HP (Hewlett-Packard) 232664-006 Network Card User Manual

Open as PDF

of 205

Scripting, command line, and utility options 170

GET_TWOFACTOR_SETTINGS parameters

None

GET_TWOFACTOR_SETTINGS runtime errors

None

GET_TWOFACTOR_SETTINGS return messages

Starting with RILOE II 1.20, users can be authenticated with a digital certificate. Depending on the RILOE

II Two-Factor Authentication settings, the response to GET_TWOFACTOR_SETTINGS will contain different

data.

Examples of GET_TWOFACTOR_SETTINGS return messages are:

Example of a Two-Factor Authentication settings return message with default settings:

<GET_TWOFACTOR_SETTINGS>

<AUTH_TWOFACTOR_ENABLE VALUE="N"/>

<CERT_REVOCATION_CHECK VALUE="N"/>

<CERT_OWNER_SUBJECT/>

</GET_TWOFACTOR_SETTINGS>

Example of a Two-Factor Authentication settings return message when SAN field in the certificate for

directory authentication is enabled:

<GET_TWOFACTOR_SETTINGS>

<AUTH_TWOFACTOR_ENABLE VALUE="Y"/>

<CERT_REVOCATION_CHECK VALUE="N"/>

<CERT_OWNER_SAN/>

</GET_TWOFACTOR_SETTINGS>

MOD_TWOFACTOR_SETTINGS

The MOD_TWOFACTOR_SETTINGS command is used modify the Two-Factor Authentication settings on

the RILOE II. For this command to parse correctly, the MOD_TWOFACTOR_SETTINGS command must

appear within a RIB_INFO command block, and RIB_INFO MODE must be set to write. You must have the

configure RILOE II privilege to execute this command. Changing the value of

AUTH_TWOFACTOR_ENABLE will cause the RILOE II to reset in order for the new setting to take effect.

NOTE: The GET_TWOFACTOR_SETTINGS and MOD_TWOFACTOR_SETTINGS commands are supported

with iLO firmware version 1.80 and above and with iLO 2 firmware version 1.10 and above. iLO 1.80

requires CPQLOCFG version 2.24, and iLO 1.10 requires CPQLOCFG version 2.25.

A Trusted CA Certificate is required for Two-Factor Authentication to function. The RILOE II will not allow

the AUTH_TWOFACTOR_ENABLE setting to be set to Yes if a Trusted CA certificate has not been

configured. Also, a client certificate must be mapped to a local user account if local user accounts are

being used. If the RILOE II is using directory authentication, client certificate mapping to local user

accounts is optional.

To provide the necessary security, the following configuration changes are made when Two-Factor

Authentication is enabled:

• Remote Console Data Encryption: Yes (This will disable telnet access)

• Enable Secure Shell (SSH) Access: No

• Serial Command Line Interface Status: Disabled

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

HP (Hewlett-Packard) 232664-006 Network Card User Manual