Invalid HMAC Value

If you see the message Invalid HMAC value on the SPARC console shortly after booting a SPARC client, and the system returns to the ok prompt, one of the following conditions caused the problem:

• The client is secured by authentication, but you have not set the OBP keys. The solution is to set the OBP keys in the client firmware. For information about authentication, see Overview of Securing Automated Installations.

• The client's install service has a policy requiring client authentication, but no credentials applicable to the client have been assigned. Be sure that there are credentials available for all clients of services with policy require-client-auth.

The following steps show how to identify the problem.

1. Verify that security hasn't been disabled for the AI server. Use installadm list -sv to see if security is enabled.

2. Verify that security hasn't been disabled for the client's install service. Use installadm list -vn svcname to see if security not disabled.

3. If the client is using custom credentials, use installadm list -ve macaddr to obtain the firmware key values.

4. If the client is not a custom client, use installadm list -vn default-sparc to see if there are any firmware keys defined for the default-sparc service.

5. Check the policy of the client's service with installadm list -vn svcname.

6. If there are no credentials for the default-sparc service, look for default client credentials using the installadm list -sv command. If there are default client credentials, then use the firmware keys listed for the default client.

7. If there are no default client credentials, use installadm list -vn default-sparc to see if the service policy is set to require-server-auth. If so, use the firmware keys listed for the default client in installadm list -sv.