You are on page 1of 458

PRIMERGY ServerView Suite

iRMC - integrated Remote Management Controller

Edition June 2009

Comments Suggestions Corrections


The User Documentation Department would like to
know your opinion of this manual. Your feedback helps
us optimize our documentation to suit your individual
needs.
Feel free to send us your comments by e-mail to
manuals@ts.fujitsu.com.

Certified documentation
according to DIN EN ISO 9001:2000
To ensure a consistently high quality standard and
user-friendliness, this documentation was created to
meet the regulations of a quality management system
which complies with the requirements of the standard
DIN EN ISO 9001:2000.
cognitas. Gesellschaft fr Technik-Dokumentation mbH
www.cognitas.de

Copyright and Trademarks


Copyright 2009 Fujitsu Technology Solutions GmbH.
All rights reserved.
Delivery subject to availability; right of technical modifications reserved.
All hardware and software names used are trademarks of their respective manufacturers.

Contents
1

Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

1.1

Purpose and target groups of the manual . . . . . . . . . . 12

1.2

Functions of the iRMC (overview) . . . . . . . . . . . . . . . 13

1.3

Communication interfaces of the iRMC . . . . . . . . . . . . 18

1.4

IPMI - technical background . . . . . . . . . . . . . . . . . . 19

1.5

Changes since the previous manual . . . . . . . . . . . . . 28

1.6

Notational conventions

Logging on to the iRMC for the first time . . . . . . . . . . . 31

2.1

Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . 31

2.2

iRMC factory defaults . . . . . . . . . . . . . . . . . . . . . 32

2.3

Logging into the iRMC web interface . . . . . . . . . . . . . 33

Configuring the iRMC . . . . . . . . . . . . . . . . . . . . . 35

3.1
3.1.1
3.1.1.1
3.1.1.2

Configuring the iRMC LAN interface . . . . . . . . . . . .


Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . .
Connected to the correct LAN port? . . . . . . . . . . . .
Interaction between the IP addresses of the iRMC
and the system . . . . . . . . . . . . . . . . . . . . . . .
Access from a different subnet . . . . . . . . . . . . . . .
Configuring the LAN interface: Configuration tools . . . . . .
Configuring the LAN interface using the BIOS Setup program
Testing the LAN interface . . . . . . . . . . . . . . . . . . .

3.1.1.3
3.1.2
3.1.3
3.1.4
3.2

. . . . . . . . . . . . . . . . . . . . 29

. 36
. 37
. 37
.
.
.
.
.

38
38
38
39
41

3.2.1
3.2.2

Configuring text console redirection via LAN using


the BIOS Setup program . . . . . . . . . . . . . . . . . . . . 42
Configure text console redirection . . . . . . . . . . . . . . . . 43
Using console redirection while the operating system is running 46

3.3
3.3.1
3.3.2

Configuring and using the serial interface of the iRMC . . . 48


Configuring the serial interface . . . . . . . . . . . . . . . . . 49
Using the Remote Manager (Serial) interface . . . . . . . . . . 51

iRMC

Contents
3.4
3.4.1
3.4.2
3.4.3

Configuring the iRMC over the iRMC web interface


Configuring the LAN parameters . . . . . . . . . . . .
Configuring alerting . . . . . . . . . . . . . . . . . . .
Configuring text console redirection . . . . . . . . . .

3.5
3.5.1
3.5.2

Configuring iRMC using the Server Configuration Manager . 54


Configuring the LAN parameters . . . . . . . . . . . . . . . . . 54
Configuring alerting . . . . . . . . . . . . . . . . . . . . . . . . 55

User management for the iRMC . . . . . . . . . . . . . . . . 57

4.1

User management concept for the iRMC

4.2

User permissions . . . . . . . . . . . . . . . . . . . . . . . . 60

4.3
4.3.1
4.3.2

Local user management for the iRMC . . . . . . . . . . . . . 62


Local user management using the iRMC web interface . . . . . 62
Local user management via the Server Configuration Manager . 64

4.4
4.4.1
4.4.2

Global user management for the iRMC . . . . . . . . .


Overview . . . . . . . . . . . . . . . . . . . . . . . . . .
iRMC user management via an LDAP directory service
(concept) . . . . . . . . . . . . . . . . . . . . . . . . . .
Global user management via the OU "iRMCgroups" . .
Cross-server, global user permissions . . . . . . . . .
Settings for the preferred shell . . . . . . . . . . . . .
Generating the "iRMCgroups" structure in the
LDAP directory service . . . . . . . . . . . . . . . . . . .
Creating the LDIF file . . . . . . . . . . . . . . . . . .
Importing the LDIF file into the directory service . . . .
iRMC user management via Microsoft Active Directory . .
Importing the LDIF file into Microsoft Active Directory. .
Configuring iRMC LDAP/SSL access at the
Active Directory server . . . . . . . . . . . . . . . . .
Assigning iRMC users to the OU "iRMCgroups" . . . .
iRMC user management via Novell eDirectory . . . . . .
Software components and system requirements . . . .
Installing Novell eDirectory . . . . . . . . . . . . . . .
Configuring Novell eDirectory . . . . . . . . . . . . . .
Integrating iRMC user management in Novell eDirectory
Assigning iRMC users to the OU "iRMCgroups" . . . .
Tips on administering Novell eDirectory. . . . . . . . .

4.4.2.1
4.4.2.2
4.4.2.3
4.4.3
4.4.3.1
4.4.3.2
4.4.4
4.4.4.1
4.4.4.2
4.4.4.3
4.4.5
4.4.5.1
4.4.5.2
4.4.5.3
4.4.5.4
4.4.5.5
4.4.5.6

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

52
52
53
53

. . . . . . . . . . . 58

. . . 66
. . . 67
.
.
.
.

.
.
.
.

.
.
.
.

68
68
69
72

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

73
73
76
77
77

.
.
.
.
.
.

.
.
.
.
.
.
.
. .
. .

. 83
. 88
. 95
. 95
. 96
103
109
117
121

iRMC

Contents
4.4.6
4.4.6.1
4.4.6.2
4.4.6.3
4.4.6.4
4.4.6.5
4.4.7

iRMC user management via OpenLDAP . . . . . . .


Installing OpenLDAP . . . . . . . . . . . . . . . .
Creating SSL certificates . . . . . . . . . . . . . .
Configuring OpenLDAP . . . . . . . . . . . . . .
Integrating iRMC user management in OpenLDAP.
Tips on OpenLDAP administration . . . . . . . . .
SSL copyright . . . . . . . . . . . . . . . . . . . . .

Advanced Video Redirection

5.1

Requirements: Check the AVR settings

5.2
5.2.1
5.2.2
5.2.3
5.2.4
5.2.4.1
5.2.4.2

Using Advanced Video Redirection . . . . . . . . . .


Parallel AVR sessions . . . . . . . . . . . . . . . . . .
Local Monitor Off function . . . . . . . . . . . . . . . .
Redirecting the keyboard . . . . . . . . . . . . . . . .
Redirecting the mouse . . . . . . . . . . . . . . . . . .
Synchronizing the mouse pointer . . . . . . . . . .
Managed Windows server: Adjusting the settings for
synchronization of the mouse pointers . . . . . . .
Managed Linux server: Adjusting the settings for
synchronization of the mouse pointers . . . . . . .

.
.
.
.
.
.

5.3
5.3.1
5.3.2
5.3.3
5.3.4

Menus of the AVR window


Extras menu . . . . . . . .
Remote Storage menu . . .
Languages menu . . . . .
Preferences menu . . . . .

.
.
.
.
.

Remote Storage

6.1
6.1.1
6.1.2
6.1.3
6.1.4
6.1.5

Providing remote storage at the remote workstation


Starting Remote Storage . . . . . . . . . . . . . . . .
Provision of storage media for Remote Storage . . . . .
Connecting storage media as remote storage . . . . . .
Clearing Remote Storage connections . . . . . . . . .
Removing the storage medium . . . . . . . . . . . . .

.
.
.
.
.
.

.
.
.
.
.
.

.
.
.
.
.
.

.
.
.
.
.
.

156
157
159
161
163
164

6.2
6.2.1
6.2.2
6.2.3

Providing remote storage via a remote storage server


Installing the remote storage server . . . . . . . . . . . .
Remote storage server execution modes
. . . . . . . .
Configuring, starting and exiting the remote storage server

.
.
.
.

.
.
.
.

.
.
.
.

165
166
171
172

5.2.4.3

iRMC

.
.
.
.
.

.
.
.
.
.
.
.

.
.
.
.
.
.
.

.
.
.
.
.
.
.

.
.
.
.
.
.
.

.
.
.
.
.
.
.

124
124
124
125
126
129
131

. . . . . . . . . . . . . . . . . 133

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

. . . . . . . . . . . 134

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.
.

.
.
.
.
.
.

.
.
.
.
.
.

135
136
137
138
140
140

. . . . 142
. . . . 145
.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

147
148
151
151
152

. . . . . . . . . . . . . . . . . . . . . . . . 155

Contents
7

iRMC web interface . . . . . . . . . . . . . . . . . . . . . . 177

7.1

Logging into the iRMC web interface

7.2

Required user permissions

7.3

Structure of the user interface . . . . . . . . . . . . . . . . 183

7.4
7.4.1
7.4.2

System Information - Information on the server . . . . . . . 186


System Overview - General information on the server . . . . . 187
System Component Information -Information on the
server components . . . . . . . . . . . . . . . . . . . . . . . 190

7.5
7.5.1
7.5.2
7.5.3

iRMC - Information, firmware and certificates . . . .


iRMC Information - information about the iRMC . . . .
Save iRMC Firmware Settings - Save firmware settings
Certificate Upload - Load the DSA/RSA certificate and
private DSA/RSA key . . . . . . . . . . . . . . . . . .
Generate a self-signed RSA Certificate - Creating a
self-signed RSA certificate . . . . . . . . . . . . . . .

7.5.4
7.6
7.6.1
7.6.2
7.6.3

. . . . . . . . . . . . 178

. . . . . . . . . . . . . . . . . 180

Power Management . . . . . . . . . . . . . . . . .
Power On/Off - power the server up/down . . . . . .
Power Options - Configuring power management
for the server . . . . . . . . . . . . . . . . . . . . .
Power Supply Info - Power supply and IDPROM data
for the FRU components . . . . . . . . . . . . . . .

. . . . 191
. . . . 192
. . . . 196
. . . . 198
. . . . 204

. . . . . 206
. . . . . 207
. . . . . 211
. . . . . 214

7.7
7.7.1
7.7.2
7.7.3
7.7.4
7.7.5

Sensors - Check status of the sensors . . . . . . . . . .


Fans - Check fans . . . . . . . . . . . . . . . . . . . . . . .
Temperature - Check temperature sensors . . . . . . . . . .
Voltages - Check voltage sensors . . . . . . . . . . . . . .
Power Supply - Check power supply . . . . . . . . . . . . .
Component Status - Check status of the server components

7.8

System Event Log (SEL) - Displaying and configuring


the servers event log . . . . . . . . . . . . . . . . . . . . . 223
System Event Log Content - Show information on the SEL
and SEL entries . . . . . . . . . . . . . . . . . . . . . . . . . 224
System Event Log Configuration - Configure the SEL . . . . . 227

7.8.1
7.8.2
7.9

.
.
.
.
.
.

215
216
218
220
221
222

Server Management Information - Configuring the


server settings . . . . . . . . . . . . . . . . . . . . . . . . . 229

iRMC

Contents
7.10
7.10.1
7.10.2

. 235
. 236

7.10.3
7.10.4

Network Settings - Configure the LAN parameters . . . .


Network Interface - Configure Ethernet settings on the iRMC .
Ports and Network Services - Configuring ports
and network services . . . . . . . . . . . . . . . . . . . . .
DHCP Configuration - Configuring the host name for the iRMC
DNS Configuration - Enable DNS for the iRMC . . . . . . . .

7.11
7.11.1
7.11.2
7.11.3

Alerting - Configure alerting . . . . . . . . . . . . . .


SNMP Trap Alerting - Configure SNMP trap alerting . .
Serial / Modem Alerting - Configure alerting via modem
Email Alerting - Configure email alerting . . . . . . . .

.
.
.
.

.
.
.
.

247
248
250
252

7.12
User Management - Manage users . . . . . . . . . . . . .
7.12.1
iRMC User - local user management on the iRMC . . . . . .
7.12.1.1
New User Configuration - Configuring a new user . . . . .
7.12.1.2
User <name> Configuration - User configuration (details)
7.12.2
Directory Service Configuration (LDAP) Configuring the directory service at the iRMC . . . . . . . . .

.
.
.
.

259
259
261
262

7.13
7.13.1

Console Redirection - Redirecting the console . .


BIOS Text Console - Configure and start text console
redirection . . . . . . . . . . . . . . . . . . . . . . .
7.13.1.1
BIOS Console Redirection Options - Configure
text console redirection . . . . . . . . . . . . . . .
7.13.1.2
Text Console Redirection (via Serial over LAN) Start text console redirection . . . . . . . . . . . .
7.13.1.3
Text console redirection while the operating system
is running . . . . . . . . . . . . . . . . . . . . . .
7.13.2
Advanced Video Redirection - Start Advanced Video
Redirection (AVR) . . . . . . . . . . . . . . . . . . .

.
.
.
.

.
.
.
.

. 239
. 243
. 245

. 269

. . . . . 277
. . . . . 277
. . . . . 279
. . . . . 281
. . . . . 286
. . . . . 288

7.14

Remote Storage

7.15

Operating iRMC via Telnet/SSH (Remote Manager) . . . . . 298

iRMC via Telnet/SSH (Remote Manager) . . . . . . . . . . . 303

8.1

Operating the iRMC using the ServerView Remote


Management Frontend . . . . . . . . . . . . . . . . . . . . . 304

8.2
8.2.1
8.2.2
8.2.3

Remote Manager . . . . .
Operating Remote Manager
Overview of menus . . . .
Logging in . . . . . . . . .

iRMC

. . . . . . . . . . . . . . . . . . . . . . . . 296

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

.
.
.
.

305
305
306
308

Contents
8.2.4
8.2.5
8.2.6
8.2.7
8.2.8
8.2.9

8.2.12
8.2.13

Main menu of the Remote Manager . . . . . . . . . . .


Required user permissions . . . . . . . . . . . . . . . .
Change the password . . . . . . . . . . . . . . . . . . .
System Information - Information on the managed server
Power Management . . . . . . . . . . . . . . . . . . . .
Enclosure Information - System event log and
status of the sensors . . . . . . . . . . . . . . . . . . .
Service processor - IP parameters, identification LED
and iRMC reset . . . . . . . . . . . . . . . . . . . . . .
Console Redirection (EMS/SAC) - Start text console
redirection . . . . . . . . . . . . . . . . . . . . . . . . .
Start a Command Line shell... - Start a SMASH CLP shell
Command Line Protocol (CLP) . . . . . . . . . . . . . .

Configuring iRMC using the Server Configuration Manager 329

9.1
9.1.1

Starting system configuration . . . . . . . . . .


Calling the Server Configuration Manager from the
Installation Manager . . . . . . . . . . . . . . . .
Calling the Server Configuration Manager from the
Windows Start menu . . . . . . . . . . . . . . . .
Calling the Server Configuration Manager from the
Operations Manager . . . . . . . . . . . . . . . .

8.2.10
8.2.11

9.1.2
9.1.3

.
.
.
.
.

.
.
.
.
.

.
.
.
.
.

310
312
313
314
315

. . . 317
. . . 321
. . . 322
. . . 323
. . . 324

. . . . . . 330
. . . . . . 330
. . . . . . 331
. . . . . . 333

9.2

ASR&R Fan Settings

. . . . . . . . . . . . . . . . . . . . . 338

9.3

ASR&R Temperature Settings . . . . . . . . . . . . . . . . 340

9.4

iRMC LAN Interface - Configuring the LAN parameters


of the iRMC . . . . . . . . . . . . . . . . . . . . . . . . . . . 342

9.5

iRMC Networking Ports - Configuring ports and


network services . . . . . . . . . . . . . . . . . . . . . . . 345

9.6

iRMC DNS Registration - Configuring the host name


for the iRMC . . . . . . . . . . . . . . . . . . . . . . . . . . 347

9.7

iRMC DNS Server - Activating DNS for the iRMC . . . . . . 349

9.8

iRMC EMail Alerting -Configuring email forwarding

9.9

iRMC Mail Format Settings - Mail-format-dependent


settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354

9.10

iRMC SNMP Alerting - Configuring SNMP alerting . . . . . 356

. . . . 351

iRMC

Contents
9.11

iRMC User Management - Local user management


on the iRMC . . . . . . . . . . . . . . . . . . . . . . . . . . . 357

9.12
9.12.1
9.12.2

iRMC Directory Service - Configuring the directory service 362


Configuring iRMC for Microsoft Active Directory . . . . . . . . . 365
Configuring iRMC for Novell eDirectory / OpenLDAP . . . . . . 367

9.13

iRMC Advanced Features - Remote Storage Server,


License Key and HP SIM Integration . . . . . . . . . . . . . 370

10

Firmware update . . . . . . . . . . . . . . . . . . . . . . . . 373

10.1

iRMC firmware (overview) . . . . . . . . . . . . . . . . . . . 374

10.2

Setting up the USB memory stick . . . . . . . . . . . . . . . 377

10.3
10.3.1
10.3.2
10.3.3

Online update . . . . . . . . . . . . . . . . . . . . . . .
Online update using the ServerView Update Manager . .
Online update using ServerView Update Manager Express
or ASPs . . . . . . . . . . . . . . . . . . . . . . . . . .
Online update using the operating system flash tools. . .

. . . 381
. . . 381

10.4
10.4.1
10.4.2
10.4.3

Offline update . . . . . . . . . . . . . . . . . . . .
Offline update using the ServerView Update Manager
Offline update via the FlashDisk menu . . . . . . . .
Offline update using the flash tool flbmc . . . . . . . .

.
.
.
.

10.5

Emergency flash . . . . . . . . . . . . . . . . . . . . . . . . 386

10.6

Flash tools . . . . . . . . . . . . . . . . . . . . . . . . . . . 387

11

Remote installation of the operating system via iRMC . . . 391

11.1

Installing the operating system via iRMC general procedure . . . . . . . . . . . . . . . . . . . . . . . 392

11.2

Connecting a storage medium as remote storage . . . . . . 394

11.3

Booting the managed server from PRIMERGY


ServerView Suite DVD 1 and configuring it with the
Installation Manager . . . . . . . . . . . . . . . . . . . . . . 398

11.4

Installing the operating system on the managed server


after configuration . . . . . . . . . . . . . . . . . . . . . . . 405
Installing Windows on the managed server after configuration . 405
Installing Linux on the managed server after configuration . . . 409

11.4.1
11.4.2

iRMC

.
.
.
.

.
.
.
.

. . . 380
. . . 380

.
.
.
.

.
.
.
.

383
383
384
385

Contents
12

IPMI OEM Commands

. . . . . . . . . . . . . . . . . . . . 415

12.1

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415

12.2
12.2.1
12.2.2
12.2.3
12.2.4
12.2.5
12.2.6
12.2.7

Description of the IPMI OEM commands


Description format . . . . . . . . . . . . .
SCCI-compliant Power On/Off commands .
SCCI-compliant communication commands
SCCI-compliant signaling command . . . .
Firmware-specific commands . . . . . . . .
BIOS-specific commands . . . . . . . . . .
iRMC-specific commands . . . . . . . . . .

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

.
.
.
.
.
.
.
.

417
417
418
423
425
426
430
432

Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . 441

Index

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 447

iRMC

Preface

Modern server systems are becoming increasingly complex. The requirements


with respect to the management of such systems are growing accordingly.
In response to this development, a number of vendors founded the Intelligent
Platform Management Interface (IPMI) initiative with the objective of defining a
standardized, abstract, message-based interface between the central system
controller (Baseboard Management Controller - BMC) and intelligent hardware
for platform management. For further details on IPMI, please refer to section
IPMI - technical background on page 19.
The iRMC (integrated Remote Management Controller) is a BMC with
integrated LAN connection and extended functionality which was previously
only available using additional plug-in boards, such as the RemoteView Service
Board (RSB). In this way, the iRMC offers comprehensive control over
PRIMERGY servers, irrespective of the system status, in particular over
PRIMERGY servers whose system status is out-of-band.

Figure 1: iRMC on the system board of a PRIMERGY server

As an autonomous system on the system board of a modern PRIMERGY


server, the iRMC has its own operating system, its own web server, separate
user management and independent alert management. The iRMC remains
powered up even when the server is in stand-by mode.

iRMC

11

Purpose and target groups of the manual

Preface

This manual describes how to configure the iRMC and the various user
interfaces available.

1.1

Purpose and target groups of the manual

This manual is aimed at system administrators, network administrators, and


service staff who have a sound knowledge of hardware and software. It provides
basic information on the technology behind IPMI and deals with the following
aspects in detail:

Logging on to the iRMC


Configuring the iRMC
User management on the iRMC
Advanced Video Redirection via iRMC
Remote Storage via iRMC
iRMC web interface
Telnet/SSH-based interface (Remote Manager) of the iRMC.
Configuring the iRMC with the Server Configuration Manager
Firmware update
Remote installation of the operating system via iRMC
IPMI OEM Commands

Further documentation on ServerView remote management


You will find additional manuals on the topic of ServerView remote management
and on the PRIMERGY ServerView suite in the chapter Related publications
on page 441.
Service
If you have any further questions on remote management for PRIMERGY
servers, contact the service and support partners responsible for you.
Other information
http://www.ts.fujitsu.com

12

iRMC

Preface

1.2

Functions of the iRMC

Functions of the iRMC (overview)

In addition to the wide range of standard functions provided, the iRMC also
supports Advanced Video Redirection (AVR) and Remote Storage, two
additional advanced features for the remote management of PRIMERGY
servers. To use AVR and Remote Storage, you require a valid license key, which
can be purchased separately.
Standard functions of the iRMC

Browser access
The iRMC features its own web server which can be accessed by the
management station from a standard web browser.

Security (SSL, SSH)


Secure access to the Web server and secure graphical console redirection
including mouse and keyboard can be provided over HTTPS/SSL. An
encrypted connection protected using SSH mechanisms can be set up to
access the iRMC using the Remote Manager. The Remote Manager is an
alphanumeric user interface for the iRMC.

ServerView Integration
The ServerView agents detect the iRMC and automatically assign it to the
relevant server. This means that it is possible to start the iRMC web interface
and text console redirection using the ServerView Remote Management
Frontend directly from ServerView Operations Manager.

Power Management
Irrespective of the status of the system, you have the following options for
powering the managed server up or down from the remote workstation
over the iRMC web interface
using the Remote Manager and the command line interface (CLP)
with a script.

iRMC

13

Functions of the iRMC

Preface

Text console redirection


You can initiate a Telnet/SSH session to the iRMC from the ServerView
Remote Management Frontend. This calls the Remote Manager, via which
you can start a text console redirection session.

Basic functions of a BMC


The iRMC supports the basic functions of a BMC such as voltage
monitoring, event logging and recovery control.

Headless system operation


The managed server does not require a mouse, monitor or keyboard to be
connected. The benefits of this include lower costs, far simpler cabling in the
rack and increased security.

Identification LED
To facilitate identification of the system, for instance if it is installed in a fully
populated rack, you can activate the identification LED from the iRMC web
interface.

Global error LED


A global error LED informs you of the status of the managed system at all
times.

LAN
On some systems, the LAN interface of the fitted system NIC (Network
Interface Card) on the server is reserved for the management LAN. On other
systems, you have the option of configuring this LAN interface to
reserve it for the management LAN
set it up for shared operation with the system or
make it completely available to the system.
The ports marked with a wrench symbol are assigned to the iRMC (see
figure 7 on page 37).

Command line interface (CLP)


In addition to the Remote Manager, the iRMC also supports SMASH CLP
(System Management Architecture for Server Hardware Command Line
Protocol) as standardized by the DMTF (Distributed Management Task
Force).

14

iRMC

Preface

Functions of the iRMC

Simple configuration - interactive or script-based


The following tools are available for configuring the iRMC:

iRMC web interface


Server Configuration Manager
The server management tool IPMIVIEW
BIOS Setup

It is also possible to carry out configuration with the Server Configuration


Manager or IPMIVIEW using scripts. This means that it is possible to
configure the iRMC when the server is first configured with ServerStart. It is
also possible to configure a large number of servers on the basis of scripts.

Local user management


The iRMC has its own user management function which allows up to
16 users to be created with passwords and to be assigned various rights
depending on the user groups they belong to.

Global user management using a directory service


The global user IDs for the iRMC are stored centrally in the directory
service's directory. This makes it possible to manage the user identifications
on a central server. They can therefore be used by all the iRMCs that are
connected to this server in the network.
The following directory services are currently supported for iRMC user
management:
Microsoft Active Directory
Novell eDirectory
OpenLDAP

DNS / DHCP
The iRMC provides support for automatic network configuration. It has a
default name and DHCP support is set by default so that the iRMC gets its
IP address from the DHCP server. The iRMC name is registered by the
Domain Name Service (DNS). Up to five DNS servers are supported. If
DNS/DHCP is not available, the iRMC also supports static IP addresses.

iRMC

15

Functions of the iRMC

Preface

Power supply
The iRMC is powered by the standby supply of the system.

Alert management
The alert management facility of the iRMC provides the following options for
forwarding alerts (alerting):
Platform Event Traps (PET) are sent via SNMP.
Direct notification by email.
A modem can be connected to the serial interface. This can then be used
to send alerts (e.g. to a mobile phone via SMS).
In addition, the iRMC provides the ServerView agents with all the relevant
information.

Read, filter and save the system event log (SEL).


You can view, save and delete the contents of the SEL
over the iRMC web interface or
using the Telnet-based interface (Remote Manager) of the iRMC.

Extended functionality of the iRMC


Alongside the standard functionality, the iRMC also supports the Advanced
Video Redirection and Remote Storage functions.

Advanced Video Redirection (AVR)


The iRMC supports Advanced Video Redirection which offers the following
benefits:
Operation over a standard web browser. No additional software needs to
be installed in the management station other than the Java Runtime
Environment.
System-independent graphical and text console redirection (including
mouse and keyboard).
Remote access for boot monitoring, BIOS administration and operation
of the operating system.
AVR provides up to two simultaneous virtual connections for working on
a server from a different location. It also reduces the load on the network
by using hardware and video compression.

16

iRMC

Preface

Functions of the iRMC

Local monitor-off support: It is possible to power down the local screen


of the managed PRIMERGY server during an AVR session in order to
prevent unauthorized persons from observing user input and actions
carried out on the local server screen during the AVR session.

Remote Storage
Remote Storage makes a virtual drive available which is physically located
on a remote workstation or made available centrally on the network using a
Remote Storage server.
The virtual drives available with Remote Storage are simply managed in
much the same way as local drives and offer the following options:

Read and write data.


Boot from Remote Storage.
Install drivers and small applications.
Update BIOS from remote workstation.
(BIOS update via USB)

Remote Storage supports the following device types to provide a virtual


drive on the remote workstation:

CD ROM
DVD ROM
Memory stick
Floppy image
CD ISO image
DVD ISO image

A Remote Storage server provides an ISO image centrally on the network in


the form of a virtual drive.
Remote Storage permits either the simultaneous connection of up to two
virtual drives at the remote workstation or the provision of an ISO image
via a Remote Storage server.

iRMC

17

Communication interfaces of the iRMC

1.3

Preface

Communication interfaces of the iRMC

The iRMC provides the following communication interfaces:

iRMC web interface (web interface)


The connection to the iRMC web server is established over a standard web
browser (e.g. Microsoft Internet Explorer, Mozilla Firefox).
Among other things, the web interface of the iRMC provides you with access
to all system information and data from the sensors such as fan speeds,
voltages, etc. You can also configure text-based console redirection and
start graphical console redirection (Advanced Video Redirection, AVR). In
addition, administrators can fully configure the iRMC over the web interface.
Secure access to the iRMC web server can be provided with HTTPS/SSL.
Operation of the iRMC over the web interface is described in chapter iRMC
web interface on page 177.

Remote Manager: Text-based Telnet/SSH interface via LAN


You can call the Remote Manager
from the ServerView Remote Management Frontend,
directly from a Telnet/SSH client.
The alphanumeric user interface of the Remote Manager provides you with
access to system and sensor information, power management functions and
the error event log. In addition, you can launch text console redirection or a
SMASH CLP shell. If you call the Remote Manager over SSH (Secure Shell),
the connection between the Remote Manager and the managed server is
encrypted.
Operation of the iRMC using the Remote Manager is described in chapter
iRMC via Telnet/SSH (Remote Manager) on page 303.

Remote Manager (Serial): Text-based serial interface over Serial 1


The Remote Manager (serial) interface is identical to the Remote Manager
interface.

18

iRMC

Preface

1.4

IPMI - technical background

IPMI - technical background

The iRMC makes the BMC functions available over the IPMI interface.
Intelligent Platform Management
The Intelligent Platform Management initiative is a response to the increasing
complexity of modern server systems. A number of manufacturers have joined
this initiative in order to come up with a new solution for monitoring these server
systems.
The term Intelligent Platform Management expresses the core aspect of this
approach to the solution: Functions for monitoring and recovery of systems are
implemented directly in the hardware and firmware for platform management.
Objective
The objective was to define a standardized, abstract and message-based
interface between the central system controller (Baseboard Management
Controller - BMC) and intelligent platform management hardware.
The standardization committees combined the central characteristics of various
platform management modules into standardized descriptions.
Definition
The IPMI specification defines:
IPMI is a hardware level interface specification that is management
software neutral providing monitoring and control functions that can be
exposed through standard management software interfaces such as
DMI, WMI, CIM, SNMP, etc. As a hardware level interface, it sits at the
bottom of a typical management software stack [see section IPMI and
other management standards on page 20].

iRMC

19

IPMI - technical background

Preface

Advantage
The IPMI specifications ensure the independence of functions for inventory,
logging, recovery and monitoring of a system by the system processor, BIOS or
operating system.
This means that a system can still be involved in platform management when it
is shut down and turned off.
IPMI and other management standards
IPMI is best used in conjunction with system management software running
under the relevant operating system. Integration of the IPMI functionality into the
management functionality offered by a management application and the
operating system results in a powerful platform management environment.

SOFTWARE

Management S/W
Standards

An overview of the relationship between IPMI and the management software


stack is shown by figure 2:
STANDARD Remote I/F
(e.g. RPC, SNMP)
Management
Applications

'In-band'
Remote Access

STANDARD S/W I/F


(e.g. DMI-MI, CIM)

Service Provider
SP Interface

STANDARD S/W I/F


(e.g. DMI-CI, WM)

Instrumentation Code
IPMI I/F Code

IPMI

HARDWARE

IPMI I/F
IPMI H/W I/F
Baseboard Management
Controller

Figure 2: IPMI in the management software stack (source: IPMI specification, see section
References on page 27)

20

iRMC

Preface

IPMI - technical background

IPMI, IPMB and ICMB


The IPMI initiative resulted in three central standards:
IPMI. Intelligent Platform Management Interface Specification
describes the higher-level architecture, the current commands, event
formats, data packets and properties that are used in IPMI-based systems.
IPMB. Intelligent Platform Management Bus
is an I2C based (write only) bus, which provides a standardized connection
between various modules in a common housing.
IPMB can also be used as a standardized interface for remote management
modules.
ICMB. Intelligent Chassis Management Bus
(Not currently implemented in the ServerView remote management
environment.)
provides a standardized interface for exchange of platform management
information and for control across systems. ICMB is designed in such a way
that it can be implemented with a device that is connected to the IPMB.
IPMI implementation
The core element of an IPMI implementation is the Baseboard Management
Controller (BMC).
The BMC performs the following tasks:
The BMC organizes the interface between the system management
software and the platform management hardware.
It provides autonomous functions for monitoring, event logging and recovery
control.
The BMC acts as a gateway between the system management software and
IPMB.
IPMI allows platform management to be extended: Additional management
controllers can be connected via the IPMB. The IPMB is an I2C based serial
bus, which runs between the main modules of the system. It is used for
communication with and between the management controllers.
With the support of multiple management controllers, IPMI provides a scalable
architecture: A complex server system can use multiple controllers for
monitoring different subsystems, e.g. power supplies, hot swap RAID drive
modules etc.

iRMC

21

IPMI - technical background

Preface

In addition, IPMI provides low level I2C commands, which can be accessed via
a management controller connected to the IPMB on 'unintelligent' I2C modules
that cannot process IPMI commands.
An overview of the fundamental elements of an IPMI implementation is available
in figure 3 on page 23.

22

iRMC

iRMC

Serial
Connector

Modem

MOTHERBOARD

System Bus

Non-volatile Storage

IPMB

Aux. IPMB
Connector

MEMORY BOARD

Temperature
Sensor

FRU
SEEPROM

PROCESSOR
BOARD

FRU
SEEPROM

Private Management Busses

Sensors & Control Circuitry


e.g. Voltages, Temperatures,
Fans, Power & Reset control, etc.

Chassis Sensors
e.g. Fans,
Temperatures, Power
Supplies

FRU
SEEPROM

CHASSIS
MANAGEMENT
(SATELLITE
CONTROLLER)

REDUNDANT POWER
BOARD

FRU
SEEPROM

CHASSIS BOARD

ICMB BRIDGE
(optional)

Serial
Controller

RS-485
Transceivers

ICMB (Intelligent Chassis Management Bus)

- SYSTEM EVENT LOG (SEL)


- SENSOR DATA RECORD (SDR)
REPOSITORY
- BASEBOARD FIELDREPLACEABLE UNIT (FRU) INFO

Aux. IPMB
Connector

IPMI
MESSAGES

System Interface

Serial
Controller

BASEBOARD
MANAGEMENT
CONTROLLER
(BMC)

PCI Management
Bus

Motherboard
Serial
Controller

Serial
Port
Sharing

side-band
interface
to NIC,
e.g.
Network
SMBus
(LAN)
Controller

LAN
Connector

LAN

Remote
Management Card

Preface
IPMI - technical background

Figure 3: IPMI block diagram (source: IPMI specification, see section


References on page 27)

23

IPMI - technical background

Preface

IPMI and in band and out of band management


In the field of system management, a distinction is made between in-band and
out-of-band management:
The term in-band management is used when the operating system is
running on the managed server.

The term out-of-band management is used when the operating system is


not running on the managed server, for instance if the hardware is faulty.

As different interfaces are available in an environment with IPMI compatible


systems, you can manage IPMI compatible systems either in band or out of
band.
IPMI-over-LAN
"IPMI-over-LAN is the current name for the specification of the LAN interface in
the IPMI standard. This specification stipulates how IPMI messages can be sent
to or from the BMC of a managed system - encapsulated in RMCP (Remote
Management Control Protocol) data packets. These RMCP data packets are
transferred via an Ethernet LAN connection using the UDP (User Datagram
Protocol) under IPv4 (Internet Protocol Version 4).
The RMCP protocol has been specified to support the management of system
statuses in which the operating system is not running. The RMCP is a simple
inquiry/response protocol.
The interface for such a connection is provided on an onboard LAN controller
assigned to the BMC.

I The interface can only be provided by an on-board LAN controller, not by


an inserted LAN card.

24

iRMC

Preface

IPMI - technical background

Of the two ports that RCMP uses under UDP, the BMC communicates with the
LAN controller via port 623 (primary RMCP Port).

UDP datagrams to
"Mgmt. Port"

Remote
mgmt.
system

Datagrams
generated
by BMC
LAN

LAN
Controller
PCI

Outgoing packets
from system
software

SEL,
SDR,
FRU

BMC
E.g. mii
or I2C

System Bus

All incoming
packets

Figure 4: BMC and LAN controller

Serial Over LAN interface (SOL)


Serial Over LAN is an interface compliant with the IPMI V2.0 standard, which
controls transfer of serial data over a LAN connection. In particular, SOL
specifies the packet formats and protocols for transferring serial data streams
over a LAN between the serial controller on the managed computer and a
remote workstation. SOL is based on the IPMI-over-LAN specification.
In order to establish an SOL connection, a remote management application first
initiates an IPMI-over-LAN session with the BMC. After this has been done, the
SOL services can be activated from the remote workstation. The data traffic
between the serial controller and the remote workstation is handled over the
same IPMI session as the IPMI commands.
As soon as an SOL connection has been established, data transfer between the
serial controller and the remote workstation is carried out as follows:
Transfer from the serial controller to the remote workstation:
The data stream issued by the serial controller is partitioned by the BMC,
packaged and then sent to the remote workstation over the LAN.
Transfer from the remote workstation to the serial controller:
BMC unpacks the characters contained in the packages sent by the remote
workstation and forwards them to the serial controller as a character stream.

iRMC

25

IPMI - technical background

Preface

UDP datagrams to
"Mgmt. Port"

Remote
mgmt.
system

Datagrams
generated
by BMC
LAN

LAN
Controller
PCI

Outgoing packets
from system
software

All incoming
packets

SEL,
SDR,
FRU

BMC
E.g. mii
or I2C

System Bus
Motherb. Serial Controller

Figure 5: BMC and SOL

The SOL character data is then exchanged between the BMC of the managed
system and the remote workstation as SOL messages. The SOL messages are
encapsulated in RMCP+ data packets and transferred in UDP datagrams over
an Ethernet LAN connection using IPv4 (Internet Protocol Version 4). The
RMCP+ protocol is based on the RMCP protocol, but includes extensions for
encryption, authentication, etc.
Serial over LAN permits headless management by console redirection by both
the BIOS and the operating system of the managed server. High-cost
concentrator solutions are not required.
Channel concept under IPMI
Channels provide the mechanisms with which IPMI messages are routed to
the BMC via various connection carriers. Up to nine channels can be supported.
The system interface and the primary IPMB are fixed. The other seven channels
are available for the implementation.
Channels can be either session based or sessionless. The session concept
has two meanings: It is either a concept for user authentication (see the section
User identifications on page 27) or a concept for routing multiple IPMI
message streams via a single channel.
Examples of session based channels are LAN channels or serial / modem
channels. Examples of sessionless channels are the system interface and the
IPMB.

26

iRMC

Preface

IPMI - technical background

User identifications
For session based channels (see the section Channel concept under IPMI on
page 26), a user login is necessary. By contrast, the sessionless channels
have no user authentication.
Under IPMI, the user configuration is channel specific. Thus, users can have
different privileges depending on whether they are accessing the BMC via the
LAN channel or the serial channel.
References
Information about the IPMI standards can be found on the Internet:
http://developer.intel.com/design/servers/ipmi/index.htm

iRMC

27

Changes compared with the previous version

1.5

Preface

Changes since the previous manual

This edition replaces the following online manual:


iRMC - integrated Remote Management Controller, November 2008 edition.
The manual has been revised as follows:
iRMC web interface:
The iRMC Information page allows important settings for displaying the
iRMC web interface to be made.
You can choose between two different color schemes for displaying the
iRMC web interface in your web browser.
Chapter 9 Configuring iRMC using the Server Configuration Manager:
SCU (Server Configuration Utility) has been renamed Server Configuration
Manager. The layout of the user interface has changed slightly.
Chapter 10 IPMIVIEW has been removed. In the future, IPMIVIEW will be
described in a separate manual.
Chapter 11 Firmware update:
Additional tools for updating the iRMC firmware:
ServerView Update Manager Express and ASPs (Autonomous Support
Packages)
Chapter 12 Remote installation of the operating system via iRMC:
The description has been updated to cover operating system installation
using the ServerView Installation Manager.

28

iRMC

Preface

1.6

Notational conventions

Notational conventions

The meanings of the symbols used in this manual are as follows:

V Warning
I

This symbol is used to draw attention to risks which


may represent a health hazard or which may lead
to data loss or damage to the hardware.
This symbol is used to highlight important
information and tips.

This symbol indicates an action which you must


carry out.

Text in italics

In running text, commands, menu items, and the


names of buttons, options, files and paths are
shown in italics.

<text>

Indicates variables which must be replaced by


current values.

Monospaced font

Output from the system is shown in monospaced


font.

Monospaced font
Commands to be entered at the keyboard are
Bold monospaced font shown in bold, monospaced font.
[square brackets]

Indicate optional entries.

{braces}

Indicate a list of alternatives separated by |.

[Keyboard] [symbols]

Keys are shown as they appear on the keyboard. If


uppercase characters are to be entered explicitly,
this is indicated for instance by [SHIFT] - [A] for A.
If two keys are to be pressed simultaneously, this
is indicated by a hyphen between the two keyboard
symbols.

Table 1: Notational conventions

If reference is made to passages elsewhere in this manual, the title of the


chapter or section is named and the page number given refers to the start of the
section.

iRMC

29

Logging on to the iRMC for the


first time

The factory default settings of the iRMC allow you to log in to the iRMC for the
first time without the need for any configuration activities.

2.1

Requirements

On the remote workstation:


Windows: Internet Explorer as of Version 6.x:
Linux: Mozilla Firefox 1.5.
For console redirection:
Sun Java Virtual Machine Version 1.5.0_06 or higher.
In your network:
You must have a DHCP server in your network.
If you want to log in with a symbolic name rather than an IP address at the
iRMC web interface, the DHCP server in your network must be configured
for dynamic DNS.
DNS must be configured. Otherwise you must ask for the IP address.

iRMC

31

iRMC factory defaults

2.2

Logging on to the iRMC for the first time

iRMC factory defaults

The firmware of the iRMC provides a default administrator ID and a default


DHCP name for the iRMC.
Default administrator ID:
Administrator ID:

admin

Password:

admin

I Both the administrator ID and the password are case-sensitive.


For reasons of security, it is recommended that you create a new
administrator account once you have logged in, and then delete the
default administrator account or at least change the password for the
account (see section User Management - Manage users on page 259).
Default DHCP name of the iRMC
The default DHCP name of the iRMC uses the following pattern:
IRMC<SerialNumber>

I The serial number corresponds to the last 3 bytes of the MAC address of
the iRMC. You can take the MAC address of the iRMC from the label on
your PRIMERGY server.

After you have logged in, the MAC address of the iRMC can be found as
a read-only entry above the fields on the page
Network Interface (see page 236).

32

iRMC

Logging on to the iRMC for the first time

2.3

... in the web interface

Logging into the iRMC web interface

Open a web browser on the remote workstation and enter the DNS name or
IP address of the iRMC.

I You can take the DNS name of the iRMC from the label on your
PRIMERGY server.

The following login prompt appears:

Figure 6: Login prompt for the iRMC web interface

I If the login prompt does not appear, check the LAN connection (see
section Testing the LAN interface on page 41).

Type in the data for the default administrator account.


User name: admin
Password: admin
Click OK to confirm your entries.
The iRMC web interface opens showing the System Information page (see
page 186).

iRMC

33

Configuring the iRMC

The following tools are available for configuring the iRMC:


BIOS Setup Utility (see page 39)
iRMC web interface (see page 177)
Server Configuration Manager (see page 329)
Server Management Tool (IPMIVIEW)
This chapter provides you with information about the following topics:
Configuring the LAN interface of the iRMC using the BIOS Setup program
(see page 39).
Configuring text console redirection via LAN using the BIOS Setup program
(see page 42).
Configuring the serial interface of the iRMC using the BIOS Setup program
(see page 48).
Configuring the iRMC over the web interface (for an overview, see page 52).
Configuring the iRMC using the Server Configuration Manager (for an
overview, see page 54).

iRMC

35

LAN interface

3.1

Configuring the iRMC

Configuring the iRMC LAN interface

This section describes:


Requirements for configuring the LAN interface
Configuring the LAN interface in the BIOS Setup program
Testing the LAN interface

I Spanning Tree tree for the connection of the iRMC must be deactivated
(e.g. Port Fast=enabled; Fast Forwarding=enabled).

36

iRMC

Configuring the iRMC

3.1.1

LAN interface

Prerequisites

Note the following requirements with respect to configuring the IP address:


The LAN cable must be connected to the correct port. (see section
Connected to the correct LAN port? on page 37).
Interaction between the IP addresses of the iRMC and the system (see the
section Interaction between the IP addresses of the iRMC and the system
on page 38).
3.1.1.1

Connected to the correct LAN port?

The interface for a LAN connection is provided on an onboard LAN controller


assigned to the iRMC (see also figure 4 on page 25).
Depending on the server type, the system board of a PRIMERGY server
provides two or three LAN interfaces. The ports marked with a wrench symbol
are assigned to the iRMC (in figure 7, this is Port 1, for instance).

I Check that the LAN cable is connected to the correct port.


Depending on the type of PRIMERGY server, different ports may be
marked with the wrench symbol.

Indicates the
port for the iRMC.
In this case: Port 1

Figure 7: Port for the iRMC (indicated by wrench symbol)

iRMC

37

LAN interface
3.1.1.2

Configuring the iRMC

Interaction between the IP addresses of the iRMC and the


system

The LAN controller of the PRIMERGY server requires a separate IP address for
the iRMC in order to ensure that data packets are reliably transferred to the
iRMC (and not to the operating system).
The IP address of the iRMC must be different from that of the system (operating
system).
3.1.1.3

Access from a different subnet

If the remote workstation accesses the iRMC of the managed server from a
different subnet and DHCP is not used, you must configure the gateway.

3.1.2

Configuring the LAN interface: Configuration tools

Depending on the type of the PRIMERGY server, you can configure the iRMCs
LAN interface in a number of ways:
using the BIOS Setup program (see page 39),
using the iRMC web interface (see section Network Settings - Configure the
LAN parameters on page 235),
using the Server Configuration Manager (see iRMC LAN Interface Configuring the LAN parameters of the iRMC on page 342),
using the Server Management Tool (IPMIVIEW).

38

iRMC

Configuring the iRMC

3.1.3

LAN interface

Configuring the LAN interface using the BIOS


Setup program

Call the BIOS Setup program of the managed server.


Press [F2] while the server is booting.
Call the Peripheral Configuration menu:
Advanced Peripheral Configuration.

Figure 8: Peripheral Configuration menu in the BIOS Setup program

Configure the following settings:


Management LAN
Set the value to Enabled.

iRMC

39

LAN interface

Configuring the iRMC

Call the LAN Settings menu:


Advanced IPMI LAN Settings

Figure 9: LAN Settings menu in the BIOS Setup program

Configure the following settings:


DHCP
If you enable DHCP, the iRMC gets its LAN settings autonomously
from a DHCP server on the network. In this case, the values for Local
IP Address, Subnet Mask, etc. are set automatically.

I Do not activate the DHCP option if no DHCP server is

available. If you activate the DHCP option and there is no


DHCP server available, the iRMC goes into a search loop (i.e.
it constantly searches for a DHCP server).
You can specify that the DHCP and DNS services are to be
used after initial installation, using the iRMC web interface, for
instance (see sections DHCP Configuration - Configuring the
host name for the iRMC on page 243 and DNS Configuration
- Enable DNS for the iRMC on page 245).
By default, the following name is passed to the DHCP server
on initial installation of the iRMC: iRMC<last 3 bytes of the MAC
address>.

40

iRMC

Configuring the iRMC

LAN interface

Local IP Address
Enter the IP address you have determined for the iRMC of the
managed system.
Subnet Mask
Enter the subnet mask for the network.
Gateway Address
Specify the IP address of the gateway.
Save the settings.
If you want to use console redirection on the iRMC, continue with section
Configuring text console redirection via LAN using the BIOS Setup
program on page 42.
If you do not want to use text console redirection on the iRMC, exit the BIOS
and continue with the next section Testing the LAN interface.

3.1.4

Testing the LAN interface

You can test the LAN interface as follows:


Use a web browser to attempt to log into the iRMC web interface. If no login
prompt appears, it is probable that the LAN interface is not working.
Test the connection to the iRMC with a ping command.

iRMC

41

Console redirection via LAN

3.2

Configuring the iRMC

Configuring text console redirection via


LAN using the BIOS Setup program

Text console redirection will be available depending on the configuration of text


console redirection and on the operating system of the server
either for the duration of the BIOS POST phase only or
beyond the BIOS POST phase while the operating system is running.
This section describes:
Configuration of text console redirection via LAN using the BIOS /
TrustedCore Setup Utility
Special requirements of the operating system used that you need to take
account of if you also want to use console redirection while the operating
system is running.

I You can also configure text console redirection via LAN using the iRMC

web interface (see section BIOS Text Console - Configure and start text
console redirection on page 277).

42

iRMC

Configuring the iRMC

3.2.1

Console redirection via LAN

Configure text console redirection

Call the BIOS Setup program of the managed server. Do this by pressing
[F2] while the server is booting.
Settings in the Peripheral Configuration menu
Call the Peripheral Configuration menu:
Advanced Peripheral Configuration

Figure 10: Peripheral Configuration menu in the BIOS Setup program

Configure the following settings:


Serial 1
Set the value to Enabled.
Serial 1 Address
Accept the first value pair proposed.
Serial Multiplexer
Set the value to System.

iRMC

43

Console redirection via LAN

Configuring the iRMC

Settings in the Console Redirection menu


Call the Console Redirection menu:
Server Console Redirection
Configure the following settings:

Figure 11: Console Redirection menu in the BIOS Setup program

Console Redirection
Set the value to Enabled.
Port
Set the value to Serial 1.
Baud Rate
Specify the baud rate.
Protocol
Leave this setting unchanged. (The setting depends on the terminal
type used.)
Flow Control
Leave this setting unchanged. (The setting depends on the terminal
type used.)

44

iRMC

Configuring the iRMC

Console redirection via LAN

Mode
This setting affects the behavior of console redirection while the
operating system is running (after the POST phase has completed) see section Using console redirection while the operating system is
running on page 46:
Standard
Console redirection is terminated after the BIOS POST phase.
Enhanced
Console redirection continues to be available after the BIOS
POST phase.
Exiting the BIOS Setup program
Save your settings and exit the BIOS Setup program.
Continue with section Testing the LAN interface on page 41.

iRMC

45

Console redirection via LAN

3.2.2

Configuring the iRMC

Using console redirection while the operating


system is running

Depending on the operating system used on the managed server, you can
continue to use console redirection after the BIOS POST phase.
DOS
The BIOS setting for console redirection mode must be set as follows (see
section Settings in the Console Redirection menu on page 44):
BIOS Setup Utility: Mode: Enhanced
TrustedCore Setup Utility: Continue C.R. after POST: On
Windows Server 2003
Windows Server 2003 handles console redirection automatically after the
POST phase. No further settings are necessary. While the operating system is
booting, the Windows Server 2003 SAC console is transferred:

Figure 12: Windows Server 2003 SAC console

Linux
You must configure a Linux operating system in such a way that it handles
console redirection after the POST phase. Once it has been configured, you
have unrestricted access from the remote workstation.

46

iRMC

Configuring the iRMC

Console redirection via LAN

Settings required
The settings may differ between program versions.
SuSe and RedHat
Add the following line to the end of the file /etc/inittab:
xx:12345:respawn:/sbin/agetty <baud-rate> ttyS0

RedHat
Insert the following kernel boot parameter in the file /etc/grub.conf:
console=ttyS0,<baud-rate> console=tty0

SuSE
Insert the following kernel boot parameter in the file /boot/grub/menu.lst :
console=ttyS0,<baud-rate> console=tty0

iRMC

47

Serial interface

3.3

Configuring the iRMC

Configuring and using the serial interface


of the iRMC

The serial interface of the iRMC offers you the following possibilities:
You can use the terminal application Remote Manager (Serial) over a null
modem cable (see section Using the Remote Manager (Serial) interface on
page 51).
You can forward alerts via modem. You can configure alerting via modem
using the web interface of the iRMC (see section Serial / Modem Alerting Configure alerting via modem on page 250).

48

iRMC

Configuring the iRMC

3.3.1

Serial interface

Configuring the serial interface

Settings in the BIOS


Call the BIOS Setup program of the managed server. Do this by pressing
[F2] while the server is booting.
Call the Peripheral Configuration menu to configure the serial port:
Advanced Peripheral Configuration

Figure 13: Peripheral Configuration menu

Configure the following settings:


Serial 1
Set the value to Enabled.
Serial 1 Address
Accept the first value pair proposed.
Serial Multiplexer
Set the value to iRMC.

iRMC

49

Serial interface

Configuring the iRMC

The following values are not shown in the menu and are preset (see
page 51, Terminal program (VT100+)):
Bits per second
9600
Data bits
8
Parity
None.
Stop bits
1
Flow Control
None
Exiting the BIOS / TrustedCore setup
Save your settings and exit the BIOS/TrustedCore Setup utility.
Continue with section Testing the LAN interface on page 41.

50

iRMC

Configuring the iRMC

3.3.2

Using the serial interface

Using the Remote Manager (Serial) interface

If you connect a computer over a null modem cable and start a terminal program
(VT100+) on this computer, you can access the Remote Manager (Serial)
terminal program. The Remote Manager (Serial) interface is identical to the
Remote Manager interface (see chapter iRMC via Telnet/SSH (Remote
Manager) on page 303).
Prerequisites
On the managed server:
The Serial Multiplexer BIOS setting must be configured on the iRMC
(see section Configuring the serial interface on page 49).
Terminal program (VT100+):
Configure the following port settings for the terminal program:
Bits per second
Set the value to 9600.
Data bits
Set the value to 8.
Parity
Set the value to None.
Stop bits
Set the value to 1.
Flow Control
Set the value to None.

iRMC

51

... over the iRMC web interface

3.4

Configuring the iRMC

Configuring the iRMC over the iRMC web


interface

Start the iRMC web interface (see section Logging into the iRMC web
interface on page 178).

3.4.1

Configuring the LAN parameters

In the navigation area, click Network Settings (see section Network Settings
- Configure the LAN parameters on page 235).
Configuring the LAN settings
Configure the LAN settings in the page Network Interface. See the section
Network Interface - Configure Ethernet settings on the iRMC on page 236
for the settings required.
Configuring ports and network services
Configure the ports and network services in the Ports and Network Services
page. See the section Ports and Network Services - Configuring ports and
network services on page 239 for the settings required.
Configuring DHCP
Configure the DHCP settings in the DHCP Configuration page. See the
section DHCP Configuration - Configuring the host name for the iRMC on
page 243 for the settings required.
Configuring DNS
Configure the DNS settings in the DNS Settings page. See the section DNS
Configuration - Enable DNS for the iRMC on page 245 for the settings
required.

52

iRMC

Configuring the iRMC

3.4.2

... over the iRMC web interface

Configuring alerting

The pages for configuring alerting are grouped in the navigation area under
Alerting (see section Alerting - Configure alerting on page 247).
Configuring alert forwarding over SNMP
In the navigation area, click SNMP Traps. The SNMP Traps page appears.
Configure SNMP trap forwarding. See the section SNMP Trap Alerting Configure SNMP trap alerting on page 248 for the settings required.
Configuring alert forwarding to a mobile phone via modem
In the navigation area, click Serial / Modem. The Serial Modem Alerting page
appears.
Configure alert forwarding via modem. See the section Serial / Modem
Alerting - Configure alerting via modem on page 250 for the settings
required.
Configuring email notification (email alerting)
In the navigation area, click Email. The Email Alerting page appears.
Configure email alerting. See the section Email Alerting - Configure email
alerting on page 252 for the settings required.

3.4.3

Configuring text console redirection

Configure text console redirection in the window


BIOS Text Console. See the section BIOS Text Console - Configure and start
text console redirection on page 277 for the settings required.

iRMC

53

... using the Server Configuration Manager

3.5

Configuring the iRMC

Configuring iRMC using the Server


Configuration Manager

Start the Server Configuration Manager (see chapter Configuring iRMC


using the Server Configuration Manager on page 329).

3.5.1

Configuring the LAN parameters

Configuring the LAN settings


Configure the LAN settings in the iRMC LAN Interface dialog box. See the
section iRMC LAN Interface - Configuring the LAN parameters of the iRMC
on page 342 for the settings required.
Configuring ports and network services
Configure the ports and network services in the iRMC Networking Ports
dialog box. See the section iRMC Networking Ports - Configuring ports and
network services on page 345 for the settings required.
Configuring DHCP/DNS (dynamic DNS)
Configure the DHCP settings in the iRMC DNS Registration dialog box. See
the section iRMC DNS Registration - Configuring the host name for the
iRMC on page 347 for the settings required.
Configuring DNS
Configure the DNS settings in the iRMC DNS Server dialog box. See the
section iRMC DNS Server - Activating DNS for the iRMC on page 349 for
the settings required.

54

iRMC

Configuring the iRMC

3.5.2

... using the Server Configuration Manager

Configuring alerting

Configuring alert forwarding over SNMP


Configure SNMP trap forwarding in the iRMC SNMP Alerting dialog box. See
the section iRMC SNMP Alerting - Configuring SNMP alerting on page 356
for the settings required.
Configuring email notification (email alerting)
Configure the global email settings in the iRMC EMail Alerting dialog box.
See the section iRMC EMail Alerting - Configuring email forwarding on
page 351 for the settings required.
Configure the user-specific email settings in the iRMC EMail Format Settings
dialog box. See the section iRMC Mail Format Settings - Mail-formatdependent settings on page 354 for the settings required.

iRMC

55

User management for the iRMC

User management for the iRMC uses two different types of user identifications:
Local user identifications are stored locally in the iRMCs non-volatile
storage and are managed via the iRMC user interfaces.
Global user identifications are stored in the central data store of a directory
service and are managed via this directory services interfaces.
The following directory services are currently supported for global iRMC
user management:
Microsoft Active Directory
Novell eDirectory
OpenLDAP
This chapter provides information on the following topics:

User management concept for the iRMC


User permissions
Local user management on the iRMC
global user management using the individual directory services

iRMC

57

Concept

4.1

User management on the iRMC

User management concept for the iRMC

User management for the iRMC permits the parallel administration of local and
global user identifications.
When validating the authentication data (user name, password) which users
enter when logging in to one of the iRMC interfaces, iRMC proceeds as follows
(see also figure 14 on page 59):
1. The iRMC compares the user name and password with the locally stored
user identifications:

If the user is authenticated successfully (user name and password are


valid) then the user can log in.

Otherwise, the iRMC continues the verification with step 2.

2. The iRMC authenticates itself at the directory service via LDAP with a user
name and password, determines the user rights by means of an LDAP query
and checks whether the user is authorized to work with these at the iRMC.

58

iRMC

User management on the iRMC

iRMC web
interface
Login

SSH
Login

SSL

SSH

Concept

Telnet
Login

Serial
interface
Login

User name, password

SSL

SSH
iRMC

local user identifications


SSL

User name, password

SSL
LDAP login

directory service
global user identifications

Figure 14: Login authentication via the iRMC

I Although optional, the use of SSL for the LDAP connection between the
iRMC and directory service is recommended. An SSL-secured LDAP
connection between iRMC and the directory service guarantees secure
data exchange, and in particular the secure transfer of the user name
and password data.
SSL login via the iRMC web interface is only required if LDAP is active
(LDAP enable option, see page 270).

iRMC

59

User permissions

4.2

User management on the iRMC

User permissions

The iRMC distinguishes between two mutually complementary types of user


permissions:
Channel-specific privileges (via assignment to channel-specific permission
groups)
Permissions to use special iRMC functions

I The privileges and permissions required for the use of the individual
iRMC functions are described

for the iRMC- web interface, on page 180,


for the Remote Manager, on page 312,
Channel-specific privileges (channel-specific permission groups)
The iRMC assigns each user identification to one of the following four channelspecific permission groups:

User
Operator
Administrator
OEM

Since iRMC assigns these permissions on a channel-specific basis, users can


have different permissions, depending on whether they access the iRMC over
the LAN interface or the serial interface.
The scope of permissions granted increases from User (lowest permission level)
through Operator and Administrator up to OEM (highest permission level).

I The permission groups correspond to the IPMI privilege level. Certain


permissions (e.g. for Power Management) are associated with these
groups or privilege levels.

60

iRMC

User management on the iRMC

User permissions

Permissions to use special iRMC functions


In addition to the channel-specific permissions, you can also individually assign
users the following permissions:
Configure User Accounts
Permission to configure local user identifications
Configure iRMC Settings
Permission to configure the iRMC settings.
Video Redirection Enabled
Permission to use Advanced Video Redirection (AVR) in View Only and
Full Control mode
Remote Storage Enabled
Permission to use the Remote Storage functionality
Preconfigured user ID
The firmware of the iRMC provides a default administrator ID for the iRMC which
possesses all permissions:
Administrator ID:

admin

Password:

admin

I Both the administrator ID and the password are case-sensitive in the


case of local users.

It is urgently recommended that you create a new administrator account


as soon as possible once you have logged in, and then delete the default
administrator account or at least change the password for the account
(see section User Management - Manage users on page 259).

iRMC

61

... locally via the web interface

4.3

User management on the iRMC

Local user management for the iRMC

The iRMC possesses its own local user management. Up to 16 users to be


configured with passwords and be assigned various rights depending on the
user groups they belong to. The user identifications are stored in the iRMCs
local, non-volatile storage. User management can be performed manually or
using scripts (with IPMIView).
The following options are available for user management on the iRMC:
User management via the web interface
User management via the Server Configuration Manager
User management using the Server Management Tool (IPMIVIEW)

4.3.1

Local user management using the


iRMC web interface

I User management on the iRMC requires Configure User Accounts


permission.

You can view a list of configured users under the web interface. You can also
configure new users, change the configuration of existing users and remove
users from the list.
Start the iRMC web interface (see section Logging into the iRMC web
interface on page 178).
Showing the list of configured users
In the navigation area, click the iRMC User function.
The User Management page opens containing a list of configured users (see
page 260). Here, you can delete users and call the page for configuring new
users.
This page is described in section User Management - Manage users on
page 259.

62

iRMC

User management on the iRMC

... locally via the web interface

Configuring new users


On the User Management page, click the New User button.
The New User Configuration page opens. This page allows you to specify the
basic settings for the new user. This page is described in section New User
Configuration - Configuring a new user on page 261.
Modifying the configuration of a user
On the User Management page, click the name of the user whose
configuration parameters you want to change.
The User <name> Configuration page opens showing the settings for the
selected user. Here, you can modify the configuration parameters for the
new user. This page is described in section User <name> Configuration User configuration (details) on page 262.
Deleting users
On the User Management page, click on the Delete button in the same line as
the user to be deleted.

iRMC

63

... locally via the Server Configuration ManagerUser management on the iR

4.3.2

Local user management via the Server


Configuration Manager

I Prerequisite:
The current ServerView agents must be installed on the managed server.

I User management on the iRMC requires Configure User Accounts


permission.

You can view a list of configured users under Server Configuration Manager.
You can also configure new users, change the configuration of existing users
and remove users from the list.
Start the Server Configuration Manager (see chapter Configuring iRMC
using the Server Configuration Manager on page 329).
Showing the list of configured users
Choose the iRMC User Management dialog box.
The dialog box contains a list of all the configured users (see page 357).
Here you can delete users and call the Edit existing user window showing the
settings for the selected user.
This window is described on page 358.
Configuring new users
In the iRMC User Management dialog box, select a line below the displayed
user in which only the user ID is shown.
Click the Modify... button or double-click the selected line.
The Edit existing user window opens.
Make the settings for the new user in the Edit existing user window.
Confirm your settings by clicking OK.

64

iRMC

User management on the iRMC ... locally via the Server Configuration Mana
Modifying the configuration of a user
Select a user in the iRMC User Management dialog box.
Click the Modify... button or double-click the selected user.
The Edit existing user window opens showing the configured settings for this
user.
Modify the settings for the user in the Edit existing user window.
Confirm your settings by clicking OK.
Deleting users
Select a user in the iRMC User Management dialog box.
Click the Delete button to delete the user.

iRMC

65

... globally via a directory service

4.4

User management on the iRMC

Global user management for the iRMC

The global user IDs for the iRMC are managed centrally using an LDAP
directory service.
The following directory services are currently supported for iRMC user
management:
Microsoft Active Directory
Novell eDirectory
OpenLDAP
This section provides you with information about the following topics:
Overview of global user management for the iRMC
Concept of global user management for the iRMC using an LDAP directory
service
Configuring global iRMC user management in the directory service
(generating the iRMCgroups structure in the directory service).
Global iRMC user management via Microsoft Active Directory
Global iRMC user management via Novell eDirectory
Global iRMC user management via OpenLDAP

I Alongside the measures described in this section which you perform in


the directory service, global user management also requires you to
configure the local LDAP settings at the iRMC.
You may configure the local LDAP settings either
at the iRMC web interface (see page page 269),
using the Server Configuration Manager (see page page 362) or
using the Server Management Tool (IPMIVIew).

66

iRMC

User management on the iRMC

4.4.1

... globally via a directory service

Overview

The global user IDs for the iRMC are stored centrally in the directory service's
directory. This makes it possible to manage the user identifications on a central
server. They can therefore be used by all the iRMCs that are connected to this
server in the network.
Furthermore, using a directory service for the iRMC makes it possible to use the
same user identifications for logins at the iRMCs as are used for the operating
system of the managed servers.

I Global user management is currently not supported for the following


iRMC functions:

Login via IPMI-over-LAN


Alerting
Text console redirection using SOL

iRMC 1

Login
Authentication

Login
Authentication

directory service

iRMC 2

Global user identifications


...

iRMC n

Login
Authentication

Figure 15: Shared use of the global user identifications by multiple iRMCs

Communications between the individual iRMCs and the central directory


service is performed via the TCP/IP protocol LDAP (Lightweight Directory
Access Protocol). LDAP makes it possible to access the directory services
which are most frequently used and most suitable for user management.
Optionally, communication via LDAP can be secured by SSL.

iRMC

67

... globally via a directory service

4.4.2

User management on the iRMC

iRMC user management via an


LDAP directory service (concept)

I The concept of directory service-based, global iRMC user management

described below applies equally to the directory services Microsoft


Active Directory, Novell eDirectory and OpenLDAP. The figures are
based on the example of the Active Directory Users and Computers console
in the Microsoft Active Directory user interface.

I The following characters are reserved as metacharacters for search


strings in LDAP: &, |, !, =, <, >, ~, :

You must therefore not use these characters as components of Relative


Distinguished Names (RDN).
4.4.2.1

Global user management via the OU "iRMCgroups"

Global iRMC user management via an LDAP directory service requires no


extension to the standard directory service schema. Instead, all the information
that is relevant for the iRMC, including the privileges, is provided via additional
LDAP groups and organizational units (OU) which are combined in a separate
OU iRMCgroups which is located in the LDAP directory server's base domain
(see figure 16).

Figure 16: The OU iRMCgroups in the base domain fwlab.firm.net

68

iRMC

User management on the iRMC

... globally via a directory service

iRMC users obtain their privileges by virtue of being members of a group in the
OU iRMCgroups.

I The user entries for the iRMC may be located at any point below the base
domain which contains the OU iRMCgroups.

iRMCgroups itself contains the OUs Departments and Shell:


Departments contains the groups for the user privileges.
Shell contains the groups for the user shells.
In the case of Microsoft Active Directory, for example, the entries for the iRMC
users are located in the standard OU Users. Unlike the standard users, however,
iRMC users are also members of one or more groups of the OU iRMCgroups.
4.4.2.2

Cross-server, global user permissions

In large enterprises, the servers which are managed via iRMC are usually
assigned to different departments. Furthermore, the administrator permissions
for the managed servers are also often assigned on a department-specific
basis.
Departments are combined in the OU Departments
The OU Departments combines the servers which are managed by iRMC to form
a number of groups. These correspond to the departments in which the same
user IDs and permissions apply. In figure 17 on page 70, for example, these
are the departments DeptX, DeptY and Others.
The entry Others is optional, but recommended. Others is a predefined
department name subsuming all the servers which do not belong to another
department. There are no restrictions concerning the number of departments
(OUs) listed under Departments.

I When configuring the directory service at the iRMC via the iRMC web

interface (see page 269), via the Server Configuration Manager (see
page 362) or via the Server Management Tool (IPMIVIEW) (see ), you
specify the name of the department to which the managed server with
the relevant iRMC belongs. If there is no department of this name in the
LDAP directory then the permissions present in the Others department
are used.

figure 17 presents an example of this type of organizational structure on the


basis of Active Directory Users and Computers.

iRMC

69

... globally via a directory service

User management on the iRMC

Figure 17: Organizational structure of the domain fwlab.firm.net

Permission profiles are defined via permission groups


The associated permission groups (security groups) are located directly below
each department. There are no restrictions concerning the number of
permission groups. The names of the permission groups can be chosen as
required subject to certain syntactic requirements imposed by the employed
directory service. Every permission group defines a specific permission profile
which applies to all the users who belong to the relevant permission group.

V CAUTION!
Make sure that no user simultaneously belongs to more than one
permission group in one and the same department. (If a user belongs to
more than one permission group in the same department then the first
result returned by an LDAP query always apples.)

I The permission groups in global iRMC user management also include


the channel-specific permission groups
(see page 60). For detailed information on the individual user
permissions, see section User permissions on page 60.

70

iRMC

User management on the iRMC

... globally via a directory service

If, for example, you click a department (e.g. DeptX) (1) in the hierarchy tree in
Active Directory Users and Computers (see figure 18) then the permission groups
(security groups) defined for this department are listed in the display area (here:
DeptX).
You can click on one of the displayed security groups (2) to open the Properties
dialog box for this security group (here: Maintenance). The associated
permission is listed under Notes: using the following syntax:
LAN: OEM | Administrator | Operator | User | None
Serial: OEM | Administrator | Operator | User | None
UserAccounts: On | Off
iRMCsettings: On | Off
Video Redirection: On | Off
Remote Storage: On | Off

(2)
(1)

Figure 18: Properties dialog box for the Maintenance security group

iRMC

71

... globally via a directory service


4.4.2.3

User management on the iRMC

Settings for the preferred shell

In the LDAP server, you can specify not only the user permissions but also the
preferred shell for a user. Unlike when you assign permissions, the definition of
the preferred shell is purely user-specific and not department-dependent.

Figure 19: Defining the preferred shell

The following groups can be selected:


IPMIbasicMode
IPMIterminalMode
None
RemoteManager (see page 303).
SmaschCLP (see page 323).

I A user should only belong to a single shell group. Any user who belongs
to multiple shell groups is automatically assigned to the group with the
highest priority among these groups. The sequence of priorities follows
the above list (with priority descending from top to bottom).

Any user who does not belong to a shell group is assigned by default to
the Remote Manager group

72

iRMC

User management on the iRMC

4.4.3

... globally via a directory service

Generating the "iRMCgroups" structure in the


LDAP directory service

Before you can handle global iRMC user management via a directory service,
it is necessary to generate the structure (OU) iRMCgroups in the directory
service.
To do this, proceed as follows:
1. Create the LDIF (Lightweight Directory Interchange Format) file which
contains the iRMC-specific structures for integration in the directory service.
2. Import the LDIF file into the directory service.
4.4.3.1

Creating the LDIF file

You create the LDIF file (.ldif) from a configuration file (.txt) using the tool
iRMCldifCreate.

I The tool iRMCldifCreate is located in the firmware package on the


ServerStart Update DVD.
I iRMCldifCreate generates all the required subtrees including all the
groups but not the relations between users and groups.

You create and assign user entries to groups by means of the


corresponding tools in the employed directory service after generating
the OU iRMCgroups in the directory service and configuring iRMC LDAP
access to the directory service.
Proceed as follows to create the LDIF file:
Create the configuration file (.txt) as the input file for the tool iRMCldifCreate.
This text file contains the structure information for the structure iRMCgroups
in readable form.

I The syntax of the configuration file is described in the example


configuration file which is supplied together with the program
iRMCldifCreate.
For an example of a configuration file, see page 74.

iRMC

73

... globally via a directory service

User management on the iRMC

Example: Configuration file


Below is an example of a configuration file:

74

iRMC

User management on the iRMC

... globally via a directory service

In the Windows prompt window, use the following syntax to call the tool
iRMCldifCreate:
iRMCldifCreate [-v] [-h] [-d <display_level>]
[-c <cfg_file>] [-o <out_file>] [-l <log_file>]
-v

Display the current program version.

-h

Display the current utilization of the program.

-d <display_level>
Display level; controls the scope of program display at the text
console and in the log file.
A distinction is made between the following display levels:
0: Only errors and status messages are displayed.
1: In addition to the level 0 display, OUs and group names are also
displayed.
2: In addition to the level 1 display, attribute values are also displayed.
Default: 1
-c <cfg_file>
Name of the configuration file
Default: iRMCldifConfig.txt
-o <out_file>
Name of the LDIF file
Default: iRMCdirServiceInit.ldif
-l <log_file> | none
Name of the iRMCldifCreate log file.
none: No log file is written.
Default: iRMCldifCreateLog.txt

I Alternatively, you can also call the tool iRMCldifCreate from the

Windows Explorer by double-clicking on the file iRMCldifCreate.exe. In


this case, default values are used.

Example
The following call generates the LDIF file ctrl.ldif from the configuration
file config_ldif.txt:
iRMCldifCreate -c config_ldif.txt -o ctrl.ldif

iRMC

75

... globally via a directory service


4.4.3.2

User management on the iRMC

Importing the LDIF file into the directory service

Various tools are available for importing an LDIF file depending on the directory
service you are using.
Recommended tools include:
Active Directory: LDAP Browser\Editor
For a more detailed description, see Importing the LDIF file into Microsoft
Active Directory. on page 77.
eDirectory: iManager - eDir maintenance with ICE (Import Convert Export
wizard)
For a more detailed description, see Importing the LDIF file into Novell
eDirectory on page 111.
OpenLDAP: ldapadd (management tools)
For a more detailed description, see Importing the LDIF file into
OpenLDAP. on page 126.

76

iRMC

User management on the iRMC

4.4.4

... globally via Active Directory

iRMC user management via Microsoft


Active Directory

This section describes how you integrate iRMC user management in Microsoft
Active Directory.

I Prerequisite:
The LDIF file must have been created (see section Generating the
"iRMCgroups" structure in the LDAP directory service on page 73).
You must perform the following steps to integrate iRMC user management in
Microsoft Active Directory:
1. Import the LDIF file into Active Directory.
2. Assign iRMC users to iRMC user groups in Active Directory.
3. Configuring iRMC LDAP/SSL access at the Active Directory server
4.4.4.1

Importing the LDIF file into Microsoft Active Directory.

Among other things, you can use the following tools to import the LDIF file into
Active Directory:

Command line tool ldifde published by Microsoft.

LDAP Administrator program published by Softerra (professional tool,


license required).
LDAP Browser\Editor with LDIF import functionality
(by Jarek Gawor).
Below, only Microsofts command line tool ldifde and the Open LDAP
Browser\Editor from Jarek Gawor are described since they do not result in any
additional costs.

iRMC

77

... globally via Active Directory

User management on the iRMC

The Microsoft command line tool ldifde


ldifde is a Microsoft tool which is called in the Windows prompt window and
which runs under Windows Server 2003 and Windows XP Professional.
The syntax for ldifde is as follows:
ldifde [-i] [-f <file-name>] [-s <server-name>]
[-c <string1> <string2>] [-v] [-j <path>]
[-t <port-number>] [-d <baseDN>] [-r <LDAPfilter>]
[-p <range>] [-l <LDAPattribute-list>]
[-o <LDAPattribute-list>] [-g] [-m] [-n] [-k]
[-a <userDN> <password>]
[-b <user-name> <domain> <password>] [-?]

A description of the operands can be found in Microsofts online documentation.


To update a user entry from the remote workstation, call ldifde as follows:
ldifde -i -f <ldif filename> -s <servername>
-b <username> <domain> <password>
-j <directory for log file> -k

Example
ldifde -i
-s
-b
-j

78

-f iRMCdirServiceInit.ldif
domino.fwlab.firm.net
Administrator fwlab.firm.net my_password
. -k

iRMC

User management on the iRMC

... globally via Active Directory

LDAP Browser\Editor published by Jarek Gawor


The LDAP Browser\Editor published by Jarek Gawor is easy to use via a
graphical user interface.
The tool can be downloaded from:
http://www-unix.mcs.anl.gov/~gawor/ldap/
Proceed as follows to install the LDAP Browser\Editor:
Unpack the Zip archive Browser281.zip to an installation directory of your
choice.
Set the environment variable JAVA_HOME to the installation directory for the
JAVA runtime environment, e.g.:
JAVA_HOME=C:\Program Files\Jave\jdk1.5.0_06

Proceed as follows to import the LDIF file into Active Directory:


Open the Open LDAP Browser\Editor.

Figure 20: Open LDAP Browser\Editor

Choose File - Connect - Session List - New


The Edit Session dialog box opens (see figure 21 on page 80).

iRMC

79

... globally via Active Directory

User management on the iRMC

Figure 21: Open LDAP Browser\Editor - Edit Session

Host:
The DNS name or IP address of the domain controller
Port:
Port number 389 for data exchange via LDAP
Version:
Version number (choose 2 or 3.)
Base DN:
Fully qualified domain name presented as an LDAP DN name.
Alternatively, click the Fetch DNs. button.
Fetch DNs
You can click on the Fetch DNs button to display a list of DN names.
This contains the fully qualified domain name (presented as an LDAP
DN name) together with other information.
User DN:
Users login name extended by @ and the full domain path name.
Click Save.
The Open LDAP Browser/Editor displays the following window (see figure
22 on page 81):

80

iRMC

User management on the iRMC

... globally via Active Directory

Figure 22: Selecting the top-level DN

Highlight the top-level DN.

iRMC

81

... globally via Active Directory

User management on the iRMC

In the menu bar, choose LDIF - Import.


The LDIF Import dialog box opens:

Figure 23: Starting the import of the LDIF file

LDIF File:
LDIF file previously created using the tool iRMCldifCreate.
Import method
Choose the Update/Add method to extend and/or modify the
iRMCgroups tree.
Click the Import button to start importing the LDIF file into the Active
Directory.

82

iRMC

User management on the iRMC


4.4.4.2

... globally via Active Directory

Configuring iRMC LDAP/SSL access at the Active Directory


server

I The iRMC-LDAP integration uses the SSL implementation developed by


Eric Young on the basis of the OpenSSL Project. A reproduction of the
SSL copyright can be found on page 131.

An RSA certificate is required before iRMC can use LDAP via SSL.
The following steps are involved in configuring LDAP access:
1. Install an Enterprise CA
2. Generate an RSA certificate for the domain controller.
3. Install the RSA certificate on the server
Installing the Enterprise CA

I A CA is a certification authority for certificates. An Enterprise CA

(certification authority for enterprises) can be installed on the domain


controller itself or on another server.
Installation directly on the CA is simpler since fewer steps are required
than when installing on another server.
Below is a description of how to install the Enteprise CA on a server other
than the domain controller.

I To install and configure Enterprise CA successfully, you require an Active


Directory environment and an installed IIS (Internet Information
Services).

Proceed as follows to install an Enterprise CA:


In the Windows start menu, choose:
Start - Control Panel - Software - Add/Remove Windows Components
In the wizard for Windows components, choose Certificate Services under
Components.
Double-click on Certificate Services and make sure that the Certificate Services
Web Enrollment Support and Certificate Services CA options are selected.
Choose Enterprise root CA.
Select the option Use custom settings to generate the key pair and CA certificate.

iRMC

83

... globally via Active Directory

User management on the iRMC

Select Microsoft Base DSS Cryptographic Provider to create DSA certificates of


length 1024 bytes.
Export the public certification authority certificate (CA Certificate).
To do this, proceed as follows:
Enter mmc in the Windows prompt window to start the Management
Console.
Add the snap-in for local computer certificates.
Navigate to Certificates (Local Computer) - Trusted Root Certification
Authorities - Certificates and double-click.
Double-click on the certificate from the newly created certification
authority.
Click on the Details tab in the certificate window.
Click on Copy to File.
Choose a file name for the certification authority certificate and click on
Finish.
Load the public certification authority certificate to the certificate directory
Trusted Root Certification Authorities on the domain controller.
To do this, proceed as follows:
Transfer the file containing the certification authority certificate to the
domain controller.
In Windows Explorer, open the certificate from the newly created
certification authority.
Click on Install Certificate.
Under Place all certificates in the following store click on Browse and choose
Trusted Root Certification Authorities.
Enter mmc in the Windows prompt window to start the Management
Console.
Add the snap-in for local computer certificates.
Add the snap-in for the current users certificates.
Copy the certification authority certificate (CA Certificate) from the
current users Trusted Root Certification Authorities directory to the local
computer's Trusted Root Certification Authorities.

84

iRMC

User management on the iRMC

... globally via Active Directory

Generating a domain controller certificate


Proceed as follows to create an RSA certificate for the domain controller:
Create a file named request.inf with the following content:
[Version]
Signature="$Windows NT$"
[NewRequest]
Subject = "CN=<full path of domain controller host>"
KeySpec = 1
KeyLength = 1024
Exportable = TRUE
MachineKeySet = TRUE
SMIME = FALSE
PrivateKeyArchive = FALSE
UserProtected = FALSE
UseExistingKeySet = FALSE
ProviderName = "Microsoft RSA SChannel Cryptographic
Provider"
ProviderType = 12
RequestType = PKCS10
KeyUsage = 0xa0
[EnhancedKeyUsageExtension]
OID=1.3.6.1.5.5.7.3.1
; this is for Server Authentication

In the file request.inf , adapt the specification under Subject= to the name of
the employed domain controller, e.g.
Subject = CN=domino.fwlab.firm.net.
Enter the following command in the Windows prompt window: certreq -new
request.inf request.req
Enter the following URL in the certification authority browser:
http://localhost/certsrv
Click on Request a Certificate.
Click on advanced certificate request.
Click on Submit a certificate request.
Copy the content of the file request.req to the Saved Request window.
Select the Web Server certificate template.
Download the certificate and save it (e.g. in the file request.cer).

iRMC

85

... globally via Active Directory

User management on the iRMC

Enter the following command in the Windows prompt window: certreq -accept
request.cer
Export the certificate with the private key.
To do this, proceed as follows:
Enter mmc in the Windows prompt window to start the Management
Console.
Add the snap-in for local computer certificates.
Navigate to
Certificates (Local Computer) - Personal Certificates - Certificates.
Double-click on the new server certification authentication certificate.
Click on the Details tab in the certificate window.
Click on Copy to File.
Select Yes, export the private key.
Assign a password.
Choose a file name for the certificate and click on Finish.

86

iRMC

User management on the iRMC

... globally via Active Directory

Installing the domain controller certificate on the server


Proceed as follows to install the domain controller certificate on the server:
Copy the domain controller certificate file that has just been created to the
domain controller.
Double-click on the domain controller certificate.
Click on Install Certificate.
Use the password which you assigned when exporting the certificate.
Under Place all certificates in the following store click on Browse and choose
Personal Certificates.
Enter mmc in the Windows prompt window to start the Management
Console.
Add the snap-in for local computer certificates.
Add the snap-in for the current users certificates.
Copy the domain controller certificate from the current users
Personal Certificates directory to the local computer's Personal Certificates
directory.

iRMC

87

... globally via Active Directory


4.4.4.3

User management on the iRMC

Assigning iRMC users to the OU "iRMCgroups"

You can assign iRMC users to iRMC groups in the OU iRMCgroups either
on the basis of the user entry, or
on the basis of the group entry

I The description below indicates the assignment on the basis of the group
entry. The assignment procedure on the basis of the user entry is very
similar.

I The users must be entered in the groups manually in Active Directory.


Proceed as follows:
Open the snap-in Active Directory Users and Computers.

Figure 24: Active Directory Users and Computers snap-in

Double-click in the group (here: Administrator).


The Administrator Properties dialog box opens (see figure 25 on page 89):

88

iRMC

User management on the iRMC

... globally via Active Directory

Figure 25: Administrator Properties dialog box

Select the Members tab.


Click on the Add... button.
The Select Users, Contacts, or Computers dialog box opens (see figure 26 on
page 90).

iRMC

89

... globally via Active Directory

User management on the iRMC

Figure 26: Select Users, Contacts, or Computers dialog box

Click on the Locations... button.


The Locations dialog box opens.

Figure 27: Locations dialog box

Select the container (OU) containing your users. (By default, this is the OU
Users.). Click OK to confirm.
The Select Users, Contacts, or Computers dialog box opens (see figure 28 on
page 91).

I Users may also be entered at a different location in the directory.


90

iRMC

User management on the iRMC

... globally via Active Directory

Figure 28: Select Users, Contacts, or Computers dialog box

Click on the Advanced... button.


The Select Users, Contacts, or Computers extended dialog box opens (see
figure 29 on page 92).

iRMC

91

... globally via Active Directory

User management on the iRMC

Figure 29: Select Users, Contacts, or Computers dialog box - searching

Click the Find Now button to display all the users in your domain.
Under Search results: in the display area you can now view the search result
(see figure 30 on page 93).

92

iRMC

User management on the iRMC

... globally via Active Directory

Figure 30: Select Users, Contacts, or Computers dialog box - displaying the search results

Select the users who are to be added to the group and click OK to confirm.
The selected users are now displayed (see figure 31 on page 94).

iRMC

93

... globally via Active Directory

User management on the iRMC

Figure 31: Select Users, Contacts, or Computers dialog box - confirming the search results

Confirm by clicking OK.

94

iRMC

User management on the iRMC

4.4.5

... globally via Novell eDirectory

iRMC user management via Novell eDirectory

This section provides you with information about the following topics:
The Novell eDirectory system components and system requirements
Installing Novell eDirectory
Configuring Novell eDirectory
Integrating iRMC user management in Novell eDirectory
Tips on administering Novell eDirectory.

I The installation and configuration of Novell eDirectory are described in

detail below. No extensive eDirectory knowledge is required. If you are


already familiar with Novell eDirectory, you can skip the next three
sections and continue with section Integrating iRMC user management
in Novell eDirectory on page 109.

4.4.5.1

Software components and system requirements

I Use the specified version or a more recent version of the components


listed below.

Novell eDirectory (formerly NDS) consists of the following software


components:
eDirectory 8.8: 20060526_0800_Linux_88-SP1_FINAL.tar.gz
eDirectory 8.8: eDir_88_iMan26_Plugins.npm
iManager: iMan_26_linux_64.tgz for SuSE, iMan_26_linux_32.tgz otherwise
ConsoleOne: c1_136f-linux.tar.gz
The following system requirements must be fulfilled in order to install and
operate Novell eDirectory:
OpenSSL must be installed.

I If OpenSSL is not already installed:


Install OpenSSL, before starting the Novell eDirectory
installation.
512 MB free RAM

iRMC

95

... globally via Novell eDirectory


4.4.5.2

User management on the iRMC

Installing Novell eDirectory

To install Novell eDirectory, it is necessary to install the following components:


eDirectory Server and administrations utilities
iManager (administrations utility)
ConsoleOne (administrations utility)

I Prerequisites for the installation of Novell eDirectory:


A Linux server operating system must be fully installed and running.
The firewall must be configured for connections to the following ports:
8080, 8443, 9009, 81, 389, 636.
For OpenSuSE, you configure this in the file
/etc/sysconfig/SuSEfirewall2:
Add the entry FW_SERVICES_EXT_TCP to the file
/etc/sysconfig/SuSEfirewall2 as follows:
FW_SERVICES_EXT_TCP="8080 8443 9009 81 389 636"

In accordance with the eDirectory Installation Guide, the system must


be set up for multicast routing.
For SuSE Linux, proceed as follows:
Create or (if it already exists) open the file
/etc/sysconfig/network/ifroute-eth0.
Add the following line to /etc/sysconfig/network/ifroute-eth0:
224.0.0.0

0.0.0.0

240.0.0.0

eth0

This adapts eth0 to the system configuration.

96

iRMC

User management on the iRMC

... globally via Novell eDirectory

I Prerequisites for the installation of the eDirectory Server, the


eDirectory utilities, the iManager and ConsoleOne:

The root permission is required in order to perform installation.


All the files required for the installation must have been copied to a
directory (e.g. /home/eDirectory) before you can use the procedure
below to perform installation. These files are as follows:
20060526_0800_Linux_88-SP1_FINAL.tar.gz
iMan_26_linux_64.tgz
c1_136f-linux.tar.gz
Installing the eDirectory Server and administration utilities
Proceed as follows:
Log in with root permission (superuser).
Switch to the directory containing the files required for installation (in our
example: /home/eDirectory):
cd /home/eDirectory
Extract the archive 20060526_0800_Linux_88-SP1_FINAL.tar.gz:
tar -xzvf 20060526_0800_Linux_88-SP1_FINAL.tar.gz
After extraction, /home/eDirectory has a new subdirectory named eDirectory.
Installing eDirectory Server
Go to the setup subdirectory of this eDirectory directory:
cd eDirectory/setup
Call the installation script ./nds-install :
./nds-install

Accept the EULA with "y" and confirm with the [Enter] key.
If you are asked which program you want to install:
Enter "1" to install the Novell eDirectory server and press the [Enter] key
to confirm.
The eDirectory packages are then installed.

iRMC

97

... globally via Novell eDirectory

User management on the iRMC

After installation of the Novell eDirectory Server, you must update the names for
the paths to the eDirectory in a number of environment variables and export
these variables.
To do this, open your configuration file (in the example: /etc/bash.bashrc) and
enter the following lines in the specified sequence ahead of "# End of ...":
export PATH/opt/novell/eDirectory/bin:/opt/novell/eDirectory/
sbin:$PATH
export LD_LIBRARY_PATH=/opt/novell/eDirectory/lib:/
opt/novell/eDirectory/lib/nds-modules:/opt/novell/
lib:$LD_LIBRARY_PATH
export MANPATH=/opt/novell/man:/opt/novell/eDirectory/
man:$MANPATH
export TEXTDOMAINDIR=/opt/novell/eDirectory/share/
locale:$TEXTDOMAINDIR

Close the terminal and open a new terminal in order to export the
environment variables.
Installing the eDirectory administration utilities
Go to the setup subdirectory of the eDirectory directory:
cd eDirectory/setup

Call the installation script:


./nds-install

Accept the EULA with "y" and confirm with the [Enter] key.
If you are asked which program you want to install:
Enter "2" to install the Novell eDirectory administration utilities and
press the [Enter] key to confirm.
The eDirectory administration utilities are then installed.

98

iRMC

User management on the iRMC

... globally via Novell eDirectory

Installing and calling iManager

I iManager is the recommended tool for installing Novell eDirectory.

Whether installing in SLES10 or in OpenSuSE, you use the archive


*_64.tgz.

Proceed as follows:
Log in with root permission (superuser).
Go to the directory /home/eDirectory:
cd /home/eDirectory

Extract the archive iMan_26_linux_64.tgz:


tar -xzvf iMan_26_linux_64.tgz

After extraction, /home/eDirectory has a new subdirectory named iManager.


Go to the installs subdirectory of iManager:
cd iManager/installs/linux

Call the installation script:


./iManagerInstallLinux.bin

Select the language for the output of installation messages.


Click through and accept the EULA.
Select 1- Novell iManager 2.6, Tomcat, JVM for iManager installation.
Select 1- Yes for plug-in download.
Press [Enter] to use the default path for the download.
The installation program searches the internet for downloads. This can take
a few minutes. You are then asked to select the plug-ins that you want to
install.
Select All to download all the plug-ins.
Select 1- Yes to install the locally available plug-ins.
Press [Enter] to use the default path for installation.
Select 2- No for automatic Apache configuration (optional).
Accept the default port (8080) for Tomcat.
Accept the default SSL port (8443) for Tomcat.

iRMC

99

... globally via Novell eDirectory

User management on the iRMC

Accept the default JK connector port (9009) for Tomcat.


Enter the administration user ID (e.g. root.firm) for the user with the
appropriate administration permissions.
Enter the tree name (e.g. fwlab) for the user with the appropriate
administration permissions.
Accept the summary of your entries which is displayed with 1-OK... in order
to terminate installation.
Logging in to Novell iManager
After installation, you can use the following URL to log in at iManager via a web
browser.
https://<IP address of the eDirectory server>:8443/nps

I Novell recommends that you use Microsoft Internet Explorer or Mozilla

Firefox as your web browser. In Mozilla Firefox, it is possible that not all
the context menu's pop-up windows will be displayed.

100

iRMC

User management on the iRMC

... globally via Novell eDirectory

Installing and starting ConsoleOne


ConsoleOne is another administration tool for Novell eDirectory.
Proceed as follows to install ConsoleOne:
Log in with root permission (superuser) at eDirectory Server.
Go to the directory /home/eDirectory:
cd /home/eDirectory

Extract the ConsoleOne archive c1_136f-linux.tar.gz:


tar -xzvf c1_136f-linux.tar.gz

After extraction, /home/eDirectory has a new subdirectory named Linux.


Go to the directory Linux:
cd Linux

Call the installation script c1-install:


./c1-install

Select the language for the output of installation messages.


Enter 8 to install all the snap-ins.
ConsoleOne needs the path to an installed Java runtime environment. You can
export the corresponding path name to the environment variable
C1_JRE_HOME. However, the system-wide export of the path name requires
modifications in the bash profile.

I Since root permission is required in order to work with ConsoleOne, it is,


in principle, sufficient to export the ID superuser Root. However, the
system-wide export of the path name is presented below. This means
that normal users can also work with ConsoleOne if they have root
permission.

iRMC

101

... globally via Novell eDirectory

User management on the iRMC

Proceed as follows:
Open the configuration file for editing (in the example: /etc/bash.bashrc)
Enter the following line in the configuration file in front of # End of ...:
export C1_JRE_HOME=/opt/novell/j2sdk1.4.2_05/jre

I The java runtime environment installed together with eDirectory is

used here. However, you can also specify the path name of any other
Java runtime environment installed on the eDirectory Server.

ConsoleOne obtains the available tree hierarchies either via the local
configuration file hosts.nds or via the SLP service and multicast.
Proceed as follows to insert your tree hierarchy in the configuration file:
Go to the configuration directory:
cd /etc

Generate the file hosts.nds if it does not yet exist.


Open the file hosts.nds and insert the following lines:
#Syntax: TREENAME.FQDN:PORT
MY_Tree.mycomputer.mydomain:81

Starting ConsoleOne
You start ConsoleOne in the system prompt using the following command:
/usr/ConsoleOne/bin/ConsoleOne

102

iRMC

User management on the iRMC


4.4.5.3

... globally via Novell eDirectory

Configuring Novell eDirectory

Perform the following steps to configure Novell eDirectory:


1. Create an NDS tree
2. Configure eDirectory for LDAP.
3. Test eDirectory access via LDAP Browser.
Creating an NDS tree
Create an NDS (Network Directory Service) tree using the utility ndsmanage.
ndsmanage requires the following information to do this:
TREE NAME
Unique name in the network for the new NDS tree, e.g. MY_TREE.
Server Name
Name of an instance of server class in eDirectory. For Server Name, you
specify the name of the PRIMERGY server on which the LDAP server is
running, for example. lin36-root-0.
Server Context
Fully distinguished name of the container which contains the server
object, e.g. dc=organization.dc=mycompany.
Admin User
Fully distinguished name of the user with permission to perform
administration, e.g. cn=admin.dc=organization.dc=mycompany
NCP Port
Specify port 81.
Instance Location
Specify the path: /home/root/instance0
Configuration File
Specify the following file: /home/root /instance0/ndsconf
Password for admin user
Enter the administrator password here.

iRMC

103

... globally via Novell eDirectory

User management on the iRMC

Proceed as follows to configure the NDS tree:


Open a command box.
Go to the directory /home/eDirectory.
Start the utility ndsmanage by entering the command ndsmanage:
ndsmanage

Enter "c" to generate a new instance of the class server.


Enter y to continue configuration.
Enter y to create a new tree.
ndsmanage then queries the values for TREE NAME, Server Name, Server
Context etc. in sequence (see page 103).
Once input is complete, ndsmanage configures the NDS tree.
After configuring the NDS tree, restart the PRIMERGY server in order to
activate the configuration, i.e. to recreate the NDS tree.
Configuring eDirectory for LDAP
The following steps are involved in configuring eDirectory for LDAP:
Install Role Based Services (RBS)
Install plug-in modules
Configure Role Based Services (RBS)
Configure eDirectory with/without SSL/TLS support
Proceed as follows to complete the individual points:
Log in under the administrator ID (Admin) at iManager via a web browser.
Installing Role Based Services (RBS).
Install RBS using the iManager Configuration Wizard.
Proceed as follows:
In iManager, select the Configure tap (by clicking on the desk icon).
In the Configure tab, select
Role Based Services - RBS Configuration
Start the RBS Configuration Wizard.

104

iRMC

User management on the iRMC

... globally via Novell eDirectory

Assign RBS2 to the container that is to be managed. (In the example above,
this is "mycompany".)
Installing plug-in modules
Proceed as follows:
In iManager, select the Configure tap (by clicking on the desk icon).
In the Configure tab, select
Plug-in installation - Available Novell Plug-in Modules
In the modules listed in the page Available Novell Plug-in Modules, select the
eDirectory-specific package eDir_88_iMan26_Plugins.npm.
Click Install.
Configuring Role Based Services (RBS)
In the page Available Novell Plug-in Modules, select all the modules that are
required for LDAP integration. If you are not certain, select all the modules.
Click Install.
Configuring eDirectory for SSL/TLS-secured access

I During eDirectory installation, a temporary certificate is generated with

the result that access to the eDirectory is secured by SSL/TLS by default.


However, since the iRMC firmware is configured for the use of RSA/MD5
certificates, SSL/TLS-secured, global iRMC user management via
eDirectory requires an RSA/MD5 certificate of 1024 bytes in length.

iRMC

105

... globally via Novell eDirectory

User management on the iRMC

You create an RSA/MD5 certificate of length 1024 bytes as follows using


ConsoleOne:
Log into the LDAP server under your administrator ID (Admin) and start
ConsoleOne.
Navigate to your corporate structure's root directory
(e.g. treename/mycompany/myorganisation).
Select New Object - NDSPKI key material - custom to create a new object of
class NDSPKI:Key Material.
In the dialog which is then displayed, specify the following values:
1. 1024 bits
2. SSL or TLS
3. signature RSA/MD5
A new signature of the required type is created.
To activate the newly created certificate for the SSL-secured LDAP connection,
perform the following steps in iManager:
Start iManager via the web browser.
Log in at iManager with valid authentication data.
Select LDAP - LDAP Options - LDAP Server - Connection.
The Connection tab contains a drop-down list which displays all the
certificates installed on the system.
Select the required certificate in the drop-down list.
Configuring eDirectory for non-SSL-secured access

I Anonymous login and the transfer of plain text passwords via non-

secured channels are deactivated by default in eDirectory. Consequently,


web browser login at the eDirectory server is only possible via an SSL
connection.

If you want to use LDAP without SSL then you must perform the following steps:
1. Enable a non-SSL-secured LDAP- connection.
2. Relax the bind restrictions.
3. Reload the LDAP configuration.

106

iRMC

User management on the iRMC

... globally via Novell eDirectory

Proceed as follows:
1. Enable a non-SSL-secured LDAP- connection.
Start iManager via the web browser.
Log in at iManager with valid authentication data.
Select the Roles and Tasks view.
Select LDAP - LDAP Options - LDAP Server - Connection.
In the Connection tab, deactivate the option
Require TLS for all Operations.
Select LDAP - LDAP Options - LDAP Group - General.
In the General tab, deactivate the option
Require TLS for Simple Binds with password.
2. Relax the bind restrictions.
Log in at iManager with valid authentication data.
In the object tree, navigate to the LDAP Server object.
Click with the mouse to highlight the LDAP Server object and select Modify
Object in the associated context menu.
In the right-hand content frame, open the Other sheet.
Under Valued Attributes, select ldapBindRestrictions.
Click the Edit button.
Set the value to 0.
Click OK.
In the Other sheet, click the Apply button.
3. Reload the LDAP configuration.
Start ConsoleOne and log in to eDirectory.
Click on the Base DN object at the left of the window (e.g. Mycompany).
The LDAP server object is then displayed on the right-hand side of the
window.
Right-click to highlight the LDAP Server object and select Properties... in
the associated context menu.
In the General tab, click Refresh NLDAP Server Now.

iRMC

107

... globally via Novell eDirectory

User management on the iRMC

Testing eDirectory access via LDAP Browser.


After successfully completing steps 1 - 3 above, you should be able to establish
a connection to eDirectory via the LDAP Browser utility. You can use Jarek
Gavor's LDAP Browser to test this connection as follows:
Try to log in at eDirectory under the administrator ID (in the example: admin)
via an SSL connection.
If this attempt fails, proceed as follows:
Check that SSL is active (see page 106).

Figure 32: Testing LDAP access to eDirectory: SSL activated

Try to log in at eDirectory under the administrator ID (in the example: admin)
via a non-SSL-secured connection.

108

iRMC

User management on the iRMC

... globally via Novell eDirectory

Figure 33: Testing LDAP access to eDirectory: SSL not activated

If the login fails again:


Relax the bind restrictions (see page 106).
4.4.5.4

Integrating iRMC user management in Novell eDirectory

You must perform the following steps in order to integrate iRMC user
management in Novell eDirectory:
Import the iRMC LDIF file into eDirectory.
Generating the principal iRMC user.
Declare the iRMC groups and user permissions in eDirectory.
Assign users to the organizational unit (OU) iRMCgroups.
LDAP authentication process for iRMC users in eDirectory
The authentication of a global iRMC user on login at the iRMC is performed in
accordance with a predefined process (see page 58). figure 34 on page 110
illustrates this process for global iRMC user management with Novell
eDirectory.
The establishment of a connection and login with the corresponding login
information is referred to as a BIND operation.

iRMC

109

... globally via Novell eDirectory

User management on the iRMC

SSL-based communication
iRMC: Bind as Principal User
1

iRMC is authenticated
iRMC determines the
fully-qualified DN of User1

eDirectory

iRMC

Bind with User1's DN

User permissions

3
User1 is authenticated

iRMC determines the


user permissions of User1

1) The iRMC logs in at the eDirectory server with the predefined, known
permission data (iRMC setting) as Principal User and waits for the
successful bind.

2) The iRMC asks the eDirectory server to provide the fully qualified Distinguished
Name (DN) of the user with cn=User1. eDirectory determines the DN
from the preconfigured subtree (iRMC setting).

3) The iRMC logs in at the eDirectory server with the fully-qualified DN of the
user User1 and waits for the successful bind.

4) The iRMC asks the eDirectory server to provide the user permissions of the
user User1.
Figure 34: Authentication diagram for global iRMC permissions

I You configure the "Principal User's" permission data and the subtree

which contains the DNs in the page Directory Service Configuration page
of the iRMC web interface (see page 269).

I A user's CN must be unique within the searched subtree.

110

iRMC

User management on the iRMC

... globally via Novell eDirectory

Importing the LDIF file into Novell eDirectory

I Prerequisite:
The LDIF file must have been created (see section Generating the
"iRMCgroups" structure in the LDAP directory service on page 73).
You use iManager to import the iRMC LDIF file into Novell eDirectory.
Proceed as follows:
Start iManager via the web browser.
Log in at iManager with valid authentication data.
Select eDirectory Maintenance and use the ICE (Import Convert Wizard).
Select Import data from file on disk and click Next.
In the file browser, navigate to your LDIF file.
Deactivate the option exit on error and click Next.
Enter the DNS name / IP address of your LDAP server as well as the
permission data for the administrator ID (see figure 35 on page 112).

I Use an SSL connection to import the LDIF file (port 636).


I Use version 2 of the LDAP protocol for the import of the LDIF file.

iRMC

111

... globally via Novell eDirectory

User management on the iRMC

Figure 35: iManager - Roles and Tasks: ICE Wizard

Click Next.
Click Finish to start the import of the LDIF file.

112

iRMC

User management on the iRMC

... globally via Novell eDirectory

Creating the Principal User for the iRMC


Proceed as follows to create the Principal User for the iRMC:
Log in at iManager with valid authentication data.
Select Roles and Tasks.
Select Users - Create User.
Enter the necessary specifications in the displayed template.

I The Principal User's Distinguished Name (DN) and password must


match the corresponding specifications for the iRMC configuration
(see section Directory Service Configuration (LDAP) - Configuring
the directory service at the iRMC on page 269).
The user's Context: may be located at any position in the tree.
Assign the Principal User search permissions for the following subtrees:
Subtree (OU) iRMCgroups
Subtree (OU) that contains the users (e.g. people).
Assigning user permissions to the iRMC groups and users
By default, an object in eDirectory possesses only very limited query and search
permissions in an LDAP tree. If an object is to be able to query all the attributes
in one or more subtrees, you must assign this object the corresponding
permissions.
You may assign permissions either to an individual object (i.e. a specific user)
or to a group of objects which are collated in the same organizational unit (OU)
such as iRMCgroups or people. In this case, the permissions assigned to an OU
and identified as inherited are automatically passed on to the objects in this
group.

iRMC

113

... globally via Novell eDirectory

User management on the iRMC

I To integrate iRMC user management in Novell eDirectory, it is necessary


to assign search permissions to the following objects (trustees):
Principal User
Subtree which contains the iRMC users
Detailed information on how to do this can be found below.
Proceed as follows to assign an object search permissions for all attributes:
Start iManager via the web browser.
Log in at iManager with valid authentication data.
In iManager, click the Roles and Tasks button.
In the menu tree structure, select Rights - Rights to Other Objects.
The page Rights to Other Objects is displayed.
Under Trustee Name, specify the name of the object (in the example:
iRMCgroups.sbrd4) to which the permission is to be assigned.
Under Context to Search From, specify the eDirectory subtree (iRMCgroups)
which iManager is to search through for all the objects for which the trustee
Users currently has read permission.
Click OK.
A progress display indicates the status of the search. Once the search
operation has been completed, the page Rights to Other Objects is displayed
with the results of the search (see figure 36 on page 115).

114

iRMC

User management on the iRMC

... globally via Novell eDirectory

Figure 36: iManager - Roles and Tasks - Rights To Other Objects

I If no object is displayed under Object Name, then the trustee currently


has no permissions within the specified context.

Assign the trustee additional permissions if necessary:


Click Add Object.
Use the object selector button
to select the object for which you
want to assign the trustee a permission.
Click Assigned Rights.
If the property [All Attributes Rights] is not displayed:

Click Add Property.


The Add Property window is displayed (see figure 37 on page 116).

iRMC

115

... globally via Novell eDirectory

User management on the iRMC

Figure 37: iManager - Roles and Tasks - Rights To Other Objects - Add Property

Highlight the property [All Attributes Rights] and click OK to add it.
For the property [All Attributes Rights], enable the options Compare, Read
and Inherit and click OK to confirm.
This authorizes the user/user group to query all the attributes in the
selected object's subtree.
Click Apply to activate your settings.

116

iRMC

User management on the iRMC


4.4.5.5

... globally via Novell eDirectory

Assigning iRMC users to the OU "iRMCgroups"

You can assign iRMC users for instance from the OU people to the OU
iRMCgroups either
starting from the individual user entries (preferable if there are only a few
user entries), or
starting from the group entry (preferable if there are a lot of user entries).

I The following example shows the assignment of iRMC users from an OU


people to the OU iRMCgroups. The assignment starting from the group
entry is explained. The assignment procedure on the basis of user
entries is very similar.

Proceed as follows:
Start iManager via the web browser.
Log in at iManager with valid authentication data.
Select Roles and Tasks.
Select Groups - Modify Group.
The Modify Group page is displayed.
Perform the following steps for all the iRMC groups to which you want to
assign iRMC users:
Use the object selector button
to select the iRMC group to which
you want to add iRMC users.
(In the example, this is
Administrator.Others.Departments.iRMCgroups.sbrd4.)
Select the Members tab.
The Members tab of the Modify Group page is displayed:

iRMC

117

... globally via Novell eDirectory

User management on the iRMC

Figure 38: iManager - Roles and Tasks - Modify Group - Members tab

Perform the following steps for all the users of the OU people which you
want to assign to the iRMC group:
Click the object selector button

The Object Selector (Browser) window is opened:

118

iRMC

User management on the iRMC

... globally via Novell eDirectory

Figure 39: Assigning users to the iRMC group - selecting users

In the Object Selector (Browser) window, select the required user(s) in


the OU people and click OK to confirm.
The selected users are now listed in the display area in the Members
tab of the Modify Group page (see figure 40 on page 120).

iRMC

119

... globally via Novell eDirectory

User management on the iRMC

Figure 40: Display of the selected iRMC users in the "Members" tab

Confirm with Apply or OK in order to add the selected users to the


iRMC group (here: ... .iRMCgroups.sbdr4).

120

iRMC

User management on the iRMC


4.4.5.6

... globally via Novell eDirectory

Tips on administering Novell eDirectory.

Restarting the NDS daemon


Proceed as follows to restart the NDS daemon:
Open the command box.
Log in with root permission.
Execute the following command:
rcndsd restart

If, for any unidentifiable reason, the lndap daemon fails to start:
Start the lndap daemon "manually":
/etc/init.d/nldap restart

If iManager does not respond:


Restart iManager:
/etc/init.d/novell-tomcat4 restart

Reloading the configuration of the NLDAP server


Proceed as follows:
Start ConsoleOne and log in to eDirectory.

I If you are starting ConsoleOne for the first time, no tree is configured.
Proceed as follows to configure a tree:
Under My World, select the node NDS.
In the menu bar, select: File - Authenticate
Enter the following authentication data for login:
1. Login-Name: root
2. Password: <password>
3. Tree: MY_TREE
4. Context: mycompany

iRMC

121

... globally via Novell eDirectory

User management on the iRMC

In the left-hand part of the window, click the Base DN object (Mycompany).
The LDAP Server object is then displayed in the right-hand side of the
window.
Right-click on the LDAP Server object and select Properties... in the context
menu.
In the General tab, click the Refresh NLDAP Server Now button.
Configuring the NDS message trace
The nds daemon generates debug and log messages which you can trace using
the ndstrace tool. The purpose of the configuration described below is to redirect
the output from ndstrace to a file and display the content of this file at another
terminal. For this latter task, you use the screen tool.
The following procedure is recommended:
Open the command box (e.g. bash).
Configuring ndstrace
Go to the eDirectory directory /home/eDirectory:
cd /home/eDirectory

Start screen by means of the command screen.


Start ndstrace with the command ndstrace.
Select the modules that you want to activate.
For example, if you want to display the times at which events occurred, enter
dstrace TIME.

I You are very strongly recommended to activate the modules LDAP


and TIME by making the following entry:
dstrace LDAP TIME

Terminate ndstrace by entering quit.


This terminates the configuration of ndstrace.

122

iRMC

User management on the iRMC

... globally via Novell eDirectory

Outputting messages at a second terminal


Start ndstrace and redirect message output:
ndstrace -l >ndstrace.log

Use the following key combination to open a second terminal:


[Ctrl] + [a], [Ctrl] + [c]
Activate log recording:
tail -f ./ndstrace.log

To switch between the virtual terminals, use the key combination [Ctrl] + [a],
[Ctrl] + [0].
(The terminals are numbered from 0 to 9)

iRMC

123

... globally via OpenLDAP

4.4.6

User management on the iRMC

iRMC user management via OpenLDAP

This section provides you with information about the following topics:
Installing OpenLDAP (Linux).
Creating an SSL certificate.
Configuring OpenLDAP.
Integrating iRMC user management in OpenLDAP.
Tips on OpenLDAP administration
4.4.6.1

Installing OpenLDAP

I Before installing OpenLDAP, you must configure the firewall for


connections to the ports 389 and 636.
For OpenSuSE, proceed as follows:
In the file, /etc/sysconfig/SuSEfirewall2 extend the option
FW_SERVICES_EXT_TCP as follows:
FW_SERVICES_EXT_TCP=389 636

To install the packages OpenSSL and OpenLDAP2 from the distribution medium,
use the setup tool YaST.
4.4.6.2

Creating SSL certificates

You should create a certificate with the following properties:


Key length: 1024 bits
md5RSAEnc
You use OpenSSL to create key pairs and signed certificates (self-signed or
signed by an external CA). For more detailed information, see the OpenSSL
home page at http://www.openssl.org.
The following links provide instructions on setting up a CA and creating test
certificates:

http://www.akadia.com/services/ssh_test_certificate.html
http://www.freebsdmadeeasy.com/tutorials/web-server/apache-ssl-certs.php
http://www.flatmtn.com/computer/Linux-SSLCertificates.html
http://www.tc.umn.edu/~brams006/selfsign.html

124

iRMC

User management on the iRMC

... globally via OpenLDAP

Following certificate creation, you must have the following three PEM files:
Root certificate: root.cer.pem
Server certificate: server.cer.pem
Private key: server.key.pem

I The private key must not be encrypted with a pass phrase since you

should only assign the LDAP daemon (ldap) read permission for the file
server.key.pem.
You use the following command to remove the pass phrase:

openssl rsa -in server.enc.key.pem -out server.key.pem

4.4.6.3

Configuring OpenLDAP

Proceed as follows to configure OpenLDAP:


Start the Yast setup tool and select LDAP-Server-Configuration.
Under Global Settings/Allow Settings, activate the setting LDAPv2-Bind.
Select Global Settings/TLS Settings:
Activate the setting TLS.
Declare the paths of the files created during installation (see section
Installing OpenLDAP on page 124).
Make sure that certificates and private keys in the file system can be read
by the LDAP service.
Since openldap is executed under the uid/guid=ldap, you can do this by
setting the owner of the files with the certificates and private keys to
ldap, or
by assigning the LDAP daemon ldap read permission for the files
containing the certificates and private keys.
Select Databases to create a new database.

iRMC

125

... globally via OpenLDAP

User management on the iRMC

I If the configuration created by YaST does not function overall, check that
the following obligatory entries are present in the file
/etc/openldap/slapd.conf:
allow bind_v2
TLSCACertificateFile /path/to/ca-certificate.pem
TLSCertificateFile /path/to/certificate.pem
TLSCertificateKeyFile /path/to/privat.key.pem

I If the configuration created by YaST for SSL does not function, check that
the following entry is present in the configuration file
/etc/sysconfig/openldap:
OPENLDAP_START_LDAPS=yes

4.4.6.4

Integrating iRMC user management in OpenLDAP.

The integration of iRMC user management in OpenLDAP comprises the


following steps:
Importing the iRMC LDIF file into OpenLDAP.
Generating the principal iRMC user.
Creating the new iRMC user and assigning this user to the OU iRMCgroups.
Importing the LDIF file into OpenLDAP.

I Prerequisite:
The LDIF file must have been created (see section Generating the
"iRMCgroups" structure in the LDAP directory service on page 73).
The management tool ldapadd can be used to import the iRMC file into
OpenLDAP.

I To obtain help on the ldapadd tool, enter


ldapadd --help

Proceed as follows to import the LDIF file:


Copy the LDIF file to the OpenLDAP server.
Open a terminal on the OpenLDAP server.

126

iRMC

User management on the iRMC

... globally via OpenLDAP

Go to the directory to which you copied the LDIF file.


Enter the following command to import the LDIF file:
ldapadd -x -v -D cn=admin,dc=myorganization,dc=mycompany
-W -f iRMCdirServiceInit.ldif

Generating the Principal User

I To generate the Principal User (ObjectClass: Person) use an LDAP


browser, for example the LDAP Browser\Editor published by Jarek
Gawor (see page 79).
The text below describes how you use the Jarek Gawor
LDAP Browser\Editor to generate the Principal User.
Proceed as follows:
Start the LDAP Browser.
Log in at the OpenLDAP directory service with valid authentication data.
Select the subtree (subgroup) in which the Principal User is to be created.
The Principal User can be created anywhere in the tree.
Open the Edit menu.
Select Add Entry.
Select Person.
Edit the Distinguished Name DN.

I The Principal User's Distinguished Name (DN) and password must


match the corresponding specifications for the iRMC configuration
(see section Directory Service Configuration (LDAP) - Configuring
the directory service at the iRMC on page 269).

.
Click Set and enter a password.
Enter a Surname SN.
Click Apply.

iRMC

127

... globally via OpenLDAP

User management on the iRMC

Creating a new iRMC user and assigning this user to the OU


"iRMCgroups"

I To create a new user (ObjectClass Person) and assign a user to the OU


iRMCgroups, you use an LDAP browser, for example the Jarek Gawor
LDAP Browser\Editor (see page 79).

The following text describes how you use the Jarek Gawor
LDAP Browser\Editor to create a new iRMC user and add this user to the
OU iRMCgroups.
Proceed as follows:
Start the LDAP Browser.
Log in at the OpenLDAP directory service with valid authentication data.
Create a new user.
To do this, proceed as follows:
Select the subtree (subgroup) in which the new user is to be created. The
new user can be created anywhere in the tree.
Open the Edit menu.
Select Add Entry.
Select Person.
Edit the Distinguished Name DN.
Click Set and enter the password.
Enter a Surname SN.
Click Apply.

128

iRMC

User management on the iRMC

... globally via OpenLDAP

Assign the user you have just created to the OU iRMCgroups.


To do this, proceed as follows:
Select the iRMCgroups subtree (subgroup) to which the user is to belong,
i.e. cn=UserKVM,ou=YourDepartment,
ou=Departments,ou=iRMCgroups,dc=myorganisation,dc=mycompany
Open the Edit menu.
Select Add Attribute.
Specify "Member" as the attribute name. As the value, specify the fullyqualified DN of the user you have just created, i.e.
cn=UserKVM,ou=YourDepartment,ou=Departments,ou=iRMCgroups,
dc=myorganization,dc=mycompany
4.4.6.5

Tips on OpenLDAP administration

Restarting the LDAP service


Proceed as follows to restart the LDAP service:
Open the command box.
Log in with root permission.
Enter the following command:
rcldap restart

Message logging
The LDAP daemon uses the Syslog protocol for message logging.

I The logged messages are only displayed if a log level other than 0 is set
in the file /etc/openldap/slapd.conf.

For an explanation of the various levels, see:


http://www.zytrax.com/books/ldap/ch6/#loglevel
table 2 on page 130 provides an overview of the log levels and their meanings.

iRMC

129

... globally via OpenLDAP

User management on the iRMC

Log level

Meaning

-1

Comprehensive debugging

No debugging

Log function calls

Test packet handling

Heavy trace debugging

Connection management

16

Show sent/received packets

32

Search filter processing

64

Configuration file processing

128

Processing of access control lists

256

Status logging for connections/operations/events

512

Status logging for sent entries

1024

Output communication with shell backends.

2048

Output results of entry parsing.

Table 2: OpenLDAP - log levels

130

iRMC

User management on the iRMC

4.4.7

SSL copyright

SSL copyright

The iRMC-LDAP integration uses the SSL implementation developed by Eric


Young on the basis of the OpenSSL Project.
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
*
notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
*
notice, this list of conditions and the following disclaimer in
*
the documentation and/or other materials provided with the
*
distribution.
*
* 3. All advertising materials mentioning features or use of this
*
software must display the following acknowledgment:
*
"This product includes software developed by the OpenSSL Project
*
for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
*
endorse or promote products derived from this software without
*
prior written permission. For written permission, please contact
*
openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
*
nor may "OpenSSL" appear in their names without prior written
*
permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
*
acknowledgment:
*
"This product includes software developed by the OpenSSL Project
*
for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/

iRMC

131

SSL copyright

User management on the iRMC

/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)


* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
*
notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
*
notice, this list of conditions and the following disclaimer in the
*
documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
*
must display the following acknowledgement:
*
"This product includes cryptographic software written by
*
Eric Young (eay@cryptsoft.com)"
*
The word 'cryptographic' can be left out if the rouines from the library
*
being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
*
the apps directory (application code) you must include an acknowledgement:
*
"This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/

132

iRMC

Advanced Video Redirection

I A valid license key is required to use the Advanced Video Redirection


feature.

Advanced Video Redirection (AVR) allows you to control the mouse and
keyboard of the managed server from your remote workstation and to show the
current graphical and text output from the managed server.

I The AVR Java applet allows you to use the Remote Storage feature (see
chapter Remote Storage on page 155).

This chapter provides information on the following topics:


Checking the AVR settings
Using AVR
Menus of the AVR window

iRMC

133

Prerequisites

5.1

Advanced Video Redirection

Requirements: Check the AVR settings

Check the following important settings before using AVR:


Graphics mode settings on the managed server
Advanced Video Redirection (AVR) supports the following graphics modes:
Resolution

Refresh rates
[in Hz]

Maximum
color depth
[bits]

640 x 480 (VGA)

60; 75

32

800 x 600 (SVGA)

56; 60; 72; 75

16

1024 x 768 (XGA)

60; 70; 75

16

1152 x 864

60; 70; 75

1280 x 1024 (UXGA) 60; 70; 75

Table 3: Supported display settings

I Only VESA-compliant graphics modes are supported.


Supported text mode
The iRMC supports the following common text modes:

40 x 25
80 x 25
80 x 43
80 x 50

Refer to the Help system for your operating system for information on the display
settings.
Keyboard settings

I The keyboard settings must be identical:


on the remote workstation,
on the managed server,
on the iRMC.

134

iRMC

Advanced Video Redirection

5.2

Using AVR

Using Advanced Video Redirection

To start AVR, click the Start Video Redirection button on the Advanced Video
Redirection page of the iRMC web interface (see page 288).
The Advanced Video Redirection window (AVR window) opens, showing you
the display on the managed server.
The AVR window also contains the following elements:
Menu bar: The Preferences and Extras menus allow you to configure the
AVR settings and to control the AVR (see page 147). Remote Storage is
used to call the remote storage function (see page 151).
Integrated special keys (see page 138).
The Local Monitor indicator shows whether the local monitor of the
managed server is switched on (see section Local Monitor Off function
on page 137.

Menu bar

Integrated special keys

Local monitor indicator

Figure 41: Advanced Video Redirection window

iRMC

135

Using AVR

5.2.1

Advanced Video Redirection

Parallel AVR sessions

AVR can be used by two user sessions simultaneously. One user has full control
over the server (full-control mode) and the other can only passively observe
keyboard and mouse operation of the server (view only mode).
When AVR is first started, you are initially in view only mode. You will always be
asked if you want to switch to full-control mode. If you decide to switch to fullcontrol mode and another full-control mode session is already active, the
existing session is switched to view-only mode.

136

iRMC

Advanced Video Redirection

5.2.2

Using AVR

Local Monitor Off function

The Local Monitor Off function of the iRMC allows you to power down the local
monitor of the managed server for the duration of your AVR session. In this way,
you ensure that the inputs you make and the actions you perform on the local
monitor on the server using AVR cannot be seen. The identification LED flashes
to indicate Local Monitor Off mode on the server.

I The Local Monitor Off function is not supported by all PRIMERGY


servers with iRMC.

You configure the Local Monitor Off function on the Advanced Video Redirection
page of the iRMC web interface (see page 288). After you have configured the
system appropriately, you can switch the local monitor of the server on and off
from the remote workstation as follows:
In Full Control mode in an AVR session using the Extras menu
directly on the Advanced Video Redirection page with administrator or OEM
permissions
You can also configure that the local monitor is always switched off
automatically whenever a new AVR session is started.
The current status of the local monitor is shown in the AVR window in blue
letters to the right of the integrated special keys:
Local Monitor always on
The local monitor is always switched on and cannot be switched off, as
the Enable Local Monitor Off option (see page 290) is deactivated.
Local Monitor is: on
The local monitor is on, but can be switched off.
Local Monitor is: off
The local monitor is off, but can be switched on.

iRMC

137

Using AVR

5.2.3

Advanced Video Redirection

Redirecting the keyboard

Keyboard redirection only works when the focus is on the AVR window.
If keyboard redirection appears not to be working, simply click on the AVR
window.
If the keyboard does not respond, check that the AVR window is not in viewonly mode. How to switch to full-control mode is described on page 149.
Special key combinations
AVR passes all normal key combinations to the server. Special keys such as
Windows keys are not sent. Some special key combinations suchas [ALT] +
[F4] cannot be sent, because they are interrupted by the clients operating
system. In such cases, you should use the integrated special keys or the virtual
keyboard.
Integrated special keys
Below the menu bar of the AVR window, you will find a bar containing the special
keys. These keys are implemented as sticky keys, i.e. they remain pressed
when you click them and only return to their normal position when you click them
again.
Using the integrated special keys, you can, for instance, use Windows keys or
special key combinations which are not sent by AVR if you press them on your
own keyboard.

Figure 42: Advanced Video Redirection window - integrated special keys

[Mouse Sync]
Press this key to synchronize the mouse pointers (see also section
Synchronizing the mouse pointer on page 140).
[Ctrl]
Left CTRL key (corresponds to the [Ctrl] key on your keyboard).
[Alt]
Alt(ernate) key (corresponds to the [Alt] key on your keyboard).

138

iRMC

Advanced Video Redirection

Using AVR

[Win]
Left and right Windows keys (correspond to the keys on your keyboard
between the left and right [Ctrl] and [Alt ] keys).
[Alt Gr]
Alt(ernate) Gr(aphic) key (corresponds to the [Alt Gr] key on your
keyboard).
[Context]
Context menu for the selected object (corresponds to the key
combination [Shift] + [F10] on your keyboard).
[Lock]
Caps lock (corresponds to the [Caps Lock] key on your keyboard).
[Ctrl-Alt-Del]
Corresponds to the key combination [Ctrl]+ [Alt] + [Del] on your
keyboard.
Virtual keyboard
The virtual keyboard (see figure 43) provides you with a functional
representation of the keyboard. All key combinations are available when you
use the virtual keyboard. This means that you can use the virtual keyboard as
a fully functional replacement for a real keyboard.
You activate the virtual keyboard in the AVR window from the Extras menu (see
page 148).

Figure 43: Virtual Keyboard (keyboard layout: German (DE)

Secure keyboard
If you are connected to the iRMC web interface over an HTTPS connection,
entries at the keyboard are transferred over a secure SSL connection.

iRMC

139

Using AVR

5.2.4

Advanced Video Redirection

Redirecting the mouse

The mouse pointer on the managed server is moved synchronously with the
mouse on the remote workstation. You configure the mouse redirection settings
in the AVR window in the
Preferences menu, - Mouse tab (see page 152).
5.2.4.1

Synchronizing the mouse pointer

When the AVR window is first opened, it is possible that the mouse pointer on
the remote workstation (local mouse pointer) is not yet synchronized with the
mouse pointer on the managed server.
To synchronize the two mouse pointers, use one of the following alternatives
(see figure 44 on page 141):
Click [Mouse Sync] in the menu bar of the AVR window.
Move the local mouse pointer to the top left corner of the AVR window. The
mouse pointer on the managed server automatically follows this movement.
The pointers are synchronized when the two mouse pointers completely
overlap.

140

iRMC

Advanced Video Redirection

Using AVR

(3)

(1)

(2)

Press the Mouse Sync key


or
(1) Drag the local mouse cursor to the top left corner.
(2) The servers mouse pointer follows automatically.
(3) The mouse pointers are synchronized when they completely
overlap and are displayed as a single mouse pointer
.
Figure 44: Synchronizing the local mouse pointer and the mouse pointer of the managed
server.

I Correct synchronization of the mouse pointers requires that certain

settings are made on the managed server. These are preconfigured


automatically by the Matrox VGA installation on the managed server.
If synchronization of the mouse pointers does not function correctly, for
instance because the preconfigured settings have been changed, you
can restore correct synchronization of the mouse pointers by making the
settings described below. The settings must be made on the managed
server.

iRMC

141

Using AVR
5.2.4.2

Advanced Video Redirection

Managed Windows server:


Adjusting the settings for synchronization of the mouse pointers

On a Windows server, you can either make the settings for mouse pointer
synchronization using a batch program or using the Windows Start menu and
the context menu.
You must adjust the following settings:
Speed of the mouse pointer
Hardware acceleration

I When you adjust the settings using a batch program, the Matrox graphics
driver is installed as well as the mouse pointer speed and hardware
acceleration being adjusted.

You can make all the settings for the managed server either directly at the
managed server or from the remote workstation over AVR.
Adjusting the settings on the managed server using a batch program
Proceed as follows:
Open a DOS prompt window.
Switch to the folder in which the batch program
ServerEnginesG200e_Kronos1_SETUP.exe for the relevant Matrox VGA driver
installation (32-bit or 64-bit) is located.
Type setup.bat to start the batch program.
Reboot the managed server when the batch program has executed.

142

iRMC

Advanced Video Redirection

Using AVR

Adjusting the settings on the managed server using the Windows Start
menu and the context menu
Proceed as follows to adjust the mouse pointer:
Choose
Start - Settings - Control Panel - Printers and Other Hardware - Mouse and the Pointer Options tab.
This opens the following window:

Figure 45: Mouse Properties - Pointer Options

Set the Pointer Speed to a medium value.


Disable the Enhance Pointer Precision option.
Click the [OK] button to save the settings.

iRMC

143

Using AVR

Advanced Video Redirection

Proceed as follows to adjust the hardware acceleration:


Right-click on the desktop background.
In the context menu that appears, choose:
Properties - Settings tab, Advanced button,
and the Troubleshooting tab.
This opens the following window:

Figure 46: Properties - ... - Troubleshooting: Hardware acceleration

Set the Hardware Acceleration to a value as shown in figure 46.


Click the [OK] button to save the settings.

144

iRMC

Advanced Video Redirection


5.2.4.3

Using AVR

Managed Linux server:


Adjusting the settings for synchronization of the mouse pointers

Prerequisite: The managed server is running under one of the following Linux
operating systems:

Red Hat 4.x


Red Hat 5.x
Suse 9.x
Suse 10.x

You can adjust the mouse pointer synchronization settings on the managed
server either using commands or under menu guidance.
You must adjust the following settings:
Pointer acceleration
Pointer threshold
You can make all the settings for the managed server either directly at the
managed server or from the remote workstation over AVR.
Adjusting the settings on the managed server using commands
Use the xset command to make the settings for Pointer acceleration and Pointer
threshold (recommended values: 1 in each case).
Command syntax:
xset m(ouse)][acceleration][threshold]

Proceed as follows:
Call a command line tool.
Run the command xset with the following arguments:
xset m 1 1

iRMC

145

Using AVR

Advanced Video Redirection

Adjusting the settings on the managed server under menu guidance

I The procedure described below only applies to Suse Linux.


Proceed as follows:
Choose
N - Control Center - Peripheral - Mouse - Advanced tab
The Mouse - Control Center window opens:

Figure 47: Mouse Control Center window

Set the following values in the Mouse Control Center window:


Pointer acceleration: 1.0x (minimum value)
Pointer threshold: 20 pixels (maximum value)
Save the settings.
Reboot the managed server.

I It is not necessary to set the values again after rebooting the server.

146

iRMC

Advanced Video Redirection

5.3

Menus of the AVR window

Menus of the AVR window

The menu bar of the Advanced Video Redirection window contains the following
menus:
The Extras menu allows you to control the AVR session. You can also make
a virtual keyboard available.
You can set up and clear remote storage connections with the Remote Storage
menu.
The Languages menu allows you to set the language (German/English) used
to display the AVR menus and dialogs.
The Preferences menu allows you to configure the mouse, keyboard and
logging settings.

iRMC

147

Menus of the AVR window

5.3.1

Advanced Video Redirection

Extras menu

You can select the following functions in the Extras menu:

Figure 48: Advanced Video Redirection window - Extras menu

Virtual Keyboard ...


The Virtual Keyboard window opens (see figure 43 on page 139).
Update local monitor state
Refreshes the display of the local monitor status.
Turn local monitor on

I This function is not supported by all PRIMERGY servers.


Switches on the local monitor of the managed server.

I If you are in view-only mode, the function is also deactivated when


the local monitor is switched off.

148

iRMC

Advanced Video Redirection

Menus of the AVR window

Turn local monitor off

I This function is not supported by all PRIMERGY servers.


Switches off the local monitor of the managed server.

I This function is disabled in the following cases, even if the local


monitor is switched on:

you are in view-only mode,


When AVR was started, the Enable Local Monitor Off option
was not enabled under Local Monitor (see page 290).
Local Monitor display: Local Monitor always on
Refresh Screen
Refreshes the AVR window.
Take Full Control...
Switch to full-control mode. (This function is disabled if you are already
in full-control mode.)
The following dialog box opens:

Figure 49: Extras menu - Take Full Control...

Click OK to confirm that you want to switch to full-control mode.

I Note that any existing full-control session will be switched to


view-only mode.

Click Cancel if you do not want to switch to full-control mode.

iRMC

149

Menus of the AVR window

Advanced Video Redirection

Disconnect Session...
Terminate another AVR session.

I It is only possible to terminate other AVR sessions with Disconnect


Session. To terminate your own session, choose Exit.

A list of current AVR sessions appears:

Figure 50: Extras menu - Disconnect Session

Select the AVR session that you wish to terminate.


Click OK to confirm that you want to terminate the selected AVR
session.
Click Cancel if you do not want to terminate the selected AVR session.
Relinquish Full Control...
Switch to view-only mode. (This function is disabled if you are already in
view-only mode.)
Exit
Terminate your own AVR session.

150

iRMC

Advanced Video Redirection

5.3.2

Menus of the AVR window

Remote Storage menu

You call the remote storage functionality under Remote Storage:

Figure 51: Advanced Video Redirection window - Extras menu

Remote Storage...
Double-click Remote Storage... to open the Storage Devices dialog box (see
page 158). This window allows you to attach or detach media on the
remote workstation as Remote Storage devices (see chapter Remote
Storage on page 155).

5.3.3

Languages menu

From the Languages menu, choose the language in which the menus and dialog
boxes of the AVR window are to be shown:

Figure 52: Advanced Video Redirection window - Languages menu

iRMC

151

Menus of the AVR window

5.3.4

Advanced Video Redirection

Preferences menu

The Preferences contains tabs for configuring the mouse, keyboard and logging
together with a Misc tab for further functions:

Figure 53: Advanced Video Redirection window - Preferences menu

Mouse tab
The Mouse allows you to specify the mouse mode:

Figure 54: Preferences menu - Mouse tab

Depending on the server operating system, you must make the following
settings:
Windows: Absolute Mode, Hide Mode (Relative) or Relative Mode
Linux: Hide Mode (Relative), Relative Mode

I Default setting: Relative Mode


Confirm your entries by clicking OK.
152

iRMC

Advanced Video Redirection

Menus of the AVR window

Keyboard tab
The Keyboard tab allows you to specify the keyboard layout for the virtual
console:

Figure 55: Preferences menu - Keyboard tab

Language
Select the keyboard layout for the virtual console.

I The keyboard layout at the managed server must also be set


accordingly.

Confirm your entries by clicking OK.


Logging tab
The Logging tab is used to configure the logging settings.

Figure 56: Preferences menu - Logging tab

I None must be set!


Confirm your entries by clicking OK.

iRMC

153

Menus of the AVR window

Advanced Video Redirection

Misc tab
On the Misc tab, you configure whether the iRMC is to perform hardware
compression for the AVR session.

Figure 57: Preferences menu - Logging tab

Overwrite Native Storage Library


This option is of no significance for you.
Video Encryption
If you enable this option, the iRMC performs encryption for the AVR
session.
Confirm your entries by clicking OK.

154

iRMC

Remote Storage

I A valid license key is required to use the Remote Storage feature.


Remote Storage makes a virtual drive available which is located elsewhere in
the network. Up to two media can be redirected.
You can provide the source for the virtual drive as follows:
As a physical drive or image file at the remote workstation using the AVR
Java applet (see page 156).
As an image file centrally in the network via a remote storage server (see
page 165).

I Parallel remote storage connections:


The following are possible concurrently:
either up to two Remote Storage connections to virtual drives at the
remote workstation (if the connection is established over the AVR
Java applet)
or
one Remote Storage connection to a Remote Storage server.
It is not possible to establish concurrent Remote Storage connections via
an applet and via the Remote Storage server.

I The Remote Storage page of the iRMC web interface allows you to obtain

information on the status of the current remote storage connections and


establish the connection to a remote storage server (see page 296).

iRMC

155

... providing on the remote workstation

6.1

Remote Storage

Providing remote storage at the remote


workstation

If you provide the source for a virtual drive on the remote workstation then the
remote storage functionality supports the following device types:

ISO image (image file)


floppy disk drive
USB memory device (e.g. memory stick)
CD ROM
DVD ROM

You can use the virtual drive to install an operating system on your PRIMERGY
server from the remote workstation (see chapter IPMI OEM Commands on
page 415).
This section provides information on the following topics:
Starting Remote Storage
Provision of storage media for Remote Storage
Connecting storage media as remote storage
Clearing Remote Storage connections
Removing media made available for Remote Storage

156

iRMC

Remote Storage

6.1.1

... providing on the remote workstation

Starting Remote Storage

You start the Remote Storage function using the AVR Java applet (see section
Advanced Video Redirection - Start Advanced Video Redirection (AVR) on
page 288).
Start the iRMC web interface (see section Logging into the iRMC web
interface on page 178).
Open the Advanced Video Redirection page and click on the Start Video
Redirection, button to start Advanced Video Redirection (see section
Advanced Video Redirection - Start Advanced Video Redirection (AVR) on
page 288).
This opens the AVR window.
In the menu bar in the AVR window, choose:
Remote Storage - Remote Storage...

Figure 58: Advanced Video Redirection window - Remote Storage - Remote Storage...

The Storage Devices dialog box opens, containing the storage media currently
available for Remote Storage (see figure 59 on page 158).

iRMC

157

... providing on the remote workstation

Remote Storage

Figure 59: Storage Devices dialog box

I When a storage medium is inserted in a drive (CD ROM, DVD ROM)


the contents are displayed automatically.

If a storage medium is inserted, but its contents are not displayed, the
storage medium is reserved by the local explorer.

158

iRMC

Remote Storage

6.1.2

... providing on the remote workstation

Provision of storage media for Remote Storage

In the Storage Devices dialog box, click the Add... button.


The Add Storage Device dialog box opens:

Figure 60: Add Storage Device dialog box:

In the Add Storage Device dialog box, navigate to the directory of the remote
storage medium that you want to make available for remote storage from
your remote workstation.
Select the required device type under Storage Type:.
The following device types are supported:

ISO image (image file)


Floppy disk drive
USB memory device (e.g. USB memory stick)
CD ROM
DVD ROM

Specify the storage medium you wish to connect as Remote Storage under
File Name:
In the case of an image file (ISO/NRG image), enter the file name.
Alternatively, click on the file name in the Explorer.
In the case of a drive, enter the name of the drive, e.g.
D for drive D (Windows)
/dev/... (Linux)

iRMC

159

... providing on the remote workstation

Remote Storage

Figure 61: Add Storage Device dialog box: Selecting the storage medium

Click Select to confirm your selection.


The selected storage medium is made available for Remote Storage and
displayed in the Storage Devices dialog box.

Figure 62: Storage Devices dialog box: The provided storage medium is displayed.

160

iRMC

Remote Storage

6.1.3

... providing on the remote workstation

Connecting storage media as remote storage

In the Storage Devices dialog box, click the storage medium that you want to
connect as Remote Storage.

Figure 63: Storage Devices dialog box: Connecting a storage medium as remote storage

Click Connect to connect the selected storage medium as Remote Storage.

iRMC

161

... providing on the remote workstation

Remote Storage

The Storage Devices dialog box appears with the message regarding safe
removal. The storage medium is connected as Remote Storage.

Figure 64: Storage Devices dialog box: The storage medium is connected as Remote
Storage.

162

iRMC

Remote Storage

6.1.4

... providing on the remote workstation

Clearing Remote Storage connections

Open the Storage Devices dialog box (see section Starting Remote Storage
on page 157).
The list of storage media connected as Remote Storage is displayed:

Figure 65: Storage Devices dialog box: Clearing Remote Storage connections

Safely remove the storage device, i.e. ensure that no more


applications/programs are accessing the storage media.
Click Disconnect... to clear all Remote Storage connections.

iRMC

163

... providing on the remote workstation

6.1.5

Remote Storage

Removing the storage medium

Remove a storage medium from the list of media available for Remote Storage
as follows:
Open the Storage Devices dialog box (see section Starting Remote Storage
on page 157).
The list of storage media available for Remote Storage is displayed:

Figure 66: Storage Devices dialog box: Removing a Remote Storage medium

Select the storage medium you want to remove.


Click Remove... to remove the storage medium.

164

iRMC

Remote Storage

6.2

... providing via a remote storage server

Providing remote storage via a remote


storage server

You can use a remote storage server to provide an image file (ISO/NRG image)
as remote storage for any number of PRIMERGY servers that can be
administered via iRMC. You can use this image file to boot one or more
PRIMERGY servers from the remote workstation (see chapter IPMI OEM
Commands on page 415).

I The following requirements must be satisfied if your PRIMERGY server


is to use the image file made available by the remote storage server:

The remote storage server must be installed (see page 166).

The remote storage server must be started (see page 175).

The managed servers iRMC must be connected to the remote


storage server (see page 297).

iRMC

165

... providing via a remote storage server

6.2.1

Remote Storage

Installing the remote storage server

The ServerStart Software DVD contains the installation program


RemoteStorageServer_Installer32.exe for the installation of the remote storage
server.

I The Remote Storage server is available in 32-bit and 64-bit versions. The
32-bit and 64-bit versions of the Remote Storage server must not be
installed at the same time on 64-bit systems.

Start RemoteStorageServer_Installer32.exe to install the remote storage server.


The welcome screen of the installation program appears:

Figure 67: Installing the remote storage server: Welcome screen

Click the Next button.


The window in which you specify the installation directory appears (see
figure 68 on page 167).

166

iRMC

Remote Storage

... providing via a remote storage server

Figure 68: Installing the remote storage server: Specifying the installation folder

If you do not want to install the remote storage server in the default folder,
click Browse... to navigate to the directory you wish to use.
Click the Next button.
The window allowing you to select where the program shortcut appears in
the Start menu appears (see figure 69 on page 168).

iRMC

167

... providing via a remote storage server

Remote Storage

Figure 69: Installing the remote storage server: Specifying the installation folder

If you do not want to place the program shortcut in the default folder, specify
the folder you wish to use by clicking Browse....
Click the Next button.
The Ready to Install window opens. Here you can check the settings you have
made and launch installation of the remote storage server (see figure 70 on
page 169).

168

iRMC

Remote Storage

... providing via a remote storage server

Figure 70: Installing the remote storage server: Starting installation

Click Install to start installation of the remote storage server.


The window shown in figure 71 on page 170 is displayed once installation
is complete:

iRMC

169

... providing via a remote storage server

Remote Storage

Figure 71: Installing the remote storage server: Closing the installation program

I If you check the Launch Remote Storage Server option, the remote

storage servers GUI (see page 172) is started when the installation
program has been closed.

Click Finish to close the installation program.


Once installation has been completed successfully, your installation directory
contains a number of files including RemoteStorageServer.exe.

170

iRMC

Remote Storage

6.2.2

... providing via a remote storage server

Remote storage server execution modes

You can execute the remote storage server in the following modes as required:
as a background service
as a stand-along program
You configure the Remote Storage server execution mode via a graphical user
interface (see page 172).
Executing the remote storage server as a service
The following points should be noted
The image file can be located either on a computer in the network or on the
same host on which the remote storage server is running.

I If the image file is not on the computer on which the remote storage

server is running, you must specify the path of the image file in UNC
notation. You also need a user account with access permissions on
the image file.

When the host on which the remote storage server is located is booted, the
remote storage server starts automatically. The remote storage server is
then executed until it is explicitly terminated or the host is shut down.
When the host on which the remote storage server is located is booted, the
image file becomes available automatically.
Executing the remote storage server as a stand-alone program
The following points should be noted
The image file (ISO/NRG image) may be present locally on the remote
storage server or on an assigned network drive.
When the host on which the remote storage server is located is booted, you
must start the image file manually.

iRMC

171

... providing via a remote storage server

6.2.3

Remote Storage

Configuring, starting and exiting the remote


storage server

You configure, start and exit the remote storage server via a graphical user
interface (GUI).
Calling the remote storage servers graphical user interface
You call the remote storage servers graphical user interface as follows:
Choose Start - Programs - Fujitsu RemoteStorageServer - Remote Storage Server.
The remote storage servers graphical user interface appears:

Figure 72: The remote storage servers graphical user interface (here in the Idle state)

172

iRMC

Remote Storage

... providing via a remote storage server

Configuring the remote storage server

I Configuration is only possible if the remote storage server is in the idle


state, i.e. it is not being executed.

In the graphical user interface, you specify the image file made available as
remote storage together with other parameters:
ISO Image Path and Filename:
Enter the path and name of the image file directly in the field.
or:
Click the Browse... button and then navigate to and select the required
image file in the Choose a file dialog box which now opens and then
confirm.

I If the remote storage server is to run as a service (see the Run as


Service option on page 174) and the image file is located on a
computer in the network, you must specify the path of the image
file in UNC notation. You must also ensure that the account
entered under Log On As User (see page 174) is valid and has
access permissions on the share on which the image file is
located.

Force Using Port


If you have configured a port number other than the default port number
(5901) for the iRMCs remote storage port (see page 242 or page 345),
then you must activate this option and enter the configured port number
in the associated field.
Force Using IP Address
If the host on which the remote storage server is executed possesses
more than one LAN connection:
You can specify the IP address of the LAN connection that is to be used
for the remote storage server if this is executed as a service.
By default, the remote storage server uses the first detected LAN
connection.

iRMC

173

... providing via a remote storage server

Remote Storage

Run as Service
Activate this option if the remote storage server is to be executed as a
service in the background (see page 171).
Select one of the two options below:
Use Local System Account
The Remote Storage server is executed as a service under the
local system account.
In this event, the image file (ISO/NRG image) must be located
on a local drive.
Log On As User
he Remote Storage server is executed under the user account
that you specify in the following input fields.
Specify the user name in the form:
For local users: .\Logon-Name
For domain users:
DOMAIN\LogOnName
or
LogOnName@DOMAIN<mailto:LogOnName@DOMAIN>

I The image file (ISO/NRG image) can be located on a network

drive if the Log On As User option is enabled. In this event, the


specified account must have access permissions on the
network drive on which the image file is located. You must also
specify the image file in UNC notation (see input field ISO
Image Path or Filename on page 173).

Click the Apply button to activate your settings.

174

iRMC

Remote Storage

... providing via a remote storage server

Starting the remote storage server


Click the Start button to start the remote storage server as a service or as a
stand-alone program:

Figure 73: The remote storage server is executed (Running status)

Status Messages:
The logged execution states of the remote storage server are displayed
here.

I If the Run as service execution mode is configured (see page 174), then

the remote storage server is started automatically when the computer on


which the remote storage server is installed is booted.

I Execution of the remote storage server is not interrupted automatically if


the graphical user interface is exited.

iRMC

175

... providing via a remote storage server

Remote Storage

Exiting the remote storage server


Click the Stop button to terminate execution of the remote storage server.

176

iRMC

iRMC web interface

The iRMC not only has its own operating system, but also acts as a web server,
providing its own interface.
You can choose whether to show the menus and dialog boxes of the iRMC web
interface in German or English. You can also switch between the available
interface languages within the same session.
When you enter values in the iRMC web interface, you often receive assistance
in the form of tool tips.

I The software described below is partly based on work by the


Independent JPEG Group.

iRMC

177

Logging into the iRMC web interface

7.1

iRMC web interface

Logging into the iRMC web interface

Open a web browser on the remote workstation and enter the (configured)
DNS name (see page 245) or IP address of the iRMC.
Different login screens appear depending on whether LDAP access to a
directory service has been configured for the iRMC (LDAP enabled option,
see page 270):

I If no login screen appears, check the LAN connection (see section


Testing the LAN interface on page 41).

LDAP access to the directory service is not configured for the iRMC
(LDAP enabled option is not activated):

Figure 74: Login screen for the iRMC web interface (LDAP access not configured)

Type in the data for the default administrator account.


User name: admin
Password: admin

I Both the User name and the Password are case-sensitive.


For reasons of security, it is recommended that you create a
new administrator account once you have logged in, and then
delete the default administrator account or at least change the
password for the account (see User <name> Configuration User configuration (details) on page 262).
Click OK to confirm your entries.

178

iRMC

iRMC web interface

Logging into the iRMC web interface

LDAP access to the directory service is configured for the iRMC


(LDAP enabled option or Always use SSL Login option is activated):

Figure 75: Login screen for the iRMC web interface (LDAP access configured)

I The user name and password are always SSL-protected when

they are transmitted. If you activate the Secure (SSL) option, all
communication between the web browser and the iRMC is carried
out over HTTPS.

Type in the data for the default administrator account.


User name: admin
Password: admin

I For reasons of security, it is recommended that you create a

new administrator account once you have logged in, and then
delete the default administrator account or at least change the
password for the account (see User <name> Configuration User configuration (details) on page 262).

Click Login to confirm your entries.


The iRMC web interface opens showing the System Information page (see
page 186).

iRMC

179

Required user permissions

7.2

iRMC web interface

Required user permissions

table 4 provides an overview of the permissions which are required in order to


use the individual functions available at the iRMC web interface.

Switch identification LED on/off.

Open iRMC Information page.

Set firmware selector.

Load license key onto the iRMC.

Open Save iRMC FW Settings page.


Save iRMC FW Settings page (without Incl. User
Settings)

X
X

X
X

Save iRMC FW Settings (Include User Settings) page

Open and edit Certificate Upload page.

Open and edit Generate a self signed RSA Cert. page

Open Power On/Off page.

Open Power Supply Info page.

Open Fans page.

Start fan test (Fan Test group).

Modify Boot Options.


Use Power Control.

Remote Storage Enabled

Video Redirection Enabled

User

Configure iRMC Settings

Operator

Permitted with
permission

Configure User Accounts

Administrator

Open the System Overview / Sytem Component Info.


pages.

Permitted with
IPMI privilege
level

OEM

Functions in the iRMC web interface

Open and edit the Power Options page.

Table 4: Permissions to use special the iRMC web interface

180

iRMC

Set Fan Check Time (Fan Test group).

Edit System Fans.

Open Temperature page

Remote Storage Enabled

Video Redirection Enabled

Permitted with
permission

Configure iRMC Settings

User

Operator

Administrator

Permitted with
IPMI privilege
level

OEM

Functions in the iRMC web interface

Required user permissions

Configure User Accounts

iRMC web interface

Define action on critical temperature.

Open Voltages page.

Open Current page.

Open Power Supply page

Open Component Status page

Open System Event Log Content page.

Delete the system event log (SEL)

Save the system event log (SEL)

Define the severity for the display of SEL entries

Open System Event Log Configuration page

Modifying the configuration of the SEL

Change Default Web Interface display filtering.

Change SEL mode (ring/buffer).

Open and edit Server Management Info. page.

Open and edit the Network Interface page.

Open and edit the Ports and Netw. Services page.

Open and edit the DHCP Configuration page.

Open and edit DNS Settings page.

Open and edit SNMP TRAP Alerting page.

Open and edit Serial / Modem Alerting page.

Table 4: Permissions to use special the iRMC web interface

iRMC

181

Open and edit the Email Alerting page.


X

Open and edit the Directory Service Config. page.

X
X

Modify the BIOS Console Redirection Options.

Start Console Redirection.

Logon in window for power mgmt & text console red.

Start text console redirection (Enter Console).

Open and edit the Adv. Video Redirection page.


Switch local monitor on/off with Turn Off /On button

Remote Storage Enabled

Open and edit the iRMC User page.

Open the BIOS Text Console page.

Video Redirection Enabled

Permitted with
permission

Configure iRMC Settings

User

Operator

Administrator

Permitted with
IPMI privilege
level

OEM

Functions in the iRMC web interface

iRMC web interface

Configure User Accounts

Required user permissions

X
X

Open and edit the Remote Storage page.

Start iRMC SSH Access / Start iRMC Telnet Access.

SSH login / Telnet login

Table 4: Permissions to use special the iRMC web interface

182

iRMC

iRMC web interface

7.3

Structure of the user interface

Structure of the user interface

The iRMC web interface is structured as follows:

Selected function

Selection of the interface language Title bar

Navigation area

Working area

Figure 76: Structure of the iRMC web interface

Choosing the language for the iRMC web interface


On the right of the black bar above the work area, you will find a flag icon. Click
this icon to choose the language (German or English) used to display the
navigation area, menus and dialog boxes of the iRMC web interface.

iRMC

183

Structure of the user interface

iRMC web interface

Navigation area
The navigation area contains the menu tree structure whose nodes combine the
links to the individual iRMC functions arranged on a task basis. When you click
one of these links (in figure 76:System Overview), the link is enabled and the work
area for that function is displayed showing any output, dialog boxes, options,
links and buttons.
Below the links to the individual iRMC functions, you will find the links Logout
and Refresh:

Logout allows you to terminate the iRMC session after you have confirmed
this in a dialog box. Different login screens appear after the session has
been closed depending on whether LDAP access to a directory service has
been configured for the iRMC (LDAP enabled option, see page 270):
If LDAP access to the directory service is not configured for the iRMC
(LDAP enabled is not activated), the following login screen appears:

Figure 77: Login page (after logging out)

Click the Login button to open the login screen of the iRMC web interface
(see figure 74 on page 178). This allows you to log in again if you wish.
If LDAP access to the directory service is configured for the iRMC (LDAP
enabled is activated), the appropriate login screen appears (see figure 75
on page 179).

184

iRMC

iRMC web interface

Structure of the user interface

Click Refresh to refresh the contents of the iRMC web interface.

I Alternatively, you can configure the interface to automatically update


the contents periodically (see Enable Auto Refresh on page 240).

iRMC

185

System Information

7.4

iRMC web interface

System Information Information on the server

The System Information entry contains the links to the following pages:
System Overview - General information on the server on page 187
System Component Information - Information on the server components
on page 190

186

iRMC

iRMC web interface

7.4.1

System Information

System Overview General information on the server

The System Overview page provides information on

the system status,


the system board,
the operating system of the managed server,
system FRUs (Field Replaceable Units) / IDPROM.

Figure 78: System Overview page

iRMC

187

System Information

iRMC web interface

System Status
System Status provides you with information on the Global Error display of the
PRIMERGY Server. You can also switch the PRIMERGY identification LED on
and off.

Figure 79: The System Overview - System Status page

Power LED
Power status of the server.
The following statuses are possible:
On: Power ON (green)
Off: Power OFF (orange)
Error LED
Provides information on the Global Error LED on the server:
Display
(iRMC)

Global Error
LED on the
server

Status of the server

off

Not lit.

No critical event has arisen.

On

Lit red.

Prefailure event for a component.

Flashing

Flashing red.

Critical event.

Identify LED
Status of the identification LED.
The following statuses are possible:
On: ON (blue)
Off: OFF (gray)
Turn On/ Turn Off
Click the Turn On / Turn Off toggle button to turn the identification
LED on or off.

188

iRMC

iRMC web interface

System Information

System FRU / IDPROM Information


Information on the FRUs (Field Replaceable Units) is listed under System FRU /
IDPROM Information. FRUs are system components that can be released and
removed from the system.

iRMC

189

System Information

7.4.2

iRMC web interface

System Component Information Information on the server components

The System Component Information page provides information on the CPUs.


The following status icons indicate the possible statuses of the system
components:
OK: Component status is okay.
Component slot is empty.

Warning: The status of the component has deteriorated.


Fault: The component has a fault.

Table 5: Status of the system component

Figure 80: System Component Information page

190

iRMC

iRMC web interface

7.5

iRMC

iRMC - Information, firmware and


certificates

The iRMC page contains the links to the following pages:


iRMC Information - information about the iRMC on page 192
Save iRMC Firmware Settings - Save firmware settings on page 196
Certificate Upload - Load the DSA/RSA certificate and private DSA/RSA
key on page 198
Generate a self-signed RSA Certificate - creating a self-signed RSA
certificate on page 204

iRMC

191

iRMC - iRMC Information

7.5.1

iRMC web interface

iRMC Information - information about the iRMC

The iRMC Information page provides you with the following options:
View information on the firmware and the SDRR version of the iRMC, set the
firmware selector and restart the iRMC.
View information on the active iRMC sessions.
Load license key onto the iRMC.

Figure 81: iRMC Information page

192

iRMC

iRMC web interface

iRMC - iRMC Information

Firmware Information
Under Firmware Information, you can view information on the firmware version
and the SDRR version of the iRMC and set the firmware selector.

Figure 82: iRMC Information - Firmware Information page

Firmware Selector
You use the firmware selector to specify which firmware image is to be
activated the next time the iRMC is rebooted.
You have the following options:
Auto - EEPROM with highest FW version
The EEPROM with the most recent version is selected automatically.
EEPROM1
EEPROM 1 is selected.
EEPROM2
EEPROM 2 is selected.
Select EEPROM with oldest FW version
The firmware image with the oldest version is selected.

iRMC

193

iRMC - iRMC Information

iRMC web interface

Select most recently programmed FW


The most recently updated firmware image is selected.
Select least recently programmed FW
The least recently updated firmware image is selected.
Apply
Click Apply to set the firmware selector to the option you have set under
Firmware Selector.
License Key
The License Key group allows you to load a license key onto the iRMC.

I You require a valid license key to be able to use the iRMC functions
Advanced Video Redirection (see page 288) and Remote Storage (see
page 296).
You can purchase the license key.
Upload
When you click this button, the license key specified in the input field is
loaded onto the iRMC.

194

iRMC

iRMC web interface

iRMC - iRMC Information

Miscellaneous iRMC Options


The Miscellaneous iRMC Options group allows you to make settings for the layout
of the iRMC web interface.

Figure 83: iRMC Information page - Miscellaneous Options

Default Language
Specifies the language (German / English) that is set as default the next
time the iRMC web interface is called.
Temperature Units
Specifies the unit used for displaying temperature values at the iRMC
web interface (degrees Celsius / degrees Fahrenheit). This setting
applies for the current session and is preset the next time the iRMC web
interface is called.
Colour Schema
Specifies the color scheme for displaying the iRMC web interface. This
setting applies for the current session and is preset the next time the
iRMC web interface is called.

iRMC

195

iRMC - Save Firmware settings

7.5.2

iRMC web interface

Save iRMC Firmware Settings Save firmware settings

The Save iRMC Firmware Settings page allows you to save the current firmware
settings and a number of other settings for the iRMC in a file.
The firmware settings selected under Save iRMC Firmware settings in
ServerView WinSCU XML format are saved in a file with the name
iRMC_settings.pre. In WinSCU (see page 331), you can use the Import...
button to load the firmware settings onto the iRMC again.
The firmware settings selected under Save iRMC Firmware settings in binary
(BMCCLONE.exe) format are saved in a file with the name iRMC_settings.bin.

V CAUTION!
Always save the setting using
Save iRMC Firmware settings in ServerView WinSCU XML format.
Save iRMC Firmware settings in binary (BMCCLONE.exe) format should only
be used if the system module of the managed server is being replaced.

I If you want to save the user settings (Include User Settings), you require
Configure User Accounts permission. In all other cases, Configure iRMC
settings permission is sufficient.

196

iRMC

iRMC web interface

iRMC - Save Firmware settings

Figure 84: Save iRMC Firmware Settings page

Save
Click Save to save the selected settings.
Save All
Click Save All to save all the settings.

iRMC

197

iRMC - Certificate Upload

7.5.3

iRMC web interface

Certificate Upload - Load the DSA/RSA certificate


and private DSA/RSA key

The Certificate Upload page allows you to load a signed X.509 DSA/RSA
certificate (SSL) from a Certificate Authority (CA) and/or your private DSA/RSA
key (SSH) onto the iRMC.

I The iRMC is supplied with a predefined server certificate (default

certificate). If you want to access the iRMC over secure SSL/SSH


connections, it is recommended that you replace the certificate with one
signed by a Certificate Authority (CA) as soon as possible.

I Input format of the X.509 DSA/RSA certificate and the private


DSA/RSA key:

The X.509 DSA/RSA certificate and the RSA/DSA must both be


available in PEM-encoded format (ASCII/Base64).

198

iRMC

iRMC web interface

iRMC - Certificate Upload

Figure 85: Certificate Upload page

iRMC

199

iRMC - Certificate Upload

iRMC web interface

Displaying the currently valid (CA) DSA/RSA certificate


In the group Certificate Information and Restore, click View Certificate to show
the currently valid certificate.

Figure 86: Certificate Upload page - display of the currently valid SSL/SSH certificate

200

iRMC

iRMC web interface

iRMC - Certificate Upload

Restoring the default certificate


In the group Certificate Information and Restore, click Default Certificate to
restore the default certificate delivered with the firmware after you have
confirmed that you wish to do so.

Figure 87: Certificate Upload page - Restoring the default certificate

iRMC

201

iRMC - Certificate Upload

iRMC web interface

Loading the DSA/RSA certificate and private DSA/RSA key from local files
You do this using the group
SSL Certificate and DSA/RSA private key upload from file.

Figure 88: Loading the DSA/RSA certificate and private DSA/RSA key from local files

Proceed as follows:
Save the X.509 DSA/RSA (SSL) certificate and private DSA/RSA key in
corresponding local files on the managed server.
Specify the files Private Key File and Certificate File by clicking on the
associated Browse button and navigating to the file which contains the
private key or the certificate.
Click the Upload button to load the certificate and the private key onto the
iRMC.

I When you upload the certificate and private key, all the existing

HTTPS connections are closed and the HTTPS server is


automatically restarted. This process can take up to 30 seconds. No
explicit reset of the iRMC is required.

Click the View Certificate button to make sure that the certificate has been
loaded successfully.

202

iRMC

iRMC web interface

iRMC - Certificate Upload

Entering the DSA/RSA certificate / private DSARSA key directly


You do this using the group
SSL DSA/RSA certificate or DSA/RSA private upload via copy & paste.

Figure 89: Entering the DSA/RSA certificate / private DSARSA key directly

Proceed as follows:
Copy the X.509 DSA certificate or the private DSA key to the input area.

I You cannot simultaneously enter the certificate and key for the same
upload.

Click the Upload button to load the certificate or the private key onto the
iRMC.
Use the Remote Manager to reset the iRMC (see section Service processor
- IP parameters, identification LED and iRMC reset on page 321).

I This is necessary in order to make a certificate or private key loaded


onto the iRMC valid.

Click the View Certificate button to make sure that the certificate has been
loaded successfully.

iRMC

203

iRMC - Generate a self-signed Certificate

7.5.4

iRMC web interface

Generate a self-signed RSA Certificate creating a self-signed RSA certificate

You can create a self-signed certificate using the Generate a self-signed


RSA Certificate page.

Figure 90: Generate a self-signed Certificate page

204

iRMC

iRMC web interface

iRMC - Generate a self-signed Certificate

View Certificate
You can view the currently valid DSA/RSA certificate using this button.
Default Certificate
You can use this button to restore the default certificate delivered with
the firmware after you have confirmed that you wish to do so.
Enter the requisite details under Certificate Creation.
Click Create to create the certificate.

I When generate the new certificate, all the existing HTTPS

connections are closed and the HTTPS server is automatically


restarted. This can take up to 5 minutes depending on the key length.
No explicit reset of the iRMC is required.

iRMC

205

Power Management

7.6

iRMC web interface

Power Management

The Power Management entry contains the links to the power management pages
for your PRIMERGY server:
Power On/Off - power the server up/down on page 207.
Power Options - Configuring power management for the server on
page 211.
Power Supply Info - Power supply and IDPROM data for the FRU
components on page 214.

206

iRMC

iRMC web interface

7.6.1

Power Management - Power On/Off

Power On/Off - power the server up/down

The Power On/Off page allows you to power the managed server on and off. You
are informed of the servers current power status and are also able to configure
the behavior of the server during the next boot operation.

Figure 91: Power On/Off page

iRMC

207

Power Management - Power On/Off

iRMC web interface

Power Status Summary


The Power Status Summary group provides information on the current power
status of the server and the reasons for the most recent power on/off operations.
In addition, a counter totals the years, months, days and minutes that the server
has been switched on to date.

Figure 92: Power On/Off - Power Status Summary page

208

iRMC

iRMC web interface

Power Management - Power On/Off

Boot Options
The Boot Options group allows you to configure the behavior of the system the
next time it is booted. You can set whether the BIOS is to interrupt the boot
process for the system if errors occur during the POST phase.

I The options set here only apply to the next boot operation. After this, the
default mechanism applies again.

Figure 93: Power On/Off - Boot Options page

Select the desired BIOS behavior from the Error Halt Settings list:
Continue
Continue the boot process if errors occur during the POST phase.
Halt on errors
Interrupt the boot process if errors occur during the POST phase.
From the Boot Device Selector list, select the storage medium you wish to boot
from.
The following options are available:
No change: The system is booted from the same storage medium as
previously.
PXE/iSCSI: The system is booted from PXE / iSCSI over the network.
Harddrive: The system is booted from hard disk.
CDROM/DVD: The system is booted from CD /DVD.
Floppy: The system is booted from floppy disk.
Click the Apply button to activate your settings.

iRMC

209

Power Management - Power On/Off

iRMC web interface

Power Control - powering the server up and down


The Power Control group allows you to power the server up/down.

Figure 94: Power On/Off - Power Control page

Power On
Switches the server on.
Immediate Power Off
Powers the server down, regardless of the status of the operating
system.
Immediate Reset
Completely restarts the server (cold start), regardless of the status of the
operating system.
Power Cycle
Powers the server down completely and then powers it up again after a
configured period. You can configure this time in the Power Cycle Delay
field of the ASR&R Options group (see page 231).
Graceful Power Off (Shutdown)
Graceful shutdown and power off.
This option is only available if ServerView agents are installed and
signed onto the iRMC as Connected.
Graceful Reset (Reboot)
Graceful shutdown and reboot.
This option is only available if ServerView agents are installed and
signed onto the iRMC as Connected.
Click the Apply button to start the required action.

210

iRMC

iRMC web interface

7.6.2

Power Management - Power Options

Power Options Configuring power management for the server

The Power Options page allows you to define the servers behavior after a power
outage and specify the servers power on/off times.

Figure 95: Power Options page

iRMC

211

Power Management - Power Options

iRMC web interface

Power Restore Policy - Specify behavior of the server after a power outage
The Power Restore Policy group allows you to specify the servers power
management behavior after a power outage.

Figure 96: Power Options page, Power Restore Policy

Always power off


The server always remains powered down after a power outage.
Always power on
The server is always powered up again after a power outage.
Restore to powered state prior to power loss
The power up/down status of the server is restored to the status prior to
the power outage.
Click the Apply button to activate your settings.
The configured action will be performed after a power outage.

212

iRMC

iRMC web interface

Power Management - Power Options

Power On/Off Time - Specify power on/off times for the server
The input fields of the Power On/Off Time group allow you to specify the times at
which the server is powered up/down for the individual days of the week or for
specified times during the day.

I Specifications in the Everyday field take priority!


The Trap fields also allow you to configure whether the iRMC sends an SNMP
trap to the management console before a planned power-on / power-off of the
managed server and, if so, how many minutes before the event this should be
done. No traps are sent if you specify the value 0.

Figure 97: Power Options page, Power On/Off Time

Click the Apply button to activate your settings.

iRMC

213

Power Management - Power Supply Info

7.6.3

iRMC web interface

Power Supply Info - Power supply and IDPROM


data for the FRU components

The Power Supply Info page provides you with information on the power supply
specifications and the IDPROM data of the FRUs of the server.

Figure 98: Power Supply Info page

214

iRMC

iRMC web interface

7.7

Sensors

Sensors - Check status of the sensors

The Sensors entry provides you with pages which allow you to test the sensors
of the managed server:
Fans - Check fans on page 216.
Temperature - Check temperature sensors on page 218.
Voltages - Check voltage sensors on page 220.
Power Supply - Check power supply on page 221.
Component Status - Check status of the server components on page 222.
To facilitate checking the status, the sensor status is not only shown in the form
of the current value, but also using a color code and a status icon:
Black /

The measured value is within the normal operational value


range.

Orange /

The measured value has exceeded the warning threshold.


System operation is not yet jeopardized.

Red /

The measured value has exceeded the critical threshold.


System operation may be jeopardized and there is a risk of loss
of data integrity.

Table 6: Status of the sensors

iRMC

215

Sensors - Fans

7.7.1

iRMC web interface

Fans - Check fans

The Fans page provides information on fans and their status.

Figure 99: Fans page

Fan Test - Test fans


The Fan Test group allows you to specify a time at which the fan test is started
automatically or to start the fan test explicitly.
Fan Check Time
Enter the time at which the fan test is to be started automatically.
Click the Apply button to activate your settings.
Click the Start Fan Test button to start the fan test explicitly.

216

iRMC

iRMC web interface

Sensors - Fans

System Fans - Specify server behavior in the event that a fan fails
The System Fans group provides you with information on the status of the fans.
You can use the options or buttons to select individual fans or all the fans and
specify whether the server should be shut down after a specified number of
seconds if this fan fails.
Select all
Selects all fans.
Deselect all
All selections are cancelled.
Select the fans for which you wish to define the behavior in the event of a
fault.
Define the behavior in the event of a fault using the list at the bottom of the
work area:
Choose continue if the server is not to be shut down if the selected fans
fail.
Choose shutdown-and-power-off if the server is to be shut down and
powered down if the selected fans fail. If you choose this option, you must
also specify the time in seconds between failure of the fan and shutdown
of the server (Shutdown Delay) in the field to the right of the list.

I In the case of redundant fans, shutdown is only initiated if more


than one fan is faulty and shutdown-and-power-off is also set for
these fans.

Click the Apply to the selected Fans button to activate your settings for the
selected fans.

iRMC

217

Sensors - Temperature

7.7.2

iRMC web interface

Temperature - Check temperature sensors

The Temperature page provides information on the status of the temperature


sensors which measure the temperature at the server components, such as the
CPU and the FBD (FullyBuffered DIMM) and the ambient temperature.

Figure 100: Temperature page

You can use the options or buttons to select individual temperature sensors or
all the temperature sensors and specify whether the server is to be shut down
if the critical temperature is reached at the selected sensors.
Select all
Selects all temperature sensors.
Deselect all
All selections are cancelled.
Select the sensors for which you wish to define the behavior in the event that
the critical temperature is reached.

218

iRMC

iRMC web interface

Sensors - Temperature

Define the behavior in the event that the critical temperature is reached
using the list at the bottom of the work area:
Choose continue if the server is not to be shut down if the critical
temperature is reached at the selected sensors.
Choose shutdown-and-power-off if the server is to be shut down and
powered down if the critical temperature is reached at the selected
sensors.
Click the Apply to the selected Sensors button to activate your settings for the
selected temperature sensors.

iRMC

219

Sensors - Voltages

7.7.3

iRMC web interface

Voltages - Check voltage sensors

The Voltages page provides information on the status of the voltage sensors
assigned to the server components.

Figure 101: Voltages page

220

iRMC

iRMC web interface

7.7.4

Sensors - Power Supply

Power Supply - Check power supply

The Power Supply page provides information on the power supplied from the
power supply units and the power consumed by the system components.

Figure 102: Power Supply page

Power Supply Sensor Information


This provides information on the power supplied from the power supply units.

iRMC

221

Sensors - Component Status

7.7.5

iRMC web interface

Component Status Check status of the server components

The Component Status page provides information on the status of the server
components.

Figure 103: Component Status page

222

iRMC

iRMC web interface

7.8

System Event Log

System Event Log (SEL) - Displaying and


configuring the servers event log

The System Event Log entry contains the links to the pages for viewing and
configuring the server event log (system event log, SEL):
System Event Log Content - Show information on the SEL and SEL entries
on page 224.
System Event Log Configuration - Configure the SEL on page 227.
Colored icons are assigned to the various event/error categories to improve
clarity:
Critical

Major
Minor
Informational

Table 7: System event log content - error categories

iRMC

223

System Event Log Content

7.8.1

iRMC web interface

System Event Log Content Show information on the SEL and SEL entries

The System Event Log Content page provides information on the SEL and displays
the SEL entries.

Figure 104: System Event Log Content page

224

iRMC

iRMC web interface

System Event Log Content

System Event Log Information


The System Event Log Information group informs you of the number of entries in
the SEL. It also indicates the time when the last entries were added or deleted.

Figure 105: System Event Log Content page, System Event Log Information

Clear Event Log


Click the Clear Event Log button to clear all the entries in the SEL.
Save Event Log
After you have clicked the Save Event Log button, the iRMC allows you to
download the file iRMC_EventLog.sel, which contains the SEL entries.

iRMC

225

System Event Log Content

iRMC web interface

System Event Log Content


The System Event Log Content group displays the SEL entries filtered by error
class.

You can modify the filter criteria for the duration of the current session in
the System Event Log Content group. However, the settings you make here
are only valid until the next logout. After that, the default settings apply
again.

Figure 106: System Event Log Content page, System Event Log Content

Display Critical, Display Major, Display Minor, Display Info


If you wish, you can choose one or more error categories other than the
default values here.
Click the Apply button to activate your settings for the duration of the current
session.

226

iRMC

iRMC web interface

7.8.2

System Event Log Configuration

System Event Log Configuration Configure the SEL

On the System Event Log Configuration page, you can configure


the SEL entries which are displayed by default on the
System Event Log Content page (see page 224).
whether the SEL is organized as a ring buffer or a linear buffer.

Figure 107: System Event Log Configuration page

iRMC

227

System Event Log Configuration

iRMC web interface

Default Web interface display filtering


Display Critical, Display Major, Display Minor, Display Info,
Here you select one or more error categories for which SEL
entries should be displayed by default on the System Event Log
Content page.

I If a LocalView module is fitted in the managed PRIMERGY


server, you can also select the error categories for
displaying the SEL entries in the display panel of the
LocalView module. (This selection is independent of the
selection you have made for the SEL entries displayed on
the System Event Log Content page.)

Ring SEL
The SEL is organized as a ring buffer.
IPMI SEL
The SEL is organized as a linear buffer.

I When the linear SEL has been completely filled, it is not possible
to add any further entries.

Click the Apply button to activate your settings.

228

iRMC

iRMC web interface

7.9

Server Management Information

Server Management Information Configuring the server settings

The Server Management Information page allows you to configure the following
settings on the server:
ASR&R (automatic server reconfiguration and restart) settings for the server
(see page 231)
Watchdog settings (see page 233)
Integration of HP System Insight Manager (HP SIM) (see page 234)

I The settings made on this page become active the next time the
managed server is started.

iRMC

229

Server Management Information

iRMC web interface

Figure 108: Server Management Information page

230

iRMC

iRMC web interface

Server Management Information

ASR&R Options - Configure ASR&R settings


The ASR&R Options group allows you to configure the ASR&R (automatic server
reconfiguration and restart) settings for the server.

Figure 109: Server Management Information page, ASR&R Options

ASR&R Boot Delay


Number of minutes (max. 30) the server waits after a shutdown and
power-off as a result of a critical error before attempting to boot again.
Action with retry counter zero
Action to be performed after the number of restart attempts specified
under Retry counter has failed.
Power Off
The server is powered down.
Boot Diagnostic IDE Disk
The system is booted from the Diagnostic IDE Disk.
Boot PXE
The system is booted from PXE over the network.
Boot iRMC Remote Image
The system is booted from the ServerStart boot image via Remote
Storage.
Disabled
No action is carried out.
Retry counter Max (0 - 7)
Maximum number of restart attempts that should be permitted for the
server after a critical error (up to 7).

iRMC

231

Server Management Information

iRMC web interface

Retry counter (0 - Max)


Number of restart attempts that a server should attempt after a critical
error (maximum value is the value set under Retry counter Max).
BIOS boot source for next boot
Storage medium to be used the next time the system is booted:
Boot Option
The system is booted from the storage medium specified on the
Power On/Off page under Boot Options - Boot Device Selector (see
page 209).
Diagnostic System
The diagnostic system is booted.
BIOS recovery flash bit
Enables/disables the BIOS recovery flash bit:
Enabled
The next time the system is booted, the BIOS is automatically
flashed.
Disabled
The next time the system is booted, the BIOS is not automatically
flashed.

I The Enabled setting is of value if the operating system no longer

boots after the firmware has been updated. A BIOS recovery flash
is then performed automatically the next time the system is booted
from the DOS floppy (or a DOS floppy image).
After a BIOS recovery flash has been performed successfully,
reset the BIOS Recovery Flash bit to disabled.

Power Cycle Delay


Time (in seconds) between powering down and powering up during a
power cycle.
Click the Apply button to save your settings.
The configured settings are saved and the actions which have been
configured are performed in the appropriate circumstances.

232

iRMC

iRMC web interface

Server Management Information

Watchdog Settings Configure software watchdog and boot watchdog


The Watchdog Settings group allows you configure the software watchdog and the
boot watchdog.

Figure 110: Server Management Information page, Watchdog Options

The software watchdog monitors the activities of system using the ServerView
agents. The software watchdog is activated when the ServerView agents and
the operating system have been completely initialized.
The ServerView agents contact the iRMC at defined intervals. If no more
messages are received from a ServerView agent, it is assumed that the system
is no longer functioning correctly.
You can specify an action to be performed if this happens.
The boot watchdog monitors the phase between startup of the system and the
time at which the ServerView agents become available.
If the ServerView agents do not establish a connection to the iRMC of the server
within a specified time, it is assumed that the boot process has not been
successful.
You can specify an action to be performed if this happens.
Proceed as follows:
Check or uncheck the option(s) under Enabled for the Software Watchdog
and/or Boot Watchdog.
If you have activated either of these options, you can configure the following
settings after Software Watchdog and/or Boot Watchdog:
Continue
No action is performed when the watchdog has expired, i.e. the
server continues to run. An entry is made in the event log.
Reset
The server management software triggers a system reset.

iRMC

233

Server Management Information

iRMC web interface

Power Cycle
The server is powered down and immediately powered up again.
As appropriate, enter the time (in minutes) after which this action is to be
performed following after timeout delay.

I The boot watchdog must wait until the system has been started. You

therefore have to specify a sufficient period for after timeout delay (1 100).

Click the Apply button.


The configured settings are saved and the actions which have been
configured are performed in the appropriate circumstances.
HP System Insight Manager (HP SIM) Integration Options Configure HP SIM integration
The HP System Insight Manager (HP SIM) Integration Options group allows you to
specify whether the iRMC responds with identification information to a nonauthenticated XML query from the HP Insight Manager.

Figure 111: Server Management Information page - HP SIM Integration Options

Proceed as follows:
Enable or disable the HP SIM Integration Disabled option to disable or enable
HP SIM integration.
Click the Apply button to apply the selected setting.

234

iRMC

iRMC web interface

7.10

Network Settings

Network Settings Configure the LAN parameters

The Network Settings entry brings together the links to the pages you use to
configure the LAN parameters of the iRMC:
Network Interface - Configure Ethernet settings on the iRMC on page 236.
Ports and Network Services - Configuring ports and network services on
page 239.
DHCP Configuration - Configuring the host name for the iRMC on
page 243.
DNS Configuration - Enable DNS for the iRMC on page 245.

iRMC

235

Network Settings - Network Interface

iRMC web interface

7.10.1 Network Interface Configure Ethernet settings on the iRMC


The Network Interface page allows you to view and change the Ethernet settings
for the iRMC.

Figure 112: Network Interface page

V CAUTION!
Contact the network administrator responsible for the system before you
change the Ethernet settings.
If you make illegal Ethernet settings for the iRMC, you will only be able to
access the iRMC using special configuration software, the serial
interface or via the BIOS.

I Only users with the Configure iRMC Settings permission are allowed to edit
Ethernet settings (see chapter User management for the iRMC on
page 57).

236

iRMC

iRMC web interface

Network Settings - Network Interface

MAC Address
The iRMCs MAC address is displayed here.
LAN Speed
LAN speed. The following options are available:

Auto Negotiation
100 MBit/s Full Duplex
100 MBit/s Half Duplex
10 MBit/s Full Duplex
10 MBit/s Half Duplex

If Auto Negotiation is selected, the onboard LAN controller assigned to the


iRMC autonomously determines the correct transfer speed and duplex
method for the network port it is connected to.
LAN Port

I This option is not supported for all PRIMERGY servers.


On some PRIMERGY server models, the LAN interface of the installed
system NIC (network interface card) can be set up
as shared LAN for shared operation with the system
or
as a service LAN for exclusive use as a management LAN.

I The Service LAN setting is mandatory for the Type TX150 S6


PRIMERGY server.

iRMC

237

Network Settings - Network Interface

iRMC web interface

IP Address
The IP address of the iRMC in the LAN. This address is different from the
IP address of the managed server.

I If you are working with a static address (DHCP enable option not

activated) then you can enter this here. Otherwise (if the DHCP
enable option is activated), the iRMC only uses the field to display
the address.

Subnet Mask
Subnet mask of the iRMC in the LAN.
gateway
IP address of the default gateway in the LAN.
DHCP Enabled
If you activate this option, the iRMC gets its LAN settings from a DHCP
server on the network.

I Do not activate the DHCP option if no DHCP server is available on


the network.
If you activate the DHCP option and there is no DHCP server
available on the network, the iRMC goes into a search loop (i.e. it
continues searching for a DHCP server until it finds one).

The (configured) iRMC can be registered with a DNS server by an


appropriately configured DHCP server (see sections DHCP
Configuration - Configuring the host name for the iRMC on
page 243 and DNS Configuration - Enable DNS for the iRMC on
page 245).
VLAN Enabled
This option allows you to activate VLAN support for the iRMC
VLAN Id
VLAN ID of the virtual network (VLAN) the iRMC belongs to. Permitted
value range: 1 VLAN Id 4094.
VLAN Priority
VLAN priority (user priority) of the iRMC in the VLAN specified by VLAN
Id.
Permitted value range: 0 VLAN Priority 7 (default: 0).
Click the Apply button to activate the configured Ethernet settings.

238

iRMC

iRMC web interface

Network Settings - Ports and Network Serv.

7.10.2 Ports and Network Services Configuring ports and network services
The Ports and Network Services page allows you to view and modify the
configuration settings for ports and network services.

Figure 113: Ports and Network Services page

I Configuration is not supported for ports where the input fields are
deactivated in the iRMC web interface.

iRMC

239

Network Settings - Ports and Network Serv.

iRMC web interface

Ports for web-based access


Session Timeout
Period of inactivity (in seconds) after which the session is automatically
closed. The login page of the iRMC web interface then appears, and you
can log in again as required (see page 178).

I Your session will not automatically be closed if it is inactive when

the time specified in Session Timeout has elapsed if you enter a


value for the refresh interval which is less than the Session Timeout
in the Refresh every ... seconds field (see page 241).

HTTP Port
HTTP port of the iRMC
Default port number: 80
Configurable: yes
Enabled by default: yes
Communication direction: inbound and outbound
HTTPS Port
HTTPS (HTTP Secure) port of the iRMC
Default port number: 443
Configurable: yes
Enabled by default: yes
Communication direction: inbound and outbound
Force HTTPS
If you enable the Force HTTPS option, users can only establish a secure
connection to the iRMC on the HTTPS port specified in the entry field.
If you disable the Force HTTPS option, users can establish a non-secure
connection to the iRMC on the HTTP port specified in the entry field.

I If the SSL certificate has expired, a message to this effect is


issued in the browser.

Enable Auto Refresh


If you activate this option, the contents of the iRMC web interface are
automatically refreshed periodically. Specify the refresh interval in the
Refresh every ... seconds field.

240

iRMC

iRMC web interface

Network Settings - Ports and Network Serv.

Refresh every ... Seconds


Length (in seconds) of the interval for automatically refreshing the iRMC
web interface.

I If you enter a value for the refresh interval which is less than the

Session Timeout (see page 240), your session will not automatically
be closed when the time specified in Session Timeout has elapsed
in the event of inactivity.

Ports for text-based access


Telnet Port
Telnet port of the iRMC
Default port number: 3172
Configurable: yes
Enabled by default: no
Communication direction: inbound and outbound
SSH Port
SSH (Secure Shell) port of the iRMC
Default port number: 22
Configurable: yes
Enabled by default: yes
Communication direction: inbound and outbound
Telnet enabled
If you enable the Telnet Enabled option, users can establish a connection
to the iRMC on the Telnet port specified in the entry field.
Session Drop Time
Period of inactivity (in seconds) after which a Telnet connection is
automatically cleared.

iRMC

241

Network Settings - Ports and Network Serv.

iRMC web interface

VNC ports
Standard Port
VNC port of the iRMC for secure and non-secure Advanced Video
Redirection (AVR)
Port number: 80
Configurable: yes
Enabled by default: yes
Communication direction: inbound
Secure Port (SSL)
VNC port of the iRMC for the SSL-secured transfer of mouse and
keyboard input for AVR.
Port number: 443
Configurable: yes
Enabled by default: yes
Communication direction: inbound
Remote Storage Ports
Standard Port
Standard remote storage port of the iRMC
Default port number: 5901
Configurable: yes
Enabled by default: yes
Communication direction: outbound to the remote workstation
Click the Apply button to store the configured settings.

242

iRMC

iRMC web interface

Network Settings - DHCP Configuration

7.10.3 DHCP Configuration Configuring the host name for the iRMC
The DHCP Configuration page allows you to configure a host name for the iRMC
and thus use dynamic DNS. Dynamic DNS allows DHCP servers to
autonomously pass on the IP address and system name of a network
component to DNS servers to facilitate identification.

Figure 114: DHCP Configuration page

Register DHCP Address in DNS


Enables/disables transfer of the DHCP name to the DHCP server for the
iRMC.
Use iRMC Name instead of Hostname
The iRMC name specified in the iRMC Name entry field is used for the
iRMC instead of the server name.

iRMC

243

Network Settings - DHCP Configuration

iRMC web interface

Add Serial Number


The last 3 bytes of the MAC address of the iRMC are appended to the
DHCP name of the iRMC.
Add Extension
The extension specified in the Extension entry field is appended to the
DHCP name of the iRMC.
Extension
Enter a name extension for the iRMC.
iRMCName
iRMC name passed to DHCP for the iRMC in place of the server name.
DNS Name
Shows the configured DNS name for the iRMC.

244

iRMC

iRMC web interface

Network Settings - DNS Configuration

7.10.4 DNS Configuration - Enable DNS for the iRMC


The DNS Configuration page allows you to activate the Domain Name Service
(DNS) for the iRMC. This allows you to use symbolic DNS names instead of IP
addresses for configuring the iRMC.

Figure 115: DNS Configuration page

DNS Enabled
Enables/disables DNS for the iRMC.
Obtain DNS configuration from DHCP
If you activate this option, the IP addresses of the DNS servers are
obtained automatically from the DHCP server.
In this event, up to five DNS servers are supported.
If you do not enabled this setting, you can enter up to five DNS server
addresses manually under DNS-Server 1 - DNS-Server 5.

iRMC

245

Network Settings - DNS Configuration

iRMC web interface

DNS Domain
If the option Obtain DNS configuration from DHCP is disabled, specify the
name of the default domain for requests to the DNS server(s).
DNS Server 1 .. 5
If the Obtain DNS configuration from DHCP option is disabled, you can
enter the names of up to five DNS servers here.
Click the Apply button to store the configured settings.

246

iRMC

iRMC web interface

7.11

Alerting

Alerting - Configure alerting

The Alerting entry contains the links to the pages you use to configure alerting
for the iRMC:
SNMP Trap Alerting - Configure SNMP trap alerting on page 248.
Serial / Modem Alerting - Configure alerting via modem on page 250.
Email Alerting - Configure email alerting on page 252.

iRMC

247

Alerting - SNMP Trap Alerting

iRMC web interface

7.11.1 SNMP Trap Alerting - Configure SNMP trap alerting


The SNMP Trap Alerting page allows you to view and configure the settings for
SNMP trap alerting.

I Forwarding of SNMP traps to up to seven SNMP servers is supported.

Figure 116: SNMP Trap Alerting page

SNMP Community
Name of the SNMP community.
Click the Apply button to accept the community name.

248

iRMC

iRMC web interface

Alerting - SNMP Trap Alerting

SNMP Server1 .. SNMP Server7 (trap destinations)


DNS names or IP addresses of the servers that belong to this community
and are to be configured as Trap Destinations.
Click the Apply button to activate the SNMP server as a trap
destination.
Click the Test button to test the connection to the SNMP server.
Click Apply All to activate all the settings if appropriate.

iRMC

249

Alerting - Serial/Modem Alerting

iRMC web interface

7.11.2 Serial / Modem Alerting Configure alerting via modem


The Serial / Modem Alerting page allows you to configure how alerts are
forwarded via a modem.

Figure 117: Serial / Modem Alerting page

Modem Alerting Enabled


Enables or disables serial/modem alerting.
Modem Init String
Please refer to your modem documentation for details on this entry.
Modem Reset/Hangup String
Please refer to your modem documentation for details on this entry.
Modem Dial Prefix
This entry will depend on the type of connection you have.

250

iRMC

iRMC web interface

Alerting - Serial/Modem Alerting

Provider Phone Number


Enter the name of the SMS server.
Handy/Pager Phone Number
Enter the name of the mobile phone.
Handy/Pager Type
You can choose between:

Signal Pager
Numeric Pager
Alpha pager
SMS
DoCoMo

SMS Message Length Limit


You can choose between 80 or 140 as the maximum length.
SMS Protocol Type
Enable the option corresponding to the mobile phone network used.
Click the Apply button to activate your settings.
Click the Test button to send a test alert.

iRMC

251

Alerting - Email Alerting

iRMC web interface

7.11.3 Email Alerting - Configure email alerting


The Email Alerting page allows you to configure the settings for
email alerting.

I Configuration of two mail servers is supported.


Email alerting can be specified individually for each user (see section
User <name> Configuration - User configuration (details) on
page 262).

I Email alerting is currently not supported for global iRMC user IDs (see
chapter User management for the iRMC on page 57).

252

iRMC

iRMC web interface

Alerting - Email Alerting

Figure 118: Email Alerting page

iRMC

253

Alerting - Email Alerting

iRMC web interface

Global Email Paging Configuration Configure global email settings


The Global Email Paging Configuration group allows you to configure the global
email settings.

Figure 119: Email Alerting - Global Email Paging Configuration page

Email Alerting Enabled


Activate this option.
SMTP Retries (0 - 7)
Number of SMTP retries.
SMTP Retry Delay (0 - 255)
Time (in seconds) between SMTP retries.
SMTP Response Timeout
Timeout (in seconds) for an SMTP response.
Click the Apply button to activate your settings.

254

iRMC

iRMC web interface

Alerting - Email Alerting

Primary SMTP Server Configuration - Configure primary mail server


The Primary SMTP Server Configuration group allows you to configure the
primary server (SMTP server).

Figure 120: Email Alerting page, Primary SMTP Server Configuration

SMTP Server
IP address of the primary mail server

I You can activate the Domain Name Service (DNS) for the iRMC
(see DNS Configuration - Enable DNS for the iRMC on
page 245). You can then use a symbolic name instead of the IP
address.

SMTP Port
SMTP port of the mail server
Auth Type
Authentication type for connecting the iRMC to the mail server:
None
No authentication for the connection.
SMTP AUTH (RFC 2554)
Authentication according to RFC 2554: SMTP Service Extension for
Authentication
Auth User Name
User name for authentication on the mail server
Auth Password
Password for authentication on the mail server
Confirm Password
Confirm the password entered.
Click the Apply button to activate your settings.

iRMC

255

Alerting - Email Alerting

iRMC web interface

Secondary SMTP Server Configuration Configure secondary mail server


The Secondary SMTP Server Configuration group allows you to configure the
secondary server (SMTP server).

Figure 121: Email Alerting page, Secondary SMTP Server Configuration

SMTP Server
IP address of the secondary mail server

You can activate the Domain Name Service (DNS) for the iRMC
(see DNS Configuration - Enable DNS for the iRMC on
page 245). You can then use a symbolic name instead of the IP
address.

SMTP Port
SMTP port of the mail server
Click the Apply button to activate your settings.

256

iRMC

iRMC web interface

Alerting - Email Alerting

Mail Format dependent Configuration Configure mail-format-dependent settings


The Mail Format dependent Configuration group allows you to configure the mailformat-dependent settings. You specify the mail format for each user using the
New User Configuration - User <Name> Configuration - Email Format Configuration
page (see page 266).
The following email formats are supported:

Standard
Fixed Subject
ITS-Format
Fujitsu REMCS Format

Figure 122: Email Alerting page, Mail Format dependent Configuration

Some entry fields are disabled depending on the mail format.


From
Sender identification iRMC.
Active for all mail formats.

I If the string entered here contains an @, the string is interpreted


as a valid email address. Otherwise, admin@<ip-address> is
used as the valid email address.

Subject
Fixed subject for the alert mails.
Only active for the Fixed Subject mail format (see page 266).
Message
Type of message (email).
Only active for the Fixed Subject mail format (see page 266).

iRMC

257

Alerting - Email Alerting

iRMC web interface

Admin Name
Name of the administrator responsible (optional).
Only active for the ITS mail format (see page 266).
Admin Phone
Phone number of the administrator responsible (optional).
Only active for the ITS mail format (see page 266).
REMCS Id
This ID is an additional server ID, similar to the serial number.
Only active for the mail format Fujitsu REMCS-Format.
Server URL
A URL under which the server is accessible under certain conditions. You
have to enter the URL manually.
Only active for the Standard mail format.

258

Click the Apply button to store your settings.

iRMC

iRMC web interface

7.12

User Management

User Management - Manage users

The User Management entry contains the links to the pages for local user
management as well as for the configuration of the directory service for global
user management (LDAP configuration):
iRMC User - local user management on the iRMC on page 259
Directory Service Configuration (LDAP) - Configuring the directory service
at the iRMC on page 269

7.12.1 iRMC User - local user management on the iRMC


The iRMC User page contains a table showing all the configured users: Each
line contains the data for one configured user. The user names are implemented
in the form of links. Clicking on a user name opens the User <name>
Configuration window (see page 262), in which you can view or modify the
settings for this user.

I User ID 1 (null user) is reserved for the IPMI standard and is therefore
unavailable for user management on the iRMC.

iRMC

259

User Management - iRMC User

iRMC web interface

Figure 123: User Management page

Delete
The table of configured users includes a Delete button after each user
entry. Click this button to delete the associated user after confirming this
choice.
New User
When you click this button, the
New User Configuration page opens (see page 261). You can configure a
new user here.

260

iRMC

iRMC web interface

User Management - iRMC User

7.12.1.1 New User Configuration - Configuring a new user


The New User Configuration page allows you to configure the basic settings for a
new user.
You will find explanations of the fields and selection lists on the
New User Configuration page as of page 263 under the description of the User
<name> Configuration page.
In figure 124 you can see the configuration of a user with the name user3.

Figure 124: User Management page, New User Configuration

iRMC

261

User Management - iRMC User

iRMC web interface

7.12.1.2 User <name> Configuration - User configuration (details)


The User <name> Configuration page allows you to view, modify and extend the
settings for a user.
In figure 125 you can see the configuration of the user created in figure 124.

I The user ID is shown in brackets after the user name.

Figure 125: User Management - User <name> Configuration page

262

iRMC

iRMC web interface

User Management - iRMC User

User Information - Configuring user access data


The User Information group allows you to configure the access data for the user.

Figure 126: User Management - User <name> Configuration page, User Information

User Enabled
Disable this option to lock the user.
Name
Enter the name of the user.
Password
Enter the user password.
Confirm Password
Confirm the password by entering it again here.
Description
Enter a general description of the configured user here.

iRMC

263

User Management - iRMC User

iRMC web interface

User Shell
Select the desired user shell here.
The following options are available:
SMASH CLP
See section Start a Command Line shell... - Start a SMASH CLP
shell on page 323.
CLI Shell
See section Command Line Protocol (CLP) on page 324.
Remote Manager
See chapter iRMC via Telnet/SSH (Remote Manager) on page 303.
IPMI Basic Mode
IPMI Terminal Mode
None

264

Click the Apply button to activate your settings.

iRMC

iRMC web interface

User Management - iRMC User

Privileges and Permissions - Assigning user privileges


The Privileges and Permissions group allows you to configure the channelspecific user privileges.

Figure 127: User Management - User <name> Configuration page, Privilege / Permissions

LAN Channel Privilege


Assign a privilege group for a LAN channel to the user here:

User
Operator
Administrator
OEM

Refer to section User permissions on page 60 for information on the


permissions associated with the privilege groups.
Serial Channel Privilege
Assign a privilege group for a serial channel to the user here: The same
privilege groups are available as for LAN Channel.
In addition to the channel-specific permissions, you can also individually assign
users the following channel-independent permissions:
Configure User Accounts
Permission to configure local user access data.
Configure iRMC Settings
Permission to configure the iRMC settings.
Video Redirection Enabled
Permission to use Advanced Video Redirection (AVR) in View Only and
Full Control mode.

iRMC

265

User Management - iRMC User

iRMC web interface

Remote Storage Enabled


Permission to use the Remote Storage functionality.

Click the Apply button to activate your settings.

Email Configuration Configure user-specific email settings


The Email Configuration group allows you to configure the user-specific settings
governing the email format.

Figure 128: User Management - User <name> Configuration page, Email Configuration

Email Enabled
Specify whether the user is to be informed about system statuses by
email.

266

iRMC

iRMC web interface

User Management - iRMC User

Mail Format
Depending on the selected email format, you can make a number of
settings in the Email Alerting - Mail Format dependent Configuration group
(see page 257).
The following email formats are available:

Standard
Fixed Subject
ITS-Format
Fujitsu REMCS Format

Preferred Mail Server


Select the preferred mail server.
You can choose one of the following options:
Automatic
If the email cannot be sent successfully immediately, for instance
because the preferred mail server is not available, the email is sent to
the second mail server.
Primary
Only the mail server which has been configured as the primary SMTP
server (see page 255) is used as the preferred mail server.
Secondary
Only the mail server which has been configured as the secondary
SMTP server (see page 256) is used as the preferred mail server.

I Errors sending email are recorded in the event log.


User Description
General description of the configured user.
Email Address
Email address of recipient.

iRMC

267

User Management - iRMC User

iRMC web interface

Paging Severity Configuration


Here you can configure system events about which an iRMC user is to
be informed by email.

I Every entry in the event log for the iRMC is assigned to a


particular paging group.

The following settings are available for each event group:


None
The notification function is deactivated for this paging group.
Critical
The iRMC notifies users by email if an entry in the system event
log is reported as Critical.
Warning
The iRMC notifies users by email if an entry in the system event
log is reported as Minor, Major or Critical.

I If WARNING is set, the user is also notified of system event


log entries with the status CRITICAL.

All
The iRMC notifies users of every event in this group which causes
an entry to be made in the system event log.

268

Click the Apply button to activate your settings.

iRMC

iRMC web interface

User Management - Directory Service Config.

7.12.2 Directory Service Configuration (LDAP) Configuring the directory service at the iRMC
In order to perform global user management via a directory service (see
page 66), you must configure the iRMC appropriately in the Directory Service
Configuration page.

I Currently, support for iRMC LDAP access is provided for the following
directory services: Microsoft Active Directory, Novell eDirectory and
Open LDAP.

I The following characters are reserved as metacharacters for search


strings in LDAP: &, |, !, =, <, >, ~, :

You must therefore not use these characters as components of Relative


Distinguished Names (RDN).

Figure 129: Directory Service Configuration page (LDAP configuration)

iRMC

269

User Management - Directory Service Config.

iRMC web interface

Global Directory Service Configuration: General details


In the Global Directory Service Configuration group, you configure iRMC LDAP
access to the directory service.
LDAP Enabled
This option specifies whether the iRMC can access a directory service
via LDAP. Directory service access via LDAP is only possible if LDAP
Enable has been activated.

I If LDAP Enable is checked then the login information (see

page 178) is always transferred with SSL encryption between the


web browser and the iRMC.

LDAP SSL Enabled


If you check this option then data transfer between iRMC and the
directory server is SSL encrypted.

I LDAP SSL Enable has no influence on whether or not the iRMC


web interface pages are SSL-protected on opening.
I You should only activate LDAP SSL Enable if a domain controller
certificate is installed.

Disable Local Login


If you activate this option then all the local iRMC user identifications are
locked and only the user identifications managed by the directory service
are valid.

V CAUTION!
If the option Disable Local Login is activated and the connection to
the directory service fails then it is no longer possible to log in at
the iRMC.
Always use SSL Login

I This option is only relevant if LDAP is deactivated.


If you activate this option then the HTTP SSL-secured login page is
always used even if LDAP is deactivated. Only if you do not activate
Always use SSL Login and LDAP is deactivated is a mask secured via
Digest Authentication Login used.
Directory Server Type
Type of directory server used:
The following directory services are supported:
270

iRMC

iRMC web interface

User Management - Directory Service Config.

Active Directory: Microsoft Active Directory


Novell: Novell eDirectory
OpenLDAP: OpenLDAP
Click the Apply button to activate your settings.
Different input fields are provided, depending on the directory service you
select:
For Active Directory, refer to Configuring iRMC for Microsoft Active
Directory on page 272.
For eDirectory and Open LDAP, refer to Configuring iRMC for Novell
eDirectory / OpenLDAP on page 274.

iRMC

271

User Management - Directory Service Config.

iRMC web interface

Configuring iRMC for Microsoft Active Directory


After you have confirmed the Active Directory you have chosen by clicking Apply,
the following variant of the Directory Service Configuration page is shown:

Figure 130: Global Directory Service Configuration: Specifications for Microsoft Active
Directory

I The entries shown as examples in figure 130 refer to the examples and
figures shown in section iRMC user management via Microsoft
Active Directory on page 77.

272

iRMC

iRMC web interface

User Management - Directory Service Config.

Proceed as follows:
Complete your specifications in the Global Directory Service Configuration
group.
LDAP Server 1
IP address or DNS name of the LDAP directory server that is to be
used.
LDAP Server 2
IP address or DNS name of the LDAP directory server which is
maintained as the backup server and used as the directory server if
LDAP Server 1 fails.
Domain name
Complete DNS path name of the directory server.
Base DN
Base DN is automatically derived from Domain Name.
Department name
Department name. The directory service needs the department
name in order to determine the user permissions. A user may have
different permissions for the department X server than for the
department Y server (see also figure 17 on page 70).
In the Global Directory Service Configuration group, click the Apply button to
activate the settings you have made under
Global Directory Service Configuation.
This completes configuration of the directory service and activates it.

I The specifications in the Directory Service Access Configuration group are


currently not relevant for Microsoft Active Directory.
The settings that you make here are required for alerting in connection
with global user identifications. However, alerting is currently only
supported for local user identifications.

iRMC

273

User Management - Directory Service Config.

iRMC web interface

Configuring iRMC for Novell eDirectory / OpenLDAP


After you have confirmed you choice of Novell or OpenLDAP by clicking Apply,
the following variant of the Directory Service Configuration page is shown.

I The Directory Service Configuration page has an identical structure for


both Novell eDirectory and OpenLDAP.

Figure 131: Global Directory Service Configuration: Specifications for Novell eDirectory / Open
LDAP

I The entries shown as examples in figure 131 refer to the examples and

figures shown in section iRMC user management via Novell eDirectory


on page 95.

274

iRMC

iRMC web interface

User Management - Directory Service Config.

Proceed as follows:
Complete your specifications in the Global Directory Service Configuration
group.
LDAP Server 1
IP address or DNS name of the LDAP directory server that is to be
used.
LDAP Server 2
IP address or DNS name of the LDAP directory server which is
maintained as the backup server and used as the directory server if
LDAP Server 1 fails.
Dept. name
Department name. The directory service needs the department
name in order to determine the user permissions. A user may have
different permissions for the department X server than for the
department Y server (see also figure 17 on page 70).
Base DN
The Base DN is the fully distinguished name of the eDirectory or Open
LDAP server and represents the tree or subtree that contains the OU
(Organizational Unit) iRMCgroups. This DN forms the starting point for
LDAP searches.
Group DN Context
Pathname of the OU iRMCgroups as a subtree of Base DN.
User Search DN
Pathname of the OU Users as a subtree of Base DN.
On the Directory Service Configuration page, click the Apply button to activate
the settings you have made under Global Directory Service Configuration.
Make the following entries in the Global Service Access Configuration group:
LDAP Auth Password
Password the principal user uses to authenticate themselves on the
LDAP server.
Confirm Password
Repeat the password you entered under LDAP Auth Password.
Principal User DN
Fully distinguished name of the generic iRMC user ID (principal user)
under which the iRMC queries the permissions of the iRMC users
from the LDAP server.
iRMC

275

User Management - Directory Service Config.

iRMC web interface

Append Base DN to Principal User DN


If you activate this option, you do not need to specify the Base DN
under Principal User DN. In this event, the Base DN is used that you
specified under Base DN in the Global Directory Service Configuration
group.
Bind DN
Bind DN shows the principal user DN used for LDAP authentication.
Enhanced User Login
Enhanced flexibility on user login.
If you select Enhanced User Login and activate it with Apply, an
additional field User Login Search Filter appears containing the
standard login search filter.

Figure 132: LDAP search filter for Enhanced User Login.

At login, the placeholder %s is replaced by the associated global


login. You can modify the standard filter by specifying another
attribute in place of cn=. All global logins are then permitted to log
into the iRMC which meet the criteria of this search filter.

V CAUTION!
Only activate this option if you are familiar with the LDAP
syntax. If you inadvertently specify and activate an invalid
search filter, users can only log in to the iRMC under a global
login after the Enhanced User Login option has been
deactivated.
Click the Apply button to complete the directory service configuration and
activate the settings.

276

iRMC

iRMC web interface

7.13

Console Redirection

Console Redirection - Redirecting the


console

The following pages are available for console redirection:


BIOS Text Console - Configure and start text console redirection on
page 277.
Advanced Video Redirection - Start Advanced Video Redirection (AVR) on
page 288.

7.13.1 BIOS Text Console Configure and start text console redirection
The BIOS Text Console page allows you to configure and start text console
redirection.

I Text console redirection can also be configured in the BIOS (see section
Configuring text console redirection via LAN using the BIOS Setup
program on page 42).

iRMC

277

Console Redirection - BIOS Text Console

iRMC web interface

Figure 133: BIOS Text Console page

278

iRMC

iRMC web interface

Console Redirection - BIOS Text Console

7.13.1.1 BIOS Console Redirection Options Configure text console redirection


BIOS Console Redirection Options allows you to configure text console redirection.

Figure 134: BIOS Text Console - BIOS Console Redirection Options page

Console Redirection Enabled


This option allows you to enable/disable console redirection.

I The operating system can also permit text console redirection


irrespective of the settings in the BIOS.

Console Redirection Mode


This setting affects the behavior of console redirection while the
operating system is running (after the BIOS POST phase has completed)
- see section Text console redirection while the operating system is
running on page 286:
Standard
Console redirection is terminated after the BIOS POST phase.
Enhanced
Console redirection continues to be available after the BIOS
POST phase.

iRMC

279

Console Redirection - BIOS Text Console

iRMC web interface

Console Redirection Port


Two serial ports are available: Serial 1, Serial 2.

I If console redirection is to be performed via LAN, Serial 1 must be


set.

If Serial 2 is selected, only the connection over the null modem


cable works.
Serial Port Baud Rate
The following baud rates can be set: 1200, 2400, 4800, 9600, 19200,
38400, 57600, 115200.
Serial Port Flow Control
The following settings are possible:
None
Flow control is disabled.
XON/XOFF (Software)
Flow control is handled by the software.
CTS/RTS (Hardware)
Flow control is handled by the hardware.
Terminal Emulation
The following terminal emulations are available:
VT100 7Bit, VT100 8Bit, PC-ANSI 7Bit, PC-ANSI 8 Bit, VT100+, VT-UTF8
Serial 1 Multiplexer
Check the consistency of the multiplexer settings:
Serial: System
LAN: iRMC

280

Click the Apply button to activate your settings.

iRMC

iRMC web interface

Console Redirection - BIOS Text Console

7.13.1.2 Text Console Redirection (via Serial over LAN) Start text console redirection
Text Console Redirection (via Serial Over LAN) allows you to start text console
redirection.

I Text console redirection via Serial over LAN (SOL) assumes that the
operating system and/or the BIOS use serial port 1 (COM1) for text
console redirection.

Figure 135: Start text console redirection via Serial over LAN (SOL).

Click the Start Console Redirection button to start text console redirection
function.
The Java applet for text console redirection is started (see figure 136 on
page 282):

iRMC

281

Console Redirection - BIOS Text Console

iRMC web interface

Figure 136: Window for power management and text console redirection (before login)

Click the Logon button to log in to the iRMC.


You are then prompted to enter your iRMC user name and
password:

Figure 137: Power management and text console redirection - Login window

282

iRMC

iRMC web interface

Console Redirection - BIOS Text Console

Enter your user name and password and click Login to confirm.
The window for power management and text console redirection is then
displayed:

Console redirection bar Status bar

Console area

Power management bar

Login bar

Figure 138: Window for power management and text console redirection

iRMC

283

Console Redirection - BIOS Text Console

iRMC web interface

The elements of the console redirection window are explained below:


Login bar
The login bar shows the IP address and current firmware version of
the iRMC. The Login and Logout buttons allow you to log in to and log
out of the iRMC.
Power management bar
The power management bar provides information on the power status
of the managed server. You can update the display by clicking the
Status button.
The Command drop-down list allows you to select and launch an IPMI
command for power management of the managed server (see page
page 285). You do not need to be connected with the console to do
this.
Console redirection bar
The Enter Console and Leave Console buttons in the console redirection
bar allow you to show or hide the display in the console area.
Console area
The console area contains the display from the redirected text
console.
Status bar
The status bar shows the IP address of the iRMC and the port
number used for console redirection. In addition, the status bar
provides information on the status of the console redirection
(online/offline).

284

iRMC

iRMC web interface

Console Redirection - BIOS Text Console

Click Enter Console.


You are then connected to the console and can execute the required
command, either by entering it directly in the console area or by clicking it in
the Command drop-down list (IPMI commands only):

Enter SAC command directly.


(No confirmation prompt!)
or
Select IPMI command and
click.

A
AAA

Figure 139: Entering SAC or IPMI commands at the console.


IPMI command

Explanation

Power On

Switches the server on.

Power Off

Switches the server off.

Reset

Completely restarts the server (cold start), regardless of the status of


the operating system.

Power Cycle

Powers the server down completely and then powers it up again after
approximately 5 seconds.

Shutdown

Graceful shutdown and power off.

To close the connection to the console, click Leave Console.

iRMC

285

Console Redirection - BIOS Text Console

iRMC web interface

7.13.1.3 Text console redirection while the operating system is running


Depending on the operating system used on the managed server, you can
continue to use console redirection after the BIOS POST phase.
DOS

I Condition:
The BIOS setting for console redirection mode must be set to Enhanced
(see the section BIOS Text Console - Configure and start text console
redirection on page 277).
If the managed server starts the PRIMERGY ServerView Suite/diagnosis
software, you can operate PRIMERGY ServerView Suite/Diagnose/Diagnose
remote using console redirection.
For further information on PRIMERGY ServerView Suite/Diagnose, refer to the
RemoteView 5.0 manual.
Windows Server 2003
Windows Server 2003 handles console redirection automatically after the
POST phase. No further settings are necessary. While the operating system is
booting, the Windows Server 2003 SAC console is transferred:

Figure 140: Windows Server 2003 SAC console

286

iRMC

iRMC web interface

Console Redirection - BIOS Text Console

Linux
You must configure a Linux operating system in such a way that it handles
console redirection after the POST phase. Once it has been configured, you
have complete remote access.
Settings required
The settings may differ between program versions.
SuSe and RedHat
Add the following line to the end of the file /etc/inittab:
xx:12345:respawn:/sbin/agetty <baud-rate> ttyS0

RedHat
Insert the following kernel boot parameter in the file /etc/grub.conf:
console=ttyS0,<baud-rate> console=tty0

SuSE
Insert the following kernel boot parameter in the file /boot/grub/menu.lst :
console=ttyS0,<baud-rate> console=tty0

iRMC

287

Console Redirection - AVR

iRMC web interface

7.13.2 Advanced Video Redirection Start Advanced Video Redirection (AVR)


The Advanced Video Redirection page allows you to start graphical console
redirection. The Advanced Video Redirection feature redirects graphical
output from the managed server to the remote workstation and assigns
keyboard and mouse input from the remote workstation to the managed server
so that you can access the managed server from the remote workstation as if
you were working locally.
AVR can be used by two users simultaneously. One user has full control over
the server (full-control mode) and the other can only passively observe
keyboard and mouse operation of the server (view-only mode).

I In order to use the iRMC function Advanced Video Redirection, you require
a license key (see Load license key onto the iRMC. on page 192).
The AVR functionality is made available with a Java applet.

Figure 141: Advanced Video Redirection page

288

iRMC

iRMC web interface

Console Redirection - AVR

AVR Active Session Table - Show current AVR sessions


The AVR Active Session Table lists the currently active AVR sessions. If no AVR
session is currently active then the AVR Active Session Table is not displayed.
Local Monitor - Power up/down options for local server monitor

I This function is not supported by all PRIMERGY servers with iRMC.


The status of the local monitor on the managed server is shown under Local
Monitor (see section Local Monitor Off function on page 137).
In addition, you can configure:
that the local monitor can be switched on and off from the remote
workstation,
that the local monitor shuts down automatically for the duration of the AVR
session when an AVR session is started,

Figure 142: Advanced Video Redirection page - Local Monitor

iRMC

289

Console Redirection - AVR

iRMC web interface

Enable Local Monitor Off


This option allows you to activate the following options:
In full-control mode of an AVR session, you can switch the local
monitor on and off (AVR Extras menu, see page 148).
For users with administrator or OEM permissions, the toggle
button Turn Off / Turn On is also enabled. This also allows the local
monitor to be switched on and off (see figure 143).

Figure 143: Advanced Video Redirection page - Local Monitor On/Off

You can also configure that the local monitor is switched off
automatically for the duration of an AVR session when an AVR
session is started (see the Automatic Local Monitor Off when AVR is
started option on page 291).

I If no concurrent session with Local Monitor Off is active, the local

monitor is automatically switched on again when the AVR session


is closed.

290

iRMC

iRMC web interface

Console Redirection - AVR

Automatic Local Monitor Off when AVR is started

I This option only takes effect if Enable Local Monitor has been
activated.

If you activate this option, the local monitor is automatically switched off
for the duration of the session when an AVR session is started. After the
AVR session is closed, the local monitor is automatically switched on
again if no concurrent session with Local Monitor Off is active.

I Parallel AVR sessions:


Even if you switch on the local monitor during your AVR session
(in the AVR menu Extras or with the Turn On button), the local
monitor is automatically switched off again if a new, concurrent
AVR session is started.
The local monitor is switched on again automatically when all AVR
sessions have been closed.
Click the Apply button to activate your settings.

iRMC

291

Console Redirection - AVR

iRMC web interface

Video Redirection - Starting AVR


You start AVR under Video Redirection.

Figure 144: Advanced Video Redirection - Start AVR page

Click Start Video Redirection or Start Video Redirection (Java Web Start) to start
a (second) AVR session.
The Java applet for Advanced Video Redirection is started.
The Java applet shows the AVR window in view-only mode, and you are asked
whether you want to take full control of the managed server using AVR or
whether you wish to remain in the view-only mode.

Figure 145: AVR window (view-only mode)

292

iRMC

iRMC web interface

Console Redirection - AVR

Click OK to take over full control of the managed server. In this case, the
window for active use of AVR is opened (see figure 146).

I This places the currently active AVR session in view-only mode.

Users should agree among themselves what modes they are to use
in their sessions.

Click Cancel to remain in view-only mode.


If you have decided to actively use AVR, the following window appears, with
which you can log into the managed server.

Figure 146: AVR window (full-control mode)

The menus of the AVR window and the integrated special keys are described in
chapter Advanced Video Redirection on page 133.

iRMC

293

Console Redirection - AVR

iRMC web interface

The two active AVR sessions are shown as follows on the Advanced Video
Redirection page:

Figure 147: Advanced Video Redirection page when two AVR sessions are active

Disconnect
If you click Disconnect, a confirmation dialog box appears in which you
can close the AVR session to the left of the button.

I You can only close AVR sessions of other users with the

Disconnect button. To close your own session, choose Exit from the
Extras menu in the AVR window (see page 148).

294

iRMC

iRMC web interface

Console Redirection - AVR

The following window appears if the managed server is powered down:

Figure 148: AVR window when the server is powered down

iRMC

295

Remote Storage

7.14

iRMC web interface

Remote Storage

The Remote Storage feature provides the managed server with a virtual drive
which is physically located elsewhere in the network. The source for the virtual
drive can be a physical drive (floppy disk drive CD-ROM/DVD-ROM) or an ISO
image (image file).

I In order to use the iRMC function Remote Storage, you require a license
key (see page 194).

You can make the remote storage media available as follows:


As a physical drive or image file at the remote workstation (see page 156).
The image file may also be a network drive (with drive letter, e.g. D: for
drive D).
As an image file centrally in the network via a remote storage server (see
page 165).

I Parallel remote storage connections:


The following are possible concurrently:
either up to two Remote Storage connections to virtual drives at the
remote workstation (if the connection is established over the AVR
Java applet)
or
one Remote Storage connection to a Remote Storage server.
It is not possible to establish concurrent Remote Storage connections via
an applet and via the Remote Storage server.
The Remote Storage page allows you to display information on the status of the
current remote storage connections and establish the connection to a remote
storage server.

296

iRMC

iRMC web interface

Remote Storage

Figure 149: Remote Storage page

IP Address or DNS Name


Here you enter the IP address or DNS name of the computer on which a
remote storage server is installed.
Apply
Click the Apply button to save the remote storage servers IP address or
DNS name.
Connect
Click the Apply button to save the remote storage servers IP address or
DNS name and establish the connection to the remote storage server.

I Before it is possible to establish the connection to the remote

storage server the remote storage server must be installed and


running.

Disconnect
Click the Disconnect button to terminate the connection to the remote
storage server.

iRMC

297

Telnet / SSH access (Remote Manager)

7.15

iRMC web interface

Operating iRMC via Telnet/SSH


(Remote Manager)

A Telnet/SSH-based interface is available for the iRMC. This is known as the


Remote Manager. The alphanumeric user interface of the Remote Manager
provides you with access to system and sensor information, power
management functions and the error event log. You can also start text console
redirection and a SMASH CLP shell.
You can call the Remote Manager from the iRMC web interface as follows:
Use the iRMC SSH Access link to initiate an SSH (Secure Shell) encrypted
Telnet connection to the iRMC.
Use the iRMC Telnet Access link to initiate an unencrypted Telnet connection
to the iRMC.

I Maximum number of parallel sessions:


Telnet: up to 4
SSH: up to 2
Telnet and SSH in total: up to 4
Operation of the iRMC using the Remote Manager is described in chapter
iRMC via Telnet/SSH (Remote Manager) on page 303.
Requirements on the managed server
Access via Telnet must be activated for the iRMC (see the section Ports and
Network Services - Configuring ports and network services on page 239).

I Access via the Telnet protocol is deactivated by default for security


reasons, as passwords are transmitted in plain text.

298

iRMC

iRMC web interface

Telnet / SSH access (Remote Manager)

Establishing an SSH/Telnet connection and logging into the Remote


Manager

I If the screen displays for SSH and Telnet connections differ only with

respect to the connection-specific information displayed, the display for


an SSH connection is shown below.

In the navigation bar, click on the link iRMC SSH Access (SSH) or iRMC Telnet
Access (Telnet).
The Java applet for the SSH or Telnet connection is started and the following
window is displayed (in this case using the example of an SSH connection):

Figure 150: Establishing an SSH connection to the iRMC

iRMC

299

Telnet / SSH access (Remote Manager)

iRMC web interface

In the connection bar, click Connect.


As soon as the connection to the iRMC has been established, you are
requested to enter the user name and password.
Logging into the Remote Manager over an SSH connection

I If the host key of the managed server is not yet registered at the
remote workstation, the SSH client issues a security alert with
suggestions on how to proceed.

The following login window is displayed:

Figure 151: SSH connection: Logging in to the Remote Manager

Enter your user name and password and confirm your entries by
clicking Login.
The main menu of the Remote Manager is then displayed (see figure
153 on page 302).

300

iRMC

iRMC web interface

Telnet / SSH access (Remote Manager)

Logging into the Remote Manager over a Telnet connection


The Remote Manager login window is displayed:

Figure 152: Telnet connection: Logging in to the Remote Manager

I Depending on whether ServerView agents have already been

started at some point on the system, the login window is shown


with or without system information (see page 308).

Enter your user name and password and confirm your entries by
pressing [Enter].
The main menu of the Remote Manager is then displayed (see
figure 153).

iRMC

301

Telnet / SSH access (Remote Manager)

iRMC web interface

Figure 153: Main menu of the Remote Manager

Closing a Telnet/SSH connection


Close the connection to the Remote Manager by clicking the Disconnect
button in the connection bar of the Remote Manager window or by pressing
the [0] key in the main menu of the Remote Manager (see figure 153).

302

iRMC

iRMC via Telnet/SSH


(Remote Manager)

A Telnet-based interface is available for the iRMC. This is known as the Remote
Manager. You can call the Remote Manager over the following interfaces:
iRMC web interface (see page 298)
any Telnet/SSH client
ServerView Remote Management Frontend
The iRMC supports secure connections over SSH (Secure Shell). The Remote
Manager interface is identical for Telnet and SSH connections. In principle, any
Telnet/SSH client that interprets VT100 sequences can be used to access the
iRMC. It is nevertheless recommended that the iRMC web interface or the
ServerView Remote Management Frontend (referred to below simply as the
Remote Management Frontend) be used.

I Maximum number of parallel sessions:


Telnet: up to 4
SSH: up to 2
Telnet and SSH in total: up to 4
Requirements on the managed server
Access via Telnet must be activated for the iRMC (see the section Ports and
Network Services - Configuring ports and network services on page 239).

I Access via the Telnet protocol is deactivated by default for security


reasons, as passwords are transmitted in plain text.
I Since ServerView does not know the value of the management port, the
Remote Management Frontend uses the default value.

Since a connection is not automatically established when the Remote


Management Frontend is started, you can correct any nonstandard value
for the management port after the Remote Management Frontend has
been started.

iRMC

303

Operating the iRMC using the Remote Management Frontend

8.1

Operating the iRMC using the ServerView


Remote Management Frontend

You will find detailed information on establishing a connection to the iRMC using
the Remote Management Frontend and on the work environment of the Remote
Management Frontend in the ServerView Remote Management Frontend
manual.

304

iRMC

Telnet/SSH - Remote Managerr

8.2

... operating

Remote Manager

This section describes operation of the iRMC from the Remote Manager and the
various functions in detail. The end of the section also provides a brief overview
of SMASH CLP.

8.2.1

Operating Remote Manager

Operation of Remote view is described on the basis of the example in


figure 154, which shows an excerpt from the main menu of the Remote
Manager.

Figure 154: Operating the Remote Manager

Select the required menu item by entering the number or letter which
precedes the menu item, e.g. c for Change password.
Functions that the user is not permitted to use are indicated by a dash (-)
and functions that are not available are indicated by an asterisk (*).
Press [0] or the key combination [Ctrl] [D] to close the Remote Manager. An
appropriate event will be written to the event log.

iRMC

305

Overview of menus

8.2.2

Telnet/SSH - Remote Manager

Overview of menus

The Remote Manager menu for the iRMC has the following structure:

System Information
Chassis Information
Mainboard Information
OS and SNMP Information

Power Management
Immediate Power Off
Immediate Reset
Power Cycle
Power on
Graceful Power Off (Shutdown)
Graceful Reset (Reboot)

Enclosure Information
System Event-Log
View System Event-Log (text, newest first)
View System Event-Log (text, oldest first)
Dump System Event-Log (raw, newest first)
Dump System Event-Log (raw, oldest first)
View System Eventlog Information
Clear System Event-Log
Temperature
Voltages/Current
Fans
Power Supplies
Door Lock
CPU Sensors

306

iRMC

Telnet/SSH - Remote Manager

Overview of menus

Component Status (Lightpath)


List All Sensors

Service Processor
Configure IP Parameters
List IP Parameters
Toggle Identify LED
Reset iRMC (Warm reset)
Reset iRMC (Cold reset)

Change password

Console Redirection (EMS/SAC)

Start a Command Line shell

iRMC

307

Logging in

8.2.3

Telnet/SSH - Remote Manager

Logging in

As soon as a connection to the iRMC has been established, the login window
of the Remote Manager (Telnet/SSH window) is displayed at the terminal client
at the remote workstation.
Depending on whether ServerView agents have already been started at some
point on the system, the login window is shown with or without system
information.

I When logging in over an SSH connection: If the host key of the managed
server is not yet registered at the remote workstation, the SSH client
issues a security alert with suggestions on how to proceed.

Figure 155: Remote Manager: Login window (with system information)

308

iRMC

Telnet/SSH - Remote Manager

Logging in

Figure 156: Remote Manager: Login window (without system information)

The Remote Manager window contains information on the affected PRIMERGY


system. This information identifies the server and indicates its operating status
(Power Status). Some details (e.g. the System Name) are only shown for
servers and only if the server is configured appropriately.
In order to be able to use the Remote Manager, you must log in with a user
name and a password.
Then an appropriate event will be written to the Event log and the relevant
main menu of the Remote Manager displayed (see section Main menu of
the Remote Manager on page 310).
You can terminate the login process at any time using [Ctrl][D].

iRMC

309

Main menu

8.2.4

Telnet/SSH - Remote Manager

Main menu of the Remote Manager

Figure 157: Remote Manager: Main menu window

310

iRMC

Telnet/SSH - Remote Manager

Main menu

The main menu of the Remote Manager provides the following functions:
System Information...

View information on the managed


server
(see section System Information Information on the managed server
on page 314).

Power Management...

Power the server up or down.


(see section Power Management on
page 315).

Enclosure Information...

Request information on the current


system status, e.g. check error and
event messages from the error log
and event log (temperature, fan, etc.)
(see section Enclosure Information System event log and status of the
sensors on page 317).

Service Processor...

Configure the iRMC (e.g. update


firmware or change IP address)
(see section Service processor - IP
parameters, identification LED and
iRMC reset on page 321).

Change password

Change the password


(see section Change the password
on page 313).

Console Redirection (EMS/SAC)

Text console redirection


(see section Console Redirection
(EMS/SAC) - Start text console
redirection on page 322).

Start a Command Line shell...

Start a Command Line Shell (see


section Start a Command Line shell...
- Start a SMASH CLP shell on
page 323)

Table 8: Main menu of the Remote Manager

iRMC

311

Required permissions

8.2.5

Telnet/SSH - Remote Manager

Required user permissions

table 9 provides an overview of the user permissions which are required in order
to use the individual Remote Manager functions.

Power Management...

Enclosure Information

X
X

System Eventlog - View/Dump System Eventlog

System Eventlog - Clear System Eventlog

Sensor overviews (Temperature, Fans ...)

Service Processor...
Service Processor... - Toggle Identify LED

Remote Storage Enabled

Video Redirection Enabled

User

Configure iRMC Settings

Operator

System Information...

Required
permission

Configure User Accounts

Administrator

Permitted with
IPMI privilege
level

OEM

Remote Manager menu items

X
X

Service Processor... - List/Configure IP Parameters

Service Processor... - Reset iRMC (warm/cold reset)

X
X

Change Password
Console Redirection (EMS/SAC)

Start a command Line shell...

Table 9: Permissions to use the Remote Manager menus

312

iRMC

Telnet/SSH - Remote Manager

8.2.6

Change the password

Change the password

The Change password menu item allows a user with the privilege Configure User
Accounts (see page 60) to change their own password or the passwords of other
users.

iRMC

313

System Information

8.2.7

Telnet/SSH - Remote Manager

System Information Information on the managed server

The following menu appears if you choose System Information... from the main
menu:

Figure 158: Remote Manager: System Information window

The submenu contains the following functions:


Chassis Information

Information on the chassis of the managed server


and its product data.

Mainboard Information

Information on the mainboard of the managed


server and its product data.

OS and SNMP
Information

Information on the operating system and the


ServerView version of the managed server and on
the SNMP settings.

Table 10: System Information menu

314

iRMC

Telnet/SSH - Remote Manager

8.2.8

Power Management

Power Management

The following menu appears if you choose Power Management... from the main
menu:

Figure 159: Remote Manager: Power Management window

iRMC

315

Power Management

Telnet/SSH - Remote Manager

The submenu contains the following functions:


Immediate Power Off

Powers the server down, regardless of the status of


the operating system.

Immediate Reset

Completely restarts the server (cold start),


regardless of the status of the operating system.

Power Cycle

Powers the server down completely and then


powers it up again after a configured period.

Power On

Switches the server on.

Graceful Power Off


(Shutdown)

Graceful shutdown and power off.


This menu item is only available if ServerView
agents are installed and signed onto the iRMC as
Connected.

Graceful Reset (Reboot)

Graceful shutdown and reboot.


This menu item is only available if ServerView
agents are installed and signed onto the iRMC as
Connected.

Table 11: Power Management menu

316

iRMC

Telnet/SSH - Remote Manager

8.2.9

Enclosure Information

Enclosure Information System event log and status of the sensors

The following menu appears if you choose Enclosure Information... from the main
menu:

Figure 160: Remote Manager: Enclosure Information window

iRMC

317

Enclosure Information

Telnet/SSH - Remote Manager

The submenu contains the following functions:


System Eventlog

Call the System Eventlog menu (see the section System


Eventlog on page 319).

Temperature

Display information on the temperature sensors and


their status.

Voltages/Current

Display information on the voltage and current sensors


and their status.

Fans

Display information on the fans and their status.

Power Supplies

Display information on the power supplies and their


redundancy status.

Door Lock

Display information on whether the front panel or


housing are open.

CPU Sensors

Localize the processors of the server.

Component Status

Display detailed information on all sensors that have a


PRIMERGY diagnostic LED.

List All Sensors

Display detailed information on all sensors.

Table 12: Enclosure Information menu

318

iRMC

Telnet/SSH - Remote Manager

Enclosure Information

System Eventlog
The following menu appears if you select System Eventlog from the Enclosure
Information... submenu:

Figure 161: Remote Manager: System Eventlog window

iRMC

319

Enclosure Information

Telnet/SSH - Remote Manager

The submenu contains the following functions:


View System Eventlog
(text, newest first)

The contents of the Event log are output to screen in a


readable form and in chronological order (the most
recent entry first).

View System Eventlog


(text, oldest first)

The contents of the Event log are output to screen in a


readable form and in reverse chronological order (the
oldest entry first).

Dump System Eventlog The contents of the Event log are dumped in
(raw, newest first)
chronological order (the most recent entry first).
Dump System Eventlog The contents of the Event log are dumped in reverse
(raw, oldest first)
chronological order (the oldest entry first).
View System Eventlog
Information

Display information on the event log.

Clear System Eventlog

Clear the contents of the event log.

Table 13: System Eventlog menu

320

iRMC

Telnet/SSH - Remote Manager

Service Processor

8.2.10 Service processor - IP parameters, identification


LED and iRMC reset
The following menu appears if you choose Service Processor... from the main
menu:

Figure 162: Remote Manager: Service Processor window

iRMC

321

Console Redirection (EMS/SAC)

Telnet/SSH - Remote Manager

The submenu contains the following functions:


Configure IP Parameters

Configure the IP address, subnet mask and default


gateway. You can also specify whether DHCP is to
be activated

List IP Parameters

Display the IP settings.

Toggle Identify LED

Switch the PRIMERGY identification LED on/off.

Reset iRMC
(warm reset)

Reset the iRMC. The connection is closed.


Only the interfaces are re-initialized.

Reset iRMC
(cold reset)

Reset the iRMC. The connection is closed.


The entire iRMC is re-initialized.

Table 14: Service Processor menu

I It is recommended that you restart the server after Reset iRMC (Cold
Reset) or Reset iRMC(Warm Reset) (see page 210).

8.2.11 Console Redirection (EMS/SAC) Start text console redirection


You can start console redirection with the Console Redirection (EMS/SAC) item
from the main menu.

I Text-based console redirection only works over the LAN with Serial 1.
If console redirection is also to be used while the operating system is
running, the Serial 1 Multiplexer must be set to System.

322

iRMC

Telnet/SSH - Remote Manager

Start a Command Line shell...

8.2.12 Start a Command Line shell... Start a SMASH CLP shell


Start a Command Line shell... in the main menu allows you to start a SMASH CLP
shell. SMASH CLP stands for Systems Management Architecture for Server
Hardware Command Line Protocol. This protocol permits a Telnet- or SSHbased connection between the management station and the managed server.
For further details on SMASH CLP, please refer to section Command Line
Protocol (CLP) on page 324.
When you select (s) Start a Command Line shell... from the main menu, the
following window appears:

Figure 163: Remote Manager: Start a SMASH CLP shell... window

Choose (1) Start a SMASH CLP shell... to start the SMASH CLP shell.

iRMC

323

Command Line Protocol (CLP)

Telnet/SSH - Remote Manager

8.2.13 Command Line Protocol (CLP)


The iRMC supports various text-based user interfaces, known as user shells,
which can be configured differently for individual users.
The System Management Architecture for Server Hardware (SMASH) initiative
defines a number of specifications with the following objectives:
Provision of standardized interfaces for managing heterogeneous computer
environments,
Provision of an architecture framework with uniform interfaces, hardware
and software discovery, resource addressing and data models.
You can find further information on SMASH under the following link:
http://www.dmtf.org/standards/smash
SMASH CLP syntax
SMASH CLP specifies a common command line syntax and message protocol
semantics for managing computers on the Internet and in enterprise and
service provider environments. You can find detailed information on SMASH
CLP in the DMTF document Server Management Command Line Protocol
Specification (SM CLP) DSP0214.
The general syntax of the CLP is as follows:
<verb> [<options>] [<target>] [<properties>]

<verb>
Verbs specify the command or action to be executed. The list of verbs
describes the following activities, for instance:
Establish (set) and retrieve (show) data,
Change the status of a target (reset, start, stop),
Manage the current session (cd, version, exit),
Return information on commands (help).
In iRMC systems, the verb oemfujitsu also allows the use of special OEM
commands.

324

iRMC

Telnet/SSH - Remote Manager

Command Line Protocol (CLP)

<options>
Command options modify the action or the behavior of a verb. Options
can immediately follow the verb in a command line and must always be
introduced by a dash ("-").
Options allow you to, for instance,
define the output format,
permit recursive execution of a command,
display the version of a command or
request help.
<target>
<target> specifies the address or the path of the object to be manipulated
by the command, i.e. the target of the command. This can be a single
managed element such as a hard disk, a network adapter (Network
Interface Card, NIC), or the management program (Management
Assistance Program, MAP) itself. Targets can, however, also be services
such as a transport service.
Several managed elements which can be managed by the management
program can be subsumed under a single <target>, for instance the
entire system.
Only one <target> may be specified for each command.
<properties>
<properties> describe the properties of the target of the command which
are required to execute the command. Thus, <properties> identify the
properties of the targets class that are to be retrieved or modified by the
command.

iRMC

325

Command Line Protocol (CLP)

Telnet/SSH - Remote Manager

User data in the CLP (overview)


Data within the CLP is structured hierarchically. The command cd allows you to
navigate within this structure.
An overview of the user data in the CLP is shown in figure 164. The names in
rectangles indicate command targets. On every level of the hierarchy, the
command/verb show displays the available targets, properties and verbs.

/./root

system 1

map 1

log 1

record 1

firmware

record n

user 1

accounts

nic 1

oemsensors

oemsefru

user 16

Figure 164: Structure of the user data in SMASH CLP

Hierarchy of the CLP commands


An overview of the CLP command hierarchy is shown in table 15 on page 327.

326

iRMC

Telnet/SSH - Remote Manager

Command Line Protocol (CLP)

Table 15: Hierarchy of the CLP commands

iRMC

327

Configuring iRMC using the


Server Configuration Manager

This chapter describes how to use the ServerView Configuration Manager to


configure the iRMC (as of page 342),
configure and manage user IDs at the iRMC (as of page 357).
configure the Directory Service at the iRMC (as of page 362).
You can configure the iRMC either locally on the managed server or from the
remote workstation via the ServerView Operations Manager (referred to simply
as the Operations Manager below).

I Requirements:
The current ServerView agents must be installed on the managed server.
The Server Configuration Manager functions can be accessed in the following
ways:
Locally at the managed server by means of the ServerView Installation
Manager (referred to below simply as the Installation Manager).
Locally on managed Windows-based servers using the Windows Start
menu.

I This function is only supported for servers on which the ServerView


agents for Windows are installed.

On the remote workstation using the graphical interface of the Operations


Manager.

I This function is only supported for servers on which the ServerView


agents for Windows are installed.

iRMC

329

Starting system configuration

9.1

Server Configuration Manager

Starting system configuration

This section describes how to call the Server Configuration Manager from the
ServerView Installation Manager, the Windows Start menu and the ServerView
Operations Manager.

I The user interfaces of the individual Server Configuration Manager


variants differ slightly in terms of their layout, but are functionally
identical.

In the description of the Server Configuration Manager dialog boxes for


configuring the iRMC (see page 342ff), the dialog boxes of the Server
Configuration Manager variant called from Operations Manager are
depicted.

9.1.1

Calling the Server Configuration Manager from the


Installation Manager

You can also call the Server Configuration Manager from the Installation
Manager. Configuration via the Installation Manager is of significance when
installing the server. The Installation Manager makes the Server Configuration
Manager available both during preparation for installation and as a separate
maintenance program. The Installation Manager is described in the manual
ServerView Installation Manager.

330

iRMC

Server Configuration Manager

9.1.2

Starting system configuration

Calling the Server Configuration Manager from the


Windows Start menu

On Windows-based servers, you can also call the Server Configuration


Manager via the Windows Start menu.
To do this, proceed as follows:
On the managed server, select:
Start All Programs Fujitsu ServerView Agents Configuration Tools
System Configuration.
The System Configuration window opens:

Figure 165: System Configuration window

Accept the preset values.


Click OK.
The tab view of the System Configuration window opens.
You can scroll to the left and right through the tabs by clicking the arrows next
to the tabs.

iRMC

331

Starting system configuration

Server Configuration Manager

Applying settings
To apply the settings made in the individual tabs, proceed as follows for each
tab:
Click the Apply button.
Click the Save Page button.
The iRMC automatically reboots to activate the changed settings.

332

iRMC

Server Configuration Manager

9.1.3

Starting system configuration

Calling the Server Configuration Manager from the


Operations Manager

The Server Configuration Manager dialog boxes for configuring the iRMC are
also available from the graphical user interface of the Operations Manager. This
allows you to configure the iRMC of the managed server from the remote
workstation via a Web interface.
Proceed as follows:
Start the Operations Manager (refer to the manual PRIMERGY ServerView
Suite Operations Manager).
The start window of the Operations Manager opens:

iRMC

333

Starting system configuration

Server Configuration Manager

Figure 166: Operations Manager: Start window

Choose Server Configuration from the Administration menu of the Operations


Manager start window.
This opens the following window (see figure 167 on page 335):

334

iRMC

Server Configuration Manager

Starting system configuration

Figure 167: Operations Manager: Server Configuration window - Server list (1) tab

In the hierarchy tree of the Server list tab, select the server to be configured.
This opens the following window (see figure 168 on page 336):

iRMC

335

Starting system configuration

Server Configuration Manager

Figure 168: Operations Manager: Server Configuration window - Server list (2) tab

In the right-hand side of the window, specify the details on the selected
server and confirm your entries by clicking GO.....
The following window appears, showing the Restart Options page (see figure
169 on page 337):

336

iRMC

Server Configuration Manager

Starting system configuration

Figure 169: Operations Manager: Server Configuration window - Configuration tab

In the navigation area, click the required functions. The associated dialog
page then appears in the right-hand side of the window.

I This manual only describes those dialog pages which are relevant for
configuring the iRMC and for user management on the iRMC.

Configure the settings you require and save them with Save Page or with Save
all.

I Activate the configured settings for each server either separately for
each dialog page with Save Page or after you have completed the
entire configuration with Save all.

Choose Reload Page or Reload all to reset the settings to the original
values.

I After you have completed configuring a server, you can select further
servers for configuration in the Server list tab.

iRMC

337

ASR&R Fan Settings

9.2

Server Configuration Manager

ASR&R Fan Settings

The ASR&R Fan Settings dialog page shows comprehensive information on the
fans of the managed server. For each fan, you can also specify whether the
server is to be shut down if that fan fails.
Choose ASR&R Fan Settings.

Figure 170: ASR&R Fan Settings dialog page

Configure the following settings:


Fail Action
Specify whether the server is to be shut down if the corresponding fan
fails.
Continue
The server is not shut down.
Shutdown
The server is shut down if the fan is still faulty after the time
specified in Action Delay (sec) has elapsed.
Action Delay (sec)
If you select Shutdown under Fail Action, you can specify a time
delay here.

338

iRMC

Server Configuration Manager

ASR&R Fan Settings

The server is shut down if the relevant fan is still faulty after the
specified time has elapsed.

I If you do not enter a value, the server is shut down immediately


after the fan fails.

Set fail action for all fans


Here you can specify for all fans whether the server is to be shut down
if any fan fails.
Continue
The server is shut down.
Shutdown
The server is shut down if the failed fan is still faulty after the
time specified in Action Delay (sec) has elapsed.

iRMC

339

ASR&R Temperature Settings

9.3

Server Configuration Manager

ASR&R Temperature Settings

The ASR&R Temperature Settings dialog page shows comprehensive information


on the temperature sensors of the managed server. For each sensor, you can
also specify whether the server is to be shut down if critical temperature
thresholds are reached.
Choose ASR&R Temperature Settings.

Figure 171: ASR&R Temperature Settings dialog page

Configure the following settings:


Fail Action
Specify whether the server is to be shut down if a critical temperature
threshold is reached on the selected sensor.
Continue
The server is not shut down.
Shutdown
The server is shut down.

340

iRMC

Server Configuration Manager

ASR&R Temperature Settings

Set fail action for all fans


Here you can specify for all temperature sensors whether the server
is to be shut down if the critical temperature is reached on any
temperature sensor.
Continue
The server is not shut down.
Shutdown
The server is shut down.

iRMC

341

iRMC LAN Interface

9.4

Server Configuration Manager

iRMC LAN Interface - Configuring the LAN


parameters of the iRMC

The iRMC LAN Interface dialog page is used to configure the LAN settings
(Ethernet settings) for the iRMC.

V CAUTION!
Contact the network administrator responsible for the system before you
change the LAN settings.
If you make illegal LAN settings for the iRMC you will only be able to
access the iRMC again using special configuration software, the serial
interface or via the BIOS.
Choose iRMC LAN Interface.

Figure 172: iRMC LAN Interface dialog page

342

iRMC

Server Configuration Manager

iRMC LAN Interface

Configure the following settings:


Obtain an IP address automatically (Use DHCP)
If you enable Obtain an IP address automatically (Use DHCP), the iRMC
gets its LAN settings autonomously from a DHCP server on the
network. In this case, the values for IP address, Subnet mask, and
Default Gateway are set automatically.

I Do not activate the DHCP option if no DHCP server is

available. If you activate the DHCP option and there is no


DHCP server available, the iRMC goes into a search loop (i.e.
it constantly searches for a DHCP server).
You can specify that the DHCP and DNS services are to be
used after initial installation in the following dialog pages:
iRMC DHCP DNS Configuration (see page 347) and
iRMC DNS Server Configuration (see page 349) or
by configuring this in the iRMC web interface (see section
Network Settings - Configure the LAN parameters on
page 235).
By default, the following name is passed to the DHCP server
on initial installation of the iRMC: iRMC<last 3 bytes of the MAC
address>.

IP Address
The address of the iRMC in the LAN. This address is different from
the IP address of the managed server.

I This entry is only evaluated if DHCP is not activated (see


Obtain an IP address automatically (Use DHCP)).

Subnet Mask
Subnet mask of the iRMC in the LAN.

I This entry is only evaluated if DHCP is not activated (see


Obtain an IP address automatically (Use DHCP)).

Default Gateway
IP address of the default gateway in the LAN.

I This entry is only evaluated if DHCP is not activated (see


Obtain an IP address automatically (Use DHCP)).

iRMC

343

iRMC LAN Interface

Server Configuration Manager

LAN Speed
LAN speed. The following options are available:

Auto Negotiation
100 MBit/s Full Duplex
100 MBit/s Half Duplex
10 MBit/s Full Duplex
10 MBit/s Half Duplex

If Auto Negotiation is selected, the onboard LAN controller assigned to


the iRMC autonomously determines the correct transfer speed and
duplex method for the network port it is connected to.
VLAN enabled
This option allows you to activate VLAN support for the iRMC
VLAN ID
VLAN ID of the virtual network (VLAN) the iRMC belongs to.
Permitted value range: 1 VLAN Id 4094.
VLAN Priority
VLAN priority (user priority) of the iRMC in the VLAN specified by
VLAN Id.
Permitted value range: 0 VLAN Priority 7 (default: 0).

344

iRMC

Server Configuration Manager

9.5

iRMC Networking Ports

iRMC Networking Ports Configuring ports and network services

The iRMC Networking Ports dialog page allows you to view and modify the
configuration settings for ports and network services.

V CAUTION!
Configuration is not supported for ports where the input fields are
deactivated in the iRMC web interface (see page 239). It is only possible
to verify whether the ports can be configured using the iRMC Web
interface. The preset values must not be changed using the Server
Configuration Manager during initial configuration.
Select the iRMC Networking Ports dialog page.

Figure 173: iRMC Networking Ports dialog page

Configure the following settings:


HTTP Port
HTTP port of the iRMC (non-secure connection)

iRMC

345

iRMC Networking Ports

Server Configuration Manager

HTTPS Port
HTTPS port of the iRMC (secure connection)
Force HTTPS
If you disable the Force HTTPS option, users can only establish a nonsecure connection to the iRMC on the HTTP port specified in the
entry field.
If you enable the Force HTTPS option, users can establish a secure
connection to the iRMC on the HTTPS port specified in the entry field.

I You can also configure web access in the iRMC web interface.
If the SSL certificate has expired, a message to this effect is
issued in the web browser.

SSH Port
SSH port of the iRMC
Video Ports - Standard Port
Video port of the iRMC, hard-configured (port number: 5903).
Video Ports - Secure Port
Secure video port of the iRMC, hard-configured (port number: 5913).
VNC Ports - Standard Port
VNC port of the iRMC
VNC Ports - Secure Port
Secure VNC port of the iRMC
Remote Storage Ports - Standard Port
Remote storage port of the iRMC
Telnet enabled
If you enable the Telnet Enabled option, users can establish a
connection to the iRMC on the Telnet port specified in the entry field.
Drop Time (sec)
Period of inactivity (in seconds) after which a Telnet connection is
automatically cleared.
Telnet Port
Telnet port of the iRMC. This input field is only displayed if Telnet
enabled is activated.

346

iRMC

Server Configuration Manager

9.6

iRMC DNS Registration

iRMC DNS Registration Configuring the host name for the iRMC

The iRMC DNS Registration dialog page allows you to configure a host name for
the iRMC and thus use dynamic DNS. Dynamic DNS allows DHCP servers to
autonomously pass on the IP address and system name of a network
component to DNS servers to facilitate identification.
Choose iRMC DNS Registration.

Figure 174: iRMC DNS Registration dialog page

Configure the following settings:


Register DHCP address in DNS
Enables/disables transfer of the DHCP name to the DHCP server for
the iRMC.
Add serial number
The last 3 bytes of the MAC address of the iRMC are appended to the
end of the DHCP name of the iRMC.

iRMC

347

iRMC DNS Registration

Server Configuration Manager

Use user defined iRMC name instead of host name


The iRMC name specified in the iRMC Name entry field is used for the
iRMC instead of the server name.
iRMC Name
iRMC name passed to DHCP for the iRMC in place of the server
name.
Add user defined extension
The extension specified in the Extension entry field is appended to the
DHCP name of the iRMC.
Extension
Enter a name extension for the iRMC.

348

iRMC

Server Configuration Manager

9.7

iRMC DNS Server

iRMC DNS Server Activating DNS for the iRMC

The iRMC DNS Server dialog page allows you to activate the Domain Name
Service (DNS) for the iRMC. This allows you to use symbolic DNS names
instead of IP addresses for configuring the iRMC.
Choose iRMC DNS Server.

Figure 175: iRMC DNS Server

Configure the following settings:


DNS enabled
Enables/disables DNS for the iRMC.
Obtain DNS configuration from DHCP
If you activate this option, the IP addresses of the DNS servers are
obtained automatically from the DHCP server.
In this event, up to five DNS servers are supported.
If you do not enabled this setting, you can enter up to five DNS server
addresses manually under DNS-Server 1 - DNS-Server 5.

iRMC

349

iRMC DNS Server

Server Configuration Manager

DNS Domain
If the option Obtain DNS configuration from DHCP is disabled, specify
the name of the default domain for requests to the DNS server(s).
DNS Server 1 .. 5
If the Obtain DNS configuration from DHCP option is disabled, you can
enter the names of up to five DNS servers here.

350

iRMC

Server Configuration Manager

9.8

iRMC EMail Alerting

iRMC EMail Alerting Configuring email forwarding

The iRMC EMail Alerting dialog page allows you to configure how the iRMC
forwards emails.
Choose iRMC EMail Alerting.

Figure 176: iRMC EMail Alerting dialog page

Configure the following settings:


Enable email alerting
Activate this option.
SMTP Settings
This is where you configure the global email settings.
SMTP Retries
Number of SNMP retries.
SMTP Retry Delay (sec)
Time between SNMP retries.

iRMC

351

iRMC EMail Alerting

Server Configuration Manager

Response Timeout (sec)


Timeout (in seconds) for an SMTP response.
Primary SMTP Server
This is where you configure the settings for the primary mail server (SMTP
server).
SMTP Server
IP address of the primary mail server

I You can activate the Domain Name Service (DNS) for the

iRMC (see iRMC DNS Server - Activating DNS for the iRMC
on page 349). You can then use a symbolic name instead of
the IP address.

SMTP Port
SMTP port of the primary mail server
Authentication Type
Authentication type for connecting the iRMC to the primary mail
server:
None
No authentication for the connection.
SMTP AUTH (RFC 2554)
Authentication according to RFC 2554: SMTP Service Extension
for Authentication
Authentication User Name
User name for authentication on the primary mail server
Password
Enter the password for authentication on the primary mail server.
Confirm Password
Enter the password again here.

352

iRMC

Server Configuration Manager

iRMC EMail Alerting

Secondary SMTP Server


This is where you configure the settings for the secondary mail server
(SMTP server).
SMTP Server
IP address of the secondary mail server

I You can activate the Domain Name Service (DNS) for the

iRMC (see iRMC DNS Server - Activating DNS for the iRMC
on page 349). You can then use a symbolic name instead of
the IP address.

SMTP Port
SMTP port of the secondary mail server
Authentication Type
Authentication type for connecting the iRMC to the secondary mail
server:
None
No authentication for the connection.
SMTP AUTH (RFC 2554)
Authentication according to RFC 2554: SMTP Service Extension
for Authentication
Authentication User Name
User name for authentication on the secondary mail server
Password
Enter the password for authentication on the secondary mail server.
Confirm Password
Enter the password again here.

iRMC

353

iRMC Mail Format Settings

9.9

Server Configuration Manager

iRMC Mail Format Settings Mail-format-dependent settings

The iRMC Mail Format Settings dialog page allows you to configure the mailformat-dependent settings. You specify the mail format for each user using the
iRMC User Management dialog page in the Edit existing user window (see
page 358).
The following email formats are supported:

Standard
Fixed Subject
ITS-Format
Fujitsu REMCS Format

Choose iRMC Mail Format Settings.

Figure 177: iRMC Mail Format Settings dialog page

354

iRMC

Server Configuration Manager

iRMC Mail Format Settings

Configure the following settings. (Some entry fields are disabled depending
on the mail format):
From
Sender identification iRMC.
Active for all mail formats.

I If the string entered here contains an @, the string is

interpreted as a valid email address. Otherwise, admin@<ipaddress> is used as the valid email address.

Subject
Fixed subject for the alert mails.
Only active for the Fixed Subject mail format (see page 360).
Message
Type of message (email).
Only active for the Fixed Subject mail format (see page 360).
Administrator Name
Name of the administrator responsible (optional).
Only active for the ITS mail format (see page 360).
Administrator Phone
Phone number of the administrator responsible (optional).
Only active for the ITS mail format (see page 360).
REMCS Id
This ID is an additional server ID, similar to the serial number.
Only active for the mail format Fujitsu REMCS-Format (see
page 360).
Server URL
A URL under which the server is accessible under certain conditions.
You have to enter the URL manually.
Only active for the Standard mail format (see page 360).

iRMC

355

iRMC SNMP Alerting

9.10

Server Configuration Manager

iRMC SNMP Alerting Configuring SNMP alerting

The iRMC SNMP Alerting dialog page allows you to view and configure the
settings for SNMP trap alerting.

I Forwarding of SNMP traps to up to seven SNMP servers is supported.


Choose iRMC SNMP Alerting.

Figure 178: iRMC SNMP Alerting dialog page

Configure the following settings:


SNMP Community Name
Name of the SNMP community.
SNMP Trap Destinations (Host name or IP address)
DNS names or IP addresses of the servers that belong to this
community and are to be configured as Trap Destinations.

356

iRMC

Server Configuration Manager

9.11

iRMC User Management

iRMC User Management Local user management on the iRMC

The iRMC User Management dialog page allows you to configure the local user
management settings for the iRMC.
The dialog page contains a table showing all the configured users: Each line
contains the data for one configured user.

I User management on the iRMC requires Configure User Accounts


permission.
I User ID 1 (null user) is reserved for the IPMI standard and is therefore
unavailable for user management on the iRMC.

Choose iRMC User Management.

Figure 179: iRMC User Management dialog page

To delete a user, first select the user (by selecting the corresponding
line), then click the Delete... button and confirm that you want to delete the
user.

iRMC

357

iRMC User Management

Server Configuration Manager

Double-click on a line for which the user ID is not yet assigned to any user
(empty line) or select such a line and click the Modify ... button to open an
empty Edit existing user window (containing default settings), in which you
can configure a new user (see figure 180).
Double-click on a line for a specific user or select a user and click the
Modify ... button to open the Edit existing user window, in which you can
view and/or modify the settings for this user (see figure 180).

Figure 180: Dialog page in the Edit existing user window

Account enabled
Disable this option to lock the user.

358

iRMC

Server Configuration Manager

iRMC User Management

Account Data
This is where you configure the access data for the user.
User Name
Enter the name of the user.
User Description
Additional information on the user.
Password
Enter the user password.
Confirm Password
Confirm the password by entering it again here.
User Privileges
This is where you configure the channel-specific user privileges as well
as other permissions.
LAN
Assign a privilege group for a LAN channel to the user here.
The following options are available:

User
Operator
Administrator
OEM

Refer to section User permissions on page 60 for information on


the permissions associated with the privilege groups.
Serial
Assign a privilege group for a serial channel to the user here: The
same privilege groups are available as for LAN Privilege.
Can configure users
Permission to configure local user access data.
Can configure iRMC
Permission to configure the iRMC settings.
Can use video redirection
Permission to use Advanced Video Redirection (AVR) in View
Only and Full Control mode.
Can use remote storage
Permission to use the Remote Storage functionality.

iRMC

359

iRMC User Management

Server Configuration Manager

User Shell
Select the user shell here.
Shell
Select the desired user shell here.
The following options are available:
SMASH CLP
See section Start a Command Line shell... - Start a SMASH
CLP shell on page 323.
Remote Manager
See chapter iRMC via Telnet/SSH (Remote Manager) on
page 303.
IPMI Basic Mode
IPMI Terminal Mode
None
EMail Paging Settings
This is where you configure the settings governing the email format and
the global email settings.
Format
Depending on the selected email format, you can make a number
of settings in the iRMC Email Format Settings dialog page (see
page 354).
The following email formats are available:

Standard
Fixed Subject
ITS-Format
Fujitsu REMCS Format

I Every entry in the event log for the iRMC is assigned to a


particular paging group.

Enabled
Specify whether the user is to be informed about system statuses
by email.
Address
Email address of recipient.

360

iRMC

Server Configuration Manager

iRMC User Management

Preferred Server
Select the preferred mail server.
You can choose one of the following options:
Automatic
If the email cannot be sent successfully immediately, for
instance because the preferred mail server is not available, the
email is sent to the second mail server.
Primary
Only the SMTP server which has been configured as the
primary SMTP server (see page 352) is used as the preferred
mail server.
Secondary
Only the SMTP server which has been configured as the
secondary SMTP server (see page 353) is used as the
preferred mail server.

I Errors sending email are recorded in the event log.


In the bottom third of the Edit existing user window, you configure the
system events of which an iRMC user is to be notified by email (Paging
Severity Configuration).
NONE
The notification function is deactivated for this paging group.
WARNING
The iRMC notifies users by email if an entry in the system event
log is reported as WARNING.

I If WARNING is set, the user is also notified of system event


log entries with the status CRITICAL.

CRITICAL
The iRMC notifies users by email if an entry in the system event
log is reported as CRITICAL.
ALL
The iRMC notifies users of every event in this group which causes
an entry to be made in the system event log.
Confirm your settings by clicking OK.

iRMC

361

iRMC Directory Service

9.12

Server Configuration Manager

iRMC Directory Service Configuring the directory service

The iRMC Directory Service dialog page allows you to configure the iRMC for
global user management via a directory service (see page 66).

I Currently, support for iRMC LDAP access is provided for the following
directory services: Microsoft Active Directory, Novell eDirectory and
OpenLDAP.

I The following characters are reserved as metacharacters for search


strings in LDAP: &, |, !, =, <, >, ~, :

You must therefore not use these characters as components of Relative


Distinguished Names (RDN).
Choose iRMC Directory Service.

362

iRMC

Server Configuration Manager

iRMC Directory Service

Figure 181: iRMC Directory Service dialog page

iRMC

363

iRMC Directory Service

Server Configuration Manager

Configure the following settings:


Always use SSL login

I This option is only relevant if LDAP is deactivated.


If you activate this option then the HTTP SSL-secured login page is
always used even if LDAP is deactivated. Only if you do not activate
Always use SSL Login and LDAP is deactivated is a mask secured via
Digest Authentication Login used.
LDAP Enable
This option specifies whether the iRMC can access a directory
service via LDAP. Directory service access via LDAP is only possible
if LDAP Enable has been activated.

I If LDAP Enable is checked then the login information (see

page 178) is always transferred with SSL encryption between


the web browser and the iRMC.

Disable Local Login


If you activate this option then all the local iRMC user identifications
are locked and only the user identifications managed by the directory
service are valid.

V CAUTION!
If the option Disable Local Login is activated and the connection
to the directory service fails then it is no longer possible to log
in at the iRMC.
Choose the required directory service from Directory Server Type.
Different input fields are provided, depending on the directory service you
select:
For Active Directory, refer to Configuring iRMC for Microsoft Active
Directory on page 365.
For Novell and OpenLDAP, refer to Configuring iRMC for Novell
eDirectory / OpenLDAP on page 367.

364

iRMC

Server Configuration Manager

iRMC Directory Service

9.12.1 Configuring iRMC for Microsoft Active Directory

I The entries shown as examples in figure 182 refer to the examples and
figures shown in section iRMC user management via Microsoft
Active Directory on page 77.

Figure 182: iRMC Directory Service (Microsoft Active Directory) dialog page

iRMC

365

iRMC Directory Service

Server Configuration Manager

Configure the following settings:


LDAP Server 1
IP address or DNS name of the LDAP directory server that is to be
used.
LDAP Server 2
IP address or DNS name of the LDAP directory server which is
maintained as the backup server and used as the directory server if
LDAP Server 1 fails.
Domain Name
Complete DNS path name of the directory server.
Department Name
Department name. The directory service needs the department
name in order to determine the user permissions. A user may have
different permissions for the department X server than for the
department Y server (see also figure 17 on page 70).
LDAP SSL Enable
If you check this option then data transfer between iRMC and the
directory server is SSL encrypted.

I LDAP SSL Enable has no influence on whether or not the iRMC


web interface pages are SSL-protected on opening.
I You should only activate LDAP SSL Enable if a domain
controller certificate is installed.

Base DN
Base DN is automatically derived from Domain Name.
LDAP Auth. User Name, LDAP Auth Password
These settings are not relevant at present.
The settings that you make here are required for alerting in
connection with global user identifications. However, alerting is
currently only supported for local user identifications.

366

iRMC

Server Configuration Manager

iRMC Directory Service

9.12.2 Configuring iRMC for Novell eDirectory /


OpenLDAP

I The Directory Service Configuration dialog page has an identical structure


for both Novell eDirectory and OpenLDAP.
I The entries shown as examples in figure 183 refer to the examples and

figures shown in section iRMC user management via Novell eDirectory


on page 95.

Figure 183: iRMC Directory Service dialog page

iRMC

367

iRMC Directory Service

Server Configuration Manager

Configure the following settings:


LDAP Server 1
IP address or DNS name of the LDAP directory server that is to be
used.
LDAP Server 2
IP address or DNS name of the LDAP directory server which is
maintained as the backup server and used as the directory server if
LDAP Server 1 fails.
Department Name
Department name. The directory service needs the department
name in order to determine the user permissions. A user may have
different permissions for the department X server than for the
department Y server (see also figure 17 on page 70).
LDAP SSL Enable
If you check this option then data transfer between iRMC and the
directory server is SSL encrypted.

I LDAP SSL Enable has no influence on whether or not the iRMC


web interface pages are SSL-protected on opening.
I You should only activate LDAP SSL Enable if a domain
controller certificate is installed.

Base DN
The Base DN is the full distinguished name of the eDirectory or
OpenLDAP server and represents the tree or subtree that contains
the OU (Organizational Unit) iRMCgroups. This DN forms the starting
point for LDAP searches.
Group DN Context
Pathname of the OU iRMCgroups as a subtree of Base DN.
User Search Context
Pathname of the OU Users as a subtree of Base DN.
LDAP Auth. User Name
Generic iRMC user ID (principal user) under which the iRMC queries
the permissions of the iRMC users from the LDAP server.
LDAP Auth. Password
Password the principal user uses to authenticate themselves on the
LDAP server and confirmation of the password.

368

iRMC

Server Configuration Manager

iRMC Directory Service

Principal User DN
Fully distinguished name of the generic iRMC user ID (principal user)
under which the iRMC queries the permissions of the iRMC users
from the LDAP server.
Append Base DN To Principal User DN
If you activate this option, you do not need to specify the Base DN
under Principal User DN. The base DN specified under Base DN is
used.
Enhanced User Login
Enhanced flexibility on user login.
If you select Enhanced User Login, the User Login Search Filter input
field is also activated. By default, this contains the standard login
search filter.
At login, the placeholder %s is replaced by the associated global
login. You can modify the filter by specifying another attribute in place
of cn=. All global logins are then permitted to log into the iRMC
which meet the criteria of this search filter.

V CAUTION!
Only activate this option if you are familiar with the LDAP
syntax. If you inadvertently specify and activate an invalid
search filter, users can only log in to the iRMC under a global
login after the Enhanced User Login option has been
deactivated.

iRMC

369

iRMC Advanced Features

9.13

Server Configuration Manager

iRMC Advanced Features Remote Storage Server, License Key and


HP SIM Integration

You can perform the following tasks on the iRMC Advanced Features dialog page:
store the IP address or DNS name of a remote storage server on the iRMC,
enter a license key for the use of the Advanced Video Redirection and
Remote Storage functionality,
deactivate or activate HP SIM integration.
Choose iRMC Advanced Features.

Figure 184: iRMC Advanced Features dialog page

370

iRMC

Server Configuration Manager

iRMC Advanced Features

Configure the following settings:


Hostname or IP address
Here you enter the DNS name or IP address of the computer on
which a remote storage server is installed.
License Key
Enter a valid license key for the use of the Advanced Video
Redirection and Remote Storage functionality here.
Disable HP System Insight Manager integration ...
Enable or disable this option to activate or deactivate HP SIM
integration.
If the Disable HP System Insight Manager Integration ... option is
deactivated, the iRMC responds with identification information to a
non-authenticated XML query from the HP Insight Managers.

iRMC

371

10

Firmware update

This chapter provides you with information about the following topics:
iRMC firmware (overview)
Online firmware update
Offline firmware update
Emergency flash
flash tools

I The current firmware versions are present on the PRIMERGY ServerView


Suite DVD 1 or can be downloaded manually from the Download section
of the Fujitsu Technology Solutions web server.

You can obtain the up-to-date version of the PRIMERGY ServerView Suite
DVD 1 at two-monthly intervals.

I Before updating the firmware, read the supplementary documentation


supplied with the new firmware carefully (in particular the Readme files).
I The managed server must be rebooted to activate the updated firmware.
V CAUTION!
When updating the firmware, note that problem-free operation of the
firmware can only be guaranteed if the runtime firmware and the SDR
(Sensor Data Record, see page 374) both belong to the same firmware
release.

iRMC

373

iRMC firmware (overview)

10.1

Firmware update

iRMC firmware (overview)

The iRMC possesses two separate EEPROMs (Electrically Erasable


Programmable Read-Only Memory), with a complete firmware version being
stored on each of them:
EEPROM 1 (Low EEPROM)
EEPROM 2 (High EEPROM)

I Information on the iRMC firmware and EEPROMs can be found


in the iRMC web interface, page iRMC Information (see page 192)
or
using the flash tool (see page 387).
Active and passive EEPROM
One of the two EEPROMs is active (running) at any given time, while the other
is inactive. The EEPROM that is active depends on the so-called firmware
selector (see page 375).
Structure of the iRMC EEPROMs
Each EEPROM in the iRMC is subdivided into different areas:

Runtime firmware

SDRR (and configuration table)


Bootloader

Figure 185: Structure of the iRMC EEPROM

374

iRMC

Firmware update

iRMC firmware (overview)

Runtime firmware
The runtime firmware is the executable part of the iRMC's firmware
SDRR (Sensor Data Record Repository)
The SDRR contains the Sensor Data Records (SDR) in which sensor
information for the managed server is stored. The SDRR also acts as an
interface via which you can access the SDRs.
Bootloader
The bootloader checks the firmware of the currently active EEPROM. If a
firmware error is detected, the bootloader sets the firmware selector to the
other EEPROM.
You can perform an update for each of these areas.
Firmware selector
The firmware selector specifies the EEPROM whose firmware is to be executed.
Every time the iRMC is reset and restarted, the firmware selector is evaluated
and processing branches to the corresponding firmware.
The firmware selector can have the following values:
0

EEPROM with the most recent firmware

EEPROM 1

EEPROM 2

EEPROM with the oldest firmware

EEPROM with the most recently updated firmware

EEPROM whose firmware has not been updated for the longest

I Depending on the update variant used, the firmware selector is set


differently after the update.

You can also use the flash tool to query and set the firmware selector
explicitly (see page 387).

iRMC

375

iRMC firmware (overview)

Firmware update

Updating the firmware of the individual EEPROMs and EPROM areas


Depending on whether you perform the firmware update online (see page 380)
or offline (see page 383), you can update either only the firmware of the inactive
EEPROM or also that of the active EEPROM:
If you perform an online firmware update, you can only update the firmware
of the inactive EEPROM.
If you perform an offline firmware update, you can also update the firmware
of the active EEPROM.

376

iRMC

Firmware update

10.2

Setting up the USB memory stick

Setting up the USB memory stick

I You do not require the USB Memory Stick if you update the iRMC

firmware via ServerView Update Manager, ServerView Update Manager


Express or ASP.

Proceed as follows:
Download the firmware Firmware Update for USB Stick from the Download
section of the Fujitsu Technology Solutions web server to a directory on your
computer.
or
Insert the current PRIMERGY ServerView Suite DVD 1 in the DVD drive of your
computer.
The following files or following ZIP archive can be found in your download
directory or on DVD 1.
FTS_<nnnnnnn>.exe
FTS_<nnnnnnn>.zip
The ZIP archive contains the following files:
USBImage.exe
iRMC_<Firmware-Version>.IMA
Connect the USB memory stick to your computer.
Start the file FTS_<nnnnnnn>.exe or the file USBImage.exe.
One of the following windows is opened depending on the file you call:

Figure 186: Copying the image file to the USB memory stick (FTS_<nnnnnnn>.exe)

iRMC

377

Setting up the USB memory stick

Firmware update

Figure 187: Copying the image file to the USB memory stick (USBImage.exe)

I If you have called USBImag.exe, then under Image File:, you must
explicitly specify the file iRMC_<Firmware-Version>.IMA.

Click on Copy Image File to USB Device to copy the file


iRMC_<Firmware-Version>.IMA to the USB memory stick and extract it.

V CAUTION!
This action overwrites the content of the USB memory stick.
When the copy operation is complete, the flash tools and image files are present
on the USB memory stick (see figure 188 on page 379).

378

iRMC

Firmware update

Setting up the USB memory stick

Figure 188: Image files and flash tool on the USB memory stick.

iRMC

379

Online update

10.3

Firmware update

Online update

When you perform an online update, you update the iRMC's firmware while the
operating system (Windows or Linux) of the managed server is still running.

I Because the firmware of the active EEPROM continues to execute


during an online update, you can only update the firmware of the
EEPROM that is inactive during such an update.

I In order to ensure failproof operation, it is not possible to perform an

online firmware update for the bootloader in the iRMC's EEPROM 1 (Low
EEPROM).

There are the following ways of performing an online firmware update:


Online update using the ServerView Update Manager
Online update using ServerView Update Manager Express or ASP
Online update using the operating system flash tools.

10.3.1 Online update using the ServerView Update


Manager
Using the ServerView Update Manager (referred to simply as the Update
Manager below), you can start the update of the iRMC firmware via a graphical
user interface (Windows) or via a command line interface (Windows and Linux).
The Update Manager accesses the update data via an Update Manager
directory (Update Repository) on the PRIMERGY ServerView Suite DVD 1 or on
the management server. You update the update repository on the management
server by means of the Download Manager or by performing a manual
download from the Download section of the Fujitsu Technology Solutions web
server.
For more detailed information on firmware updates with the Update Manager,
see the ServerView Update Manager manual.

380

iRMC

Firmware update

Online update

10.3.2 Online update using ServerView Update Manager


Express or SP
Under Windows and Linux operating systems, you can also update the iRMC
firmware either using the graphical user interface of ServerView Update
Manager Express or by using the ASP (Autonomous Support Package)
command interface.
Under Windows, you can also start an ASP in the Windows Explorer by doubleclicking the corresponding ASP-*.exe file.
For more detailed information on firmware updates with ServerView Update
Manager Express and ASP, see the ServerView Update Manager Express
manual.

10.3.3 Online update using the operating system flash


tools.

I An online update using the operating system flash tools is only

performed as a recovery flash, i.e. no version check is performed.

You use one of the flash tools WinFLBMC, RedhatFLBMC or SuseFLBMC


depending on the operating system that you are running:
Windows:

WinFLBMC

Red Hat Linux:

RedhatFLBMC

Suse Linux:

SuseFLBMC

You call the flash tools in the Windows command line (WinFLBMC) or at the
Linux CLI (RedhatFLBMC, SuseFLBMC).
The syntax and operands for the flash tools are described in section Flash
tools on page 387.
Prerequisites
The flash tools and the files for the firmware update must be present in the
file system of the managed server.
Under Windows and Linux: The ServerView agents must be started on the
managed server.

iRMC

381

Online update

Firmware update

Proceed as follows:

I An online update using a USB memory stick is described below (see


section Setting up the USB memory stick on page 377).

Connect the USB memory stick to the managed server.


In the Windows command line or the Linux Command Line Interface (CLI)
switch to the drive corresponding to the USB memory stick.
Set the firmware selector to the value 4 by calling the flash tool with the
parameter /s 4.
E.g., in the Windows command line you enter:
WinFLBMC /s 4

Start the update of the firmware and the SDR data by calling the flash tool
with the corresponding update files.
E.g., in the Windows command line you enter:
WinFLBMC dcod<firmware-version>.bin <nnnnnnn>.sdr /p

During the firmware update, the console informs you about the progress of
the update operation. If an error occurs, the update operation is aborted and
a corresponding return code is reported (see page 389).
Restart the managed server. This automatically activates the EEPROM with
the updated firmware.

382

iRMC

Firmware update

10.4

Offline update

Offline update

In the case of an offline update, you update the iRMC firmware from within a
DOS environment. In this case, you can not only update the firmware of the
inactive EEPROM but also that of the currently active EEPROM.

I During the offline update, the active firmware is closed and then
automatically restarted.

There are the following ways of performing an offline firmware update:


Offline update using the ServerView Update Manager
Offline update via the FlashDisk menu
Offline update using the flash tool flbmc

I During an offline update, you can also update the firmware for the
bootloader of the iRMC's Low EEPROM.

10.4.1 Offline update using the ServerView Update


Manager
Using the ServerView Update Manager, you can start the update of the iRMC
firmware via a graphical user interface (Windows) or via a command line
interface (Windows and Linux). The Update Manager accesses the update data
via an Update Manager directory (Update Repository) on the PRIMERGY
ServerView Suite DVD 1 or on the management server. You update the update
repository on the management server by means of the Download Manager or
by performing a manual download from the Download section of the Fujitsu
Technology Solutions web server.
For more detailed information on firmware updates using the Update Manager,
see the ServerView Update Manager manual.

iRMC

383

Offline update

Firmware update

10.4.2 Offline update via the FlashDisk menu

I For an offline update via the FlashDisk menu, you require a bootable

USB memory stick (see section Setting up the USB memory stick on
page 377).

Proceed as follows:
Connect the USB memory stick to the managed server.
Boot from the USB memory stick.
After completion of the boot operation, the data in the USB memory stick is
automatically copied to a RAM disk. The autoexec.bat file is then started
automatically.
The FlashDisk menu opens:

Figure 189: FlashDisk menu

Normal
A normal flash is performed.
In a normal flash, a check is performed to determine whether the areas
of the active EEPROM are up to date. If an area is not up to date then the
corresponding area on the inactive EEPROM is updated if it is not
already up to date.

384

iRMC

Firmware update

Offline update

Recovery
A recovery flash is performed.
In the case of a recovery flash, the flash is performed for all three
EEPROM areas without any version check. The firmware update is
performed for EEPROM 1. A firmware downgrade is only possible via
recovery flash.
Readme
The Readme file is opened.
Reboot
An iRMC warm start is performed.
English / German
Specify keyboard layout. German is set by default.
Start the required update variant by clicking on the corresponding button.
During the firmware update, the console informs you about the progress of
the update operation. If an error occurs, the update operation is aborted. A
corresponding return code is reported (see page 389).
Once the update operation has been completed, click on Exit, to close the
FlashDisk menu.
Remove the USB memory stick from the managed server.
Restart the managed server (e.g. with [Ctrl]+[Alt]+[Del]).

10.4.3 Offline update using the flash tool flbmc


You can also start an offline update by calling the flash tool flbmc with the
corresponding parameters in the DOS input window. The syntax and operands
for this flash tool are described in section Flash tools on page 387.

I An offline update using the operating system flash tool flbmc is only
performed as a recovery flash, i.e. no version check is performed.
I When you run an offline update with the flash tool flbmc, you can also
optionally perform a recovery flash for EEPROM2.

iRMC

385

Emergency flash

10.5

Firmware update

Emergency flash

If the iRMC firmware can no longer be executed, e.g. because the SDRs are not
compatible with the system, then you can use the emergency mode to start the
firmware running again. In emergency mode, the system automatically
branches to the bootloader and is the ready for the firmware update.
To switch the managed server to emergency mode and then update the iRMC's
firmware, proceed as follows:
Disconnect the power supply connector.
Insert the connector in the socket again with the Identify key held down.
The managed server is now in emergency mode.
Boot the server to DOS and use the recovery flash procedure to update the
iRMC's firmware (see section Offline update on page 383).

I If the firmware is not active then the boot operation may take up to 2

minutes to start. You can ignore the error message iRMC Controller
Error which the BIOS outputs during this period.

386

iRMC

Firmware update

10.6

Flash tools

Flash tools

I The tools WinFLBMC, RedhatFLBMC and SuseFLBMC differ from flbmc

only in the name of the tool and the environment in which they are called.
The following description therefore also applies to the tools WinFLBMC,
RedhatFLBMC and SuseFLBMC. Instead of flbmc, you simply enter
WinFLBMC, RedhatFLBMC or SuseFLBMC as appropriate.

Syntax
flbmc {/v|/o [/4]|/s[<value>]}
flbmc {<file1> [<file2>] [<file3>]
[/n /l[<logfile>] /d /e /4 /p]}
flbmc {/h|/?}
Options
/v

Displays the current version of the command.

/o

Displays the current version of the EEPROM 1 firmware.

/o /4

Displays the current version of the EEPROM 2 firmware.

/s

Displays the value of the firmware selector.

/s <value>
Sets the value of the firmware selector. You use this option to define the
EEPROM from which the firmware is started after a firmware reset.

iRMC

Sets the selector to the EEPROM with the most recent firmware.

Sets the selector to EEPROM 1.

Sets the selector to EEPROM 2.

Sets the selector to the EEPROM with the oldest firmware.

Sets the selector to the EEPROM with the most recently


updated firmware.

Sets the selector to the EEPROM with the firmware which has not
been updated for longest.

387

Flash tools

Firmware update

<file1> through <file3>


Specify one or more files to determine which updates are to be made:
The following files are to be selected:
boot<FW-Version>.bin
Updates the bootloader firmware.
dcod<FW-Version>.bin
Updates the runtime firmware for EEPROM 1.
dcod<FW-Version>.2nd
Updates the runtime firmware for EEPROM 2.
<SDR-Version>.SDR
Updates the SDR.

I dcod<FW-version>.bin and dcod<FW-Version>.2nd must not both


be specified at the same time in any call of the flash tool.

If you specify the file dcod<FW-Version>.2nd, the switch /4 (see


below) is not required because EEPROM 2 is already selected by
the suffix .2nd. Otherwise, you must also specify the switch /4 to
update EEPROM 2.
/4

Updates EEPROM 2 .
The command works as follows with respect to the switch /4:
If you specify /4 in conjunction with the dcod file for EEPROM 1, a
check is performed to see whether an identical firmware version
exists for EEPROM 2. If this is the case, the firmware for EEPROM 2
is updated, otherwise the command is terminated with an error
message and the return value 5.
If you dont specify /4 in conjunction with the dcod file for EEPROM 2,
a check is performed to see whether an identical firmware version
exists for EEPROM 1. If this is the case, the firmware for EEPROM 1
is updated, otherwise the command is terminated with an error
message and the return value 5.

/l [<logfile>]
Outputs error messages to the specified log file. If no logfile is specified,
the output is directed to the flbmc.log file.
/n

No output on the console.


This option has priority over the /p and /d options.

/p

Progress display of the update process in percent.

388

iRMC

Firmware update
/d

Outputs additional debug information.

/e

Emulation mode (for debugging purposes only).

Flash tools

/h and /?
Outputs help information.
Return values
0

Firmware update was executed successfully.

Illegal or missing arguments.

PROM type not available

Communication with iRMC not possible.

Incorrect binary file.

Error accessing Keyboard Control Style interface (KCS).

Timeout during communication with the target EEPROM.

10 No buffer allocated.
12 Network node busy.
13 Timeout erasing EEPROM.
14 Timeout flashing EEPROM.
15 Error erasing EEPROM.
16 Error flashing EEPROM.

iRMC

389

11

Remote installation of the


operating system via iRMC

This chapter describes how you use the ServerView Installation Manager
(abbreviated to Installation Manager below) and the iRMC features "Remote
Storage" and "Advanced Video Redirection (AVR)" to install the operating
system on the administered server from the remote workstation.
The chapter discusses the following specific topics:
General procedure for the remote installation of an operating system using
remote storage media.
Booting the administered server from the remote workstation using
PRIMERGY ServerView DVD 1 (Windows and Linux).
Installing Windows from the remote workstation after configuration on the
administered server.
Installing Linux from the remote workstation after configuration on the
administered server.
The description focuses primarily on the handling of the remote storage media.
It is assumed that readers are familiar with the Installation Manager functionality
(see the manual PRIMERGY ServerView Suite - ServerView Installation
Manager).

I Prerequisites for the remote installation of the operating system via


iRMC:

The iRMCs LAN interface must be configured


(see page 36).
The license key for the use of the iRMC features Advanced Video
Redirection (AVR) and Remote Storage must be installed (see
page 194).
Text console redirection must be deactivated (see page 277).

iRMC

391

General procedure

11.1

Remote installation of the operating system

Installing the operating system via iRMC general procedure

For the Installation Manager, the remote installation of the operating system via
iRMC represents a local configuration and installation of the operating system
on the administered server which you perform from the remote workstation via
the AVR window using remote storage media.
The following steps are required in order to perform an installation via the
Installation Manager:
1. Connect the storage medium (DVD 1 or Installation Manager boot image)
from which you want to boot as remote storage.
2. Boot and configure the managed server via DVD 1 or the Installation
Manager boot image.
3. Use the Installation Manager at the remote workstation to install the
operating system on the administered server.
4. Optimize mouse pointer synchronization in the AVR window (only necessary
under Linux).
Installing Windows without the Installation Manager using the Windows
installation CD/DVDs
You can perform a remote installation of Windows via Remote Storage either
using the Installation Manager or exclusively using the Windows installation
CD/DVDs. The two procedures correspond in terms of the handling of the
remote storage media.
However, you are advised to install Windows via the Installation Manager for the
following reasons:
The Installation Manager itself identifies the required drivers and copies
these to the system.
All the Installation Manager functions are available to you during installation.
This means that you can, for example, configure the entire system including
the server management settings.
Installations without the Installation Manager have to be controlled via the
keyboard since the mouse cursor cannot be synchronized during the
installation process. In contrast, if you install using the Installation Manager
then all configuration and installation steps can be performed using the
mouse.
392

iRMC

Remote installation of the operating system

General procedure

If you install without the Installation Manager then all the settings required
for mouse cursor synchronization must subsequently be performed
manually.
Installation using the Installation Manager does not take significantly longer
than installation using the operating system CD/DVDs.
Installing Linux without the Installation Manager using the Linux
installation CDs
If you know which drivers are required by the system then you can start the
Linux installation by booting from the Linux installation CD/DVD.
If the installation requires you to integrate drivers from the floppy disk then,
before starting the installation, you must set up a remote storage connection to
the following storage media:
to the storage medium (CD-ROM/DVD-ROM or ISO image) from which you
want to boot and

if necessary to storage medium for driver installation.

iRMC

393

Remote storage connection

11.2

Remote installation of the operating system

Connecting a storage medium as remote


storage

Remote Storage makes a virtual drive available which is located elsewhere in


the network.
The source for the virtual drive can be:
Physical drive or image file at the remote workstation. The image file may
also be on a network drive (with drive letter, e.g. D: for drive D).
Image file provided centrally in the network by means of a remote storage
server.

I Parallel remote storage connections:


The following are possible concurrently:
either up to two Remote Storage connections to virtual drives at the
remote workstation (if the connection is established over the AVR
Java applet)
or
one Remote Storage connection to a Remote Storage server.
It is not possible to establish concurrent Remote Storage connections via
an applet and via the Remote Storage server.

I The Remote Storage page of the iRMC web interface allows you to obtain

information on the status of the current remote storage connections (see


page 296).

For detailed information on remote storage, see chapter Remote Storage on


page 155.

394

iRMC

Remote installation of the operating system

Remote storage connection

Connecting a storage medium as remote storage at the remote storage


workstation
The following device types are supported when you boot from a virtual drive
located at the remote workstation:

I Booting from USB memory stick is supported only if the USB memory
stick is emulated as floppy disk.

Floppy disk (physical storage medium))


CD-ROM (physical storage medium)
DVD-ROM (physical storage medium)
ISO image (image file)

Proceed as follows at the remote workstation to establish the remote storage


connection:
Log into the iRMC web interface with Remote Storage Enabled permission
(see page 178).
Open the Advanced Video Redirection page and start the AVR (see page 288).
Start Remote Storage in the AVR window (see page 157).

iRMC

395

Remote storage connection

Remote installation of the operating system

Prepare the storage media for remote storage (see page 159):
If installation is performed via the Installation Manager:
PRIMERGY ServerView Suite DVD 1 or an Installation Manager boot
image and optionally a formatted USB memory stick as a status backup
medium.
If installation is performed from the vendors installation CD/DVD:
Windows or Linux installation CD/DVD and optional drivers.

I It is recommended that the PRIMERGY ServerView Suite DVD 1 and


the operating system installation CD/DVD are stored in a folder as an
image file (ISO image) and that they are connected from there as
Remote Storage or provided via a Remote Storage server.

The prepared storage media are displayed in the Storage Devices dialog box.

Figure 190: Storage Devices dialog box: PRIMERGY ServerView Suite DVD 1

Click Connect to connect the DVD ROM drive (DVD 1) or the Installation
Manager boot image as remote storage.

396

iRMC

Remote installation of the operating system

Remote storage connection

Connect the ISO image (image file) provided by the remote storage server
as remote storage
You can use an image file provided via the remote storage server for booting
from an Installation Manager boot image.

I Before it is possible to use a virtual drive provided via a remote storage


server, the remote storage server must be installed and started (see
section Providing remote storage via a remote storage server on
page 165).

To establish the connection to the remote storage server, proceed as follows at


the remote workstation:
Log into the iRMC web interface with Remote Storage Enabled permission (see
page 178).
Select the Remote Storage page.
Establish the connection to the remote storage server (see page 297).

iRMC

397

Booting from ServerStart

11.3

Remote installation of the operating system

Booting the managed server from


PRIMERGY ServerView Suite DVD 1 and
configuring it with the Installation Manager

Boot the managed server from PRIMERGY ServerView Suite DVD 1


Proceed as follows at the remote workstation:
Use the iRMC web interface to start up the managed server or reboot the
server (see page 210). You can follow the progress of the boot process in
the AVR window.
During the managed servers BIOS POST phase, remote storage media are
displayed as USB devices.
Press [F2] while the server is booting.
In the BIOS set-up, open the menu in which you can define the boot
sequence:
Main Boot Sequence.
Specify the boot sequence as indicated in figure 191 on page 398.

Figure 191: Boot Sequence menu in the BIOS setup

398

iRMC

Remote installation of the operating system

Booting from ServerStart

Save your settings and exit the BIOS setup.


The managed server then boots from PRIMERGY ServerView Suite DVD 1
which is connected as remote storage.

I If the system does not boot from the remote storage medium

(PRIMERGY ServerView Suite DVD 1 or Installation Manager boot


image):
Check whether the storage medium is displayed during the BIOS
POST phase and connect the storage medium as remote storage if
necessary.
Make sure that the correct boot sequence is specified.

It takes about 5 minutes to boot from PRIMERGY ServerView Suite DVD 1 via
a remote storage medium. The following window is displayed during the boot
process:

Figure 192: The managed server is booted from PRIMERGY ServerView Suite DVD 1.

iRMC

399

Booting from ServerStart

Remote installation of the operating system

Choose Installation Manager mode and specify the medium to be used for
status backup.
Once the boot process has completed, the startup window of the Installation
Manager is displayed in which you can select a medium for the status backup
area (status backup medium) (see figure 193 on page 401).

I Before you start to install the operating system, you should synchronize

the local mouse cursor and the cursor of the managed server in the AVR
window at the remote workstation (see figure 193 on page 401). For
more detailed information on synchronizing the mouse cursor in the AVR
window, see section Synchronizing the mouse pointer on page 140.

400

iRMC

Remote installation of the operating system

Booting from ServerStart

(3)

(1)

(2)

Press the Mouse Sync key


(1)

Status backup options


or
Drag the local mouse pointer to the top-left corner.

(2)

The servers mouse pointer follows automatically.

(3)

The mouse pointers are synchronized when they completely


overlap and are displayed as a single mouse pointer
.

Figure 193: Installation Manager: Selecting the status backup medium

Choose Standard mode as the Installation Manager mode.


Specify whether the configuration data is to be stored on a local replaceable
data medium or on a network medium:

I Please note that if you do not select any status backup option all the
configuration data is lost when you reboot.

iRMC

401

Booting from ServerStart

Remote installation of the operating system

Status backup medium

I The backup medium must not be write-protected.


A USB stick must already be connected to the USB port when
the system is booted. If you fail to do this and wish to save the
configuration file:
Connect the USB stick now and reboot from PRIMERGY
ServerView Suite DVD 1.
Choose the option on local drive (floppy / USB stick).
Select the corresponding drive in the box to the right of this option.
For more detailed information on creating Installation Manager
status disks, see the manual PRIMERGY ServerView Suite ServerView Installation Manager.
Connecting the status medium and/or the installation media via the network
Set up the required shares for this purpose.

I If you are making a medium with a prepared configuration

file and/or an installation medium available via the network,


you have to choose this option. Depending on your
infrastructure, you can either obtain a temporary IP
address via DHCP or manually configure an IPv4 or IPv6
address for the current Installation Manager session.

Start the Installation Manager by clicking Continue.

402

iRMC

Remote installation of the operating system

Booting from ServerStart

Starting local deployment


The Welcome screen appears when you start the Installation Manager:

Figure 194: Installation Manager - Welcome screen

iRMC

403

Booting from ServerStart

Remote installation of the operating system

Click Deployment to start preparation of the local installation (deployment).


To prepare the installation, the Installation Manager wizards take you
through a sequence of configuration steps that gather specifications for
configuring the system and for subsequent unattended installation of the
operating system.

I Configure the local CD ROM/DVD ROM drive of the managed server


as the installation source. You can then also make the Windows
installation CD/DVD available from the CD ROM/DVD ROM drive of
the remote workstation if you connect it to the managed server as
remote storage (see section Installing Windows on the managed
server after configuration on page 405).

Once you have completed configuration with the Installation Manager, the
Installation Info dialog page for the Windows installation (see page 405) or for
the Linux installation (see page 409) is displayed. This allows you to start the
installation process.

404

iRMC

Remote installation of the operating system

11.4

Windows

Installing the operating system on the


managed server after configuration

Once you have completed configuration, you should install the operating system
on the managed server.

11.4.1 Installing Windows on the managed server after


configuration
After configuration has been completed, the Installation Manager displays the
following dialog page:

Figure 195: Installation Manager - Start installation

iRMC

405

Windows

Remote installation of the operating system

If you have configured the local CD ROM/DVD ROM drive of the managed
server as the installation source, proceed as follows at the remote workstation:
Clear your currently active remote storage connections. For more detailed
information on clearing remote storage connections, see page 163.
Remove PRIMERGY ServerView Suite DVD 1 from the
DVD ROM drive at the remote workstation.
Insert the Windows installation CD/DVD in this DVD ROM drive.

Close the application if autostart is active.

Connect the CD ROM/DVD ROM drive containing the Windows installation


CD/DVD as remote storage (see page 161).
Click Start installation.
All the installation files are copied to the managed server.
The Installation Manager opens a confirmation dialog page when the copy
operation is complete and prompts you to remove all the storage media from
the removable media drives before the managed server is rebooted.

I Before rebooting the system, you must in particular shut down all
current remote storage connections.

Before rebooting the system, shut down the current remote storage
connections.
To do this, proceed as follows:
Start Remote Storage (see page 157).
The Storage Devices dialog box is displayed with the currently connected
storage devices and a Safe Remove indication (see figure 196 on
page 407).

406

iRMC

Remote installation of the operating system

Windows

Figure 196: Storage Devices dialog box: Clearing Remote Storage connections

Safely remove the storage device, i.e. ensure that no more


applications/programs are accessing the storage media.
Click on Disconnect... to remove all the remote storage connections.
On the confirmation dialog page, click Ok to reboot the managed server.
Once the managed server has rebooted, you can monitor the entire installation
by means of the AVR (see figure 197 on page 408).

iRMC

407

Windows

Remote installation of the operating system

Figure 197: Monitoring the Windows installation in the AVR window

I For a Windows installation from the Windows installation CD/DVD:


To ensure perfect mouse cursor synchronization, you must adapt the
following settings at the managed server once the operating system has
been installed:
Speed of the mouse pointer
Hardware acceleration
For information on how to do this, see section Managed Windows
server: Adjusting the settings for synchronization of the mouse pointers
on page 142.
If Windows is installed using the Installation Manager, problem-free
synchronization of the mouse pointers is automatically ensured.

408

iRMC

Remote installation of the operating system

Linux

11.4.2 Installing Linux on the managed server after


configuration

I The mouse can be used but not synchronized during Linux installation.
I Whenever you change a remote storage medium, you must remove the

remote storage connection for the currently connected medium and then
connect the new medium as remote storage.

After configuration has been completed, the Installation Manager displays the
following dialog page:

Figure 198: Installation Manager - Start installation

If you have configured the local CD ROM/DVD ROM drive of the managed
server as the installation source, proceed as follows at the remote workstation:

iRMC

409

Linux

Remote installation of the operating system

Clear your currently active remote storage connections. For more detailed
information on clearing remote storage connections, see page 163.
Remove PRIMERGY ServerView Suite DVD 1 from the
DVD ROM drive at the remote workstation.
Insert the Linux installation CD/DVD in this DVD ROM drive.

Close the application if autostart is active.

Connect the CD ROM/DVD ROM drive containing the Linux installation


CD/DVD as remote storage (see page 161).
Click Start installation.
All the installation files are copied to the managed server.
The Installation Manager opens a confirmation dialog page when the copy
operation is complete and prompts you to remove all the storage media from
the removable media drives before the managed server is rebooted.

I Before rebooting the system, you must in particular shut down all
current remote storage connections.

Before rebooting the system, shut down the current remote storage
connections.
To do this, proceed as follows:
Start Remote Storage (see page 157).
The Storage Devices dialog box is displayed with the currently connected
storage devices and a Safe Remove indication (see figure 196 on
page 407).

410

iRMC

Remote installation of the operating system

Linux

Figure 199: Storage Devices dialog box: Clearing Remote Storage connections

Click on Disconnect... to remove all the remote storage connections.


Safely remove the storage device, i.e. ensure that no more
applications/programs are accessing the storage media.
On the confirmation dialog page, click Ok to reboot the managed server.
Once the managed server has rebooted, you can monitor the entire installation
by means of the AVR (see figure 200 on page 412).

iRMC

411

Linux

Remote installation of the operating system

Figure 200: The managed server is booted from the Linux installation CD.

412

iRMC

Remote installation of the operating system

Linux

The following dialog page is displayed once booting is complete:

Figure 201: Linux Installation - License Agreement

I To ensure perfect mouse cursor synchronization, you must adapt the

required settings at the managed server once the operating system has
been installed. For information on how to do this, see section Managed
Linux server: Adjusting the settings for synchronization of the mouse
pointers on page 145.

iRMC

413

12

IPMI OEM Commands

This section describes a selection of OEM-specific IPMI commands supported


by the iRMC.

12.1

Overview

The following OEM-specific IPMI commands are supported by the iRMC:

SCCI-compliant Power On/Off commands


(SCCI: ServerView Common Command Interface)
0115 Get Power On Source
0116 Get Power Off Source
011C Set Power Off Inhibit
011D Get Power Off Inhibit
0120 Set Next Power On Time

SCCI-compliant communication commands


0205 System OS Shutdown Request
0206 System OS Shutdown Request and Reset
0208 Agent Connect Status
0209 Shutdown Request Canceled

SCCI-compliant signaling commands


1002 Write to System Display

Firmware-specific commands
2004 Set Firmware Selector
2005 Get Firmware Selector
C019 Get Remote Storage Connection
C01A Set Video Display on/off

iRMC

415

Overview

IPMI OEM Commands

BIOS-specific command
F109 Get BIOS POST State
F115 Get CPU Info

iRMC-specific commands
F510 Get System Status
F512 Get EEPROM Version Info
F543 Get SEL entry long text
F545 Get SEL entry text
F5B0 Set Identify LED
F5B1 Get Identify LED
F5B3 Get Error LED
F5DF Set Nonvolatile Cfg Memory to Default Values
F5E0 Set Configuration Space to Default Values
F5F8 Delete User ID

416

iRMC

IPMI OEM commands

12.2

Description format

Description of the IPMI OEM commands

The following sections describe the individual OEM-specific IPMI commands.

12.2.1 Description format


The OEM-specific IPMI commands contained in this chapter are described in
the format used by the IPMI standard for describing IPMI commands.
The IPMI standard describes the IPMI commands using command tables which
list the input and output parameters for each command.
You can find information on the IPMI standards on the Internet under:
http://developer.intel.com/design/servers/ipmi/index.htm

iRMC

417

SCCI-compliant Power On/Off commands

IPMI OEM Commands

12.2.2 SCCI-compliant Power On/Off commands


01 15 - Get Power On Source
This command returns the reason for the most recent Power On. The possible
reasons are listed below.
Request Data

1:3

Response Data

0x00

418

NetFnlLUN: OEM/Group

01

Cmd : Command Group Communication

80 28 00

15

IANA-Enterprise-Number FTS, LS byte first

Command Specifier

BC

01

Completion Code

2:4

Power on
Source

B8

80 28 00

IANA-Enterprise-Number FTS, LS byte first

01

Data Length

Power on Source: Cause of last power on

Description
Software or command

0x01

Power switch (on the front panel or keyboard)

0x02

Automatic restart after power failure

0x03

Clock or timer (hardware RTC or software timer)

0x04

Automatic restart after fan failure shutdown

0x05

Automatic restart after critical temperature shutdown

0x08

Reboot after watchdog timeout

0x09

Remote on (modem RI line, SCSI termination power, LAN, chip card


reader...)

0x0C

Reboot after a CPU error

0x15

Reboot by hardware reset

0x16

Reboot after warm start

0x1A

Powered on by a PCI Bus Power Management Event

0x1D

Powered on by remote control via remote manager

0x1E

Reboot/reset by remote control via remote manager

iRMC

IPMI OEM Commands

SCCI-compliant Power On/Off commands

01 16 - Get Power Off Source


This command returns the reason for the most recent Power Off. The possible
reasons are listed below.
Request Data

1:3
4

Response Data

NetFnlLUN: OEM/Group

01

Cmd : Command Group Communication

80 28 00
16

IANA-Enterprise-Number FTS, LS byte first

Command Specifier

BC

01

Completion Code

2:4

Power off
Source

B8

80 28 00

IANA-Enterprise-Number FTS, LS byte first

01

Data Length

Power off Source:

Cause of last power off

Description

0x00

Software (SWOFF, power off by command)

0x01

Power switch (on the front panel or keyboard)

0x02

AC power fail

0x03

Clock or timer (hardware RTC or software timer)

0x04

Fan failure

0x05

Critical temperature

0x08

Final power-off after repeated watchdog timeouts

0x0C

Final power-off after repeated CPU errors

0x1D

Powered off by remote control via remote manager

iRMC

419

SCCI-compliant Power On/Off commands

IPMI OEM Commands

01 1C - Set Power Off Inhibit


This command sets the Power Off Inhibit flag, which temporarily suppresses any
unfounded attempt to power down the server.
If the Power Off Inhibit flag is set, the firmware saves the cause of any attempt to
perform a Power Off, Power Cycle or restart of the server, but does not
perform the action. The cause of the most recent attempt to perform a Power
Off, Power Cycle or restart of the server is always saved at any given time.
The stored action is only performed when the Power Off Inhibit flag is reset.
The Power Off Inhibit flag is automatically reset after a power failure or when the
reset button is pressed.
The effect of the Power Off Inhibit flag is the same as that of the Dump flag used
when creating a main memory dump. In this case, the initiator must set the flag
before making the dump and reset it when the dump is complete.
Request Data

B8

NetFn|LUN: OEM/Group

01

Cmd : Command Group Communication

1:3
4
5
6:7

Response Data

IANA-Enterprise-Number FTS, LS Byte first

1C

Command Specifier

00

Object ID

00 00 Value ID

01

Power Off Inhibit Flag: 0 no Inhibit, 1 Inhibit

BC

01

Completion Code

2:4

420

80 28 00

Data Length

80 28 00

IANA-Enterprise-Number FTS, LS Byte first

iRMC

IPMI OEM Commands

SCCI-compliant Power On/Off commands

01 1D - Get Power Off Inhibit


This command gets the value of the Power Off Inhibit flag.
For further details on the Power Off Inhibit flag, see the description of
01 1C - Set Power Off Inhibit on page 420
Request Data

B8

NetFn|LUN: OEM/Group

01

Cmd : Command Group Communication

1:3
4
Response Data

1D

IANA-Enterprise-Number FTS, LS Byte first

Command Specifier

BC

01

Completion Code

2:4

iRMC

80 28 00

80 28 00

IANA-Enterprise-Number FTS, LS Byte first

01 Response Data Length

Power Off Inhibit Flag: 0 no Inhibit, 1 Inhibit

421

SCCI-compliant Power On/Off commands

IPMI OEM Commands

01 20 - Set Next Power On Time


This command switches on a system at the given time independent of the stored
On/Off times in the Configuration Space.

I The command takes effect only once.


You cancel a Power On time previously set with a 01 20 command by
specifying the Power On time 0 in a subsequent 01 20 command.
Request Data

1:3

NetFnlLUN: OEM/Group

01

Cmd : Command Group Communication

80 28 00

IANA-Enterprise-Number FTS, LS byte first

20

Command Specifier

00

Object ID

6:7
8
9:12
Response Data

B8

00 00 Value ID
04

Data Length

Time (LSB first) (see below)


BC

01

Completion Code

2:4

80 28 00

IANA-Enterprise-Number FTS, LS byte first

Time (LSB first)


Time (UNIX-specific format) when the system switches on again. Time is
NOT stored in non-volatile memory. Resolution is 1 minute. After the
system has switched on, Time is set to 0 internally.
If Time == 0, the system is not switched on.

422

iRMC

IPMI OEM commands

SCCI-compliant communication commands

12.2.3 SCCI-compliant communication commands

I Die SCCI-compliant communication commands require that the Agent

Service is running under the OS. To execute the commands, the iRMC
communicates with Agent which finally performs the action.

02 05 - System OS Shutdown Request


This command initiates shutdown of the servers operating system.
Request Data

1:3

Response Data

B8

NetFnlLUN: OEM/Group

02

Cmd : Command Group Communication

80 28 00

IANA-Enterprise-Number FTS, LS byte first

05

BC

02

Completion Code

2:4

Command Specifier

80 28 00

IANA-Enterprise-Number FTS, LS byte first

02 06 - System OS Shutdown Request and Reset


This command initiates the shutdown of the servers operating system and
subsequently restarts the system.
Request Data

1:3

Response Data

NetFnlLUN: OEM/Group

02

Cmd : Command Group Communication

80 28 00

06

IANA-Enterprise-Number FTS, LS byte first

Command Specifier

BC

02

Completion Code

2:4

iRMC

B8

80 28 00

IANA-Enterprise-Number FTS, LS byte first

423

SCCI-compliant communication commands

IPMI OEM commands

02 08 - Agent Connect Status


This command checks whether the agent is active.
Request Data

B8

NetFnlLUN: OEM/Group

02

Cmd : Command Group Communication

1:3

Response Data

80 28 00

08

IANA-Enterprise-Number FTS, LS byte first

Command Specifier

BC

02

Completion Code

2:4

80 28 00

IANA-Enterprise-Number FTS, LS byte first

01

Connect Status:
00 = Connection lost, agent not connected.
01 = Connection re-established, agent connected.

Data Length

02 09 Shutdown Request Cancelled


This command cancels a shutdown request that has been issued.
Request Data

1:3

Response Data

NetFnlLUN: OEM/Group

02

Cmd : Command Group Communication

80 28 00

09

BC

IANA-Enterprise-Number FTS, LS byte first

Command Specifier

02

Completion Code

2:4

424

B8

80 28 00

IANA-Enterprise-Number FTS, LS byte first

iRMC

IPMI OEM commands

SCCI-compliant signaling command

12.2.4 SCCI-compliant signaling command


10 02 - Write to System Display
This command is used to write characters to the LocalView display (if
connected).
Request Data

1:3

10

Cmd : Command Group Fan Test

80 28 00

IANA-Enterprise-Number FTS, LS byte first

02

Object Index: : Line on Display to write on.

Command Specifier

Value ID (not used)

Length Number of characters to write, incremented by


one. (The string need not be null-terminated; characters
exceeding the length of a display line are truncated.)

Attribute:
0 = Write String left aligned.
1 = Write String centered.

10:10+n

Characters to write to the display; string need not be nullterminated.

BC

10

Completion Code

2:4

iRMC

NetFnlLUN: OEM/Group

6:7

Response Data

B8

80 28 00

IANA-Enterprise-Number FTS, LS byte first

425

Firmware-specific commands

IPMI OEM Commands

12.2.5 Firmware-specific commands


20 04 - Set Firmware Selector
This command configures the firmware image of the iRMC which is to be active
after a firmware reset.
Request Data

Response Data

426

20

NetFnlLUN: Firmware
CMD : Command Group Firmware

04

Selector:
0 = Auto (Select firmware image with highest firmware
version.)
1 = low firmware image
2 = high firmware image
3 = Auto oldest version (Select firmware image with oldest
firmware version.)
4 = MRP (Select most recently programmed firmware.)
5 = LRP (Select least recently programmed firmware.)

24

04

Completion Code

iRMC

IPMI OEM Commands

Firmware-specific commands

20 05 - Get Firmware Selector


This command returns the current firmware selector setting.
Request Data

Response Data

iRMC

20

NetFnlLUN: Firmware

05

CMD : Command Group Firmware

24

05

Completion Code

Next Boot Selector:


0 = Auto (Select EEPROM with highest firmware version.)
1 = low EEPROM
2 = high EEPROM
3 = Auto oldest version (Select EEPROM oldest firmware
version.)
4 = MRP (Select most recently programmed firmware.)
5 = LRP (Select least recently programmed firmware.)

Running Selector; tells which firmware is currently running:


1 = low EEPROM
2 = high EEPROM

427

Firmware-specific commands

IPMI OEM Commands

C0 19 - Get Remote Storage Connection or Status


Depending on the parameters passed, this command returns information on
whether any Remote Storage connections are available,
the status and type of any Remote Storage connection(s).
If Request Data 1 is set to 1, the command returns information as to whether
storage media are connected as Remote Storage.
Request Data

Response Data

428

C0

NetFnlLUN: OEM
CMD : Command Group Firmware

19

01

00

00

C4

19

Completion Code

01

00: No
01: Yes, connected

00

00

iRMC

IPMI OEM Commands

Firmware-specific commands

If Request Data 1 is set to 2, the command returns information on the status and
type of any Remote Storage connection(s).
Request Data

Response Data

C0

NetFnlLUN: OEM
CMD : Command Group Firmware

19

02

00

00 = Connection 0
01 = Connection 2

C4

19

Completion Code

02

00

00

00 = Invalid / unknown
01 = idle
02 = Connection Attempt pending
03 = Connected
04 = Connection Attempts retries exhausted / failed
05 = Connection lost
06 = Disconnect pending

00 = Invalid / unknown
01 = Storage Server / IPMI
02 = Applet
03 = None / Not connected

C0 1A - Set Video Display On/Off


This command allows you to switch the local console on or off.
Request Data

Response Data

iRMC

C0

NetFnlLUN: OEM
Cmd : Command Group Fan Test

1A

00 = Set Video Display On


01 = Set Video display Off

C4

1A

Completion Code

429

BIOS-specific commands

IPMI OEM commands

12.2.6 BIOS-specific commands


F1 09 - Get BIOS POST State
This command provides information whether BIOS is in POST.
Request Data

B8

NetFnlLUN: OEM/Group

F1

Cmd : Command Group BIOS

1:3

Response Data

09

IANA-Enterprise-Number FTS, LS Byte first

Command Specifier

BC

F1

Completion Code

2:4
5

430

80 28 00

80 28 00

IANA-Enterprise-Number FTS, LS Byte first

[7:1] - reserved
[0] - BIOS POST State : 0 = BIOS is not in POST
1 = BIOS is in POST

iRMC

IPMI OEM commands

BIOS-specific commands

F1 15 - Get CPU Info


This command returns CPU-internal information. The iRMC gets this information from the BIOS during the POST phase.
Request Data

1:3
4

Response Data

NetFnlLUN: OEM/Group

F1

Cmd : Command Group BIOS

80 28 00
15

IANA-Enterprise-Number FTS, LS Byte first

Command Specifier

Socket Number (0-based) of the CPU

BC

F1

Completion Code:
01 = Unpopulated CPU Socket

2:4
5:6
7
8

80 28 00

IANA-Enterprise-Number FTS, LS Byte first

CPU ID, LS Byte first


Platform ID
Brand ID

9:10

Maximal Core Speed of the CPU [MHz], LS Byte first

11:12

Intel Qickpath Interconnect in Mega Transactions per


second,
LS Byte first

13

T-Control Offset

14

T-Diode Offset

15

iRMC

B8

CPU data Spare

16:17

Record ID CPU Info SDR, LS Byte first

18:19

Record ID Fan Control SDR, LS Byte first

20:21

CPU ID High Word, LS Byte first (0 if none)

431

iRMC-specific commands

IPMI OEM commands

12.2.7 iRMC-specific commands


F5 10 - Get System Status
This command returns a variety of internal information on the system such as
the power state, error status, etc.
Request Data

1:3
4
5:8

Response Data

B8

NetFnlLUN: OEM/Group

F5

Cmd : Command Group Memory

80 28 00
10

IANA-Enterprise-Number FTS, LS byte first

Command Specifier

Timestamp

BC

F5

Completion Code

2:4

80 28 00

IANA-Enterprise-Number FTS, LS byte first

System Status (For details see below.)

Signaling (For details see below.)

Notifications (For details see below.)

POST Code

I The Timestamp is only relevant for evaluating the Notifications Byte.


System Status
Bit 7 - System ON
Bit 6 Bit 5 Bit 4 - SEL entries available
Bit 3 Bit 2 - Watchdog active
Bit 1 - Agent connected
Bit 0 - Post State

432

iRMC

IPMI OEM commands

iRMC-specific commands

Signaling
Bit 7 - Localize LED
Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 - Global Error LED
Bit 0 - Global Error LED
Notifications
Bit 7 - SEL Modified (New SEL Entry)
Bit 6 - SEL Modified (SEL Cleared)
Bit 5 -

SDR Modified

Bit 4 - Nonvolatile IPMI Variable Modified


Bit 3 - ConfigSpace Modified
Bit 2 Bit 1 Bit 0 - New Output on LocalView display

iRMC

433

iRMC-specific commands

IPMI OEM commands

F5 12 - Get EEPROM Version Info


This command returns information on the current versions (bootloader,
firmware and SDR) stored in the EEPROM(s).
Request Data

1:3

Response Data

NetFnlLUN: OEM/Group

F5

Cmd : Command Group Memory

80 28 00

IANA-Enterprise-Number FTS, LS byte first

12

EEPROM# 00=EEPROM 1; 01=EEPROM 2

BC

Command Specifier

F5

Completion Code

2:4

80 28 00

IANA-Enterprise-Number FTS, LS byte first

Status

Major FW Revision

Binary coded

Minor FW Revision

BCD coded

8:10

434

B8

00=Checksum Error Runtime FW, 01=OK

Aux. FW Revision

Binary coded (major/minor/res.)

11

Major FW Revision

ASCII coded letter

12

Major SDRR Revision

BCD coded

13

Minor SDRR Revision

BCD coded

14

SDRR Revision Char.

ASCII coded letter

15

SDRR-ID

LSB binary coded

16

SDRR-ID

MSB binary coded

17

Major Booter Revision

Binary coded

18

Major Booter Revision

BCD coded

19:20

Aux. Booter Revision

Binary coded (major/minor)

iRMC

IPMI OEM commands

iRMC-specific commands

F5 43 - Get SEL entry long text


This command translates a given SEL entry into long text.
Request Data

B8

NetFn|LUN: OEM/Group

F5

Cmd : Command Group iRMC

1:3
4
5:6

Response Data

80 28 00

IANA-Enterprise-Number FTS, LS Byte first

43

Command Specifier

Record ID

of SEL record, LS Byte first


0x0000: get first record
0xFFFF: get last record

Offset

in response SEL text

MaxResponseDataSize

BC

F5

Completion Code:

2:4

80 28 00

5:6

Next Record ID

7:8

Actual Record ID

IANA-Enterprise-Number FTS, LS Byte first

Record type

10:13

Timestamp

14

Severity:

Bit 7:
Bit 6-4:

Bit 3-0:
15

iRMC

size of Converted SEL data


(16:n) in response

Data length

0 = No CSS component
1 = CSS component
000 = INFORMATIONAL
001 = MINOR
010 = MAJOR
011 = CRITICAL
1xx = Unknown
reserved, read as 0000

of the whole text

16:n

Converted SEL data

n+1

String Terminator

requested part
(n = 16 + MaxResponseDataSize - 1)
trailing '\0' character

435

iRMC-specific commands

IPMI OEM commands

F5 45 - Get SEL Entry Text


This command translates a given SEL entry into ASCII text.
Request Data

B8

NetFnlLUN: OEM/Group

F5

Cmd : Command Group iRMC

1:3
4
5:6
Response Data

80 28 00
45

IANA-Enterprise-Number FTS, LS Byte first

Command Specifier

Record ID of SDR, LS Byte first

BC

F5

Completion Code

2:4

80 28 00

5:6

Next Record ID

IANA-Enterprise-Number FTS, LS Byte first

7:8

Actual Record ID

Record type

10:13

Timestamp

14

Severity:

Bit 7:
Bit 6-4:

Bit 3-0:
15
16:35

436

0 = No CSS component
1 = CSS component
000 = INFORMATIONAL
001 = MINOR
010 = MAJOR
011 = CRITICAL
1xx = Unknown
reserved, read as 0000

Data length
Converted SEL data

iRMC

IPMI OEM commands

iRMC-specific commands

F5 B0 - Set Identify LED


This command allows you to switch the Identify LED (blue) of the server on and
off. In addition, you can set and read the GPIOs that are directly connected to
the Identify LED.

I You can also switch the Identify LED on and off using the Identify switch
on the server.

Request Data

B8

NetFnlLUN: OEM/Group

F5

Cmd : Command Group BMC

1:3

Response Data

80 28 00

IANA-Enterprise-Number FTS, LS byte first

B0

Identify LED:
0: Identify LED off
1: Identify LED on

BC

F5

Completion Code

2:4

Command Specifier

80 28 00

IANA-Enterprise-Number FTS, LS byte first

F5 B1 - Get Identify LED


This command returns information on the status of the Identify LED (blue) of the
server.
Request Data

1:3

Response Data

NetFnlLUN: OEM/Group

F5

Cmd : Command Group BMC

80 28 00

IANA-Enterprise-Number FTS, LS byte first

B1

BC

F5

Completion Code

2:4
5

iRMC

B8

Command Specifier

80 28 00

IANA-Enterprise-Number FTS, LS byte first

State of Identify LED (only bit 0 is relevant)

437

iRMC-specific commands

IPMI OEM commands

F5 B3 - Get Error LED


This command returns information on the status of the Global Error LED (red)
of the server. The Global Error LED indicates the most serious error status of
the components.
Request Data

1:3

Response Data

NetFnlLUN: OEM/Group

F5

Cmd : Command Group BMC

80 28 00

B3

BC

F5

1
2:4
5

438

B8

IANA-Enterprise-Number FTS, LS byte first

Command Specifier

Completion Code
80 28 00

IANA-Enterprise-Number FTS, LS byte first

State of Error LED:


0: Error LED off
1: Error LED on
2: Error LED blink

iRMC

IPMI OEM commands

iRMC-specific commands

F5 DF - Reset Nonvolatile Cfg Variables to Default


This command forces all non-volatile IPMI settings to be set to default values.
Request Data

B8

NetFnlLUN: OEM/Group

F5

Cmd : Command Group BMC

1:3
4
5:8
Response Data

80 28 00
DF

IANA-Enterprise-Number FTS, LS byte first

Command Specifier

43 4C 52 AA = CLR0xaa: Security Code

BC

F5

Completion Code

2:4

80 28 00

IANA-Enterprise-Number FTS, LS byte first

F5 E0 - Reset ConfigSpace variables to default


This command forces all Configuration Space variables to be set to default
values.
Request Data

1:3
4
5:8

Response Data

NetFnlLUN: OEM/Group

F5

Cmd : Command Group BMC

80 28 00
E0

IANA-Enterprise-Number FTS, LS byte first

Command Specifier

43 4C 52 AA = CLR0xaa: Security Code

BC

F5

Completion Code

2:4

iRMC

B8

80 28 00

IANA-Enterprise-Number FTS, LS byte first

439

iRMC-specific commands

IPMI OEM commands

F5 F8 - Delete User ID
The system supports up to 16 users. This command allows individual iRMC
users to be deleted.

V IMPORTANT!
The system can no longer be managed if all iRMC users are deleted.
Request Data

1:3
4
5:8

Response Data

NetFnlLUN: OEM/Group

F5

Cmd : Command Group BMC

80 28 00
F8

IANA-Enterprise-Number FTS, LS byte first

Command Specifier

User ID (1-16)

BC

F5

Completion Code

2:4

440

B8

80 28 00

IANA-Enterprise-Number FTS, LS byte first

iRMC

Related publications
The documentation for the PRIMERGY manuals can be found on the
PRIMERGY ServerView Suite DVD 2 supplied with each server system.
The documentation can also be downloaded free of charge from the Internet.
You will find the online documentation on the Internet at
http://manuals.ts.fujitsu.com under the link Industry standard servers.
[1]

ServerView Suite
Basic Concepts

[2]

PRIMERGY Glossary

[3]

PRIMERGY Abbriviations

[4]

Secure PRIMERGY Server Management


Enterprise Security
PRIMERGY server management for secure,
highly available platforms
White Paper

[5]

PRIMERGY ServerView Suite


Installation Manager
User Guide

[6]

PRIMERGY ServerView Suite


Deployment Manager
User Guide

[7]

PRIMERGY ServerView Suite


ServerView Operations Manager
Installation under Windows
Installation Guide

[8]

PRIMERGY ServerView Suite


ServerView Operations Manager
Installation under Windows
Quick Installation Guide

iRMC

441

Related publications
[9]

PRIMERGY ServerView Suite


ServerView Operations Manager
Installation under Linux
Installation Guide

[10]

PRIMERGY ServerView Suite


ServerView Operations Manager
Installation under Linux
Quick Installation Guide

[11]

PRIMERGY ServerView Suite


ServerView S2
ServerView Agents (Linux, VMware)
Quick Installation Guide

[12]

PRIMERGY ServerView Suite


ServerView Operations Manager
Server Management
User Guide

[13]

PRIMERGY ServerView Suite


ServerView Inventory Manager
User Guide

[14]

PRIMERGY ServerView Suite


ServerView Archive Manager
User Guide

[15]

PRIMERGY ServerView Suite


Asset Management
Command Line Interface
User Guide

[16]

PRIMERGY ServerView Suite


ServerView RAID Manager
User Guide

[17]

PRIMERGY ServerView Suite


ServerView Event Manager
User Guide

442

iRMC

Related publications
[18]

PRIMERGY ServerView Suite


ServerView Threshold Manager
User Guide

[19]

PRIMERGY ServerView Suite


ServerView Performance Manager
User Guide

[20]

PRIMERGY ServerView Suite


ServerView Download Manager
ServerView
User Guide

[21]

PRIMERGY ServerView Suite


ServerView Update Manager
User Guide

[22]

PRIMERGY ServerView Suite


ServerView Update Manager Express
User Guide

[23]

PRIMERGY ServerView Suite


PrimeUp
User Guide

[24]

PRIMERGY ServerView Suite


Bootable Update CD
User Guide

[25]

PRIMERGY ServerView Suite


ServerView Online Diagnostics
User Guide

[26]

PRIMERGY ServerView Suite


Local Service Concept (LSC)
User Guide

[27]

PRIMERGY ServerView Suite


PrimeCollect
User Guide

iRMC

443

Related publications
[28]

PRIMERGY ServerView Suite


ServerView Virtual-IO Manager
User Guide

[29]

PRIMERGY ServerView Suite


ServerView Virtual-IO Manager CLI
Command Line Interface

[30]

PRIMERGY ServerView Suite


ServerView Integration
Overview

[31]

PRIMERGY ServerView Suite


ServerView Integration in MOM
User Guide

[32]

PRIMERGY ServerView Suite


ServerView Integration Pack for MS SCOM
User Guide

[33]

PRIMERGY ServerView Suite


ServerView Integration Pack for MS SMS
User Guide

[34]

PRIMERGY ServerView Suite


DeskView and ServerView Integration Pack for Microsoft SCCM
User Guide

[35]

PRIMERGY ServerView Suite


ServerView Integration in HP OpenView NNM
User Guide

[36]

PRIMERGY ServerView Suite


ServerView Integration in HP Operations Manager
User Guide

[37]

PRIMERGY ServerView Suite


ServerView Integration Pack in Tivoli NetView
User Guide

[38]

PRIMERGY ServerView Suite


ServerView Integration Pack in Tivoli TEC
User Guide

444

iRMC

Related publications
[39]

PRIMERGY ServerView Suite


ServerView Integration in DeskView
User Guide

[40]

PRIMERGY ServerView Suite


ServerView Remote Management Frontend
User guide

[41]

PRIMERGY ServerView Suite


iRMC - integrated Remote Management Controller
User Guide

[42]

PRIMERGY ServerView Suite


iRMC S2 - integrated Remote Management Controller
User Guide

[43]

PRIMERGY BX300 Blade Server Systems


Operating Manual

[44]

PRIMERGY BX600 Blade Server Systems


Operating Manual

[45]

PRIMERGY BX600 Blade Server Systems


ServerView Management Blade S3
User Interface Description
User Guide

[46]

PRIMERGY BX900 Blade Server Systems


Operating Manual

[47]

PRIMERGY BX900 Blade Server Systems


ServerView Management Blade S1
User Interface Description
User Guide

[48]

PRIMERGY Blade Server System


LAN Switch Blade
User Interface Description
User Guide

[49]

BIOS-Setup
Description

iRMC

445

Related publications
[50]

PRIMEPOWER ServerView Suite


System Administration within a Domain
User Guide

[51]

FibreCAT CX
Monitoring FibreCAT SX systems with ServerView Operations
Manager
Welcome Guide

[52]

FibreCAT SX
Monitoring FibreCAT SX systems with ServerView Operations
Manager
Welcome Guide

[53]

StorMan
Provisioning and managing virtualized storage resources
Administrator and User Guide

[54]

APC network management card


Users Guide

[55]

VMware
VMware ESX Server
Installation Guide

[56]

VMware
VMware ESX Server
Administration Guide

446

iRMC

Index
A
Active Directory 15, 57, 66, 365
configuration using the iRMC web
interface 272
configuration using the Server
Configuration Manager 365
iRMC groups and user
permissions 88
advanced features 370
Advanced Video Redirection
see also AVR
Advanced Video Redirection
(AVR) 288
alarm, see also alerting 351
alerting
configuring 53, 55, 247, 356
ASR&R Fan Settings 338
ASR&R options
configuring 231
ASR&R Temperature Settings 340
assign
iRMC users to a group 88, 117
remote storage server to
iRMC 297, 370
assign iRMC users to OU
iRMCgroups
in Active Directory 88
assign iRMC users to the OU
iRMCgroups
in eDirectory 117
in OpenLDAP 128
AVR 133
checking requirements 134
integrated special keys 138
local monitor off 137
menus 147
parallel sessions 136
redirecting the keyboard 136
redirecting the mouse 140
secure keyboard 139
special key combinations 138

iRMC

starting 288
using 135
virtual keyboard 139, 148
AVR window
Extras menu 147, 148
Languages menu 151
Preferences menu 152
Remote Storage menu 151
B
BIOS text console 277
BIOS text console redirection
configuring 42, 43, 277
boot
iRMC 193
boot options
configuring 209
boot watchdog 233
C
CA (Certification Authority) 83
call
remote storage server GUI 172
CD ROM 159
certificate
self-signed 204
Certification Authority (CA) 83
certification authority, see CA 83
channel-specific
permission group 60
privileges 60
check
power supply 221
see also Enclosure
Information 318
sensors 215
server component 222
temperature sensor 218
voltage sensor 220
check temperature 318

447

Index
CLP 324
user data 326
CLP, see also SMASH CLP
color code (sensor) 215
Command Line Protocol (CLP) 324
command line shell (Remote
Manager) 323
communication interfaces (iRMC) 18
component status 222
components (server)
monitoring 222
configuration tools, LAN interface 38
configuration using the Server
Configuration Manager 329
Active Directory 365
ASR&R Fan Settings 338
ASR&R Temperature
Settings 340
calling from the Installation
Manager 330
calling from the Operations
Manager 333
calling from the Windows Start
menu 331
eDirectory 367
iRMC advanced features 370
iRMC directory service 362
iRMC DNS registration 347
iRMC DNS server 349
iRMC email alerting 351
iRMC LAN interface 342
iRMC mail format settings 354
iRMC networking ports 345
iRMC SNMP alerting 356
OpenLDAP 367
starting system
configuration 330
user ID (iRMC user
manangement) 357
configure 351
alerting 53, 55, 247, 356
ASR&R options 231
boot options 209
console redirection 43, 277

448

directory dervice 362


directory service 269, 365
directory service (Active
Directory) 272
directory service
(eDirectory) 274
directory service
(OpenLDAP) 274
directory service on the
iRMC 362
DNS for iRMC 245, 349
eDirectory 103, 367
eDirectory for LDAP 104
email alerting 252, 351
Ethernet settings (iRMC) 236,
342
host name for iRMC 243, 347
HP SIM integration 234, 371
IP parameters (iRMC) 342
iRMC 35
iRMC over the web interface 52
LAN interface 36, 39, 52, 54, 235
LAN parameters (iRMC) 342
LDAP access on the iRMC 83
mail-format-dependent
settings 257, 354
new user 261, 358
OpenLDAP 125, 367
ports and network services
(iRMC) 239, 345
power on/off times (server) 213
remote storage server 173
serial interface 48
serial/modem alerting 250
server management
information 229
SNMP trap alerting 248
system event log (server) 227
text console redirection 42, 43,
277
user 261
user (details) 262
users 259, 357
users, locally 259, 357

iRMC

Index
watchdog settings 233
configure users
locally 259, 357
connection
to Remote Storage,
terminating 163
connection to remote storage server
clearing 297
establishing 297
console redirection
configuring 277
starting (Remote Manager) 322
while the operating system is
running 46, 286
ConsoleOne
installing 101
starting 102
copyright (SSL) 131
create NDS tree (eDirectory) 103
D
default DHCP name (iRMC) 32
device type (remote storage) 159
DHCP configuration 243
Directory Service 66
directory service 15, 57, 66, 269,
362
directory service see also Active
Directory, eDirectory,
OpenLDAP 15, 57, 66
directory service see also Directory
Service
display
current DSA certificate 200
DSA/RSA certificate 200
DNS configuration 245
DNS for iRMC
configuring 245, 349
DNS registration 347
DNS server 349
documentation 12
domain controller certificate 85, 87
DSA certificate
default certificate 198

iRMC

displaying current 200


entering directly 203
restoring default certificate
DSA key (private)
entering directly 203
loading on the iRMC 198
providing in file 202
DSA/RSA certificate
displaying 200
entering directly 203
input format 198
loading on the iRMC 198
DSA/RSA key
entering directly 203
input format 198
DVD ROM 159

201

E
eDirectory 15, 57, 66, 367
administration tips 121
assigning iRMC users to the
OU iRMCgroups 117
configuration using the Server
Configuration Manager 367
configuring 103
configuring for LDAP 104
creating Principal User for
iRMC 113
importing the LDIF file 111
iRMC groups and user
permissions 113
LDAP authentication
process 109
software components and system
requirements 95
testing access via LDAP
browser 108
eDirectory Server
installing 97
EEPROM, iRMC 374
email alerting 351
configuring 252, 351
email configuration 266
emergency mode 386

449

Index
enclosure information
(Remote Manager) 317
enter
DSA certificate 203
DSA/RSA key 203
Enterprise CA 83
error icon 223
Ethernet 236
Ethernet settings (iRMC)
configure 342
configuring 236
execution mode
remote storage server 171
exit
remote storage server 176

functions, iRMC

F
factory defaults, iRMC 32, 96
fan
testing 216
fan test 216
fans
monitoring 216
firmware selector, iRMC 375
firmware update 373
offline update 383
online update 380
operands 387
firmware, iRMC 374
flash tool
offline update (firmware) 385
online update (firmware) 381
flash tools
flbmc 385
RedhatFLBMC 381
SuseFLBMC 381
syntax and operands 387
WinFLBMC 381
flash, see also firmware update
FlashDisk menu
offline update (firmware) 384
flbmc
offline update (firmware) 385
floppy disk drive 159

H
host name (iRMC) 347
configure 347
configuring 243
see also iRMC name
HP SIM integration
configuring 234, 371

450

13

G
generate
self-signed certificate 204
global email paging
configuration 254
global error LED 188
global iRMC
user management 66
global iRMC user management
via Active Directory 77
via eDirectory 95
via OpenLDAP 124
global user ID 57

I
ICMB 21
identification LED 188, 321
image file (ISO image) 159, 165
iManager
installing 99
login 100
install
ConsoleOne 101
iManager 99
Linux 409
OpenLDAP 124
operating system 391
remote storage server 166
see also remote installation of the
operating system
Windows 405

iRMC

Index
installing
eDirectory administration
utilities 97
eDirectory Server 97
integrated special keys (AVR) 138
Intelligent Platform Management
Interface, see IPMI
interfaces (iRMC) 18
IPMB 21
IPMI
background 19
channel concept 26
definition 19
implementation 21
IPMI-over-LAN interface 24
references 27
Serial Over LAN (SOL) 25
standards 21
user IDs 27
IPMI OEM commands 415
0115 - Get Power On Source 418
0116 - Get Power Off Source 419
011C - Set Power Off Inhibit 420
0120 - Set Next Power On
Time 422
0205 - System OS Shutdown
Request 423
0206 - System OS Shutdown
Request and Reset 423
0208 - Agent Connect Status 424
0209 Shutdown Request
Cancelled 424
1002 - Write to System
Display 425
2004 - Set Firmware
Selector 426
2005 - Get Firmware
Selector 427
C019 - Get Remote Storage
Connection or Status 428
C01A - Set Video Display
On/Off 429
description format 417

iRMC

F109 - Get BIOS POST


State 430
F115 - Get CPU Info 431
F510 - Get System Status 432
F512 - Get EEPROM Version
Info 434
F543 - Get SEL entry long
text 435
F545 - Get SEL Entry Text 436
F5B0 - Set Identify LED 437
F5B1 - Get Identify LED 437
F5B3 - Get Error LED 438
F5DF - Reset Nonvolatile Cfg
Variables to Default 439
F5E0 - Reset ConfigSpace
variables to default 439
F5F8 - Delete User ID 440
overview 415
IPMI OEMcommands
011D - Get Power Off Inhibit 421
iRMC 18
Advanced Video Redirection
(AVR) 288
AVR 133
communication interfaces 18
configuring 35
configuring over the web
interface 52
configuring the LAN interface 36,
39, 52, 54, 235
configuring the serial
interface 48
configuring with the Server Configuration Manager 54
default DHCP name 32
EEPROM 374
factory defaults 32, 96
firmware 374
firmware selector 375
firmware update 373
functions 13
license key 133, 155
local monitor off 137, 289
logging in (requirements) 31

451

Index
logging into the web interface 33,
178
offline update (firmware) 383
online update (firmware) 380
permissions 61
power supply 214
remote installation of the operating
system 391
remote storage 155, 165, 296
remote storage server 165
restarting 193
testing the LAN interface 41
user interface 183
user management 57
user permissions 60
RMC
remote storage 151
iRMC advanced features 370
iRMC directory service 362
configuring Active Directory 365
configuring eDirectory 367
configuring OpenLDAP 367
iRMC DNS registration 347
iRMC DNS server 349
iRMC email alerting 351
iRMC firmware settings 196
iRMC information 192
querying 192
iRMC LAN interface 342
iRMC mail format settings 354
iRMC options, miscellaneous 195
iRMC SNMP alerting 356
iRMC SSH access 298
iRMC Telnet access 298
iRMC user
creating in OpenLDAP 128
iRMC user group
assigning 88, 117
iRMC user management 357
global via Active Directory 77
global via eDirectory 95
global via OpenLDAP 124
integrating in OpenLDAP 126

452

iRMC users
assigning 88, 117
iRMC web interface 177
Advanced Video Redirection
(AVR) 288
alerting 247
alerting - email alerting 252
alerting - serial/modem
alerting 250
alerting - SNMP trap alerting 248
BIOS text console 277
certificate upload 198
color scheme 195
configuring iRMC 52
DHCP configuration 243
directory service
configuration 269
DNS configuration 245
general settings 195
iRMC 191
iRMC information 192
iRMC SSH access 298
iRMC Telnet access 298
iRMC Telnet/SSH access 298
local monitor 289
network interface 236
network settings 235
permissions 180
ports and network services 239
power management 206
power on/off 207
power options 211
power supply 214
power supply info 214
remote storage 296
saving firmware settings 196
saving iRMC firmware
settings 196
sensors 215
sensors - component status 222
sensors - fans 216, 220
sensors - power supply 221
sensors - temperature 218

iRMC

Index
server management
information 229
structure of the user
interface 183
system component
information 187, 190
system event log 223
system event log
configuration 227
system event log content 224
system information 186
temperature display 195
user management 62, 259
user management (local) 259
user management new user configuration 261
user management - user name
configuration 261, 262
iRMCgroups 73
assigning iRMC users
(eDirectory) 117
ISO image (image file) 159, 165
K
key combinations,
special (AVR) 138
keyboard
redirect (AVR) 136
virtual (AVR) 139, 148
L
LAN interface 342
LAN interface (iRMC) 37
configuring 36, 39, 52, 54, 235
testing 41
LAN parameters (iRMC)
configuring 235, 342
LDAP access (iRMC)
configuring 83
LDAP authentication process
(eDirectory) 109
LDAP configuration 269, 362
Active Directory 272
eDirectory 274

iRMC

OpenLDAP 274
LDAP directory service
see also directory service
LDAP, see also directory service
LDIF file 73
importing into Active Directory 77
importing into directory
service 76
importing into eDirectory 111
importing into OpenLDAP 126
ldifde 78
license key 133, 155, 193, 194, 195,
370
deleting 194
loading onto the iRMC 194
Linux, remote installation 409
local monitor
powering on and off 137, 289
local monitor display 289
local monitor off 137, 289
local user ID 57
local user management (iRMC) 62,
259, 357
log in
to iRMC (requirements) 31
to Remote Manager 308
to the iRMC web interface 33,
178
M
mail format settings 354
mail see also email
mail-format-dependent
configuration 257
main menu (Remote Manager) 310
managed server, see server
management information 229
management information, see server
management information
Microsoft Active Directory see also
Active Directory 15, 57, 66
Microsoft Active Directory,
see Active Directory
Miscellaneous iRMC Options 195

453

Index
monitor
fans 216
power supply 221
temperature 218
voltage 220
monitor, local 137, 289
monitor, see check
mouse pointer
synchronizing 140
mouse redirection (AVR) 140
N
network interface 236
network settings 235
networking ports 345
new user configuration 261
notational conventions 29
Novell ConsoleOne
see also ConsoleOne
Novell eDirectory directory
see also eDirectory
Novell eDirectory see also eDirectory
Novell eDirectory Server
see also eDirectory Server
Novell eDirectory, see eDirectory
Novell iManager see also iManager
O
offline update (firmware) 383
online update (firmware) 380
Open LDAP Browser/Editor 79
OpenLDAP 15, 57, 66, 367
administration tips 129
assigning iRMC users to the
OU iRMCgroups 128
configuration using the Server
Configuration Manager 367
configuring 125
create Principal User 127
creating an iRMC user 128
creating SSL certificates 124
importing the LDIF file 126
installing 124

454

integrating iRMC user


management 126
iRMC groups and user
permissions 126
iRMC user management 124
operate
iRMC using Telnet/SSH 303, 305
iRMC via Telnet/SSH 298
Remote Manager 305
operating system, remote
installation 391
see also remote installation of the
operating system
overview of menus
Remote Manager 305
P
parallel AVR sessions 136
password
changing 313
permission group 70
channel-specific 60
permission, see also privilege
permissions
for special iRMC functions 61
iRMC web interface 180
Remote Manager 312
ports and network services 239
configuring for iRMC 239, 345
power control 210
power management 206, 207, 211,
315
behavior after power outage 212
power on/off time 213
power restore policy 212
restart options 210
power off
server 210
power on
server 210
power on/off 207
power on/off time 213
power options 211
power restore policy 212

iRMC

Index
power status summary 208
power supply
monitoring 221
power supply info 214
preconfigured user ID 61
primary SMTP server
configuration 255
Principal User
creating in eDirectory 113
creating in OpenLDAP 127
private DSA/RSA key,
see DSA/RSA key
privilege
privileges / permissions 265
privileges, channel-specific 60
Q
query
information on server 187
information on server
components 190
iRMC information 192
server management
information 229
system information 186
query information
information on server 187
iRMC firmware 193
on iRMC 192
power supply 221
server components 190
system event log 227
voltage sensors 220
query system information 314
R
RedhatFLBMC
online update (firmware) 381
redirect
keyboard (AVR) 136
redirect mouse (AVR) 140
remote installation of the operating
system 391
general procedure 392

iRMC

Linux 409
remote storage connection 394
requirements 391
Windows 405
Remote Manager 298, 303, 305
changing the password 313
enclosure information 317
logging in 308
main menu 310
operating 305
overview of menus 305
permissions 312
power management 315
service processor 321
starting console redirection 322
starting the command line
shell 323
system event log 319
system information 314
Remote Manager (Serial) 51
Remote Storage
terminating a connection 163
remote storage 151, 155, 165, 296
connecting storage media 161
device type 159
providing storage media 159
removing the storage
medium 164
starting 157
remote storage server 165
assigning 370
calling the GUI 172
configuring 173
executing as a service 171
executing as stand-alone 171
execution mode 171
exiting 176
installing 166
starting 175
RemoteView documentation 12
requirements
AVR 134
remote installation of the operating
system 391

455

Index
restart options 210
RSA certificate, see DSA/RSA certificate
S
secondary SMTP server
configuration 256
secure keyboard (AVR) 139
security group 70
security group see also permission
group
self-signed
certificate 204
sensor
checking 215
color code 215
status icon 215
sensors 215
serial/modem alerting 250
configuring 250
serial/modem interface (iRMC) 48
configuring 49
Remote Manager (Serial) 51
server
ASR&R options 231
booting and configuring with
ServerStart 398
checking components 222
checking sensors 215
configuring settings 229
configuring the event log 227
HP SIM integration options 234,
371
power management 211
power management after power
outage 212
power options 211
power supply info 214
powering on and off 210
remote installation (Linux) 409
remote installation
(Windows) 405
remote installation of the operating
system 391

456

specifying power on/off time 213


view event log 226
watchdog settings 233
Server Configuration Manager
configuring iRMC 54
user management 64
user management (local) 357
Server Configuration Manager, see
also configuration using the Server
Configuration Manager
server management information 229
querying and configuring 229
ServerView Update Manager Express
see Update Manager Express
ServerView Update Manager see
Update Manager
service 12
service processor (Remote
Manager) 321
SMASH CLP 324
command hierarchy 326
commands 324
starting 323
syntax 324
user data 326
SMTP, see also email
SNMP alerting 356
SNMP alerting, see SNMP trap
alerting
SNMP trap alerting 248
configuring 248, 356
software watchdog 233
special key combinations (AVR) 138
special keys
integrated (AVR) 138
SSH 198, 298, 303, 305
SSL 198
SSL and SSH certificate 198
SSL certificate
creating 124
SSL copyright 131
start
Advanced Video Redirection 288
remote storage 157

iRMC

Index
remote storage server 175
remote storage server GUI 172
status
components 222
status icon
system component status 190
status icon (sensor) 215
storage media
connecting as remote
storage 161
providing for remote storage 159
SuseFLBMC
online update (firmware) 381
synchronize
mouse pointer 140
syntax 324
system component status
status icon 190
system event log 223, 319
configuring 227
error icon 223
view 226
system event log configuration 227
system event log content 224, 226
error icon 223
system fans 217
system information 186, 187, 190
querying 186
system information (Remote
Manager) 314
T
target group 12
Telnet 298, 303, 305
temperature
monitoring 218
temperature sensor
checking 218
Temperature Settings (ASR&R)
340
test
fan 216
LAN interface 41

iRMC

338,

text console redirection


configuring 42, 43, 277
while the operating system is
running 46, 286
U
update
firmware 373
Update Manager
online update (firmware) 380
Update Manager Express
online update (firmware) 381
USB memory disk 159
user
configuring 261
configuring (details) 262
configuring (new) 261
user name configuration 262
user data 326
user ID 27, 57
preconfigured 61
user information 263
user interface (iRMC) 183
user management 259, 357
user management (iRMC) 57
assigning users to a group 88,
117
concept 58
configuring LDAP access 83
creating a domain controller
certificate 85
generating iRMCgroups in the
LDAP directory service 73
global 66
global user permissions 68, 69
installing a domain controller
certificate 87
installing an Enterprise CA 83
integrating in eDirectory 109
local 62
local using the iRMC web
interface 259
local via the iRMC web
interface 62

457

Index
locally using the Server
Configuration Manager 357
locally via the Server Configuration
Manager 64
preferred shell 72
user ID 57
using Active Directory 66, 68
via directory service 68
user permissions 60
cross-server 69
global 68, 69
in Active Directory 88
in eDirectory 113
in OpenLDAP 126
users
configuring 259, 357
configuring (new) 358

W
watchdog settings
configuring 233
web interface, see iRMC web interface
Windows, remote installation 405
WinFLBMB
online update (firmware) 381
X
X.509 certificate, see DSA/RSA certificate

V
ventilator, see also fan
view
system event log (server) 226
virtual keyboard (AVR) 139, 148
voltage 220
voltage sensor
checking 220

458

iRMC