beautypg.com

Password guidelines, Securing rbsu, Ilo 2 security override switch administration – HP Integrated Lights-Out 2 User Manual

Page 42: Ilo 2 security override

background image

Password guidelines

The following is a list of recommended password guidelines. Passwords must:

Never be written down or recorded

Never be shared with others

Not be words generally found in a dictionary, or easy to guess words, such as the company
name, product names, the user's name, or the user's User ID

Include at least three of the four following characteristics:

At least one numeric character

At least one special character

At least one lowercase character

At least one uppercase character

Passwords issued for a temporary user ID, password reset, or a locked-out user ID must also conform
to these standards. Each password must be a minimum length of zero characters and a maximum
length of 39 characters. The default minimum length is set to eight characters. Setting the minimum
password length to fewer than eight characters is not recommended unless you have a physically
secure management network that does not extend outside the secure data center.

Securing RBSU

iLO 2 RBSU enables you to view and modify the iLO 2 configuration. RBSU access settings can
be configured using RBSU, a web browser, RIBCL scripts, or the iLO 2 Security Override Switch.
For more information, see

“Access options” (page 38)

. RBSU has three levels of security:

RBSU Login Not Required (default)

Anyone with access to the host during POST can enter the iLO 2 RBSU to view and modify
configuration settings. This is an acceptable setting if host access is controlled.

RBSU Login Required (more secure)

If RBSU login is required, then the active configuration menus are controlled by the authenticated
user's access rights.

RBSU Disabled (most secure)

If iLO 2 RBSU is disabled, user access is prohibited. This prevents modification using the RBSU
interface.

iLO 2 Security Override Switch administration

The iLO 2 Security Override Switch allows the administrator full access to the iLO 2 processor.
This access might be necessary for any of the following conditions:

The iLO 2 firmware must be re-enabled after it has been disabled.

All user accounts with the Administer User Accounts privilege have been locked out.

A bad configuration keeps the iLO 2 from displaying on the network and RBSU has been
disabled.

The boot block must be flashed.

Ramifications of setting the Security Override Switch include:

All security authorization checks are disabled while the switch is set.

The iLO 2 firmware RBSU runs if the host server is reset.

The iLO 2 firmware is not disabled and might display on the network as configured.

42

Configuring iLO 2

See also other documents in the category HP Computer Accessories: