Servers: ILO 2 Management - feralcoder/shared GitHub Wiki

Up-Links

Public

feralcoder Shared Top Level feralcoder IT IT: My Private Cloud IT: OpenStack Servers

Private

(private) Top Level Wiki (private) Feralcoder IT

Related

Servers: ILO 4 Management Servers: HP Proliant BL460c Gen6 (private) BL460c Gen6 Management (private) BLC7000 Management

ILO 2

Ouch.

ILO Advanced License

60-day key: 34T6L-4C9PX-X8D9C-GYD26-8SQWM

Setup

Initial setup can be done in 3 ways:

  • Via ILO IP override from Onboard Administrator GUI, maybe
    • This will work if ILO is set to DHCP
    • This won't work if ILO is set to static IP
    • Does not allow for Login / Password change (DBL CHECK THIS)
  • Via "connect server X" command in OA CLI
  • Via KVM connection

Setup Via Local CLI

SSH into ILO 2, or connect via Onboard Administrator CLI with "connect server X"

  • If connecting via Onboard Administrator, don't forget the "-oHostKeyAlgorithms=+ssh-dss"!
  • Add user: "create /map1/accounts1 username=admin password=hpinvent group=admin,config,oemhp_vm,oemhp_rc,oemhp_power"
  • Change password: "set /map1/accounts1/admin password=hpinvent"
  • Disable DHCP (ILO will reset): "set map1/dhcpendpt1 EnabledState=no"
  • Set System Name (ILO will reset): "set map1/enetport1 SystemName=merlin"
  • Set IP (ILO will reset): "set map1/enetport1/lanendpt1/ipendpt1 IPv4Address=192.168.1.213 SubnetMask=255.255.255.0"

The IP change is best done from direct SSH or GUI - Onboard Administrator hangs a long time before freeing session after IP change...

Access Problems

Sometimes CLI connections via OA don't work, giving an "CLI Connection Limit" error, even after the blade's been unpowered for a long period. I don't know what causes this, but it may be buggy firmware combined with odd user settings. Here is a fix which has worked for me:

  • Set the Security Override switch (Maintenance Switch #1) to on.
  • Connect to the ILO IP address via WebUI.
    • Upgrade firmware
    • Delete extra users
  • Test now.
  • Reset Security Override switch to off.

Web UI

ILO 2 doesn't support TLS > 1.0. Chrome disables TLS=1.0, and other browsers need massaging.

Use Firefox < v80

  • open about:config
  • set security.tls.version.min=1
  • set security.tls.version.fallback-limit=1
  • add ILO IP to insecure hosts: security.tls.insecure_fallback_hosts=192.168.1.213

Use IE (v1909 works)

  • Click Settings icon
    • Enter Compatibility View Settings
    • Add local ILO address to compatibility list

Upgrade ILO Firmware

Latest Version: 2.33 Filename: hp-firmware-ilo2-2.33-1.1.i386.rpm or CP035238.scexe Download: https://support.hpe.com/hpsc/swd/public/detail?swItemId=MTX_01a3e5da76764ad896b364b31c

This can be done a few ways:

  • via CLI on linux server
  • via Web UI
    • Download CP035238.scexe on Windows
    • Extract scexe using 7-zip
    • Extract the scexe_tmp file again
    • Find ilo2_233.bin file within
    • In the ILO WebUI go to Administration tab
    • Browse to the firmware binary, send to ILO, wait.
    • If update hangs at 99% and then fails, try Firefox

ISSUES: Some versions of firmware fail to finish flashing in IE. The fix is to flash via firefox.

ILO Console

Integrated Remote Console

Use IE (v1909 works)

  • Log in to ILO
  • Start Integrated Remote Console
    • Accept extension installations
  • To enable function keys disable protected mode:
    • From control panel search for "group policy", open
    • Click through to Protected Mode configuration
      • COMPUTER CONFIGURATION > POLICIES > ADMNISTRATIVE TEMPLATES > WINDOWS COMPONENTS > INTERNET EXPLORER > INTERNET CONTROL PANEL > SECURITY PAGE > INTERNET ZONE
      • Enable "TURN ON PROTECTED MODE" (yes, do this to disable...)
      • Disable "PROTECTED MODE"
    • Repeat for INTRANET ZONE
    • Click Settings icon, select Internet Options
      • Open Security tab
      • Uncheck "Enable protected mode"
    • Restart IE

Known Issues

KB Sticky Funkyness: KB press-release codes don't always register. So you may find your alt key is stuck pressed when you go to another window. Hitting Alt doesn't release it, you need to find the offending window, click in it, bang your head on KB, and spill your coffee to fix.

Limited GUI Bandwidth: I don't know the internals, but it seems EI has a bottlenecking critical path for all UI bandwidth. The more ILO 2 consoles you have open, the more the video and input choke, making it more likely you'll miss key press windows on boot, for example.

Also Try Sea Monkey, Pale Moon...

As seen here... https://www.reddit.com/r/homelab/comments/ew75tn/i_dont_know_if_anyone_is_interested_but_i_got_a/

Testing on IE on XP on Hyper-V

IE doesn't work. Can't download Firefox... (private) Windows XP VM

Standalone Remote Console

This doesn't work on ILO 2, returns 404.