Filter
Top Products
Directory-enabled remote management 108
Alternatively, the directory administrator could create a role that grants the login right and restrict it to the
corporate network, then create another role that grants only the server reset right and restrict it to after-
hours operation. This configuration is easier to manage but more dangerous because on-going
administration might create another role that grants users from addresses outside the corporate network
the login right, which could unintentionally grant the LOM administrators in the server Reset role the ability
to reset the server from anywhere, provided they satisfy the time constraints of that role.
The previous configuration meets corporate security policy. However, adding another role that grants the
login right can inadvertently grant server reset privileges from outside the corporate subnet after hours. A
more manageable solution would be to restrict the Reset role, as well as the General Use role.
Using bulk import tools
Adding and configuring large numbers of LOM objects is time consuming. HP provides several utilities to
assist in these tasks. Below is a brief description of the utilities available.
• HP Lights-Out Migration Utility
The HP Lights-Out Migration utility, HPQLOMIG.EXE, imports and configures multiple LOM devices.
HPQLOMIG.EXE includes a GUI that provides a step-by-step approach to implementing or upgrading
large numbers of management processors. HP recommends using this GUI method when upgrading
numerous management processors. For more information, refer to the "Lights-Out directories
migration utilities (on page 113)" section.
• HP Lights-Out Migration Command Utility
The HP Lights-Out Migration Command utility, HPQLOMGC.EXE, offers a command-line approach to
migration, rather than a GUI-based approach. This utility works in conjunction with the Application
Launch and query features of Systems Insight Manager to configure many devices at a time.
Customers that must configure only a few LOM devices to use directory services might also prefer the
command-line approach. For more information, refer to the "Lights-Out directories migration utilities
(on page 113)" section.
• Systems Insight Manager can:
• Manage multiple LOM devices.
• Discover the LOM devices as management processors using CPQLOCFG to send a RIBCL XML
script file to a group of LOM devices to manage those LOM devices. The LOM devices perform
the actions designated by the RIBCL file and send a response to the CPQLOCFG log file. For
more information, refer to the "Group administration and RILOE II scripting ("Group
administration using the Lights-Out Configuration Utility" on page 125)" and the "Remote Insight
command language (on page 138)" sections in the HP Integrated Lights-Out Management
Processor Scripting and Command Line Resource Guide.
• Traditional Import Utilities
Administrators familiar with tools such as LDIFDE or the NDS Import/Export Wizard can use these
utilities to import or create many LOM device objects in the directory. However, administrators must
still configure the devices manually, as described previously, but can do so at any time.