Skip to content

Configuring iLO2 on an HP Server

April 28, 2014

Was passed a query the other day where the login details for an iLO2 (HP DL360 G5, iLO FW – 1.61, 31/8/08) had been forgotten (……..). This sort of thing beefs me and it shouldn’t be difficult to keep a track of these things, but politics aside, the issue was there. The server had become unresponsive some days earlier and further confusion and disorganization led to a right old faff overnight.

So, how to reset? Well, coming to the server now, it’s up. Downtime is generally undesirable in a production environment, whether planned or planned, five 9’s and all that. I could simply bounce the server and F8 into the iLO configuration at boot, but this is downtime. It’s to be expected this method should be used at initial build and implementation time, but this was quite obviously a server that had been whirring away for years. HP do provide a GUI utility to provide this exact required functionality (http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetails/?sp4ts.oid=1135772&spf_p.tpst=swdMain&spf_p.prp_swdMain=wsrp-navigationalState%3Didx%253D%257CswItem%253DMTX_e958118899b649d88441609f3f%257CswEnvOID%253D4064%257CitemLocale%253D%257CswLang%253D%257Cmode%253D%257Caction%253DdriverDocument&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken), and while on site the other night, I ran the installer which ran through without issue. You need to look in the ‘Installation Instructions’ to see that it does have a GUI part to it, it doesn’t seem to be mentioned elsewhere. I wasn’t aware the utility had previously been installed and was presented with a dialogue box asking whether I wanted to update to the latest version. Yes. It’s worth noting the majority of the utilities add a Start menu entry on installation, but this one hadn’t. It installs to <system drive>:\Program Files\HP\hponcfg, hponcfg.exe being the command-line part and hponcfg_gui.exe being the GUI-based version. Fantastic, let’s do it and get home. Apart from the fact that although the utility itself does not require a reboot, it does need ‘one of the following versions of the .NET Framework : v2.0.50727’. Ah, more downtime. As this was a LOB server, I stopped at this point. Always a good tip, work as far as you have agreed to and if thrown a curve ball like this, stop, go home, and rearrange stuff the next day.

I’m now left with the command line version of the utility… A quick Google reveals it works from importing .xml files, not my strong point. No-one seems to give much of an explanation as to the step through key-presses to sort this, so I spend around an hour going over the pdf that explains it all : http://h10032.www1.hp.com/ctg/Manual/c03351064.pdf, the iLO 2 Scripting and Command-Line Guide. A quality read for the beach, I can assure you. But it’s still not made clear enough for a dunce like me. I did then find this : http://community.spiceworks.com/how_to/show/2931-reset-hp-ilo-2-password-without-server-reboot. My appreciation to the writer, it made it straight-forward enough to do. Everything else points to changing the user login details once you’re logged in with something, but I couldn’t. I could get local access to the server’s console though so could run the utility. I did take away from the write-up that it’s a safer option, certainly in my situation, to create a new dummy user with adequate rights, log in with that and then do any required admin. This leaves you with some flexibility in case of problems. I created a temp user with admin rights, logged in, created the correct user, logged out, tested access with the correct user, and then with that login, deleted the temp user.

Something I didn’t find at all until this article is the HP Lights-Out XML Scripting Sample for Windows (Google and download it). This .zip file contains 72 files, most of which are .xml templates to perform various functions. This makes it infinitely easier for a non-coder like me to get things done. When the HPONCFG tool runs, it applies either an entire .xml file to the iLO, or a portion of a complete config. So I used ‘Add_User.xml’, opened it in Notepad, amended the various required fields, and wrote it with the utility. It’s funny, looking at the list of files now will make a Powershell ninja chuckle, most of these files are pre-fixed with GET, SET or MOD, it’s the verb-noun syntax 🙂 The GET_ files, for example, should be good for programmatically pulling back server hardware details, very interesting.

And there we have it, a little extra effort and a server reboot avoided. Takeaways?

Build servers properly in the first place (grrrr). Yes, use the PSP or Intelligent Provisioning as it is now. But check the driver and download page for the product in question, and check that these useful little utilities are installed and readily available. The major bonus of expensive enterprise-class server equipment is the supportability and hopefully up-time of the device. This can become limited when you realize you need a certain tool, and it hasn’t been installed, or won’t run without a reboot-requiring patch or whatever. I’ve heard of the scenario where, although unlikely and unrealistic, customers refuse to allow a server to be downed for trouble-shooting, and in this extreme, it’s too late.

Keep tools and firmware (and drivers) up to date. Create a schedule for planned maintenance and regularly check for updates to these things. Even if you’re a shop that doesn’t do these updates on the basis that if it ain’t broke, don’t fix it, at least document updates available so that if you see this or that problem, you have a fix to hand. A test environment certainly helps here, but good backups go a long way to reducing risk. It’s not uncommon to see considerable performance and stability increases from a simple driver update.

Test tools and diagnostic pages regularly to make sure they work. It’s usually when something’s on fire that you need a tool that worked two years ago but is not now. Regular OS patching, and absolutely critical and unavoidable process, might result in a tool ceasing to work, a later version will normally accommodate such changes.

The final note has to be documentation. The ultimate from this perspective would be a pro-active team who ensure everything is kept up-to-date as a scheduled and pro-active action. Regularly testing iLO logins etc. Ensuring that documentation is kept current is a huge battle, and can depend on how quickly your environment runs and changes. But it’s SO worth while trying, even if it’s a lever-arch file in a locked cupboard. You never know when you might need that obscure password. In a hurry. 🙂

Advertisements

From → Uncategorized

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: