beautypg.com

Tpm support, User accounts and access, Tpm support user accounts and access – HP Integrated Lights-Out 4 User Manual

Page 63

background image

iLO, if disabled when the switch is set, does not log out the user and complete the disable
process until the power is cycled on the server.

The boot block is exposed for programming.

A warning message is displayed on iLO web interface pages, indicating that the switch is
currently in use.

An iLO log entry records the use of the switch.

When iLO boots after you set or clear the iLO Security Override Switch, an SNMP alert is sent if
an SNMP Alert Destination is configured.

Setting the iLO Security Override Switch enables you to flash the iLO boot block. HP does not
anticipate that you will need to update the boot block. However, if an update is required, you must
be physically present at the server to reprogram the boot block and reset iLO. The boot block is
exposed until iLO is reset. For maximum security, HP recommends disconnecting iLO from the
network until the reset is complete. You must open the server enclosure to access the iLO Security
Override Switch.

To set the iLO Security Override Switch:
1.

Power off the server.

2.

Set the switch.

3.

Power on the server.

Reverse this procedure to clear the iLO Security Override Switch.

The iLO Security Override Switch uses switch #1 on the DIP switch panel. For information about
accessing the iLO Security Override Switch, see the server documentation or use the diagrams on
the server access panel.

TPM support

A TPM is a computer chip that securely stores artifacts used to authenticate the platform. These
artifacts can include passwords, certificates, or encryption keys. You can also use a TPM to store
platform measurements to make sure that the platform remains trustworthy.

On a supported system, iLO decodes the TPM record and passes the configuration status to iLO,
the CLP, and the XML interface. The iLO Overview page displays the following TPM status
information:

Not Supported—A TPM is not supported.

Not Present—A TPM is not installed.

Present—This indicates one of the following statuses:

A TPM is installed but is disabled.

A TPM is installed and enabled.

A TPM is installed and enabled, and Expansion ROM measuring is enabled. If Expansion
ROM measuring is enabled, the Update Firmware page displays a legal warning message
when you click Upload.

User accounts and access

iLO supports the configuration of up to 12 local user accounts. Each account can be managed
through the following features:

Privileges

Login security

You can configure iLO to use a directory to authenticate and authorize its users. This configuration
enables an unlimited number of users and easily scales to the number of iLO devices in an enterprise.

Configuring iLO security

63

See also other documents in the category HP Computer Accessories: