLO</strong> Sample Scripts under <strong>iLO</strong> <strong>Support</strong> <strong>and</strong> Downloads.<br />
XML enhancements<br />
Previous versions of <strong>iLO</strong> 3 firmware do not return properly formatted XML syntax. If the <strong>iLO</strong> 3<br />
firmware determines the client utility does not support the return of properly formatted XML syntax,<br />
the following message appears:<br />
<strong>Scripting</strong> utility should be updated to the latest<br />
version.<br />
This message informs you to update to a later version of the CPQLOCFG scripting utility. The latest<br />
version of CPQLOCFG is 3.5.0.<br />
If you are using a utility other than CPQLOCFG (such as PERL), the following steps help ensure that<br />
the <strong>iLO</strong> 3 firmware returns properly formatted XML. You must incorporate the following tag into<br />
the script sent to <strong>iLO</strong> 3:<br />
<br />
You can place this tag in either the PERL script or the XML script. Placement of this tag is important.<br />
If you place this tag in the PERL script, the tag must be sent after <strong>and</strong><br />
before the XML script is sent. If you place the tag in the XML script, the tag must be placed before<br />
. If you are using the PERL script provided by <strong>HP</strong>, you can add the<br />
bold line in the following example to return properly formatted XML syntax.<br />
For example:<br />
• PERL script modification<br />
…<br />
# Open the SSL connection <strong>and</strong> the input file<br />
my $client = new IO::Socket::SSL->new(PeerAddr => $host);<br />
open(F, "
<br />
Opening an SSL connection<br />
Perl scripts must open an SSL connection to the device HTTPS port, by default port 443.<br />
For example:<br />
use Socket;<br />
use Net::SSLeay qw(die_now die_if_ssl_error);<br />
Net::SSLeay::load_error_strings();<br />
Net::SSLeay::SSLeay_add_ssl_algorithms();<br />
Net::SSLeay::r<strong>and</strong>omize();<br />
#<br />
# opens an ssl connection to port 443 of the passed host<br />
#<br />
sub openSSLconnection($)<br />
{<br />
my $host = shift;<br />
my ($ctx, $ssl, $sin, $ip, $nip);<br />
if (not $ip = inet_aton($host))<br />
{<br />
print "$host is a DNS Name, performing lookup\n" if $debug;<br />
$ip = gethostbyname($host) or die "ERROR: Host $hostname not found.\n";<br />
}<br />
$nip = inet_ntoa($ip);<br />
print STDERR "Connecting to $nip:443\n";<br />
$sin = sockaddr_in(443, $ip);<br />
socket (S, &AF_INET, &SOCK_STREAM, 0) or die "ERROR: socket: $!";<br />
connect (S, $sin) or die "connect: $!";<br />
$ctx = Net::SSLeay::CTX_new() or die_now("ERROR: Failed to create SSL_CTX $! ");<br />
Net::SSLeay::CTX_set_options($ctx, &Net::SSLeay::OP_ALL);<br />
die_if_ssl_error("ERROR: ssl ctx set options");<br />
$ssl = Net::SSLeay::new($ctx) or die_now("ERROR: Failed to create SSL $!");<br />
Net::SSLeay::set_fd($ssl, fileno(S));<br />
Net::SSLeay::connect($ssl) <strong>and</strong> die_if_ssl_error("ERROR: ssl connect");<br />
print STDERR 'SSL Connected ';<br />
print 'Using Cipher: ' . Net::SSLeay::get_cipher($ssl) if $debug;<br />
print STDERR "\n\n";<br />
return $ssl;<br />
}<br />
Sending the XML header <strong>and</strong> script body<br />
After the connection is established, the first line of script sent must be an XML document header,<br />
which tells the device HTTPS web server that the following content is an XML script. The header<br />
must match the header used in the example exactly. After the header has been completely sent,<br />
the remainder of the script can be sent. In this example, the script is sent all at once.<br />
For example:<br />
142 PERL scripting<br />
# usage: sendscript(host, script)<br />
# sends the xmlscript script to host, returns reply<br />
sub sendscript($$)<br />
{<br />
my $host = shift;<br />
my $script = shift;<br />
my ($ssl, $reply, $lastreply, $res, $n);<br />
$ssl = openSSLconnection($host);<br />
# write header<br />
$n = Net::SSLeay::ssl_write_all($ssl, ''."\r\n");
print "Wrote $n\n" if $debug;<br />
# write script<br />
$n = Net::SSLeay::ssl_write_all($ssl, $script);<br />
print "Wrote $n\n$script\n" if $debug;<br />
$reply = "";<br />
$lastreply = "";<br />
READLOOP:<br />
while(1)<br />
{<br />
$n++;<br />
$reply .= $lastreply;<br />
$lastreply = Net::SSLeay::read($ssl);<br />
die_if_ssl_error("ERROR: ssl read");<br />
if($lastreply eq "")<br />
{<br />
sleep(2); # wait 2 sec for more text.<br />
$lastreply = Net::SSLeay::read($ssl);<br />
last READLOOP if($lastreply eq "");<br />
}<br />
sleep(2); # wait 2 sec for more text.<br />
$lastreply = Net::SSLeay::read($ssl);<br />
last READLOOP if($lastreply eq "");<br />
}<br />
print "READ: $lastreply\n" if $debug;<br />
if($lastreply =~ m/STATUS="(0x[0-9A-F]+)"[\s]+MESSAGE='(.*)<br />
'[\s]+\/>[\s]*(([\s]|.)*?)/)<br />
{<br />
if($1 eq "0x0000")<br />
{<br />
print STDERR "$3\n" if $3;<br />
}<br />
else<br />
print STDERR "ERROR: STATUS: $1, MESSAGE: $2\n";<br />
{<br />
}<br />
}<br />
}<br />
$reply .= $lastreply;<br />
closeSSLconnection($ssl);<br />
return $reply;<br />
}<br />
PERL scripts can also send a portion of the XML script, wait for the reply, <strong>and</strong> send more XML later.<br />
Using this technique, it is possible to use the reply produced by an earlier comm<strong>and</strong> as input to a<br />
later comm<strong>and</strong>. However, the PERL script must send data within a few seconds or the device times<br />
out <strong>and</strong> disconnects.<br />
When using the XML scripting interface with PERL scripts, the following restrictions apply:<br />
• PERL scripts must send the XML header before sending the body of the script.<br />
• PERL scripts must provide script data fast enough to prevent the device from timing out.<br />
• Only one XML document is allowed per connection, which means one pair of RIBCL tags.<br />
• The device does not accept additional XML tags after a syntax error occurs. To send additional<br />
XML, a new connection must be established.<br />
Sending the XML header <strong>and</strong> script body 143
11 <strong>iLO</strong> 3 ports<br />
Enabling the Shared Network Port feature through XML scripting<br />
For information on how to use the SHARED_NETWORK_PORT comm<strong>and</strong> to enable the <strong>iLO</strong> 3 Shared<br />
Network Port through XML scripting, see “RIBCL XML <strong>Scripting</strong> Language” (page 56).<br />
The following sample script configures the <strong>iLO</strong> 3 to select the Shared Network Port. You can<br />
customize this script to your needs. All non-blade platforms support some variation of this script.<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Re-enabling the dedicated NIC management port<br />
144 <strong>iLO</strong> 3 ports<br />
You can re-enable the <strong>iLO</strong>-dedicated NIC management port using the User Interface, RBSU, CLP,<br />
or XML scripting.<br />
For information about how to use the SHARED_NETWORK_PORT comm<strong>and</strong>, see “RIBCL XML <strong>Scripting</strong><br />
Language” (page 56)<br />
To re-enable the dedicated management port using RBSU:<br />
1. Connect the dedicated NIC management port to a LAN from which the server is managed.<br />
2. Reboot the server.<br />
3. When prompted during POST, press the F8 key to enter <strong>iLO</strong> RBSU.<br />
4. Select Network→NIC→TCP/IP, <strong>and</strong> press Enter.<br />
5. In the Network Configuration menu, press the spacebar to change the Network Interface<br />
Adapter Field to On.<br />
6. Press the F10 key to save the configuration.<br />
7. Select File→Exit, <strong>and</strong> press Enter.<br />
After <strong>iLO</strong> resets, the dedicated NIC management port is active.<br />
To re-enable the dedicated <strong>iLO</strong> port using XML, use the following sample RIBCL script. The sample<br />
script configures <strong>iLO</strong> to select the <strong>iLO</strong> Network Port. You can modify the script for your specific<br />
needs. Using this script on platforms that do not support the Shared Network Port causes an error.<br />
For example:<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
12 <strong>Support</strong> <strong>and</strong> other resources<br />
Information to collect before contacting <strong>HP</strong><br />
Be sure to have the following information available before you contact <strong>HP</strong>:<br />
• Software product name<br />
• Hardware product model number<br />
• Operating system type <strong>and</strong> version<br />
• Applicable error message<br />
• Third-party hardware or software<br />
• Technical support registration number (if applicable)<br />
How to contact <strong>HP</strong><br />
Use the following methods to contact <strong>HP</strong> technical support:<br />
• In the United States, see the Customer Service / Contact <strong>HP</strong> United States website for contact<br />
options:<br />
http://www.hp.com/go/assistance<br />
• In the United States, call +1 800 334 5144 to contact <strong>HP</strong> by telephone. This service is available<br />
24 hours a day, 7 days a week. For continuous quality improvement, conversations might be<br />
recorded or monitored.<br />
• In other locations, see the Contact <strong>HP</strong> Worldwide website for contact options:<br />
http://www.hp.com/go/assistance<br />
Registering for software technical support <strong>and</strong> update service<br />
Insight Management includes one year of 24 x 7 <strong>HP</strong> Software Technical <strong>Support</strong> <strong>and</strong> Update<br />
Service. This service provides access to <strong>HP</strong> technical resources for assistance in resolving software<br />
implementation or operations problems.<br />
The service also provides access to software updates <strong>and</strong> reference manuals in electronic form as<br />
they are made available from <strong>HP</strong>. Customers who purchase an electronic license are eligible for<br />
electronic updates.<br />
With this service, Insight Management customers benefit from expedited problem resolution as<br />
well as proactive notification <strong>and</strong> delivery of software updates. For more information about this<br />
service, see the following website:<br />
http://www.hp.com/services/insight<br />
Registration for this service takes place following online redemption of the license certificate.<br />
How to use your software technical support <strong>and</strong> update service<br />
After you have registered, you receive a service contract in the mail containing the Customer<br />
Service phone number <strong>and</strong> your SAID. You need your SAID when you contact technical support.<br />
Using your SAID, you can also go to the SUM web page at http://www.itrc.hp.com to view your<br />
contract online.<br />
Information to collect before contacting <strong>HP</strong> 145
<strong>HP</strong> authorized resellers<br />
For the name of the nearest <strong>HP</strong> authorized reseller, see the following sources:<br />
• In the United States, see the <strong>HP</strong> U.S. service locator web site:<br />
http://www.hp.com/service_locator<br />
• In other locations, see the Contact <strong>HP</strong> worldwide web site:<br />
http://welcome.hp.com/country/us/en/wwcontact.html<br />
Related information<br />
Documents<br />
• <strong>HP</strong> <strong>iLO</strong> User <strong>Guide</strong><br />
• <strong>HP</strong> <strong>iLO</strong> Release Notes<br />
These documents are on the <strong>HP</strong> website at:<br />
http://www.hp.com/go/ilo/docs<br />
Websites<br />
• <strong>iLO</strong> website:<br />
http://www.hp.com/go/ilo<br />
• <strong>iLO</strong> 3 website:<br />
http://www.hp.com/go/<strong>iLO</strong>3<br />
• <strong>iLO</strong> 3 downloads website:<br />
http://www.hp.com/support/ilo3<br />
• Insight Control website:<br />
http://www.intel.com/design/servers/ipmi/tools.htm<br />
• Intel IPMI specification website:<br />
http://www.intel.com/design/servers/ipmi/tools.htm<br />
• Timezone information:<br />
ftp://elsie.nci.nih.gov/pub/<br />
• <strong>HP</strong> <strong>iLO</strong> videos:<br />
http://www.hp.com/go/ilo/videos<br />
146 <strong>Support</strong> <strong>and</strong> other resources
13 Documentation feedback<br />
<strong>HP</strong> is committed to providing documentation that meets your needs. To help us improve the<br />
documentation, send any errors, suggestions, or comments to Documentation Feedback<br />
(docsfeedback@hp.com). Include the document title <strong>and</strong> part number, version number, or the URL<br />
when submitting your feedback.<br />
147
Glossary<br />
AHS Active Health System<br />
ARP Address Resolution Protocol<br />
ASCII American St<strong>and</strong>ard Code for Information Interchange.<br />
CGI Common Gateway Interface.<br />
CLI Comm<strong>and</strong>-line interface. An interface comprised of various comm<strong>and</strong>s which are used to control<br />
operating system responses.<br />
CLP Comm<strong>and</strong> <strong>Line</strong> Protocol.<br />
CPQLOCFG Compaq Lights-Out Configuration Utility<br />
DAD Duplicate Address Detection<br />
DDNS Dynamic Domain Name System.<br />
DHCP Dynamic host configuration protocol.<br />
DMTF Desktop Management Task Force<br />
DNS Domain name system.<br />
EV Environment Variable<br />
FQDN Fully Qualified Domain Name<br />
GUI Graphical user interface.<br />
<strong>HP</strong>ONCFG <strong>HP</strong> Lights-Out Online Configuration utility.<br />
<strong>HP</strong>QLOMGC <strong>HP</strong> Lights-Out Migration Comm<strong>and</strong> <strong>Line</strong>.<br />
ICMP Internet Control Message Protocol.<br />
<strong>iLO</strong> Integrated Lights-Out.<br />
IML Integrated Management Log.<br />
IP Internet Protocol.<br />
IPMI Intelligent Platform Management Interface.<br />
LAN Local area network. A communications infrastructure designed to use dedicated wiring over a<br />
limited distance (typically a diameter of less than five kilometers) to connect to a large number<br />
of intercommunicating nodes. Ethernet <strong>and</strong> token ring are the two most popular LAN technologies.<br />
(SNIA)<br />
LDAP Lightweight Directory Access Protocol.<br />
LED Light-emitting diode.<br />
LOCFG.PL The Lights-Out Configuration Utility is a PERL script that runs on any client that has a compatible<br />
PERL environment installed.<br />
LOM Lights-Out Management.<br />
MAC Media Access Control.<br />
NIC Network interface card. A device that h<strong>and</strong>les communication between a device <strong>and</strong> other devices<br />
on a network.<br />
NMI Non-maskable interrupt.<br />
PERL Practical Extraction <strong>and</strong> Report Language.<br />
POST Power-On Self Test.<br />
RA Router Advertisement<br />
RBSU ROM-Based Setup Utility.<br />
RDP <strong>HP</strong> Rapid Deployment Pack.<br />
RIB Remote Insight Board.<br />
RIBCL Remote Insight Board Comm<strong>and</strong> Language.<br />
RILOE Remote Insight Lights-Out Edition.<br />
148 Glossary
RILOE II Remote Insight Lights-Out Edition II.<br />
RMCP Remote Management <strong>and</strong> Control Protocol<br />
RSA Rivest, Shamir, <strong>and</strong> Adelman public encryption key.<br />
RSM Remote Server Management.<br />
SAID Service Agreement Identifier<br />
SLAAC Stateless Address Auto Configuration<br />
SMASH System Management Architecture for Server Hardware.<br />
SNMP Simple Network Management Protocol.<br />
SSH Secure Shell.<br />
SSL Secure Sockets Layer.<br />
SUM Software Update Manager<br />
TCP/IP Transmission Control Protocol/Internet Protocol.<br />
UID Unit identification.<br />
USB Universal serial bus. A serial bus st<strong>and</strong>ard used to interface devices.<br />
VM Virtual Machine.<br />
VSP Virtual Serial Port<br />
WINS Windows Internet Naming Service.<br />
XML eXtensible markup language.<br />
149
Index<br />
A<br />
ADD_USER, 60<br />
obtaining the basic configuration, 22<br />
parameters, 60<br />
runtime errors, 61<br />
authorized resellers, 146<br />
B<br />
BLADESYSTEM_INFO, 110<br />
boot comm<strong>and</strong>s, 50<br />
BROWNOUT_RECOVERY, 84<br />
parameters, 84<br />
runtime errors, 85<br />
C<br />
certificate, settings<br />
CERTIFICATE_SIGNING_REQUEST parameters, 94<br />
IMPORT_CERTIFICATE, 94<br />
CERTIFICATE_SIGNING_REQUEST, 93<br />
errors, 94<br />
parameters, 94<br />
CLEAR_EVENTLOG, 69<br />
parameters, 69<br />
runtime errors, 70<br />
CLP base comm<strong>and</strong>s, 32<br />
CLP, boot comm<strong>and</strong>s, 50<br />
CLP, embedded health settings, 41<br />
CLP, escape comm<strong>and</strong>s, 31<br />
CLP, license comm<strong>and</strong>s, 44<br />
CLP, miscellaneous comm<strong>and</strong>s, 55<br />
CLP, network comm<strong>and</strong>s, 36<br />
CLP, SNMP settings, 43<br />
CLP, user comm<strong>and</strong>s, 34<br />
CLP, using, 30<br />
CLP, virtual media comm<strong>and</strong>s, 45<br />
comm<strong>and</strong> block, DIR_INFO, 101<br />
comm<strong>and</strong> block, RIB_INFO, 67<br />
comm<strong>and</strong> block, SERVER_INFO, 111<br />
comm<strong>and</strong> block, USER_INFO, 59<br />
comm<strong>and</strong> line utilities<br />
CPQLOCFG.EXE, 10<br />
<strong>HP</strong>ONCFG.EXE, 11<br />
IPMI, 11<br />
LOCFG.PL, 11<br />
<strong>Scripting</strong> <strong>and</strong> comm<strong>and</strong> line utilities , 10<br />
SMASH CLP, 11<br />
comm<strong>and</strong>-line parameters, <strong>HP</strong>ONCFG, 20<br />
comm<strong>and</strong>s<br />
firmware, 49<br />
LED, 51<br />
comm<strong>and</strong>s, base, 32<br />
comm<strong>and</strong>s, blade, 50<br />
comm<strong>and</strong>s, network, 36<br />
comm<strong>and</strong>s, user, 34<br />
comm<strong>and</strong>s, virtual media, 45<br />
150 Index<br />
COMPUTER_LOCK_CONFIG, 70<br />
parameters, 71<br />
runtime errors, 71<br />
configuration procedures<br />
Obtaining a specific configuration, 23<br />
obtaining the basic configuration, 22<br />
Setting a configuration, 23<br />
configuration utilities, 19<br />
configuration, capturing, 24<br />
configuration, obtaining specific information, 23<br />
configuration, restoring, 25<br />
configuration, setting a configuration, 23<br />
contacting <strong>HP</strong>, 145<br />
CPQLOCFG, batch processing, 15<br />
CPQLOCFG.EXE utility, 13<br />
CPQLOCFG.EXE, 10<br />
CPQLOCFG.EXE, parameters, 16<br />
D<br />
data types, RIBCL, 56<br />
dedicated NIC, re-enabling, 144<br />
DELETE_SERVER, 134<br />
parameters, 135<br />
runtime errors, 135<br />
DELETE_USER, 61<br />
parameters, 61<br />
runtime errors, 62<br />
DIR_INFO comm<strong>and</strong> block, 101<br />
directory comm<strong>and</strong>s, 44<br />
documentation<br />
providing feedback on, 147<br />
domain name system (DNS)<br />
CPQLOCFG parameters, 16<br />
GET_NETWORK_SETTINGS return messages, 71<br />
MOD_NETWORK_SETTINGS, 73<br />
obtaining the basic configuration, 22<br />
Opening an SSL connection, 142<br />
Dynamic Host Configuration Protocol (DHCP)<br />
GET_NETWORK_SETTINGS return messages, 71<br />
MOD_NETWORK_SETTINGS, 73<br />
obtaining the basic configuration, 22<br />
E<br />
EJECT_VIRTUAL_MEDIA, 90<br />
parameters, 90<br />
runtime errors, 90<br />
embedded health settings, CLP, 41<br />
eventlog comm<strong>and</strong>s, CLP, 49<br />
eventlog comm<strong>and</strong>s, RIBCL<br />
CLEAR_EVENT_LOG, 69<br />
GET_EVENT_LOG, 68<br />
F<br />
features, SSH, 136<br />
firmware, 49<br />
firmware comm<strong>and</strong>s, 49
G<br />
GET_ALL_LANGUAGES, 96<br />
parameters, 96<br />
runtime errors, 96<br />
GET_ALL_USERS, 65<br />
parameters, 65<br />
return messages, 65<br />
runtime errors, 65<br />
GET_ALL_USERS_INFO, 66<br />
parameters, 66<br />
return messages, 66<br />
runtime errors, 66<br />
GET_DIR_CONFIG, 102<br />
parameters, 102<br />
runtime errors, 102<br />
GET_EMBEDDED_HEALTH, 113<br />
parameters, 113<br />
return messages, 113<br />
GET_EVENT_LOG, 68<br />
parameters, 68<br />
return messages, 68<br />
runtime errors, 68<br />
GET_FIRMWARE_VERSION, 87<br />
parameters, 88<br />
return messages, 88<br />
runtime errors, 88<br />
GET_GLOBAL_SETTINGS, 81<br />
Gruntime errors, 81<br />
parameters, 81<br />
GET_HOST_POWER_SAVER_STATUS, 123<br />
parameters, 123<br />
return messages, 124<br />
runtime errors, 123<br />
GET_HOST_POWER_STATUS, 124<br />
parameters, 125<br />
return messages, 125<br />
runtime errors, 125<br />
GET_HOST_PWR_MICRO_VER, 126<br />
parameters, 126<br />
return messages, 126<br />
runtime errors, 126<br />
GET_LANGUAGE, 95<br />
parameters, 96<br />
runtime errors, 96<br />
GET_NETWORK_SETTINGS, 71<br />
parameters, 71<br />
return messages, 71<br />
runtime errors, 71<br />
GET_OA_INFO, 110<br />
GET_POWER_CAP, 122<br />
parameters, 122<br />
return messages, 122<br />
GET_POWER_READINGS, 120<br />
parameters, 120<br />
return messages, 120<br />
GET_SECURITY_MSG, 97<br />
parameters, 97<br />
runtime errors, 97<br />
GET_SERVER_AUTO_PWR, 128<br />
parameters, 128<br />
return message, 128<br />
GET_SERVER_NAME, 111<br />
return messages, 112<br />
runtime errors, 112<br />
GET_SNMP_IM_SETTINGS, 85<br />
parameters, 85<br />
return messages, 85<br />
runtime errors, 85<br />
GET_SSO_SETTINGS, 130<br />
parameters, 130<br />
return messages, 130<br />
GET_UID_CONTROL<br />
errors, 129<br />
parameters, 129<br />
GET_UID_STATUS, 129<br />
parameters, 129<br />
response, 129<br />
GET_USER, 62<br />
parameters, 63<br />
return messages, 63<br />
runtime errors, 63<br />
GET_VM_STATUS, 90<br />
parameters, 91<br />
return messages, 91<br />
runtime errors, 91<br />
H<br />
help<br />
obtaining, 145<br />
<strong>HP</strong><br />
technical support, 145<br />
<strong>HP</strong> Insight Control server deployment, 12<br />
<strong>HP</strong> Insight Control software, 12<br />
<strong>HP</strong> SIM SSO settings, 34<br />
<strong>HP</strong> SIM, application launch, 15<br />
<strong>HP</strong> SIM, grouping LOM devices, 15<br />
<strong>HP</strong> SIM, integration, 137<br />
<strong>HP</strong>ONCFG, 19<br />
<strong>HP</strong>ONCFG, comm<strong>and</strong>s, 20<br />
<strong>HP</strong>ONCFG, configuration examples<br />
obtaining the basic configuration, 22<br />
Setting a configuration, 23<br />
<strong>HP</strong>ONCFG, <strong>iLO</strong> configuration examples<br />
Capturing <strong>and</strong> restoring a configuration, 25<br />
Obtaining a specific configuration, 23<br />
<strong>HP</strong>ONCFG, installation, 19<br />
<strong>HP</strong>ONCFG, installing on a Linux server, 20<br />
<strong>HP</strong>ONCFG, Linux<br />
Using <strong>HP</strong>ONCFG on Linux servers, 21<br />
Using <strong>HP</strong>ONCFG on Windows servers, 21<br />
Windows server installation, 19<br />
<strong>HP</strong>ONCFG, online configuration untility, 19<br />
<strong>HP</strong>ONCFG, parameters, 20<br />
<strong>HP</strong>ONCFG, requirements, 19<br />
<strong>HP</strong>ONCFG supported operating systems, 19<br />
<strong>HP</strong>ONCFG, using<br />
<strong>HP</strong>ONCFG online configuration utility, 19<br />
Installing <strong>HP</strong>ONCFG, 19<br />
151
Using <strong>HP</strong>ONCFG on Windows servers, 21<br />
<strong>HP</strong>ONCFG, utility overview, 20<br />
<strong>HP</strong>ONCFG, variable substitution, 24<br />
<strong>HP</strong>ONCFG.EXE utility, 11<br />
I<br />
<strong>iLO</strong> 3 settings, 39<br />
<strong>iLO</strong> ports, 144<br />
<strong>iLO</strong> settings, RIBCL, 67<br />
IMPORT_CERTIFICATE, 94<br />
errors, 95<br />
parameters, 95<br />
IMPORT_SSH_KEY, 104<br />
parameters, 105<br />
runtime errors, 105<br />
importing SSH keys, PuTTY, 138<br />
INSERT_VIRTUAL_MEDIA, 89<br />
parameters, 89<br />
runtime errors, 90<br />
installation, Windows server, 19<br />
integration, <strong>HP</strong> Insight Control Software, 12<br />
introduction, 10<br />
IPMI (Intelligent Platform Management Interface), 11<br />
IPMI tool usage, 28<br />
IPMI tool usage, advanced, 28<br />
IPMI usage, 28<br />
IPMI util usage on Windows, 29<br />
IPMI utility, 28<br />
L<br />
LED comamnds, 51<br />
LICENSE, 88<br />
parameters, 88<br />
runtime errors, 89<br />
license comm<strong>and</strong>s, CLP, 44<br />
Lights-Out Configuration Utility see CPQLOCFG<br />
LOCFG.PL utility<br />
LOCFG.PL, 11<br />
LOCFG.PL usage, 18<br />
LOGIN<br />
BLADESYSTEM_INFO, 110<br />
comm<strong>and</strong> block, 59<br />
parameters, 59<br />
runtime errors, 59<br />
M<br />
management port, 144<br />
MOD_DIR_CONFIG, 105<br />
parameters, 108<br />
runtime errors, 109<br />
MOD_GLOBAL_SETTINGS, 82<br />
BROWNOUT_RECOVERY, 84<br />
parameters, 83<br />
runtime errors, 84<br />
MOD_NETWORK_SETTINGS, 73<br />
obtaining the basic configuration, 22<br />
parameters, 78<br />
runtime errors, 78<br />
MOD_SNMP_IM_SETTINGS, 85<br />
152 Index<br />
parameters, 86<br />
runtime errors, 86<br />
MOD_SSO_SETTINGS, 131<br />
parameters, 132<br />
runtime errors, 132<br />
MOD_USER, 63<br />
ADD_USER, 60<br />
parameters, 64<br />
runtime errors, 65<br />
Mxagentoconfig utility, 137<br />
N<br />
network settings, CLP, 36<br />
NIC management port, re-enabling, 144<br />
O<br />
online configuration untility, 19<br />
OpenSSH utility, 136<br />
operating systems supported, 19<br />
overview, <strong>HP</strong>ONCFG, 19<br />
overview, PERL scripting, 141<br />
overview, SSH, 136<br />
P<br />
Perl, sending XML scripts, 142<br />
Perl, SSL connection, 142<br />
PERL, using, 141<br />
power management<br />
<strong>HP</strong> Insight Control Software deployment, 12<br />
PRESS_PWR_BTN<br />
parameters, 127<br />
runtime errors, 127<br />
PuTTY utility, 136<br />
PuTTY, importing SSH keys, 138<br />
R<br />
RACK_INFO<br />
GET_OA_INFO, 110<br />
RESET_RIB, 67<br />
parameters, 67<br />
runtime errors, 67<br />
RESET_SERVER, 126<br />
parameters, 127<br />
PRESS_PWR_BTN, 127<br />
runtime errors, 127<br />
response definition, RIBCL, 56<br />
RIB_INFO<br />
BROWNOUT_RECOVERY, 84<br />
RIB_INFO comm<strong>and</strong> block, 67<br />
RIBCL, 113<br />
BLADESYSTEM_INFO, 110<br />
Boolean string, 56<br />
boot order, 57<br />
CERTIFICATE_SIGNING_REQUEST, 93<br />
CLEAR_EVENTLOG, 69<br />
comm<strong>and</strong> block, 57<br />
COMPUTER_LOCK_CONFIG, 70<br />
data types, 56<br />
DELETE_SERVER, 134
DIR_INFO, 101<br />
EJECT_VIRTUAL_MEDIA, 90<br />
GET_ALL_LANGUAGES, 96<br />
GET_DIR_CONFIG, 102<br />
GET_EVENT_LOG, 68<br />
GET_FW_VERSION, 87<br />
GET_GLOBAL_SETTINGS, 81<br />
GET_HOST_POWER_SAVER_STATUS, 123<br />
GET_HOST_POWER_STATUS, 124<br />
GET_HOST_PWR_MICRO_VER, 126<br />
GET_LANGUAGE, 95<br />
GET_NETWORK_SETTINGS, 71<br />
GET_OA_INFO, 110<br />
GET_POWER_CAP, 122<br />
GET_POWER_READINGS, 120<br />
GET_SECURITY_MSG, 97<br />
GET_SERVER_AUTO_PWR, 128<br />
GET_SNMP_IM_SETTINGS, 85<br />
GET_SSO_SETTINGS, 130<br />
GET_UID_STATUS, 129<br />
GET_VM_STATUS, 90<br />
IMPORT_CERTIFICATE, 94<br />
IMPORT_SSH_KEY, 104<br />
INSERT_VIRTUAL_MEDIA, 89<br />
license comm<strong>and</strong>s, 88<br />
LOGIN, 59<br />
MOD_DIR_CONFIG, 105<br />
MOD_GLOBAL_SETTINGS, 82<br />
MOD_NETWORK_SETTINGS, 73<br />
MOD_SNMP_IM_SETTINGS, 85<br />
MOD_SSO_SETTINGS, 131<br />
overview, 56<br />
parameters, 57<br />
PRESS_PWR_BTN, 127<br />
RESET_RIB, 67<br />
RESET_SERVER, 126<br />
response definitions, 56<br />
RIB_INFO comm<strong>and</strong>s, 67<br />
runtime errors, 57<br />
SERVER_AUTO_PWR, 127<br />
SERVER_INFO, 111<br />
SERVER_NAME, 112<br />
SET_ASSET_TAG, 96<br />
SET_HOST_POWER, 125<br />
SET_HOST_POWER_SAVER, 124<br />
SET_LANGUAGE, 95<br />
SET_POWER_CAP, 122<br />
SET_SECURITY_MSG, 97<br />
SET_VM_STATUS, 91<br />
specific string, 56<br />
SSH, 136<br />
SSO_INFO, 130<br />
SSO_SERVER, 133<br />
string, 56<br />
UID_CONTROL, 129<br />
UPDATE_FIRMWARE, 86<br />
USER_INFO, 59<br />
XML header, 56<br />
RIBCL XML scripting language, 56<br />
S<br />
scripting guide overview, 10<br />
scripting interface, PERL, 141<br />
scripting utilities<br />
CPQLOCFG.EXE, 10<br />
<strong>HP</strong>ONCFG.EXE, 11<br />
IPMI, 11<br />
LOCFG.PL, 11<br />
<strong>Scripting</strong> <strong>and</strong> comm<strong>and</strong> line utilities , 10<br />
SMASH CLP, 11<br />
scripts<br />
<strong>HP</strong>ONCFG online configuration utility, 19<br />
Opening an SSL connection, 142<br />
Sending the XML header <strong>and</strong> script body, 142<br />
Using <strong>HP</strong>ONCFG on Windows servers, 21<br />
using PERL with the XML scripting interface, 141<br />
Windows server installation, 19<br />
XML header, 56<br />
Secure Sockets Layer (SSL)<br />
Opening an SSL connection, 142<br />
Sending the XML header <strong>and</strong> script body, 142<br />
SERVER_AUTO_PWR, 127<br />
parameters, 128<br />
runtime errors, 128<br />
SERVER_INFO comm<strong>and</strong> block, 111<br />
SERVER_NAME, 112<br />
parameters, 112<br />
return messages, 112<br />
runtime errors, 112<br />
SET_ASSET_TAG, 96<br />
parameters, 96<br />
runtime errors, 97<br />
SET_HOST_POWER, 125<br />
parameters, 124, 125<br />
runtime errors, 124, 125<br />
SET_HOST_POWER_SAVER, 124<br />
SET_LANGUAGE, 95<br />
parameters, 95<br />
runtime errors, 95<br />
SET_POWER_CAP, 122<br />
parameters, 123<br />
runtime errors, 123<br />
SET_SECURITY_MSG, 97<br />
parameters, 98<br />
runtime errors, 98<br />
SET_VM_STATUS, 91<br />
parameters, 92<br />
runtime errors, 93<br />
setup, scripted, 141<br />
shared network port, enabling, 144<br />
shared network port, features, 144<br />
shared ports, 144<br />
signing request, certificate, 93<br />
SMASH CLP , 11<br />
SMASH CLP comm<strong>and</strong> line access, 30<br />
SMASH CLP comm<strong>and</strong> line overview, 30<br />
SMASH CLP scripting language, 30<br />
SMASH CLP usage, 27<br />
SNMP settings, CLP, 43<br />
153
software<br />
technical support, 145<br />
update service, 145<br />
specific comm<strong>and</strong>s, 33<br />
SSH, 136<br />
features, 136<br />
importing SSH keys from PuTTY, 138<br />
importing SSH keys generated using ssh-keygen, 140<br />
key authorization, 137<br />
key authorization, tool definition files, 137<br />
Mxagentoconfig utility, 137<br />
overview, 136<br />
SSH utility, 136<br />
SSH, connection, 136<br />
ssh-keygen, 140<br />
SSL connection, opening, 142<br />
SSO_INFO, 130<br />
SSO_SERVER, 133<br />
parameters, 133<br />
runtime errors, 134<br />
start <strong>and</strong> reset comm<strong>and</strong>s, 48<br />
start <strong>and</strong> reset comm<strong>and</strong>s, RIBCL<br />
RESET_RIB, 67<br />
string<br />
RIBCL, 56<br />
RIBCL Boolean tring, 56<br />
RIBCL specific string, 56<br />
supported operating systems, 19<br />
system properties , 52<br />
system target information, RIBCL, 111<br />
system targets, 52<br />
T<br />
technical support, 145<br />
<strong>HP</strong>, 145<br />
U<br />
UID_CONTROL, 129<br />
UPDATE_FIRMWARE, 86<br />
parameters, 87<br />
runtime errors, 87<br />
user settings, CLP, 34<br />
USER_INFO<br />
comm<strong>and</strong> block, 59<br />
V<br />
variable substitution, <strong>HP</strong>ONCFG, 24<br />
virtual media comm<strong>and</strong>s, CLP, 45<br />
W<br />
Windows server installation, 19<br />
X<br />
XML (Extensible Markup Language)<br />
using PERL with the XML scripting interface, 141<br />
XML header, 56<br />
XML header, 56<br />
Sending the XML header <strong>and</strong> script body, 142<br />
XML query, unauthenticated, 13<br />
154 Index<br />
XML, general guidelines, 141