Trusted platform module support, User accounts and access – HP Integrated Lights-Out User Manual
Page 45
Configuring iLO 2 45
Setting the iLO 2 Security Override Switch also enables you to flash the iLO 2 boot block. HP does not
anticipate that you will need to update the iLO 2 boot block. If an iLO 2 boot block update is ever
required, physical presence at the server will be required to reprogram the boot block and reset iLO 2.
The boot block will be exposed until iLO 2 is reset. For maximum security, HP recommends that you
disconnect the iLO 2 from the network until the reset is complete. The iLO 2 Security Override Switch is
located inside the server and cannot be accessed without opening the server enclosure.
To set the iLO 2 Security Override Switch:
1.
Power off the server.
2.
Set the switch.
3.
Power on the server.
Reverse the procedure to clear the iLO 2 Security Override Switch.
Depending on the server, the iLO 2 Security Override Switch might be a single jumper or a specific switch
position on a dip switch panel. To access and locate the iLO 2 Security Override Switch, refer to the
server documentation. The iLO 2 Security Override Switch can also be located using the diagrams on the
server access panel.
Trusted Platform Module support
TPM is a hardware based system security feature. It is a computer chip that securely stores artifacts used
to authenticate the platform. These artifacts can include passwords, certificates, or encryption keys. You
can also use a TPM to store platform measurements to help ensure that the platform remains trustworthy.
iLO 2 provides support for the TPM mezzanine module in ProLiant 100 and ProLiant 300/500 series
servers.
On a supported system, iLO 2 decodes the TPM record and passes the configuration status to iLO 2, CLP,
and XML interface. The System Status page displays the TPM configuration status. If the host system or
System ROM does not support TPM, TPM Status is not displayed in Status Summary page. The Status
Summary displays the following TPM status information:
•
Not Present—A TPM module is not installed.
•
Present—when:
o
A TPM module is installed but it is disabled.
o
A TPM module is installed and enabled.
o
A TPM module is installed, enabled, and Expansion ROM measuring is enabled. If Expansion
ROM measuring is enabled, the Update iLO 2 Firmware page displays a legal warning message
when you click Send firmware image.
User accounts and access
iLO 2 supports the configuration of up to 12 local user accounts. Each of these accounts can be managed
through the use of the following features:
•
•
iLO 2 can be configured to use a directory to authenticate and authorize its users. This configuration
enables a virtually unlimited number of users, and easily scales to the number of Lights-Out devices in an
enterprise. Additionally, the directory provides a central point of administration for Lights-Out devices and