Remote console computer lock – HP Integrated Lights-Out 2 User Manual

import a server certificate, or directly install a server certificate. For more information, see

“Adding HP SIM trusted servers” (page 56)

.

The server table displays a list of registered HP SIM servers with the status of each. The actual
number of systems allowed depends on the size of the stored certificate data.

Although a system might be registered, SSO might be refused because of the current trust level
or certificate status. For example, if an HP SIM server name is registered and the trust level is
set to Trust by Certificate, SSO is not allowed from that server. Likewise, if an HP SIM server
certificate is imported, but the certificate has expired, SSO is not allowed from that server.
Additionally, the records are not used when SSO is disabled. iLO 2 does not enforce SSO
server certificate revocation.

— Status – Indicates the status of the record (if any are installed).

— Description – Displays the server name (or certificate subject). A thumbnail of a certificate

indicates that the record contains a stored certificate.

— Actions – Displays the actions you can take on a selected record. The actions displayed

depend on the type and number of records installed:

◦

Remove Name – Removes the server name record.

◦

Remove Certificate – Removes the certificate record.

Remote Console Computer Lock

Remote Console Computer Lock enhances the security of an iLO 2 managed server by automatically
locking an operating system, or logging out a user when a remote console session terminates or
the network link to iLO 2 is lost. Unlike Remote Console or Integrated Remote Console, this feature
is standard and does not require an additional license. As a result, if you open a Remote Console
Session or an Integrated Remote Console window and have this feature configured, it will lock the
operating system when the window is closed even if additional feature licenses are not installed.

You can view and configure the Remote Console Computer Lock settings through the Administration
or Remote Console tabs in the iLO 2 interface. The Remote Console Computer Lock feature is
disabled by default.

To change the Remote Console Computer Lock settings:

1.

Log in to iLO 2 using an account that has the Configure iLO 2 Settings privilege.

2.

Click Administration>Security>Remote Console. The Computer Lock Settings page appears.

3.

Modify the settings as required:
•

Windows – Use this option to configure iLO 2 to lock a managed server running a
Windows operating system. The server automatically displays the Computer Locked dialog
box when a remote console session is terminated or the iLO 2 network link is lost.

•

Custom – Use this option to configure iLO 2 to use a custom key sequence to lock a
managed server or log out a user on that server. You can select up to five keys from the
list. The selected key sequence is automatically sent to the server operating system when
a remote console session is terminated or the iLO 2 network link is lost.

•

Disabled – Use this option to disable the Remote Console Computer Lock feature.
Terminating a remote console session or losing an iLO 2 network link does not lock the
managed server.

58

Configuring iLO 2