| Sun Blade X6450 Embedded Lights Out Manager Administration Guide |    
|
| C H A P T E R 4 |
|
Configuring, Managing, and Maintaining the Server Using the Web GUI |
This chapter provides information about how to use the web GUI and the Sun Blade X6450 Server Module software to configure, manage, and maintain your server.
This chapter is divided into the following sections:
This chapter addresses your local system. For information about how to redirect your commands to a remote system, see Chapter 5.
For information about connecting to the ELOM see Chapter 2.
The Configuration submenu tabs allow you to configure the operation of the server. This section contains the following server configuration procedures:
| Note - The service processor (SP) is also referred to as the BMC. Wherever BMC is mentioned, consider it different terminology for the SP. |
|
On the ELOM main menu, click the Configuration tab.
The Configuration submenu tabs appear (see FIGURE 4-1). You are now able to access the Network, E-mail Notification, Platform Event Filter, Set Time, SSL Certificate, and SNMP tabs.
FIGURE 4-1 The Configuration submenu Tabs
|
From the Configuration submenu, click the Network tab.
The Network configuration screen appears (see FIGURE 4-1). Use this screen to enable or disable DHCP and set DNS. If you disable DHCP, you must manually supply the IP address, the netmask, and the gateway.
| Note - The MAC address is hardware encoded and unique to each system. It cannot be modified. |
The E-mail Notification screen enables you to configure the email recipients for any ELOM generated events. The system allows you to designate up to 10 recipients. Email Notification is used in conjunction with Platform Event Filters (PEF). PEFs are event traps that allow you to associate an action, or a set of actions, with the occurrence of a specific event. One such action is mail notification. The Send Mail action is enabled in the Platform Event Filter screen, and configured in the E-mail Notification screen.
|
From the Configuration submenu, click the E-mail Notification tab.
The Enable E-mail Notification screen appears. You must supply the name of the SMTP server and the Sender, and designate the receiver email addresses.
To capture the event messages for the system logs and email notification, you must define the system generated events that you want to trap and the actions you want to allow. The Platform Event Filter (PEF) screen allows you to activate this feature, configure PEF parameters, and define traps by creating event filters.
|
1. Click the Configuration tab.
The Configuration submenu tabs appear.
2. Click the Platform Event Filter tab.
The Platform Event Filter screen appears (see FIGURE 4-2).
FIGURE 4-2 The Platform Event Filter screen
The PEF screen is divided into Four sections:
3. Click the Enable PEF radio button in the Platform Event Filter section (see FIGURE 4-3).
FIGURE 4-3 The Platform Event Filter Section
4. Enter the IP of the servers receiving the trapped system event messages in the Trap Receiver Destination Address section (see FIGURE 4-4).
You can designate up to four servers.
FIGURE 4-4 The Platform Event Filter and Trap Receiver Destination Address sections of the Platform Event Filter screen.
5. Select the PEF Global Actions by clicking the check box for each of the actions you want to enable (see FIGURE 4-5).
FIGURE 4-5 The PEF Action Global Control Section
There are six possible PEF Global Actions. TABLE 4-1 lists and describes the actions.
When you select an action you are enabling that function globally. For example, if you select all three power-related actions, you are enabling the functionality of those actions, and you will be able to select them in the Configure Event Filter section.
6. Select the sensor you want to filter from the Configure Event Filter drop-down list (see FIGURE 4-6).
FIGURE 4-6 The Event Filter and Event Action Configuration Sections
The drop-down list has the following six sensor options:
Each option corresponds to the sensors associated with that component/subsystem. The Event Filter Configuration and Event Action Configuration sections allow you to configure each of these six options separately.
7. Select all the actions that apply for the sensor by clicking the corresponding check boxes in the Event Action Configuration section (see FIGURE 4-6). The four check box options are:
The Power Control option has a drop-down list with three power-related actions: Power Cycle, Power Off, and Power Reset. If you select the Power Control action, you must also select one of the three actions.
8. Repeat step 6 and step 7 for each sensor you want to configure.
9. Click the Submit button to save your settings.
10. A screenshot showing the Platform Event Filter Screen.
|
1. From the Configuration submenu, click the Set Time tab.
2. Use the radio buttons to manually input the date and time, or to use an NTP server. For the latter, you will have to input the IP address of the server.
This screen allows you to either create the certificate required for the Certificate Signing Request (CSR) or upload an existing certificate. A certificate is necessary when using a browser to access a secure (HTTPS) site. The HTTPS scheme requires that a digitally signed certificate is installed at the applicant’s site.
|
1. From the Configuration submenu, click the SSL Certificate tab.
The SSL Configuration screen appears.
2. In the drop-down list, select CSR.
4. Fill in the open fields, and click the Generate button.
|
1. From the Configuration submenu, click the SSL Certificate tab.
The SSL Configuration screen appears.
2. In the drop-down list, select Certificate.
4. Click Browse, and select the SSL Certificate.
|
From the Configuration submenu, click the SNMP tab.
The SNMP screen appears, and the SNMP Settings, SNMP Communities, and SNMP User Settings submenu tabs become available.
|
1. From the SNMP submenu click the SNMP Settings tab.
The SNMP Settings screen appears. On this screen you can designate the port, set requests, and select versions of SNMP protocols to be permitted.
See Chapter 9 for a description of the meaning of those choices.
2. Select the Set Request check box to set one or more SNMP variables.
This check box acts as a global override for the user and community read/write permissions. For example, if you disable Set Requests, a member of the private community accessing your Sun server module or stand-alone system via the SNMP interface cannot set sysContact despite having write permission.
3. To override the delivered system default, select the check box beside the preferred version of SNMP protocols.
4. Click Submit, or to clear your entries, click Reset.
|
1. From the SNMP tab, choose SNMP Communities.
The SNMP Communities screen appears. This screen allows you to add, modify, and delete SNMP Communities.
2. To add, modify, or delete a community, click the radio button for the row that you would like to configure.
3. In the same row, click the appropriate Operation button.
4. Click Submit to save your changes.
You can also click Reset to cancel without saving.
|
1. From the SNMP submenu, click SNMP User Settings.
The SNMP User Settings screen appears. This screen allows you to add a new user, and edit an existing user’s settings.
2. To add, edit, or delete a user, select the radio button at the head of the row in which you would like to work.
3. In the same row, click the appropriate Operation button.
4. Click Submit to save your changes.
You can also click Reset to cancel without saving.
This section contains the following system management procedures:
The User Management tab provides access to the User Account screen, which lists current users by privilege and status, and enables the administrator to add, delete, modify and enable or disable user accounts.
The ELOM supports up-to 10 user accounts. One of the user accounts is root, which is set by default and cannot be removed. Therefore, you can configure nine additional accounts. Each user account consists of a user name, a password, and a permission.
User privileges extend to both the web GUI and the CLI.
The privileges that a user can be assigned include:
TABLE 4-2 shows the user permission levels and the access each level has to the ELOM menus and screens.
|
1. From the main menu, click the User Management tab.
The User Account screen appears (see FIGURE 4-7). The User Account screen shows the User List, which allows you to add or delete a user, change a user password and privilege, and enable or disable a user’s status.
FIGURE 4-7 The User Account Screen Showing the User List
|
| Note - Only accounts with Administrator privileges are allowed to add, modify, or delete user accounts. |
1. From the User Management main menu, click the User Account tab.
2. In User List screen, click any available Add User button.
The Manage User Account screen appears.
| Note - If all nine user account slots are configured, you must delete an existing user account before you can add a new user account. See To Delete a User Account. |
3. Enter a user name and password in their respective fields.
TABLE 4-3 summarizes the acceptable user name and password length and character set.
Do not include spaces in user names and passwords.
4. Enter the password again in the Confirm Password field.
5. Select either Administrator, Operator, User, or Callback for the user role.
6. Click Submit to create the user.
|
1. In the User List, locate the user name of the account you want to delete.
2. Click the Delete button for the account.
The system will not prompt for a confirmation.
|
1. From the User Management main menu, click the User Account tab.
2. In the User List screen, click the Change Password or Change Privilege button for the appropriate user account.
The Manage User Account screen appears.
3. In the Manage User Account screen, make the necessary changes, and click Submit.
|
1. From the User Management main menu, click the User Account tab.
2. To disable or enable a user account, click the Disable or Enable button for that account.
|
1. From the User Management submenu, click the ADS Configuration tab.
The ADS Configuration screen appears. The ADS Configuration screen allows you to locate and upload a certificate from Active Directory Service (ADS) for a Microsoft Windows environment. Using ADS can simplify administration tasks by allowing the monitoring of several machines in one node.
2. Click Browse... to locate the ADS certificate.
3. Enter the Primary, Secondary DNS, and Root Domain addresses
4. Click Submit, or click Reset to clear your changes.
The ADS Configuration screen enables you to browse and upload a certificate from Active Directory Service (ADS) for a Microsoft Windows environment. Administrators can simplify their tasks by monitoring multiple machines in one node using ADS.
|
1. Install Windows 2003 and make it the Domain Controller in an Active Directory environment.
2. Create and configure the DNS server.
3. Add a new user and set privilege level (administrator or user) on the ADS server.
4. Use Control Panel to access Add or Remove Programs, and click Add/Remove Windows Components.
The Windows Components Wizard appears.
5. In the list of components, in the Windows Components screen, click the check box to enable Certificate Services (see FIGURE 4-8).
FIGURE 4-8 Windows Components Screen
6. Click Next to begin the Create CA Root Domain Certificate process.
This will require IIS to be installed also.
7. In the CA Type screen of the Windows Components Wizard, select the type of CA you want to set up (see FIGURE 4-9).
FIGURE 4-9 CA Type Windows Components Wizard Screen
9. In the CA Identifying Information screen, enter the necessary information to identify this CA (FIGURE 4-10), and click Next.
FIGURE 4-10 CA Identifying Information Windows Components Wizard Screen
10. In the Certificate Database Settings screen, enter the locations for the certificate database, database log, and configuration information (see FIGURE 4-11).
FIGURE 4-11 Certificate Database Settings Windows Components Wizard Screen
11. To finish the Create CA Root Domain Certificate process, click Next.
12. To export the AD certificate, locate the net certificate for your Domain.
You will see a certificate called, C:/xxx.crt.
13. Double-click the Certificate.
The certificate screen appears.
FIGURE 4-12 The Certificate Information Screen
The Certificate Details screen appears (see FIGURE 4-13).
FIGURE 4-13 The Certificate Details Screen
15. Click the Copy to File... button.
The Certificate Export Wizard screen appears (see FIGURE 4-14).
FIGURE 4-14 The Certificate Export Wizard Screen
The Export File Format screen appears.
FIGURE 4-15 The Export File Format
17. Under the heading Select the format that you want to use:, click the radio button for the second option, Base-64 Encoded X.509 (.CER).
The File to Export screen appears (see FIGURE 4-16)
FIGURE 4-16 The File to Export Screen
| Note - DNS resolution issues might occur if the filename is incorrect. |
Store this exported certificate in a shared folder of your choice.
The ad.cer file is exported to the shared folder.
21. To set the Certificate server to respond to the CA request automatically, open Default Domain Controller Security Settings.
22. Expand Public Key Policies, and in the Automatic Certificate Request Settings, create a new Computer entry from the supplied entry list.
23. Use a browser to connect to an SP ELOM web GUI.
Enter the URL of the SP in the address bar.
24. Log in as root, or as a user with administrator privileges.
25. Click the User Management tab, and click the ADS Configuration submenu tab.
The ADS Configuration screen appears.
26. Upload the ad.cer file from the share network folder.
27. Enter the Primary, Secondary DNS and the Root Domain addresses.
28. Click Submit to save the configuration.
To test your configuration, log in as the new user created in the Active Directory structure.
This section contains the following server management and maintenance procedures:
The System Indicator (Locator) LED is located on the front of the server. You can activate the indicator LED in the ELOM. By activating the indicator LED for a particular server, you can identify that server from the many other servers installed in a chassis. Similarly, the Fault LED allows you to quickly identify a server that is in a fault state. You can see the state of the Fault LED, and control the state of the System Indicator LED from the ELOM System Monitoring screens.
|
1. From the main menu, Click the System Monitoring tab.
The System Monitoring submenu tabs appear.
2. Click the Locator Indicator submenu tab.
The System Indicator LED screen appears.
3. Select the appropriate radio button to either turn the LED on or turn it off.
4. Click Submit to change the state of the LED.
|
1. In the main menu, click the System Monitoring tab.
The System Monitoring submenu tabs appear.
2. Click the Fault LED submenu tab.
The Fault LED Control screen appears. The current status of the LED is displayed as either On or Off.
You can control power to the server you are logged-in to by using the Remote Power Control submenu screen. The Remote Power Control screen allows you to power the server off, reset the server, boot to the BIOS setup, or boot to Pc-Check.
|
1. From the main menu, click the Remote Control tab.
The Redirection, Remote Power Control, and Hotkey Setup submenu tabs appear.
2. Click the Remote Power Control submenu tab.
The Power Control screen appears (see FIGURE 4-17).
FIGURE 4-17 The Power Control Screen
3. Click the radio button for the power control option that you need.
The power control choices are:
4. Click Submit to initiate the power control option.
Resetting the BMC is a hard reset. If you are logged in, when the BMC is reset, you will be logged off. You will need to wait a couple of minutes before you can log in again.
|
1. From the main menu, click the Maintenance tab.
The Maintenance submenu tabs appear.
3. Click the Reset BMC button.
The following message appears:
“Please wait for BMC reset then reconnect.”
There are multiple ways to update the SP firmware:
You can also update the common programmable logic device (CPLD):
|
Before you can update the service processor firmware, you must first power off the server. To power off the server using the web GUI, see Controlling Server Power.
2. From the main menu, click the Maintenance tab.
The Maintenance submenu tabs appear.
3. Click the Firmware Upgrade tab.
The Firmware Upgrade screen appears. If you have powered off the server, the Firmware Upgrade screen will appear as shown in FIGURE 4-18.
FIGURE 4-18 the Firmware Upgrade Screen
4. Click the Enter Upgrade Mode button, and follow the upgrade instructions.
The following procedure is rarely used, and should not be done unless instructed by Sun Service personnel. In this procedure you will update the CPLD, using the Firmware Upgrade screen in the web GUI. You will need the latest Tools and Drivers CD or CD ISO image.
|
1. Download the Tools and Driver CD ISO image from:
http://www.sun.com/servers/blades/downloads.jsp
2. Burn a CD from the ISO image, or mount the ISO image.
3. Locate the combined firmware image file firmware/bmc/CPLD_V*.jbc.
4. Save the CPLD_V*.jbc file to a location on your hard drive.
5. Ensure that the host operating system is shut down.
7. From the main menu, click the Remote Control tab.
8. Click Remote Power Control submenu tab.
The Remote Power Control submenu screen appears.
9. Select the Power Off radio button, and click Submit.
10. From the main menu, click the Maintenance tab.
The Maintenance submenu screen appears.
11. Click the Firmware Upgrade tab.
The Firmware Upgrade screen appears (see FIGURE 4-18).
13. Click Browse and select the CPLD_V*.jbc file.
where * is the file version number.
14. Click the Upgrade CPLD button to start the upgrade process.
15. Wait until the upgrade is finished.
16. Power cycle or reset the server to enable the new CPLD to take effect.
| Note - You need to apply AC power to the server for the new CPLD to take effect. Remove and insert the server. |
Should the service processor (BMC) software become corrupted, you can reinstall the default image from the CD. You will need to remove the server from the chassis, and short the connections on jumper block J19 and J44 on the motherboard.
To perform this procedure, you have must have a bootable USB flash device to load files and boot the server module, jumper caps to short the pins on jumper blocks J19 and J44, and a KVM attached to the server module to monitor the recovery process and respond to system prompts.
|
1. Copy all BMC files from the Tools and Drivers CD to a bootable USB flash device.
The BMC files are located in the /firmware/bmc directory, on the Tools and Drivers CD. They consist of:
2. Power off the server gracefully.
| Note - Do not attempt to flash the system while it is still powered on. An unrecoverable error may occur. |
3. Remove the server module from the chassis.
4. Place the server module on an anti-static mat, and remove the top cover.
5. Put on the ESD wrist strap, and attach the grounding cord to the chassis’ bare metal or the chassis grounding post.
6. Locate jumper block J19 and jumper block J44, and use a jumper cap to short the pins (see FIGURE 4-19).
FIGURE 4-19 Location of Jumpers J19 and J44 on the Motherboard.
See the Sun Blade X6450 Server Module Service Manual for the location of jumper blocks J19 and J44.
7. With the pins on jumper block J19 and J44 shorted, remove the wrist strap grounding cord from the chassis, and replace and secure the top cover.
8. Insert the server module into the chassis.
9. Insert the bootable USB flash drive into the USB port.
A message appears on the video console stating that the BMC was not found.
The system takes up to three minutes to boot.
11. Press F8 to get a list of boot devices.
12. Set the USB flash device as the primary boot device, and save and exit.
The server module boots from the USB flash device.
13. When the server finishes booting, run the following command:
socflash.exe SP binary backup file
socflash.exe x6450bmc.bin nbackup.bin
14. After a successful flash, remove the server module from the chassis, and remove the jumper caps from jumper blocks J19 and J44.
15. Insert the server module into the chassis, leaving the system powered off for at least 30 seconds.
16. Power on the system; watch the display, and when prompted, press F2 to enter the BIOS Setup Utility.
17. Verify the status of the BMC and the BMC version in the BIOS Setup Utility under the Server screen.
For more information about the BIOS Setup Utility, see the Sun Blade X6450 Server Module Service Manual.
18. Exit the BIOS Setup Utility.
The Session Time-Out is an inactivity timer. If an open session enters a state of inactivity that exceeds the preset timer, the system will close (log out) the session. This function prevents unauthorized access to the system by providing an automated log-out function. You can also disable the Session Time-Out.
|
1. From the main menu, click the System Information tab.
The Versions, Session Time-Out, and Components submenu tabs appear.
2. Select the Session Time-Out tab.
The Session Time-Out screen appears.
3. Click the Enable Timeout radio button.
a. To disable the timeout function, click the Disable Timeout radio button and go to Step 5.
4. Select a session time from the Session Time drop-down list.
The options are 15 minutes (default), 30 minutes, 1-hour, and 2 hours.
5. Click the Submit button to set the session timeout.
| Sun Blade X6450 Embedded Lights Out Manager Administration Guide | 820-3541-10 |
|
Copyright © 2008, Sun Microsystems, Inc. All Rights Reserved.
To Configure the 
