SPARC Enterprise M3000/M4000/M5000/M8000/M9000
Contents
1. uni n3g2 F5Ftnjg M4Ht zT6VwEhGO1FGP41ImqkKg SS END CERTIFICATE REQUEST Chapter 2 Setting Up XSCF 2 117 4 Send the copied CSR to the CA and request the web server certificate 5 Perform the sethttps 8 command with option for import Then copy and paste the signed web server certificate in the window Please press Enter and press the Ctrl and D keys Then the importing is completed XSCF gt sethttps c importca Please import a certificate SSeS BEGIN CERTIFICATE MIIDATCCAt 6gAwI BAgI BATANBgkqhkiG9w0BAQOQFADCBgTELMAkGA1UEBhMCamox R OpXAVOvb2tjIn3k099dq tbegECo4mwknW1t7QI7A1BkcW2 MkOo1IRa6iP1ZwgJ oPmwAbrGyAvGUtdzUoy1IH0j 17dRQrVIRA meen END CERTIFICATE lt Press Ctrl and D keys gt 6 Use the sethttps 8 command to enable https XSCF gt sethttps c enable Continue y n y Please reset the XSCF by rebootxscf to apply the https settings 7 Use the rebootxscf 8 command to reset the XSCF XSCF gt rebootxscf The XSCF will be reset Continue y n y m After the XSCF reset the XSCF session is disconnected Please log in again to the XSCF 8 Access the XSCF Web specifying the https form client In the window please check that the security warning dialog is not displayed or confirm whether the certificate is correct 2 118 SPARC Enterprise Mx000 Servers XSCF User s Guide Jan2. This code is hereby placed in the public domain THIS SOFTWARE IS PROVIDED BY THE AUTHORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE o Copyright c 1983 1990 1992 1993 1995 The Regents of the University of California All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 All advertising materials mentioning features or us
3. Chapter 2 Setting Up XSCF 2 103 5 Use the poweron 8 command to turn on power to all domains XSCF gt poweron a DomainIDs to power on 00 01 02 03 Continue y n y 00 Powering on 01 Powering on 02 Powering on 03 Powering on Note This command only issues the instruction to power on The result of the instruction can be checked by the showlogs power XSCF gt 6 Use the showdateoffset 8 command to confirm no difference between the XSCF time and the domain time XSCF gt showdateoffset a DID Domain Date Offset 00 0 sec 01 0 sec 02 0 sec 03 0 sec 7 Use the Oracle Solaris OS date 1M command to display the domain time and use the showdate 8 command to display the XSCF time Then confirm that the domain time is the same as the XSCF time 2 2 7 SSH Telnet Administration The SSH telnet administration settings are used to specify the SSH and telnet settings required to use the XSCF Shell terminal or domain console with an XSCF LAN connection For the server specify enable disable for each of SSH and telnet setting including the SSH access control from domain the SSH host key and the automatic timeout period after login Also install an SSH user public key to XSCF TABLE 2 12 lists terms used in SSH telnet Administration 2 104 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 2 12 SSH Telnet Administration Terms Term Descript
4. strnatcmp c Perform natural order comparisons of strings in C Copyright C 2000 by Martin Pool lt mbp humbug org au gt This software is provided as is without any express or implied warranty In no event will the authors be held liable for any damages arising from the use of this software Permission is granted to anyone to use this software for any purpose including commercial applications and to alter it and redistribute it freely subject to the following restrictions 1 The origin of this software must not be misrepresented you must not claim that you wrote the original software If you use this software in a product an acknowledgment in the product documentation would be appreciated but is not required 2 Altered source versions must be plainly marked as such be misrepresented as being the original software and must not 3 This notice may not be removed or altered from any source distribution y Copyright c 2002 2006 Asim Jalis This library is released under the zlib libpng license as described at http www opensource org licenses zlib license html Here is the statement of the license This software is provided as is warranty In no event will the authors be held liable for any damages arising from the use of this software without any express or implied Permission is granted to anyone to use this software for any purpose including commercial applica
5. RSA Data Security Inc makes no representations concerning either the merchantability of this software or the suitability of this software for any particular purpose warranty of any kind It is provided as is without express or implied These notices must be retained in any copies of any part of this documentation and or software gt I install install a program script or datafile This comes from X11R5 mit util scripts install sh Copyright 1991 by the Massachusetts Institute of Technology PEE Permission to use distribute and sell this software and its copy modify documentation for any purpose is hereby granted without fee provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation and that the name of M I T pertaining to distribution of the software without specific written prior permission Mero Te makes no representations about the suitability of this software for any purpose not be used in advertising or publicity It is provided as is without express or implied warranty PCRE LICENCE PCRE is a library of functions to support regular expressions whose syntax and semantics are as close as possible to those of the Perl 5 language Written by Philip Hazel lt ph10 cam ac uk gt University of Cambridge Computing Service Cambridge England Phone
6. 2 16 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 2 2 lists setting items and the corresponding shell commands To complete the network settings the XSCF reset is required Reset the XSCF by using the rebootxscf 8 command After the XSCF is reset the XSCF session is disconnected Please log in again to the XSCF TABLE 2 2 Network Configuration Item Description Shell Command Remarks Display network Displays XSCF network interfaces shownetwork If the XSCF Unit is Also displays the following network status showdscp redundant the e Number of bytes of the receive queue connection status of the other side is not buffer Jieslaved ayed e Number of bytes of the send queue buffer i e Local address and port e Host address and Socket port number Enable disable Enables or disables an XSCF network setnetwork e When the XSCF network interface see TABLE 2 1 setdscp Unit is a dundant IP address Specifies the following IP address of the taal petal XSCF network interfaces see TABLE 2 1 of IP address of e One or both of the XSCF LAN ports ISN are the e DSCP following e ISN Takeover IP address if a redundant XSCF 0 192 168 1 1 XSCF Unit is used XSCF 1 192 168 1 2 netmask Sets a netmask for an XSCF network e No default interface setting has been specified for the other interfaces e You can use a single LAN port for XSCF LAN For network connection examples see Chapter 3 e You can remove
7. Archiving state Disabled Archive host Not configured Archive directory Not configured User name for ssh login Not configured 2 Use the setarchiving 8 command to set the log archiving target lt Example gt Specify a user name host name directory and password XSCF gt setarchiving t foo example com var logs xx r Enter ssh password for foo example com Xxxxxxx 3 Use the setarchiving 8 command to make an enable or disable selection for the log archiving function XSCF gt setarchiving enable Chapter 2 Setting Up XSCF 2 129 4 Use the showarchiving 8 command to confirm the settings XSCF gt showarchiving Archiving Configuration Archiving state Enabled Archive host example com Archive directory var logs xx User name for ssh login foo Specifying the Host Public Key for the Archive Host Command operation 1 Use the showarchiving 8 command to display the log archiving settings XSCF gt showarchiving v Archiving Configuration Archiving state Enabled Archive host example com Archive directory var logs this xscf xx User name for ssh login foo Archive host public key Server authentication disabled Archive host fingerprint Server authentication disabled Connection to Archive Host Latest communication 2
8. SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 exit The exit 1 command ends the XSCF Shell version The version 8 command displays the comprehensive firmware version XCP version see Note of the XSCF firmware and POST OpenBoot PROM firmware The system administrator can display version information when upgrading firmware Note XCP XSCF Control Package that includes the programs which control the hardware components making up a computer system 5 9 View XSCF Shell Error Messages TABLE 5 2 lists the typical messages from each XSCF Shell command TABLE 5 2 Error Messages of XSCF Shell Commands Message Meaning Invalid parameter An abnormal parameter error has occurred Operation failed Abnormal end Permission denied An execution authority error has occurred Operation not supported on this system Unsupported function Operation interrupted Processing interruption from user The current configuration does not support this Abnormal configuration operation A hardware error occurred Please check the error log A hardware error has occurred for details An internal error has occurred Please contact your An XSCF internal error has occurred system administrator Note The error message depends on the command Therefore you will occasionally see more messages Chapter 5 Overview of the XSCF Shell 5 19 CHAPTER 6 XSCEF Mail Function This chapter
9. TABLE 8 3 Logs Containing Fault Information Output Display Destination Size Standard Storage Period Type Description Entry Size Archiving Reference Method Fault Log for error events About 200 Domain XSCF e fmdump 8 management notifications and faults generations Amount for about 1 month fmdump 1M log FM log occurred in server Variable len The display form of the log is 8th interchangeable on the Oracle Archived Note Solaris OS XSCF error log Log for error events About 200 Domain XSCF e showlogs 8 notifications and faults generations Amount for about 1 month XSCF Web occurred in server Variable len Archived Log information is the same as 8th the FM log The display form of the log is peculiar to the platform System log Log for recording output Domain Oracle Solaris Oracle Solaris OS messages If OS commands a failure occurs an outline of are used to refer the failure is output to the logs Monitor Log for recording messages 512KB XSCF e showlogs 8 message log from the XSCF firmware About 10000 reporting abnormalities lines e XSCF Web Note Archived Indicates log entries are replicated backed up on the archive host if log archiving is enabled The logs displayed by the Oracle Solaris OS commands are not archived Chapter 8 Upgrade of XSCF Firmware and Maintenance 8 25 Other Logs TABLE 8 4 outlines other logs collected for XSCF log information
10. XSCF gt showldapssl server Primary Server address 10 18 76 230 port 4041 XSCF gt showldapssl server i Alternate Server 1 address 10 18 76 231 port 0 Alternate Server 2 address none port 0 Alternate Server 3 address none port 0 Alternate Server 4 address none port 0 Alternate Server 5 address none port 0 Enabling or Disabling the Usermapmode Command operation 1 Use the showldapss1 8 command to display the usermapmode status XSCF gt showldapss1l usermapmode disabled state enabled strictcertmode disabled timeout 4 logdetail none 2 Use the setldapss1 8 command to enable or disable the usermapmode lt Examplel gt Enable the usermapmode XSCF gt setldapssl usermapmode enable lt Example2 gt Disable the usermapmode XSCF gt setldapssl usermapmode disable Chapter 2 Setting Up XSCF 2 77 3 Use the showldapss1 8 command to confirm the usermapmode status XSCF gt showldapss1l usermapmode enabled state enabled strictcertmode disabled timeout 4 logdetail none Configuring or Clearing the Usermap a Command operation 1 Use the showldapss1 8 command to display the configuration of the usermap XSCF gt showldapssl usermap attributeInfo none binddn none bindpw none searchbase none 2 Use the setldapss1 8 command to configure the usermap lt Examplel gt Configures the att
11. XSCF gt showntp m prefer off localaddr 0 XSCF gt showntp a server ntpl red com server ntp2 blue com Note The setting of the prefer by setntp 8 command is supported only on M3000 M4000 M5000 M8000 M9000 servers that run certain versions of XCP firmware beginning with XCP 1082 Chapter 2 Setting Up XSCF 2 99 Changing Stratum Value for XSCF Command operation 1 Use the showntp 8 command to display the stratum value for the XSCF network XSCF gt showntp s stratum 5 2 Use the setntp 8 command to change a stratum value lt Example gt Set 7 as stratum value for XSCF network XSCF gt setntp c stratum i 7 Please reset the XSCF by rebootxscf to apply the ntp settings When you use the setntp 8 command to specify the stratum value execute the rebootxsc 8 command to apply the specified configuration and reset the XSCF 3 Use the showntp 8 command to confirm the stratum value change XSCF gt showntp s stratum 7 Changing a Clock Address of Local Clock for XSCF Command operation Use the showntp 8 command to display the clock address of the XSCF s own local clock XSCF gt showntp m prefer on localaddr 0 XSCF gt showntp 1 remote refid st t when poll reach delay offset jitter 192 168 0 27 192 168 1 56 2 nit 27 64 377 12 929 2 756 1 993 192 168 0 57 192 168 1 86 2u 32 64 377 13 030 2 184 94 421 127
12. TABLE 2 18 lists terms used in log archiving administration TABLE 2 18 Log Archiving Administration Terms Term Description Log archiving Function that saves the log information stored on an XSCF to another host Archive host Host to which logs are saved Archive directory Directory in the archive host to which logs are saved TABLE 2 19 lists setting items and the corresponding shell commands TABLE 2 19 Log Archiving Administration Item Description Shell Command Remarks Display log Displays the following log archiving showarchiving archiving information information e Log archiving settings e Status of a connection to the archive host e Space consumed by archives on the archive host Enable Enables or disables the log archiving function setarchiving Disable log archiving function Archive Sets the archive target as follows setarchiving To specify the target with target e Name or IP address of the archive host the command specify e User name used for ssh login to the archive user name host host name H directory name e Archive directory name Chapter 2 Setting Up XSCF 2 127 TABLE 2 19 Log Archiving Administration Continued Item Description Shell Command Remarks Password Sets a password used for ssh login to the setarchiving The password is used for archive host the ssh login Host public Sets a public key used in server authentication setarchiving e To specify a public key
13. This product includes software developed by the University of California Berkeley and its contributors 4 Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE ORIGINAL LICENSE This software is c Copyright 1992 by Panagiotis Tsirigotis The author Panagiotis Tsirigotis grants permission to use copy and distribute this software and its documentation for any purpose and without fee distribution is not removed from files included in any redistribution and that this copyright notice is also included in any redi
14. Command operation 1 Use the showsnmp 8 command to display SNMP settings XSCF gt showsnmp 2 Use the set snmp 8 command to disable the trap destination host of the SNMPv3 target XSCF gt setsnmp remv3traphost u yyyyy host3 3 Use the showsnmp 8 command to confirm that the trap destination host has been disabled XSCF gt showsnmp 2 138 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Enabling Disabling the SNMPv1 and SNMPv2c Communication Command operation 1 Use the showsnmp 8 command to display SNMP settings XSCF gt showsnmp 2 Use the setsnmp 8 command to enable the SNMPv2c agent lt Example 1 gt Enable SNMPv1 and SNMPv2c XSCF gt setsnmp enableviv2c public lt Example 2 gt Disable SNMPv1 and SNMPv2c XSCF gt setsnmp disableviv2c 3 Use the setsnmp 8 command to enable the SNMP agent XSCF gt setsnmp enable 4 Use the setsnmp 8 command to confirm enabling disabling of the SNMP XSCF gt showsnmp Setting the SNMPv1 and SNMPv2c Trap Command operation 1 Use the showsnmp 8 command to display the SNMP settings XSCF gt showsnmp 2 Use the setsnmp 8 command to set the SNMPv1 or SNMPv2c trap lt Example 1 gt Specifying the type for SNMPv2c XSCF gt setsnmp addtraphost t v2 s public host2 lt Example 2 gt Specifying the type for SNMPv1 XSCF gt se
15. lt Example gt Enable Memory Mirror mode on PSB 00 XSCF gt setupfru m y sb 00 3 Use the showfru 8 command to confirm the setting of memory mirror mode XSCF gt showfru a sb Device Location XSB Mode sb 00 Quad sb 01 Uni sb 02 Uni Memory Mirror Mode Yes No No Chapter 2 Setting Up XSCF 2 177 22 l3 2 178 4 Use the testsb 8 command to check the PSB then check the results by using the showboards 8 command XSCF gt testsb 0 Initial diagnosis is about to start Continue y n y Initial diagnosis is executing Initial diagnosis has completed XSB Test Fault 00 0 Passed Normal 00 1 Passed Normal 00 2 Passed Normal 00 3 Passed Normal XSCF gt showboards va XSB R DID LSB Assignment Pwr Conn Conf Test Fault COD 00 0 SP Unavailable n n n Passed Normal n 00 1 SP Unavailable n n n Passed Normal n 00 2 SP Unavailable n n n Passed Normal n 00 3 SP Unavailable n n n Passed Normal n 01 0 SP Unavailable n n n Unknown Normal n 02 0 SP Unavailable n n n Unknown Normal n Domain Mode Configuration Domain mode configuration is used to specify the initial hardware diagnostic level enables or disables break signal suppression enables or disables host watchdog enables or disables automatic boot and CPU operational mode for the specified domain You may want to suppress some functions for a domain during system operation or maintenance For example during system mai
16. 15 00 0 01 0 02 0 15 0 00 0 00 1 00 2 00 3 01 0 01 1 01 2 01 3 02 0 02 1 02 2 02 3 15 0 15 1 15 2 15 3 Independent values 00 to 15 can be arbitrarily specified in a domain TABLE 2 26 lists DCL information The DCL has descriptors that each specify one item of LSB information Up to 16 items of LSB information on the DCL can be set for one domain These items can be displayed and specified by showdc1 8 and setdc1 8 For details on DCL terms see TABLE 2 23 TABLE 2 26 DCL Information DCL Item Setting Details and Notes Domain ID Local domain number LSB number LSB number XSB number XSB number assigned to an LSB The same XSB number cannot be assigned to another LSB in the same domain no mem True Memory cannot be used Omit memory option no io Omit I O option False Memory can be used default True Does not add I O False Adds I O default Chapter 2 Setting Up XSCF 2 151 TABLE 2 26 DCL Information Continued DCL Item Setting Details and Notes Floating Board True Selects a Floating Board False Does not select a Floating Board default Configuration policy FRU Removal in units of Field Replaceable Unit FRU components Default Domain status XSB Removal in XSB units System Hardware is degraded in units of domains or the relevant domain is stopped without degradation In the M3000 server you can set the configuration po
17. Command operation Use the showstatus 8 command to display the unit status An asterisk is attached to a unit in abnormal status lt Example 1 gt The memory board and memory on the motherboard unit MBU are degraded due to failure XSCF gt showstatus MBU_B Status Normal MEMB 1 Status Deconfigured MEM 3B Status Deconfigured lt Example 2 gt The CPU is degraded due to the effect of the crossbar unit XBU being degraded XSCF gt showstatus MBU_B Status Normal CPUM 1 CHIP 1 Status Deconfigured XBU_B 0 Status Degraded lt Example 3 gt No degraded component is found XSCF gt showstatus No failures found in System Initialization The meaning of each component status is as follows Faulted The component is faulty and not operating Degraded The component is operating However either an error has been detected or the component is faulty As a result the component might be operating with reduced functionality or performance Deconfigured As a result of another component s faulted or degraded status the component is not operating The component itself is not faulted or degraded Maintenance The corresponding component is under maintenance A deletefru 8 replacefru 8 and addfru 8 operation is currently underway Normal The component is operating normally Clearing the Fault Degradation Information The information on a faulty or degraded component is cleared when the compone
18. Major Differences Among the Server Models on page 1 14 Note 1 Processors on server boards are called CPUs Note 2 Only the system model with a special interface can power on and off the peripheral devices See Remote Cabinet Interface RCI in External Interfaces Redundant XSCFs High End Servers Only The high end servers use a redundant configuration of XSCF Units thereby providing high system reliability The XSCF that controls the server is called the Active XSCF or Active XSCF Unit while the other XSCF acts as a backup and is called the Standby XSCF or Standby XSCF Unit The Active XSCF and the Standby XSCF monitor each other and if an error is detected they determine when a failover switching to Active or Standby should be performed External Interfaces The following connectors ports and LEDs act as the external interface of the XSCF Unit The user system administrator and field engineer FE can use these ports for server monitoring and XSCF firmware operations m One Serial port that can be used for the command line interface CLI Note 1 m Two Ethernet ports XSCF LAN ports 10Base T 100Base T TX CLI and the browser user interface BUI can be used with these ports for server monitoring and operations Note 1 m USB port that an FE or a system administrator can use to save and restore hardware information Two UPS Controller UPC ports to connect the entire system with an
19. Omit I O option Note 2 Omit memory option Note 2 Floating board Note 2 1 XSBs are defined with each consisting of a CMU or MBU and an I O unit divided by software In M4000 M5000 servers there will be I O on only half of the XSBs 2 Each XSB is handled as an LSB so that it can configure a domain and be assigned a number LSB number Furthermore XSCF can define LSB resources in detail 3 The domain operates with the LSB resources and the LSB number ID assigned to a domain This is a list of domain configuration information The DCL represents the hardware resource information that is set for each domain and each LSB belonging to a domain It can be specified and displayed by setdc1 8 and showdc1 8 respectively In this mode a PSB has two memory units one mirroring the other Saving the same data in the separate memory units improves data security Memory modules on a system board For details on DIMMs see the Service Manual for your server If an error is detected in a domain in an initial hardware diagnosis the range of logical resources to be removed can be specified The policy determines whether to remove system boards or separate resources On M3000 servers the setdc1 8 command can only be used to set configuration policy System board XSB configuration that prevents a specific domain from logically using I O units on a system board The DR function Note 1 is enabled with fewer hardware resource
20. Power_Supply_System Single SCF ID XSCF 0 System_Power On System_Phase Cabinet Power On Domain 0 Domain_Status Powered Off MBU_B Status Normal Ver 0101h Serial 7867000282 The status information of each device is as below SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 a CPU Memory board unit Motherboard unit information Unit number status version serial number FRU number memory capacity and type In the M3000 server the displayed information is CPU status CPU operating frequency CPU type number of CPU cores and number of CPU strands a CPU module information Unit number status version serial number FRU number CPU operating frequency CPU type number of CPU cores and number of CPU strands a Memory information i ii iii iv vV vi Unit number status version serial number FRU number and information on each memory slot In the M3000 M8000 M9000 servers there is information on each memory slot The displayed information on each memory slot includes the unit number status code type and memory capacity Note that the type field indicates the size and rank of the DIMM using a two character code as follows Type 1A 1 GB 1 rank Type 2A 2 GB 1 rank Type 2B 2 GB 2 rank Type 4A 4 GB 1 rank Type 4B 4 GB 2 rank Type 8B 8 GB 2 rank a DDC information Unit number status a I O unit information Unit number status version
21. Specifying the Timeout Period of SSH Telnet a Command operation 1 Use the showlogout 8 command to display the timeout period XSCF gt showautologout 30min 2 Use the setautologout 8 command to set the timeout period lt Example 1 gt Specify 255 minutes for the timeout period XSCF gt setautologout s 255 255min The set timeout period becomes effective at the next login Installing and Uninstalling an SSH User Public Key a Command operation 1 Use the showssh 8 command to display the user public key lt Example gt The user key is not set XSCF gt showssh c pubkey XSCF gt 2 Generate the user private key and the user public key for a created XSCF user account with your client software See the manual for your client software for procedures to create the user public key and to set the passphrase We recommend that the passphrase be set 3 Use the setssh 8 command with option for installing user public key Then copy and paste the user public key which was made in Step 2 on the window display After pressing the Enter key press the Ctrl and D keys to complete the installation XSCF gt setssh c addpubkey u efgh Please input a public key ssh rsa AAAAB3NzaClyc2EAAAABIWAAATEAZFh95SohrDgpnN7 zFCUCVNy jaZ PTJNDxcid QGbihYDCBtt1I4151Y0Sv85FJwDpSNHNKoVLMYLJ tBmUMPbGgGVB61qs kSv Fev44hefNCZMi XGItIIpKPOnBK4XJpCFoFbPXNUHDW1rTD9icD5U wRFGSRRx FI Ub50LRxN8 A8 efgh
22. This product includes software developed by the University of California Berkeley and its contributors 4 Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE i A RF OF bk ee RO Re Copyright C 2002 Roaring Penguin Software Inc Permission to use copy modify and distribute this software for any purpose and without fee is hereby granted provided that this copyright and permission notice appear on all copies and supporting documentation the name of Roaring Penguin Software Inc not be used in advertising or publicity pertaining to distribution of the program wi
23. showad setad setad showad setad Active Directory is disabled by default A port number of 0 indicates that the default port for Active Directory is used When the port number is not specified the default port is used DNS locator mode is disabled by default DNS and DNS locator mode must be enabled for DNS locator queries to work 2 50 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 2 8 Active Directory Administration Continued Item Description Shell command Remarks Enable Enables or disables the expanded search mode setad The expanded search mode is disable The expanded search mode is only enabled disabled by default expanded when to address specific customer environment search mode where user s account is not UserPrincipalName UPN format Enable Enables or disables the strictcertmode setad The strictcertmode is disabled disable If strictcertmode is enabled the server s by default strictcertmode certificate must have already been uploaded to the server so that the certificate signatures can be validated when the server certificate is presented Display server Displays the following showad certificate e Certificate information for the primary and up to five alternate Active Directory servers e The full certificate Load Delete Loads or deletes the certificate of primary and setad The strictcertmode must be in certificate up to five alternate Active Directory
24. 2 1 2 Setup Summary Using the XSCF Web This section describes the setup summary using the XSCF Web This procedure contains examples of the windows that are used For details on settings see the corresponding parts of Section 2 2 Specifying the XSCF Settings on page 2 15 2 12 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Before attempting to establish a connection to the XSCF and log in from the web browser window of the XSCF Web perform Step 1 Step 8 in Section 2 1 1 Setup Summary by the XSCF Shell on page 2 3 and enable https in Section 2 2 8 Https Administration on page 2 113 If you have already performed Step 1 to Step 8 in Section 2 1 1 Setup Summary by the XSCF Shell on page 2 3 start the procedure in this section at Step 9 In addition establish one to one communication between the PC and the XSCF during initial setup 1 Connect to and log in to XSCF serial Same as Step 1 in Section 2 1 1 Setup Summary by the XSCF Shell on page 2 3 2 Set the password policy Same as Step 2 in Section 2 1 1 Setup Summary by the XSCF Shell on page 2 3 3 Create an XSCF user account password and privileges Same as Step 3 in Section 2 1 1 Setup Summary by the XSCF Shell on page 2 3 4 Set the time Same as Step 4 in Section 2 1 1 Setup Summary by the XSCF Shell on page 2 3 5 Make the SSH telnet settings Same as Step 5 in Section 2 1 1 Set
25. When the mode switch on the operator panel is set to Service or auto boot is disabled by the setdomainmode 8 command automatic boot of the Oracle Solaris OS after the reset instruction is suppressed Note Since the reset 8 command forcibly resets the system this command may cause a failure in a hard disk drive or other components Use this command only for the purpose of recovery such as if the Oracle Solaris OS hangs and for other limited purposes Sending a Break Signal to a Domain Command operation 1 Use the showdomainstatus 8 command to confirm the domain status XSCF gt showdomainstatus a DID Domain Status 00 Running 01 Running 02 Running 03 Running 2 Use the sendbreak 8 command to send a Break signal to the specified domain XSCF gt sendbreak d 0 Send break signal to DomainID 0 y n y SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 4 4 8 3 Confirm ok prompt on the specified domain console Note To send the break signal to the domain the domain mode setting is required When the mode switch on the operator panel is set to Service the automatic boot and host watchdog functions are suppressed and the break signal is received regardless of the domain mode settings For details of the domain mode settings see Section 2 2 15 Domain Mode Configuration on page 2 178 Air Conditioning Wait Time Administration The air cond
26. XSCF gt XSCF gt setpacketfilters y c del s 10 10 10 10 j DROP s 172 16 0 0 255 255 0 0 i xscf 0 lan 0 j DROP NOTE applied IP packet filtering rules Continue y n y XSCF gt XSCF gt showpacketfilters a s 172 16 0 0 255 255 0 0 i xscf 0 lan 0 j DROP lt Example 4 gt Clears all IP packet filtering rules which have been set XSCF gt setpacketfilters c clear s 172 16 0 0 255 255 0 0 i xscf 0 lan 0 j DROP none NOTE applied IP packet filtering rules Continue y n y Chapter 2 Setting Up XSCF 2 33 Note You can set the IP filtering rules to the input packets not to the output packets Applying the XSCF Network Settings Command operation 1 After performing the setnetwork 8 sethostname 8 setroute 8 and setnameserver 8 commands apply these Network settings 2 Perform the applynetwork 8 command on the XSCF Shell When performing the command the network settings are displayed and you can confirm whether the settings should be applied in IP ne in LP ne XSCF gt applynetwork The following network settings will be applied xscf 0 hostname DNS domain name nameserver nameserver nameserver search terface status address tmask route terface status address tmask route Continue y n scf0 hostname company com 210504 02 117 2 1 650 2 192 168 0 2 companyl com xscf 0 lan 0 up 192 168 1 10 2
27. e Import a web server certificate to XSCF Organizational unit Common name Your name or web server host name email address of administrator e Each value except for Country must consist of up to 64 characters For details of DN see the sethttps 8 man page or the XSCF Reference Manual Self Automatically the self CA is constructed in sethttps Specify the same DN as the authentication XSCF and the certificate is installed External authentication at The following are set making a web server e A self CA is constructed certificate e A private key is made e A web server certificate self signed is made Display the Displays the following showhttps The certificate expiration of certificate e CSR e Web server certificate the self CA is as follows e Server certificate 10 year The set value becomes effective when the certificate will be created next time To enable the https an XSCF reset is required Please reset the XSCF using by rebootxsc 8 command After the XSCF reset the XSCF session is disconnected Please log in again to the XSCF The https settings are automatically applied to the standby XSCF Unit for a system with a redundant XSCF configuration When the expiration date of the web server certificate has passed or you change the web server certificate configure the https settings again Chapter 2 Setting Up XSCF 2 115 2 116 Enabling or Disabling Https a Command operation 1 Use th
28. or power to the domains is on e In the system with redundant XSCF Units If you replace an XSCF Unit by using the maintenance guidance the firmware version of the replacement XSCF Unit is matched to the firmware version of the replaced XSCF Unit e In CPU Memory Board unit addition or replacement the target domain need not be rebooted for application of the OpenBoot PROM firmware However when the domain is powered off the number of versions is matched by the startup of the domain XCP update time e Time of CPU Memory Board unit addition or replacement Or time of replacement of an XSCF Unit that is configured redundantly e Time of addition move or replacement of a system board by the DR function Note 1 Corresponds to a Motherboard unit in the M4000 M5000 servers The same is true for the description below Also turn off the input power before replacing the Motherboard unit Chapter 8 Upgrade of XSCF Firmware and Maintenance 8 9 8 1 8 8 1 9 8 10 Note 2 The replacement of the XSCF Unit and the version matching is performed by FEs When both XSCF Units are replaced in the systems with redundant XSCF Units the M8000 M9000 servers or when in the M4000 M5000 servers or when a Motherboard unit is replaced an XSCF Unit is replaced in the M3000 server the firmware version cannot be automatically set to match the version of the replaced unit Perform the operator s update
29. Custom Group 5 name roles none none none none none none none none none none SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 2 Use the setad 8 command to set group name and privileges lt Examplel gt Sets administrator group 1 XSCF gt setad group administrator i 1 name CN SpSuperAdmin OU Groups DC davidc DC example DC aCompany DC com lt Example2 gt Sets operator group 1 XSCF gt setad group operator i 1 name CN OpGroup1 OU SCFTEST DC aplle DC local lt Example3 gt Sets custom group 1 XSCF gt setad group custom i 1 name CN CtmGroup1 OU SCFTEST DC aplle DC local lt Example4 gt Sets privileges for custom group 1 XSCF gt setad group custom i 1 roles platadm platop Chapter 2 Setting Up XSCF 2 65 2 66 3 Use the showad 8 command to confirm the group name and privileges lt Examplel gt Confirm administrator group XSCF gt showad group administrator Administrator Group 1 name CN lt USERNAM E gt CN SpSuperAdmin OU Groups DC davidc DC example DC aCompany DC com Administrator Group 2 name none Administrator Group 3 name none Administrator Group 4 name none Administrator Group 5 name none lt Example2 gt Confirm operator group XSCF gt showad group operator Operator Group 1 name CN OpGroup1 OU SCFTEST DC aplle DC local Operator Group 2 name n
30. In the Midrange Servers When PSB n is Uni XSB type CMU XSB OO O XSB O1 0 Chapter 2 Setting Up XSCF 2 157 FIGURE 2 5 XSB Configuration Diagram Quad XSB In the Midrange Servers When PSB n is Quad XSB type CMU IOU XSB 00 0 XSB 00 1 XSB 00 2 XSB 00 3 XSB 01 0 I O device XSB 01 1 I O device XSB O1 2 XSB O1 3 2 158 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 FIGURE 2 6 and FIGURE 2 7 show XSB hardware configuration diagrams in the high end servers The number of hardware resources depends on whether the PSB type is a Uni XSB or Quad XSB FIGURE 2 6 shows Uni XSB hardware configuration diagrams in high end servers FIGURE 2 6 XSB Configuration Diagram Uni XSB In the High End Servers When PSB n is Uni XSB type XSB xx 0 Chapter 2 Setting Up XSCF 2 159 FIGURE 2 7 shows Quad XSB hardware configuration diagrams in high end servers FIGURE 2 7 XSB Configuration Diagram Quad XSB In the High End Servers When PSB n is Quad XSB type XSB xx 0 I O device XSB Hxx 1 I O device ee XSB xx 2 I O device XSB xx 3 2 160 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 FIGURE 2 8 shows Uni XSB h
31. January 2012 Parts Fault Notification XSCF monitors components such as CPU modules fan units CPU Memory Board unit in the server XSCF can notify the system administrator by email of any fault that occurs in these devices FIGURE 6 2 shows mail being sent for parts fault notification to the system administrator FIGURE 6 2 XSCF Fault Notification Fault administrator A fault occurs 6 2 Setting Up the Mail Function This section explains how to set up the XSCF mail function The workflow is as described below Perform each step for setup with the XSCF Shell command line For details on setup see Chapter 2 1 Log in to XSCF 2 Make the following settings for the XSCF mail function Host name or IP address of the SMTP server See setsmtp 8 Select POP authentication or SMTP authentication See setsmtp 8 Chapter 6 XSCF Mail Function 6 3 Reply address from specification See set smtp 8 Recipient address for mail for the system administrator See setemailreport 8 3 Enable the XSCF mail function See setemailreport 8 4 Send test mail Test mail is automatically sent when the work for these mail settings is completed If the email message sent as test mail is confirmed to have been received by the system administrator it means that the correct settings have been made If the email massage is not received error mail is sent to the reply mail address From or a record is made in an e
32. Library into a program that is not a library 4 You may copy and distribute the Library or a portion or derivative of it under Section 2 in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine readable source code which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange If distribution of object code is made by offering access to copy from a designated place then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code even though third parties are not compelled to copy the source along with the object code 5 A program that contains no derivative of any portion of the Library but is designed to work with the Library by being compiled or linked with it is called a work that uses the Library Such a work in isolation is not a derivative work of the Library and therefore falls outside the scope of this License However linking a work that uses the Library with the Library creates an executable that is a derivative of the Library because it contains portions of the Library rather than a work that uses the library The executable is therefore covered by this License Section 6 states terms for distribution of such executables When a work that uses the Library uses material from a header file th
33. System With a Single XSCF Unit or Both Replacement in a System With Redundant XSCF Units Confirming That the XSCF Firmware Is Updated When the MBU Is Replaced in the M3000 server The firmware update is automatically performed by using the maintenance guidance for FE Confirm the version of the updated XCP This function is available when you are using M8000 M9000 servers Note When a component is replaced in the state of main line switch off the cold replacement the firmware is not updated automatically The operator must match the number of the versions The firmware is not updated automatically The operator must match the number of the firmware versions This function is available when you are using M4000 M5000 M8000 M9000 servers The firmware is not updated automatically The operator must match the number of OpenBoot PROM and XSCF firmware versions This function is available when you are using M3000 servers About 5 minutes Excludes the time for component replacement work e In the system with a XSCF Unit about 20 minutes e In the system with redundant XSCF Units about 40 minutes Excludes the time for component replacement work About 20 minutes Excludes the time for component replacement work Updating XCP From the Network m File preparation 1 Download the XCP files from the web site to an arbitrary folder on a personal computer or workstation connected to the server I
34. TABLE 8 4 Other Logs Standard Size Storage Period Type Description Entry Size Archiving Reference Method Power log Log for recording power events of 1920 generations About 1 month e showlogs 8 the main unit M8000 M9000 Archived e XSCF Web servers 720 generations M3000 M4000 M5000 servers x16B Event log Log for recording system 4096 generations About 1 month e showlogs 8 Console log Panic log IPL log Audit log Active Directory log operations operator panel operations and events reported to the operating system Log that is recorded as a console message log if the XSCF console is specified as the output destination of the Oracle Solaris OS console When the input power is turned off the log is clear Console log for a panic occurrence Log for the period from power on to completion of Oracle Solaris OS startup Log for XSCF audits Log for Active Directory authentication and authorization diagnostic messages x48B 512KB domain About 10000 lines domain 64KB About 1200 lines 32KB domain About 600 lines domain 4MB 250KB About 3000 lines Archived Amount for about 1 week Archived Amount for 1 time Archived Amount for 1 time Archived About 1 month Archived Not Archived e XSCF Web e showlogs 8 e XSCF Web e showlogs 8 e XSCF Web e showlogs 8 e XSCF Web e viewaudit 8 e XSCF Web e showad 8 e XSCF Web 8 26 SPARC
35. Uninterruptible Power Supply Unit UPS A UPS is connected for backup power control purposes in the event of a power outage In the M8000 M9000 servers the UPC interface ports are in the cabinet 1 2 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 m Remote Cabinet Interface RCI port to perform power supply interlock by connecting a system and an I O device with an RCI device The RCI is the power and system control interface that connects a peripheral device with an RCI connector to the server and performs such functions as power supply interlock and alarm notification and recognition For the information whether the RCI function is supported on your server see the SPARC Enterprise M3000 M4000 M5000 M8000 M9000 Servers Product Notes m Three types of LEDs that indicate the XSCF Unit status ACTIVE LED READY LED and CHECK LED In the M3000 M4000 M5000 servers there are two types of LEDs READY LED and CHECK LED Note 1 In this manual XSCF CLI functions are called XSCF Shell and XSCF BUI functions are called XSCF Web Rear Panel on the Entry Level Server FIGURE 1 1 is an outline drawing of the rear panel of the M3000 server The XSCF Unit of the M3000 server is not a removable unit but is fixed on the Motherboard unit The external interface of the XSCF Unit is exposed on a part of rear panel of the server 1 to 11 in FIGURE 1 1 Of the rear panel of the M3000 server this section foc
36. and accept the certificate 9 3 93 1 9 3 2 Logging In and Out of the XSCF Web This section describes how to connect the XSCF Web console Logging in to XSCF The XSCF Web pages are connected by login from the top page When login is successful the default page is displayed In the default page the tree frame to select each page and one page are displayed If Authentication Fails If login fails a message indicating that login failed is displayed Further event and audit logs are collected Access Status Monitoring The XSCF Web monitors the accounts of XSCF users logged in to XSCF After successful login to XSCF if no access is made for a certain period an authentication timeout occurs and the XSCF Web logs out the user If the XSCF Web is accessed after the authentication timeout a dialog box indicating the timeout is displayed and then the top page is displayed To use the XSCF Web again log in to XSCF again Chapter 9 Howto Use the XSCF Web 9 7 The authentication timeout setting can be changed The authentication timeout is 10 minutes by default The monitoring interval ranges from 1 to 255 minutes You can set the monitoring interval ranges at the Menu Settings Autologout page 9 3 3 Logging Out From XSCF To exit the XSCF Web log out by selecting logout in the page on XSCF Web console 9 8 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 9 4 XSCF Web Pages This se
37. apache ntp admin default or proxyuser SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 3 Use the password 8 command to specify a password lt Example 1 gt Specify a password XSCF gt password jsmith Changing password for platadm current XSCF password xxxxxx New XSCF password xxxxxx BAD PASSWORD is too similar to the old one New XSCF password xxxxxx BAD PASSWORD it is too simplistic systematic New XSCF password xxx BAD PASSWORD it s WAY too short New XSCF password XXxXxXxx Retype new XSCF password Xxxxxx XSCF gt lt Example 2 gt Specify 60 days for the validity period and also specify that a validity expiration warning be issued 15 days in advance XSCF gt password M 60 w 15 jsmith Specifying a User Privilege Command operation 1 Use the showuser 8 command to display user account settings XSCF gt showuser a User Name jsmith Status Enabled Minimum 0 Maximum 99999 Warning 7 Inactive 1 Last Change Aug 22 2005 Password Expires Never Password Inactive Never Account Expires Never 2 Use the setprivileges 8 command to assign a user privilege to a user account lt Example gt Specify useradm and auditadm for a user account XSCF gt setprivileges jsmith useradm auditadm Chapter 2 Setting Up XSCF 2 41 3 Use the showuser 8 command to confirm the privilege XSCF gt showuser p Us
38. e Number of days a new account will be valid before expiring and becoming disabled Expiry e Maximum number of retries of password entry Retry e Maximum number of characters that must be different in a new password Difok e Minimum password length Minlen e Number of maximum credit to the minimum password length by digits contained in a password Dcredit e Number of maximum credit to the minimum password length by uppercase letters contained in a password Ucredit e Number of maximum credit to the minimum password length by lowercase letters contained in a password Lcredit e Number of maximum credit to the minimum password length by symbols contained in a password Ocredit e Maximum numbers of passwords in the password history Remember setpassword pol icy e Once an account is locked after password expiration its user must contact the system administrator in order to use the system again e A password must consist of at least six characters e Inactive is 1 which means unlimited e Expiry is 0 which means unlimited Note 1 e The number of credit is the number of reduced character from the current minimum password length When the credit of each character is combined a shorter password than the current minimum password length can be accepted Display lockout Displays lockout settings showloginlockou setting t 2 38 SPARC Enterprise Mx000 Servers XSCF User s Gui
39. lt Example 1 gt Add routing with Destination 192 168 1 0 and Netmask 255 255 255 0 to XSCF LAN 0 in the XSCFU 0 XSCF gt setroute c add n 192 168 1 0 m 255 255 255 0 xscf 0 lan 0 lt Example 2 gt Add routing with the default network for Destination and Gateway 10 12 108 1 to XSCF LAN 1 in the XSCFU 0 XSCF gt setroute c add n 0 0 0 0 g 10 12 108 1 xscf 0 lan 1 lt Example 3 gt Delete routing with destination 192 168 1 0 and netmask 255 255 255 0 to XSCF LAN 0 in the XSCFU 0 XSCF gt setroute c del n 192 168 1 0 m 255 255 255 0 xscf 0 lan 0 Making XSCF DNS Settings Command operation 1 Use the shownameserver 8 command to display the name server and the search path If multiple name servers and search paths are added they are displayed on separate lines lt Example 1 gt Confirm that three name servers and one search path are added XSCF gt shownameserver nameserver 10 0 0 2 nameserver 172 16 0 2 nameserver 192 168 0 2 search companyl com lt Example 2 gt Confirm that no name server and no search path is added XSCF gt shownameserver SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 2 Use the setnameserver 8 command to specify the name server and the search path lt Example 1 gt Add the three IP addresses 10 0 0 2 172 16 0 2 and 192 168 0 2 as name servers XSCF gt setnameserver 10 0 0 2 172 16 0 2 192 168 0 2 lt Example 2 gt Delete all available na
40. m DR function Chapter 4 Operation of the Server 4 27 Caution IMPORTANT An XSCF reset or failover might prevet the above setting operation from completing If a reset or failover occurs during the operation log in to the active XSCF to determine if the operation succeeded If not try it again For details on DR see the Dynamic Reconfiguration User s Guide 4 9 4 28 Displaying State of an External I O Expansion Unit and Administration This section describes the management overview of an External I O expansion unit connected to the server components in the External I O Expansion Unit such as I O boards link cards and power supply units PSUs and downlink cards mounted in PCI slots in the server and cards that contain Energy Storage Modules ESM and are attached to the host system Note For the hardware configuration of an External I O Expansion Unit see the External I O Expansion Unit Installation and Service Manual or the Service Manual for your server For details and examples of use of commands see the XSCF Reference Manual and the ioxadm 8 man page TABLE 4 4 lists terms used in External I O Expansion Unit administration TABLE 4 4 External I O Expansion Unit Administration Terms Term Description Host path Device path A device name and device number are used to represent the layer location of a component in the component layer structure Example IOU 1 PCIE 4 Downlink card A d
41. serial number FRU number power status power type and voltage Note that the power type field indicates AC which is AC power supply or DC which is DC power supply a Fan backplane information Unit number status version serial number and FRU number a Fan unit information Unit number status serial number Note The configuration information might change based on model configuration in M3000 M4000 M5000 M8000 M9000 servers Note The External I O Expansion Unit may be referred to as IOBOX in example program output and the text in this manual SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Note 8GB DIMM is supported in XCP1081 or later Type in the CPU Memory board unit information is supported in XCP1090 or later on M8000 M9000 servers Type in the Motherboard unit information is supported in XCP1100 or later on M4000 M5000 servers Type in the I O unit information is supported in XCP1100 or later on M4000 M5000 M8000 M9000 servers The Type information for the CPU Memory board unit Motherboard unit and I O unit may be identified by a letter or number such as Type A or Type 1 A larger letter or number indicates that a newer version of hardware is installed The power type in the Power supply unit information is supported in XCP1091 or later on M3000 server 4 2 Display Domain Information This section describes methods for checking the configuration
42. the Unix Password Checking library which are held in copyright by Alec David Edward Muffett may be copied such that the copyright holder maintains some semblance of artistic control over the development of the packages while giving the users of the package the right to use and distribute the Package in a more or less customary fashion plus the right to make reasonable modifications So there FOI IC II ICICI ICICI GIGI ICICI ICICI III ICI IIe kkk Definitions A Package refers to the collection of files distributed by the Copyright Holder and derivatives of that collection of files created through textual modification or segments thereof Standard Version refers to such a Package if it has not been modified or has been modified in accordance with the wishes of the Copyright Holder Copyright Holder is whoever is named in the copyright or copyrights for the package soni is you if you re thinking about copying or distributing this Package E 8 Reasonable copying fee is whatever you can justify on the basis of media cost duplication charges time of people involved and so on You will not be required to justify it to the Copyright Holder but only to the computing community at large as a market that must bear the fee Freely Available means that no fee is charged for the item itself though there may be fees involved in handling the item It also means that recipients of the item may redistribute it unde
43. 0000 XSCF 01 08 0005 XCP1 Reserve 1082 OpenBoot PROM 02 09 0000 XSCF 01 08 0005 XSCF 1 Standby XCPO Current 1082 OpenBoot PROM 02 09 0000 XSCF 01 08 0005 XCP1 Reserve 1082 OpenBoot PROM 02 09 0000 XSCF 01 08 0005 OpenBoot PROM BACKUP 0 02 08 0000 1 02 09 0000 This screenshot is provided as an example 4 2 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 4 Use the showstatus 8 command to display information on degraded components in the system XSCF gt showstatus B BP_A Status Degraded ii DDC_A 0 Status Faulted PSU 0 Status Faulted This screenshot is provided as an example 5 Use the showenvironment 8 command to display the ambient temperature humidity and voltage of the system XSCF gt showenvironment Temperature 30 70C Humidity 90 00 XSCF gt showenvironment temp Temperature 30 70C CMU 0 43 00C CPUM 0 CHIP 0 65 00C CPUM 1 CHIP 0 61 20C CPUM 2 CHIP 0 64 80C CPUM 3 CHIP 0 63 60C CMU 1 45 50C XSCF gt showenvironment volt MBU_B 1 0V Power Supply Group 1 000V 1 8V Power Supply Group 1 910V CPUM 0 CHIP 0 1 0V Power Supply Group 1 050V This screenshot is provided as an example Note The humidity information is only displayed in M8000 M9000 servers Environmental Temperature and Fan Speed Level With the altitude setting the fan speed level varies by the environmental temperature To display the fan speed
44. 1 2 4 26 telnet connection 3 9 terminal operating modes 372 TRAP 7 5 troubleshooting D 1 XSCF command shell 5 1 XSCF commands 5 2 XSCF logs view and archive 5 15 XSCF mail overview 6 1 setting up 6 3 testing 6 6 XSCF network enabling or disabling 2 24 XSCF shell and domain console 3 10 error messages 5 18 XSCF time setting 2 94 XSCF Web 9 1 XSCF web error messages 9 30 starting 9 5 XSCF LAN firewall 3 5 function 3 5 port number 3 5 serial connection 3 15 Index 5 Index 6 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012
45. 1 name CN CtmGroup1 OU SCFTEST DC aplle2 DC local lt Example4 gt Sets privileges for custom group 1 XSCF gt setldapssl group custom i 1 roles platadm platop Chapter 2 Setting Up XSCF 2 87 2 88 3 Use the showldapss1 8 command to confirm the group name and privileges lt Examplel gt Confirm administrator group XSCF gt showldapssl group administrator Administrator Group 1 name CN lt USERNAME gt CN SpSuperAdmin OU Groups DC davidc DC example2 DC aCompany DC com Administrator Group 2 name none Administrator Group 3 name none Administrator Group 4 name none Administrator Group 5 name none lt Example2 gt Confirm operator group XSCF gt showldapssl group operator Operator Group 1 name CN OpGroup1 OU SCFTEST DC aplle2 DC local Operator Group 2 name none Operator Group 3 name none Operator Group 4 name none Operator Group 5 name none lt Example3 gt Confirm custom group XSCF gt showldapssl group custom Custom Gro name roles Custom Gro name roles Custom Gro name roles Custom Gro name roles Custom Gro name roles up 1 CN CtmGroup1 OU SCFTEST DC aplle2 DC local platadm platop up 2 none none up 3 none none up 4 none none up 5 none none SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 The administrato
46. 107 SSH specifying host key 2 106 user public key 2 107 SSH access to XSCF from a domain permitting or refusing 2 105 SSH telnet enabling or disabling 2 104 specifying timeout period 2 107 SSH telnet Administration 2 101 Stratum Value changing in XSCF 2 97 System Board Configuration 2 170 T Test Mail 6 6 Time and date setting 2 90 Time zone specifying 2 92 Traps C 5 Troubleshooting server D 7 xscr D 1 U Update the XSCF firmware 8 1 User Account adding or deleting 2739 User account administration SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Administration user account 2 35 User management commands 5 16 User privilege specifying 2 40 USM management information 2 137 V VACM management information 2 138 W Web server certificate creating 2 115 importing 2 113 X XSB status displaying 2 159 XSB status information 2 148 XSCF active XSCF 1 2 2 16 3 16 4 26 connecting terminals 3 1 connecting through ssh 3 8 connecting through the serial port ot connection types 3 11 DNS settings 2 29 error log B 1 event logs B 7 firmware update 8 1 fmdump 8 and faults B 4 Front panel 1 6 1 7 function messages A 3 log collection 8 22 logging in 9 7 login 2 3 5 7 network settings 2 33 other commands 5 17 port and terminal types 3 2 Redundant XSCFs 1 2 routing 2 28 SNMP agent 7 1 7 8 specifying a host name 2 27 standby XSCF
47. 127 1 0 LOCL 51 44 64 377 0 000 0 000 0 008 2 100 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 2 Use the setntp 8 command to change a clock address of the XSCF s own local clock lt Example gt Set 1 as the least significant byte of the clock address XSCF gt setntp m localaddr 1 Please reset the XSCF by rebootxscf to apply the ntp settings When you use the setntp 8 command to specify the localaddr value execute the rebootxsc 8 command to apply the specified configuration and reset the XSCF 3 Use the showntp 8 command to confirm the clock address of the XSCF s own local clock XSCF gt showntp prefer on localaddr XSCF gt showntp 1 1 remote refid st t when poll reach delay offset jitter 192 168 0 27 192 168 1 56 2 27 64 377 12 929 2 756 L993 192 168 0 57 192 168 1 86 2u 32 64 377 13 030 2 184 94 421 LAT ek 2 DD LOCL 5 1 44 64 377 0 000 0 000 0 008 Note The setting of the XSCF s own local clock by setntp 8 command is supported only on M3000 M4000 M5000 M8000 M9000 servers that run certain versions of XCP firmware beginning with XCP 1091 Notes on the NTP Server Referring to the Local Clock When the NTP server which XSCF refers to is referring to the server s own system time local clock and when the address of 127 127 1 0 is set to that local clock time synchronization in XSCF might fail The address of the XSCF s own l
48. 2 C 2 SPARC Enterprise Mx000 Servers XSCF Users Guide January 2012 TABLE C 1 MIB Object Identifiers Continued scfMIBObjectGroups OBJECT IDENTIFIER scfMIBGroups 1 scfMIBNotifGroups OBJECT IDENTIFIER scf MIBGroups 2 C 2 Standard MIB The standard MIB supported by the XSCF conforms to the following RFC Note For the standard MIB definition file see the general RFC document MIB II RFC1213 User based Security Model USM RFC3414 View based Access Control Model VACM RFC3415 SNMPv2 MIB RFC3418 Note RFC Abbreviation of Request For Comment Technical document issued by the Internet Engineering Task Force IETF which is a body that prescribes technical standards related to the Internet C3 Extended MIB The information from the XSCF extension MIB provided by the XSCF includes m Server information hardware firmware version and server configuration information a Environment information temperature humidity voltage and fan speed Domain status and domain configuration information Note For details of the Fault Management MIB see the Oracle Solaris OS documentation Appendix C XSCF MIB C 3 Note In the M3000 M4000 M5000 M8000 M9000 servers information has been added such as power consumption and exhaust air If you install a new server reinstall the XSCF extension MIB definition file to the SNMP manager For specific information about power consumption and exh
49. 205 168 148 100 lt Example 3 gt Display that IP packet filtering rule is not set XSCF gt showpacketfilters a 2 Use the setpacketfilters 8 command to set the IP packet filtering rules name server and the search path The IP packet filtering rules are applied in the order in which they are defined SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 lt Example 1 gt Permit the IP address 192 168 100 0 255 255 255 0 to go through XSCF gt setpacketfilters y c add i xscf 0 lan 0 s 192 168 100 0 255 255 255 0 s 192 168 100 0 255 255 255 0 i xscf 0 lan 0 j ACCEPT NOTE applied IP packet filtering rules Continue y n y lt Example 2 gt Communication to xscf 0 lan 0 exclusively accepts those IP packets sent from the 192 168 100 0 255 255 255 0 network XSCF gt showpacketfilters a s 192 168 100 0 255 255 255 0 i xscf 0 lan 0 j ACCEPT XSCF gt XSCF gt setpacketfilters y c add i xscf 0 lan 0 j DROP s 192 168 100 0 255 255 255 0 i xscf 0 lan 0 j ACCEPT i xscf 0 lan 0 j DROP NOTE applied IP packet filtering rules Continue y n y XSCF gt XSCF gt showpacketfilters a s 192 168 100 0 255 255 255 0 i xscf 0 lan 0 j ACCEPT i xscf 0 lan 0 j DROP lt Example 3 gt Deletes the IP packet drop setting which has been set in the IP address 10 10 10 10 XSCF gt showpacketfilters a s 172 16 0 0 255 255 0 0 i xscf 0 lan 0 j DROP s 10 10 10 10 j DROP
50. 44 1223 334714 Copyright c 1997 2001 University of Cambridge Permission is granted to anyone to use this software for any purpose on any computer system it freely subject to the following restrictions and to redistribute 1 This software is distributed in the hope that it will be useful but WITHOUT ANY WARRANTY without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE 2 The origin of this software must not be misrepresented either by explicit claim or by omission In practice this means that if you use E 12 PCRE in software which you distribute to others commercially or otherwise you must put a sentence like this Regular expression support is provided by the PCRE library package which is open source software University of Cambridge written by Philip Hazel England and copyright by the somewhere reasonably visible in your documentation and in any relevant files or online help data or similar A reference to the ftp site for the source that is to ftp ftp csx cam ac uk pub software programming pcre should also be given in the documentation and must not be 3 Altered versions must be plainly marked as such misrepresented as being the original software 4 If PCRE is embedded in any software that is released under the GNU General Purpose Licence GPL or Lesser General Purpose Licence LGPL then the terms of that licence shall supersede any condition above with whic
51. 5 7 5 8 5 9 Overview of the XSCF Command Shell 5 1 Login to XSCF Shell 5 7 5 2 1 Before Logging In 5 7 5 2 2 Operation From a Terminal Connected to the Serial Port 5 8 5 2 3 Operation for Connecting Via the XSCF LAN SSH 5 8 5 2 4 Operation For Connecting Via the XSCF LAN Telnet 5 9 View Server Status and Control Commands 5 10 Server Configuration InformationCommands 5 12 Domain Control and Maintenance Commands 5 13 View and Archive the XSCF Logs 5 15 User Management and Security Commands 5 16 Use the XSCF Other Commands 5 17 View XSCF Shell Error Messages 5 18 6 XSCF Mail Function 6 1 6 1 6 2 6 3 6 4 Overview of XSCF Mail Function 6 1 Setting Up the Mail Function 6 3 Contents of Parts Fault Notification 6 5 Test Mail 6 6 7 XSCF SNMP Agent Function 7 1 7 1 7 2 7 3 7 4 Overview of the XSCF SNMP Agent 7 1 MIB Definition File 7 3 About Trap 7 5 Setting Up the XSCF SNMP Agent Function 7 8 viii SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 8 Upgrade of XSCF Firmware and Maintenance 8 1 8 1 8 2 9 1 9 2 9 3 Update the XSCF Firmware 8 1 8 1 1 Firmware Update Overview 8 1 8 1 2 Firmware Update Conditions and Environment 8 3 8 1 3 Method of Delivering Firmware 8 4 8 1 4 Method of Checking the Firmware Version 8 5 8 1 5 Three Steps of the Firmware Update 8 6 8 1 6 Features of XSCF Firmware Update 8 7 8 1 7 Firmware Update Types and Timing 8 7 8 1 8 Firmware Update f
52. 8 configure log archiving See Section 2 2 10 Log Archiving Administration on page 2 127 15 Configure the audit settings e Display audit settings and configure showaudit 8 setaudit 8 auditing See Section 2 2 9 Audit Administration on page 2 120 Note The auditadm privilege is required for the audit settings 16 Configure the SNMP settings e Display Agent settings and configure showsnmp 8 set snmp 8 Agent showsnmpusm 8 setsnmpusm 8 e Display and specify the notification showsnmpvacm 8 setsnmpvacm 8 destination server See Section 2 2 11 SNMP Administration on page 2 132 17 Make the settings for using the remote maintenance service Note This document does not provide details on the remote maintenance service functions For the information of the remote maintenance service see the Product Notes for your server 18 Configure the system board settings e Display and set a memory mirror mode showfru 8 setupfru 8 e Display and specify system boards separately from the XSB Uni XSB or See Section 2 2 14 System Board Quad XSB displaying and settings Configuration on page 2 175 In the M3000 server the system board cannot be configured The system board has been configured by default and you cannot change the settings However you can refer to the system board information 2 10 SPARC Enterprise Mx000 Servers XSCF User s Guid
53. 8 commands When you enable the Authentication displays and specifies the authentication mechanism and authentication server These functions are equivalent to the showsmtp 8 and setsmtp 8 commands Displays and specifies the recipient address for error mail These functions are equivalent to the showsmtp 8 and setsmtp 8 commands TABLE 9 19 lists the functions for configuring XSCF mail This page provides the email report settings Select Settings Email Reporting in the Menu tree TABLE 9 19 Mail Configuration Email Reporting Function Remarks Mail notification function display and configuration Displays and sets the mail report function Enables or disables the mail report function and displays and specifies the recipient address to be sent to the system administrator These functions are equivalent to the showemailreport 8 and setemailreport 8 commands TABLE 9 20 lists the functions for configuring SNMP for XSCF This page provides the SNMPv1v2c and SNMPv3 settings Select Settings SNMP in the Menu tree Chapter 9 Howto Use the XSCF Web 9 25 TABLE 9 20 SNMP Configuration Function Remarks Agent display and configuration Enables and disables the SNMPv1v2c or SNMPv3 agent sets the system management information and selects the MIB module This functions is equivalent to the showsnmp 8 and setsnmp 8 commands Notification destination server display and setting Displays an
54. Cfg policy System False False False False False False False False False False 2 Use the showboards 8 command to display XSB status information XSCF gt showboards va XSB R DID LSB Assignment 00 0 SP Available 01 0 SP Available 01 1 SP Available 01 2 SP Available 01 3 SP Available lt Example gt Display detailed information about XSBs Conn Conf Test Fault COD n n Passed Normal n n n Passed Normal n n n Passed Normal n n n Passed Normal n n n Passed Normal n Chapter 2 Setting Up XSCF 2 167 3 Use the addboard 8 command to add an XSB and use the showboards 8 command to confirm the XSB status lt Example gt Assign XSB 00 0 XSB 01 0 XSB 01 1 XSB 01 2 XSB 01 3 to domain ID 2 XSCF gt addboard c assign d 2 00 0 01 0 01 1 01 2 01 3 XSB 00 0 will be assigned to DomainID 2 Continue y n y XSB 01 0 will be assigned to DomainID 2 Continue y n y XSB 01 1 will be assigned to DomainID 2 Continue y n y XSB 01 2 will be assigned to DomainID 2 Continue y n y XSB 01 3 will be assigned to DomainID 2 Continue y n y XSCF gt XSCF gt showboards va XSB R DID LSB Assignment Pwr Conn Conf Test Fault COD 00 0 02 00 Assigned n n n Passed Normal n 01 0 02 07 Assigned n n n Passed Normal n 01 1 02 08 Assigned n n n Passed Normal n 01 2 02 09 Assigned n n n Passed Normal n 01 3 02 10 Assigned n n n Passed Normal n 4 Use the poweron 8 command to start up domain I
55. Date Continued Item Description Shell Command Remarks Prefer Specifies cancels prefer to an NTP server setntp The default is prefer for XSCF network specified If prefer is specified the NTP server specified first by setntp 8 command has priority over the others Stratum Specifies a stratum service for XSCF setntp The default stratum value value You can specify an integer from 1 to 15 is 5 Local clock Sets the clock address of the XSCF s own setntp The default clock address local clock of the local clock is A numeric from 0 to 3 can be specified for 127 127 1 0 the least significant byte of the clock address of the local clock Reset time Resets the time subtraction between the resetdateoffset The settings can be enabled subtraction XSCF and each domain which is stored in when all of the domains are XSCF powered off As a result the time of each domain will be set to the same time as the XSCF after startup Display time Displays the time subtraction between the showdateoffset subtraction XSCEF and each domain 2 94 Specifying a Time Zone Command operation 1 Use the showtimezone 8 command to display the time zone XSCF gt showtimezone c tz America Chicago 2 Use the settimezone 8 command to set the system time The platadm privilege is required SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 lt Example 1 gt Display the timezone list XSCF gt settim
56. Delete the log data of the audit trail XSCF gt setaudit delete SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Specifying the Audit Policy Command operation 1 Use the showaudit 8 command to display the audit policy XSCF gt showaudit all Auditing enabled Audit space used 13713 bytes Audit space free 4180591 bytes Records dropped 0 Policy on full trail suspend User global policy enabled Mail Thresholds 80 100 User policy Events AEV_AUDIT_START enabled AEV_AUDIT_STOP enabled 2 Use the setaudit 8 command to set the audit policy lt Example 1 gt Specify three users for the Audit class enable SSH login for the Audit event enable the AUDIT and LOGIN groups and disable the global policy for the users XSCF gt setaudit a yyyyy uuuuu nnnnn enabe c ACS_AUDIT ACS LOGIN enable e AEV_LOGIN SSH enable g disable lt Example 2 gt Specify the file warning send destination address count for the trail full write mode and file space warning threshold XSCF gt setaudit m yyyy Gexample com p count t 50 75 90 Chapter 2 Setting Up XSCF 2 125 3 Use the showaudit 8 command to confirm the setting XSCF gt showaudit all Auditing enabled Audit space used 13713 bytes Audit space free 4180591 bytes Records dropped 0 Policy on full trail count User global policy enabl
57. Foundation All rights Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must notice retain the above copyright this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 The end user documentation included with the redistribution if any must include the following acknowledgment This product includes software developed by the Apache Software Foundation http www apache org Alternately this acknowledgment may appear in the software itself if and wherever such third party acknowledgments normally appear The names Apache and Apache Software Foundation must not be used to endorse or promote products derived from this software without prior written permission For written permission please contact apache apache org 5 Products derived from this software may not be called Apache nor may Apache appear in their name without prior written permission of the Apache Software Foundation THIS SOFTWARE IS PROVIDED AS IS AND ANY EXPRESSED OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN N
58. Function 7 3 7 4 The following shows data as an example of MIB management information scfMachineType OBJECT TYPE SYNTAX DisplayString ACCESS read only STATUS mandatory DESCRIPTION System model name and model type name scfInfo 1 scfNumberOfCpu OBJECT TYPE SYNTAX INTEGER ACCESS read only STATUS mandatory DESCRIPTION Number of CPUs scfInfo 2 scfSysSerial OBJECT TYPE SYNTAX DisplayString ACCESS read only STATUS mandatory DESCRIPTION System serial number scfInfo 3 Note This MIB data is provided as an example For a list from the extended MIB information supported by XSCF see Appendix C Note The contents of the MIB definition file are defined using the notations of the ASN1 standard The XSCF extension MIB definition file defines the administration information for the SNMP manager to monitor the M3000 M4000 M5000 M8000 M9000 servers To perform server monitoring install the XSCF extension MIB definition file to the SNMP manager For the method of installation see the manuals of the SNMP manager in use For details on obtaining the XSCF extension MIB definition file and the Fault Management MIB definition file see the Product Notes for your server or download site for firmware SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 7 3 About Trap When an event occurs the SNMP agent function notifies the SNMP manage
59. Guide 4 4 4 12 Server and Domain Power Operations This section describes power operations for servers and domains and it explains how to display the power status of a server or domain To perform the power operations use the XSCF Shell commands Commands Used for the Operations or Status Display Execute the following commands individually as appropriate For details of these commands see Chapter 5 Em poweron m poweroff m reset m sendbreak m setpowerupdelay m showpowerupdelay m setshutdowndelay m showshutdowndelay m setdualpowerfeed m showdualpowerfeed With the power operations the following can be performed m System power on m System power off Domain power on Domain power off m Sending a Domain Panic Request Solaris OS dump request SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 4 4 1 Domain reset Sending break signal to a domain Air conditioning wait time administration Warm up time administration Dual power feed System Power On Command operation 1 Use the showlogs power command to check the status of system power off The System Power Off status means one of the following a The input power supply has been turned on and the poweron 8 command is not yet executed or the POWER switch of the operator panel is not yet pressed that is all domains have not yet been powered on a The powerof 8 command has been executed or the POWER switch of th
60. ID 1 lt RW x 1 RO x 15 In the M8000 M9000 servers max is 100 consoles About the XSCF LAN the DSCP Link Port Number and the Function and the Firewall TABLE 3 2 lists the port numbers used for the XSCF LAN ports and XSCF functions To defend from attacks against XSCF and prevent unauthorized access to XSCF a firewall must be installed for connections to external networks When the firewall has been installed each XSCF LAN port must be permitted to pass packets as necessary Chapter 3 Connecting to the XSCF and the Server 3 5 TABLE 3 2 XSCF LAN Port Numbers and Connection Directions for Functions Port Number Protocol Function Connection Direction 22 TCP XSCF Shell SSH External network gt XSCF 22 TCP Log archiving firmware update and data collector XSCF gt External network snapshot 23 TCP XSCF Shell telnet External network gt XSCF 25 TCP Mail notification and remote maintenance service XSCF gt external network 53 TCP DNS XSCF gt external network 53 UDP 110 TCP Authentication with a POP server XSCEF gt external network 123 UDP Time synchronization using NTP when an external XSCF gt external network server is used 161 UDP SNMP function External network gt XSCF 162 UDP SNMP Trap function XSCF gt External network 636 TCP Authentication with an LDAP server XSCE gt external network 443 TCP XSCF Web https External network gt XSCF TABLE 3 3 lists the port numbers us
61. In the rest of this chapter although XSCF firmware programs are called XSCF firmware or XSCF they all have the same meaning The board with the installed XSCF firmware is called the XSCFU also referred to as the XSCF Unit or Service Processor The XSCF uses different functions to achieve high system availability The XSCF firmware is a single centralized point for the management of hardware configuration control of hardware monitoring cooling system fan units domain status monitoring power on and power off of peripheral devices Note 2 and error monitoring The XSCF centrally controls and monitors the server The XSCF also has a partitioning function to configure and control domains and it has a function to monitor the server through an Ethernet connection so that the user can control the server remotely Another function is to report failure information to the system administrator and a remote control input output function In the SPARC Enterprise M3000 server the M3000 server the entry level server and the SPARC Enterprise M4000 M5000 the M4000 M5000 servers the midrange servers a single XSCF Unit is installed in the server In the SPARC Enterprise M8000 M9000 servers the M8000 M9000 servers the high end servers two XSCF Units are installed in the server and they are duplicated Also in the M3000 server 1 1 the XSCF Unit is fixed to the Motherboard Unit MBU For details of the server differences see Section 1 2 1
62. MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE Part 6 Cisco BUPTNIC copyright notice BSD Copyright c 2004 Cisco Inc and Information Network Center of Beijing University of Posts and Telecommunications All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution Neither the name of Cisco Beijing University of Posts and Telecommunications endorse or promote products derived from this software without specific prior written permission Inc nor the names of their cont
63. Not supported in this system SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Note The above examples vary depending on the client software on the terminal Q What is the relationship between the XSCF error log and error information in the MIB file A Error information reflected in the MIB file is the latest log data of XSCF D 2 Troubleshooting the Server While XSCF Is Being Used This section describes how to effectively use XSCF in case the main unit is not responding which means that a problem or panic occurred in the unit Before Contacting Our Authorized Service Personnel Before contacting our authorized service personnel first follow the procedure below This procedure may be helpful not only in solving the problem but also could eliminate the need to make an inquiry 1 If the server does not respond set the Mode switch on the operator panel to Service mode 2 Check the system status by using either of the following methods m When you cannot use the XSCF Shell through SSH telnet a Connect a terminal to the serial port of XSCF b Enter your user account and password to log in to the XSCF Shell c Use the XSCF Shell to check error logs m When you can use the XSCF Shell through SSH telnet or the serial port a Use your XSCF user account to log in to XSCF b Establish a connection through the XSCF LAN port and use the XSCF Shell to check error logs and other inform
64. ON SONT EXCLUES DANS LA MESURE AUTORISEE PAR LA LOI APPLICABLE Sauf mention contraire express ment stipul e dans ce contrat dans la mesure autoris e par la loi applicable en aucun cas Oracle ou Fujitsu Limited et ou l une ou l autre de leurs soci t s affili es ne sauraient tre tenues responsables envers une quelconque partie tierce sous quelque th orie juridique que ce soit de tout manque a gagner ou de perte de profit de probl mes d utilisation ou de perte de donn es ou d interruptions d activit s ou de tout dommage indirect sp cial secondaire ou cons cutif m me si ces entit s ont t pr alablement inform es d une telle ventualit LA DOCUMENTATION EST FOURNIE EN L TAT ET TOUTE AUTRE CONDITION DECLARATION ET GARANTIE EXPRESSE OU TACITE EST FORMELLEMENT EXCLUE DANS LA MESURE AUTORISEE PAR LA LOI EN VIGUEUR Y COMPRIS NOTAMMENT TOUTE GARANTIE IMPLICITE RELATIVE A LA QUALIT MARCHANDE A L APTITUDE A UNE UTILISATION PARTICULI RE OU A L ABSENCE DE CONTREFA ON Contents Preface xiii XSCF Overview 1 1 1 1 1 2 1 3 1 4 XSCF Features 1 1 XSCF Functions 1 9 1 2 1 Major Differences Among the Server Models 1 14 Types of Connection to XSCF 1 14 1 3 1 Examples of LAN Connection Operations 1 16 1 3 2 NTP Configuration and Time Synchronization 1 20 1 3 3 The CD RW DVD RW Drive Unit and Tape Drive Unit 1 20 XSCF User Interfaces 1 21 1 4 1 User Accounts and User Privileges 1 23
65. OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE DATA OR PROFITS WHETHER IN AN ACTION OF CONTRACT NEGLIGENCE OR OTHER TORTIOUS ACTION ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE Appendix E Software License Conditions E 11 Copyright c 1991 Bell Communications Research Inc Bellcore Permission to use copy modify and distribute this material for any purpose and without fee is hereby granted provided that the above copyright notice and this permission notice appear in all copies and that the name of Bellcore not be used in advertising or publicity pertaining to this material without the specific prior written permission of an authorized representative of Bellcore BELLCORE MAKES NO REPRESENTATIONS ABOUT THE ACCURACY OR SUITABILITY OF THIS MATERIAL FOR ANY PURPOSE IT IS PROVIDED AS IS WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES mf y This is work is derived from material Copyright RSA Data Security Inc The RSA copyright statement and Licence for that original material is included below This is followed by the Apache copyright statement and licence for the modifications made to that material This is derived from material copyright RSA Data Security Inc Their notice is reproduced below in its entirety Copyright C 1990 2 RSA Data Security Inc Created 1990 All rights reserved
66. PC or a terminal connected to the XSCF over an XSCF LAN Ethernet connection using SSH or telnet Also you can switch to domain console 2 XSCF Shell Serial Connection A set of XSCF Shell commands you can use from a PC or terminal directly connected to the XSCF by a serial cable Also you can switch to domain console 3 XSCF Web A set of browser user interface BUI operations you can use from a web browser connected to the XSCF over the XSCF LAN Ethernet 4 XSCF SNMP Agent functions SNMP manager commands used to monitor the operation of the server s network functions 5 XSCF mail functions Sends email reports of the system status For details about connecting to XSCF consoles see Chapter 3 Chapter 1 XSCF Overview 1 21 Caution IMPORTANT To use the function as explained previously you must create your XSCF account Create your account before you start using the XSCF functionality In addition create an account for your field engineer FE with the privilege of fieldeng during initial setup To use these XSCF interfaces users need to log in to XSCF with an XSCF user account and then enter a password When a user successfully logs into XSCF but the user leaves the session without any activity for a specified length of time XSCF automatically logs the user out XSCF monitors user operations and keeps a detailed access record containing the names of users who logged in and login times For details on the
67. PROM update is started OpenBoot PROM version 02090000 OpenBoot PROM update has been completed OpenBoot PROM version 02090000 XSCF update is started XSCFU 0 bank 1 XCP version 1082 last version 1080 XSCF download is started XSCFU 0 bank 1 XCP version 1082 last version 1080 Firmware Element ID 00 version 01080001 last version 01080000 XSCF download has been completed XSCFU 0 bank 1 XCP version 1082 last version 1080 Firmware Element ID 00 version 01080001 last version 01080000 XSCF download is started XSCFU 0 bank 1 XCP version 1082 last version 1080 Firmware Element ID 07 version 01080004 last version 01080000 XSCF download has been completed XSCFU 0 bank 1 XCP version 1082 last version 1080 Firmware Element ID 07 version 01080004 last version 01080000 XSCF update has been completed XSCFU 0 bank 1 XCP version 1082 last version 1080 XCP update is started XCP version 1082 last version 1080 OpenBoot PROM update is started OpenBoot PROM version 02090000 OpenBoot PROM update has been completed OpenBoot PROM version 02090000 XSCF update is started XSCFU 0 bank 0 XCP version 1082 last version 1080 XSCF download is started XSCFU 0 bank 0 XCP version 1082 last version 1080 Firmware Element ID 00 version 01080001 last version 01080000 XSCF download has been completed XSCFU 0 bank 0 XCP version 1082 last version 1080 Firmware Element ID 00 version 01080001 last version 01080000 XSC
68. PS0 S_FAN_SET 4500 000 300 000 RPM Chapter 4 Operation of the Server 4 31 Displaying and Setting the Locator LED State of Each Specified Component in an External I O Expansion Unit a Command operation Use the ioxadm 8 command to display or set the locator LED state of the specified component lt Example 1 gt Display the locator LED states of an External I O Expansion Unit and components XSCF gt ioxadm locator iox 12B4 Location Sensor Value Res Units TOX 12B4 LOCATE Fast ED TOX 12B4 PS0 SERVICE Fast ED lt Example 2 gt Set the locator LED state of PSUO to on XSCF gt ioxadm locator on iox 12B4 ps0 Location Sensor Value Res Units TOX 12B4 LOCATE Fast ED TOX 12B4 PS0 SERVICE On ED Turning On or Off Power to an I O Board or Power Supply Unit Command operation Use the ioxadm 8 command to display turn on or off power to the specified component lt Example 1 gt Display the PSU states of an External I O Expansion Unit and components XSCF gt ioxadm v list IOxX 12B4 Location Type FW Ver Serial Num Part Num State TOX 12B4 IOX 1 0 XCX033 5016937 03 On TOX 12B4 PS0 A195 T01056 3001701 03 On TOX 12B4 PS1 A195 T01074 3001701 03 On TOX 12B4 IOBO PCIX XX00A3 5016938 04 On IOX 12B4 IOBO LINK OP 133 XF00X8 5017040 03 On lt Example 2 gt Turn off power to I O board 0 XSCF gt ioxadm poweroff iox 12B4 iob0 lt
69. Part 3 Cambridge Broadband Ltd copyright notice BSD Portions of this code are copyright c Ltd All rights reserved 2001 2003 Cambridge Broadband Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution The name of Cambridge Broadband Ltd may not be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE COPYRIGHT HOLDER BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWA
70. T 60 3 Use the showldap 8 command to confirm the setting XSCF gt showldap Bind Name cn Directory Manager Base Distinguished Name ou People dc users dc apl dc com o isp LDAP Search Timeout 60 Bind Password Set LDAP Servers ldap onibamboo 389 ldaps company2 com 636 CERTS None Installing the Certificate Chain of an LDAP Server Command operation 1 Use the showldap 8 command to display the LDAP setting XSCF gt showldap Bind Name cn Directory Manager Base Distinguished Name ou People dc users dc apl dc com o isp LDAP Search Timeout 60 Bind Password Set LDAP Servers ldap onibamboo 389 ldaps company2 com 636 CERTS None 2 Use the set 1dap 8 command to import the certificate chain XSCF gt setldap c hhhh example com Cert pem Chapter 2 Setting Up XSCF 2 47 3 Use the showldap 8 command to confirm that you have imported the certificate chain Bind Name XSCF gt showldap cn Directory Manager Base Distinguished Name ou People dc users dc apl dc com o isp LDAP Search Timeout 60 Bind Password Set LDAP Servers ldap onibamboo 389 ldaps company2 com 636 CERTS Exists Testing a Connection to an LDAP Server Command operation 1 Use the set 1dap 8 command to perform the test XSCF gt setldap t sysadmin onibamboo 389 PASSED 2 Log i
71. This software is provided as is and without any expressed or implied warranties including without limitation the implied warranties of merchantibility and fitness for any particular purpose JE IOI O SIGS G IIS IOS IG ICSI IOI IOS ICI IG IO IG IC II ICICI IO III IR IC Copyright c 1989 The Regents of the University of California All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 All advertising materials mentioning features or use of this software must display the following acknowledgement This product includes software developed by the University of California Berkeley and its contributors 4 Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHAN
72. Updated When the XSCF Unit Is Replaced in a System With a Single XSCF Unit or Both Replacement in a System With Redundant XSCF Units Command operation SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 1 Turn on power to the server after completing XSCF Unit replacement task 2 If the replacement unit and the replaced unit have different versions a message is displayed such as the following XCP version of Panel EEPROM and XSCF FMEM mismatched Panel EEPROM 1080 XSCF FMEM 1090 3 Confirm the firmware version by using the version 8 command If you find an unmatched version of the replaced XSCF Unit make the replaced XSCF unit version match the current system version using the flashupdate 8 command XSCF gt version c xscf XSCF 0 Active 01 08 0001 Reserve 01 08 0001 Current XSCF 1 Standby 01 08 0001 Current 01 08 0001 Reserve XSCF gt flashupdate c sync 4 Confirm the firmware version again Note The sync option is only used at the active XSCF Unit When the firmware on the standby site is applied the XSCF reset of the standby site is done Then even if the XSCF session is disconnected the active XSCF Unit has no impact on m Web browser operation 1 Repeat Step 1 and Step 2 of the Command operation Then login to the XSCF on the XSCF Web 2 Display the firmware update menu 3 Display the XSCF firmware version and confirm
73. XSCF LAN O port e For system administrator operation The system administrator can control the server control domains and display the console using the XSCF Shell XSCF LAN 1 port e For field engineer operation Field engineers can configure the server and perform maintenance tasks using the XSCF Shell e For remote maintenance service operation TABLE 1 3 XSCF LAN Operation Examples 2 LAN Name Operation XSCF LAN O0 port e For system administrator operation e For remote maintenance service operation XSCF LAN 1 port Not used Note The serial port is used by maintenance engineers TABLE 1 4 XSCF LAN Operation Examples 3 LAN Name Operation XSCF LAN O port e For system administrator operation e For maintenance operation e For remote maintenance service operation XSCF LAN 1 port Same as above Note The two XSCF LAN ports are used for the same purpose alternate path configuration For details on these connections see Chapter 3 Caution IMPORTANT The IP address of XSCF LAN 0 and the IP address of XSCF LAN 1 must be specified in different subnet addresses Chapter 1 XSCF Overview 1 17 XSCF LAN Redundancy In the M3000 M4000 M5000 M8000 M9000 servers the XSCF LAN paths can be made redundant duplicated If a LAN failure occurs it contributes significantly to reducing system availability However in a system equipped with a duplicate LAN the routes paths in the remai
74. XSCF Unit panel 3 In the window select the USB device on the XSCF Unit panel 4 Set the encryption password used for encrypting the output log file 5 Execute the data transfer When the data transfer is complete please contact authorized service personnel Note The snapshot menu may be displayed as Data Collector Command operation 1 Connect a USB device to the USB connector mounted on the XSCF Unit panel 2 Perform the snapshot 8 command and specify the local USB device on the XSCF Unit for the output file see Note XSCF gt snapshot d usb0 3 When the data transfer is complete please contact authorized service personnel Note For details on using the snapshot 8 command including how to enable encryption see the man page or the XSCF Reference Manual Saving the Logs to a Specified Target Directory Over a Network a Web browser operation 1 Select the snapshot menu for saving the log menu and display the saving operation page 2 In the window select the download button and specify the target directory Chapter 8 Upgrade of XSCF Firmware and Maintenance 8 29 3 Execute the data transfer When the data transfer is complete please contact authorized service personnel a Command operation 1 Perform the snapshot 8 command using a public key specifying the target directory and specifying the encryption password for the output file XSCF gt snapshot t joe jupi
75. XSCF access monitoring status and monitoring methods 1 24 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 1 7 User Privilege Names and Descriptions Continued User privilege Outline Description of Defined Contents auditadm fieldeng none Audit control Note Field engineer operations None Can monitor and control XSCF access Can delete an XSCF access monitoring method Allows field engineers to perform the maintenance tasks or change the server configuration When the local privilege for a user is set to none that user has no privileges even if the privileges for that user are defined in LDAP Setting a user s privilege to none prevents the user s privileges from being looked up in LDAP Note n domain number is added behind the privilege name for the target domain privilege Example The domainadm for domain ID 1 is domainadm 1 Also a user account can have privileges over multiple domains and not just the target domain For details on user privileges see the Administration Guide For details on setting up user accounts and setting user privileges see Section 2 2 2 User Account Administration on page 2 36 Chapter1 XSCF Overview 1 25 CHAPTER 2 Setting Up XSCF This chapter explains how to set up XSCF 2 1 XSCF Setup Summary Each XSCF function must be configured before it can be used Make the following setting
76. a Defined Trap type specify v1 v2c or inform lt v2c in your response gt 7 8 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 a Community name a Port number of the trap destination a Host name of the trap destination m Step 3 Enable the XSCF SNMP agent function Enable one or both of the following according to the user environment a SNMPv1 and SNMPv2c a SNMPv3 Note All MIB information except the setting items in step 2 is initialized when the XSCF SNMP agent function is enabled Caution IMPORTANT Since SNMPv1 and SNMPv2c do not provide a capability to encrypt communication data neither are secure enough In SNMPv3 more secure transmission can be achieved through authentication and encryption settings on both the agent and manager sides The server uses SNMPv3 as the default SNMP agent Suspending or Disabling Transmission Disabling the XSCF SNMP agent function Disable one or both of the following according to the user environment a SNMPv1 and SNMPv2c a SNMPv3 Disabling sending to the target trap destination host for SNMPv3 Specify the following to disable sending User name a Trap destination host Disabling sending to the target trap destination host for SNMPv1 SNMPv2c Specify the following to disable sending a Defined protocol type v1 v2c a Trap destination host Chapter 7 XSCF SNMP Agent Function 7 9 Performing User Management USM Management and
77. a remote ftp server specifying the user name and host name that requires authentication password then import the new 1082 version firmware program tar gz XSCF gt getflashimage u yyyyy ftp imgserver img FFXCP1082 tar gz Existing versions Version Size Date FFXCP1080 tar gz 51298982 Thu Jan 15 20 09 09 JST 2009 Warning About to delete old versions Continue y n y Removing FFXCP1080 tar gz Password not echoed OMB received 1MB received 2MB received 40MB received Download successful 41470 Kbytes in 46 secs 940 250 Kbytes sec MD5 683 b5240e4937948dd6ad83b4a9 9669 8 14 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 c If complete message Download successful and MD5 are displayed the XCP import has ended Use the get flashimage 8 command with 1 option to confirm the imported version Note After importing if Error File is invalid or corrupt message is displayed it means the XCP file that imported is not a correct file There is a possibility of either obtaining an illegal XCP file or that the XCP file was falsified by unauthorized access after the customer downloaded the XCP file 3 Perform the firmware update The XSCF firmware is downloaded and applied and the OpenBoot PROM firmware is downloaded a Use the version 8 command to display the current firmware version XSCF gt version c xcp v XSCF O Active XCPO Current 1080 Ope
78. access to XSCF from a Domain via DSCP 2 105 Power log B 5 Power operations server and domain 4 12 prefer Specifying or Canceling prefer 2 96 prtdiag 1M 2 177 PSB dividing into XSBs 2 171 setting memory mirror mode 2 172 Index 3 S Security administration 2 43 2 48 2 70 Security commands 5 16 Server configuration 5 10 5 12 control 5 10 information commands 5 10 5 12 status 5 10 troubleshooting D 7 Server and domain power operations 4 12 setdomainmode 8 2 178 Setting altitude 2 185 Setting locale 2 184 Setting SNMPv3 trap 2 133 Setting the Domain Time to the XSCF Time 2 100 Setting the memory mirror mode for a PSB 2 172 Setting the SNMPv1 and v2c trap 2 135 Setting the XSCF time 2 94 Setting time and date 2 90 showlogs command B 8 SMTP server specifying 2 141 SNMP enabling disabling 2 135 SNMP Administration 2 128 SNMP agent enabling disabling 2 132 SNMP TRAP 7 5 SNMP trap setting 2 135 SNMPv3 trap setting 2 133 SPARC64 VI Compatible Mode 2 177 SPARC64 VII Enhanced Mode 2 177 Specifying a Daylight Saving Time 2 93 Specifying a host name for XSCF 2 27 Index 4 Specifying a password policy 2 41 Specifying a time zone 2 92 Specifying a user privilege 2 40 Specifying an ssh host key 2 106 Specifying or Canceling prefer for NTP Server 27 96 Specifying the audit policy 2 121 Specifying the SMTP server 2 141 Specifying the timeout period of ssh telnet 2
79. administrator or an FE to save and restore the hardware information or to collect log data For the USB handling see Section 2 3 Save and Restore XSCF Configuration Information on page 2 195 and Section 8 2 2 Method of Collecting the Log Information on page 8 27 READY LED The READY LED lights up in green When the power supply is turned on the READY LED blinks This blinking LED state indicates that the XSCF has been started and is being initialized When XSCF initialization is completed the LED stays lit CHECK LED The CHECK LED lights up in orange While the XSCF is operating normally the LED remains off If an abnormality occurs in the XSCF Unit the CHECK LED turns on The CHECK LED can set to blink using an XSCF Shell command This can be used to identify the XSCF Unit even if there is no failure For details on the LED related commands of the XSCF Shell see Chapter 5 and the XSCF Reference Manual Note The Check LED turns on immediately after the server input power is turned on Serial Port The serial port RS 232C port uses an RJ 45 connector The serial port is used with the XSCF Shell to configure server settings and display the server status An RS 232C serial cross cable is used in the serial port The connection between the serial port and a PC requires an RJ 45 RS 232C conversion cable or a conversion connector For details on serial port connections see Chapter 3 and the Installation Guide
80. and restored when a USB device has been connected to the USB connector mounted on the XSCF Unit front panel of the M4000 M5000 M8000 M9000 servers or rear panel of the M3000 server The configuration data is transmitted through the network with an encryption protocol Saving and Restoring Notes The USB device should only be formatted using the FAT32 file system Please ask authorized service personnel about the USB capacity and the handling of USB devices You can restore the configuration information only to a system of the same model as where the information was saved For instance the configuration information saved in the M4000 server can be restored only to another M4000 server The consistency of a current system configuration file and a restored file are checked when data is restored When it is consistent with the configuration files such as version system name the data can be restored In addition the version of configuration files doesn t depend on XCP version Even if the XCP versions is the same when data is saved and restored the versions of each configuration file might be different In the M8000 M9000 server the configuration information can be saved from either an Active or Standby XSCF Unit However restoring can be done only to an Active XSCF Unit Chapter 2 Setting Up XSCF 2 195 2 196 m The dumpconfig 8 command can encrypt saved data by specifying an option You can safely restore the encrypted data by perfo
81. be similar in spirit to the present version but may differ in detail to address new problems or concerns Each version is given a distinguishing version number If the Library specifies a version number of this License which applies to it and any later version you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation If the Library does not specify a license version number you may choose any version ever published by the Free Software Foundation 14 If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these write to the author to ask for permission For software which is copyrighted by the Free Software Foundation write to the Free Software Foundation we sometimes make exceptions for this Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally NO WARRANTY 15 BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE THERE IS NO WARRANTY FOR THE LIBRARY TO THE EXTENT PERMITTED BY APPLICABLE LAW EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND OR OTHER PARTIES PROVIDE THE LIBRARY AS IS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESSED OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PUR
82. by and or licensed from the suppliers to Oracle and or its affiliates and Fujitsu Limited including software and font technology Per the terms of the GPL or LGPL a copy of the source code governed by the GPL or LGPL as applicable is available upon request by the End User Please contact Oracle and or its affiliates or Fujitsu Limited This distribution may include materials developed by third parties Parts of the product may be derived from Berkeley BSD systems licensed from the University of California UNIX is a registered trademark in the U S and in other countries exclusively licensed through X Open Company Ltd Oracle and Java are registered trademarks of Oracle and or its affiliates Fujitsu and the Fujitsu logo are registered trademarks of Fujitsu Limited All SPARC trademarks are used under license and are registered trademarks of SPARC International Inc in the U S and other countries Products bearing SPARC trademarks are based upon architectures developed by Oracle and or its affiliates SPARC64 is a trademark of SPARC International Inc used under license by Fujitsu Microelectronics Inc and Fujitsu Limited Other names may be trademarks of their respective owners United States Government Rights Commercial use U S Government users are subject to the standard government user license agreements of Oracle and or its affiliates and Fujitsu Limited and the applicable provisions of the FAR and its supplements Disclaime
83. command 3 After doing Step 2 if the reset operation or the sync command fails execute the reset 8 command with the por option from the XSCF Shell or forcibly turn off power by using any of the following methods Appendix D Troubleshooting D 5 D 6 Method 1 Press and hold down the POWER switch on the operator panel of the main unit for four seconds Method 2 Execute the poweroff 8 command from the XSCF Shell Q What kind of processing is executed by XSCF from the time that input power to the main unit is turned on until the Oracle Solaris OS starts A The processing flow before system startup is as follows 1 The operator turns on input power XSCF starts The operator turns on the power to the server ee N XSCF initializes the hardware The POST starts and performs an initial diagnosis of hardware OpenBoot PROM starts BY Ss I OpenBoot PROM starts the boot process 8 The Oracle Solaris OS starts Q During normal log in to or log out from XSCF what kind of messages are displayed on the terminal A The following example shows successful log in to XSCF login jsmith Password XXXXXXXX XSCF gt The following example shows an unsuccessful log in login jsmith Password XXXXXXXX Login incorrect The following example shows a successful log out from XSCF XSCF gt exit logout The following example shows an unsuccessful log out XSCF gt exit
84. component the component information and the state are displayed in the main page e Logical tree Logical components that belong to each domain When you select each component the logical component and the state that belongs to each domain is displayed Note Menu items may be changed to improve functionality The menu displays shown below may also depend on the model and other conditions Page configuration is described below Each function provides the same results as those of the corresponding XSCF Shell command For details on the functions see Chapter 2 and Chapter 5 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Displaying System Status TABLE 9 3 lists the functions for displaying the status of the entire system Select Status System Status in the Menu tree TABLE 9 3 System Status Display Function Remarks Mode switch display Displays the mode switch status of the operator panel This function is equivalent to the showhardconf 8 command System time display This function is equivalent to the showdate 8 command Failure component display This function is equivalent to the showstatus 8 command Displaying temperature and humidity information This function is equivalent to the showenvironment 8 command The humidity is displayed for the M8000 M9000 servers Displaying air flow information This function is equivalent to the showenvironment 8 command D
85. confirm the settings XSCF gt showarchiving v Archiving Configuration Archiving state Enabled AUDIT LOGS OTHER LOGS Archive space limit 10000 MB 10000 MB Archive space used 3010 MB 2252 MB Total archiving failures 171 2 Unresolved failures 4 0 Chapter 2 Setting Up XSCF 2 131 Displaying Log Archiving Error Information Command operation Use the showarchiving 8 command to display details of log archiving errors lt Example 1 gt Three errors occurred XSCF gt showarchiving e 2004 06 17 01 12 12 Failed to connect to the archive host Output from ssh ssh foo bar host not responding 2004 06 19 22 15 46 Failed to create a file on the archive host File foo platform error details log 2004 06 19T22 15 48 Output from scp scp foo platform Permission denied 2004 06 19 22 15 47 Command failed on the archive host Command usr bin du sk foo bar error log Output from command usr bin du Command not found lt Example 2 gt No error occurred XSCF gt showarchiving e No archiving errors have occurred 2 2 11 SNMP Administration This section explains how to make different types of protocols settings for SNMP to use the SNMP agent function TABLE 2 20 lists the terms used in SNMP administration TABLE 2 20 SNMP Administration Terms Term Description SNMP Abbreviation for Simple Network Management Protocol This query comm
86. copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution THIS SOFTWARE IS PROVIDED BY THE AUTHOR AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE ye Copyright c 1998 2002 The OpenSSL Project All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer Appendix E Software License Conditions E 15 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the do
87. d Oracle ou de Fujitsu Limited ou des soci t s affili es de l une ou l autre entit Ce document ainsi que les produits et technologies qu il d crit peuvent inclure des droits de propri t intellectuelle de parties tierces prot g s par copyright et ou c d s sous licence par des fournisseurs Oracle et ou ses soci t s affili es et Fujitsu Limited y compris des logiciels et des technologies atives aux polices de caract res Conform ment aux conditions de la licence GPL ou LGPL une copie du code source r gi par la licence GPL ou LGPL selon le cas est disponible sur demande par l Utilisateur final Veuillez contacter Oracle et ou ses soci t s affili es ou Fujitsu Limited Cette distribution peut comprendre des composants d velopp s par des parties tierces Des parties de ce produit peuvent tre d riv es des syst mes Berkeley BSD distribu s sous licence par l Universit de Californie UNIX est une marque d pos e aux Etats Unis et dans d autres pays distribu e exclusivement sous licence par X Open Company Ltd Oracle et Java sont des marques d pos es d Oracle Corporation et ou de ses soci t s affili es Fujitsu et le logo Fujitsu sont des marques d pos es de Fujitsu Limited Toutes les marques SPARC sont utilis es sous licence et sont des marques d pos es de SPARC International Inc aux Etats Unis et dans d autres pays Les produits portant la marque SPARC reposent sur des architectures d vel
88. default roles Command operation 1 Use the showad 8 command to display default roles XSCF gt showad defaultrole Default role none 2 62 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 2 Use the setad 8 command to set default roles XSCF gt setad defaultrole platadm platop 3 Use the showad 8 command to confirm the default roles XSCF gt showad defaultrole Default role platadm platop Chapter 2 Setting Up XSCF 2 63 2 64 Setting Group name and privileges a Command operation 1 Use the showad 8 command to display the group name lt Example1 gt Displays configuration for administrator group XSCF gt showad group administrator Administra name Administra name Administra name Administra name Administra name lt Example2 gt tor Group 1 none tor Group 2 none tor Group 3 none tor Group 4 none tor Group 5 none Displays configuration for operator group XSCF gt showad group operator Operator Group 1 name none Operator Group 2 name none Operator Group 3 name none Operator Group 4 name none Operator Group 5 name lt Example3 gt none Displays configuration for custom group XSCF gt showad group operator Custom Group 1 name roles Custom Group 2 name roles Custom Group 3 name roles Custom Group 4 name roles
89. displays the Token types and their data in display order m File Token Label version time filename m Header Token Label record byte count version event type machine address time event recorded m Subject Token Label audit session ID UID mode of operation terminal type remote IP address remote port m Upriv Token Label success failure a Udpriv Token Label success failure privilege name domain1 domainN Command Token Label command name argumenti argumentN m Authentication Token Label authentication result user name message terminal type remote IP address remote port Appendix B_ XSCF Log Information B 11 m Return Token Label return value m Text Token Label text string Note Some fields might not be output according to the environment The following lists the principal audit events and Tokens Login telnet header subject text return m Login SSH As for Login telnet Login BUI As for Login telnet m Logout Header Subject Audit start Header Audit stop Header m Shell command Header Subject Command Text Upriv Updpriv Return Note Some Tokens might not be output according to the environment Also it might be changed because of the function improvement without notice B 12 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 B 6 Active Directory Log This section explains how to reference the Active
90. establish a connection to the XSCF and then use the XSCF Web see the following note Note If the XSCF Web is not supported or you want to set a function that is not supported on the XSCF Web use the XSCF Shell to make these settings For the support information see the Product Notes for your server To describe the XSCF settings each subsequent section is formatted as follows 1 Each section first uses tables to explain terms setting items functions and XSCF Shell commands Each section then provides setting examples When you set up by using XSCF Web see the Web browser operation sections When you set up by using XSCF Shell see the Command operation sections a For details on individual XSCF Shell commands options and privileges see the XSCF Reference Manual or the man page You can display the man page by executing the man command on XSCF The man page is the same as the XSCF Reference Manual a For details on the screen layout start procedure and operation of the XSCF Web see Chapter 9 a For details the connection between a PC and XSCF the connection to a terminal or how to log in to XSCF see Chapter 3 Chapter 2 Setting Up XSCF 2 15 Lal Network Configuration Network Configuration is used to specify items relating to network interfaces like XSCF LANs and Domain SP Communication Protocol DSCP also routing and DNS TABLE 2 1 lists terms used in Initial Configuration TABLE 2 1
91. example com lt Press Ctrl and D keys gt XSCF gt Chapter 2 Setting Up XSCF 2 111 2 112 4 Use the showssh 8 command to confirm the user public key and its number lt Example gt The user key is set by number 1 XSCF gt showssh c pubkey Public key 1 ssh rsa AAAAB3NzaClyc2EAAAABIWAAATEAZFh95SohrDgpnN7 zFCUCVNy jaZ PTJNDxcid QGbihYDCBtt14151Y0Sv85FJwDpSNHNKoVLMYLJ tBmUMPbGgGVB61qs kSv Fev44hefNCZMi XGItIIpKPOnBK4XJpCFoFbPXNUHDW1rTD9icD5U wRFGSRRx FI Ub50LRxN8 A8 efgh example com Do the SSH connection by using the user account of XSCF on the client software when you log in the XSCF Shell next time Confirm that you can log in to the XSCF Shell by authentication with the user key When you uninstall the user public key use the setssh 8 command with the number of the user public key XSCF gt setssh c delpubkey s 1 1 ssh rsa AAAAB3NzaClyc2EAAAABIWAAATEAZFh95SohrDgpnN7z FCUCVNy jaZPTjJND xcidQGbihYDCBtt14151Y0Sv85FJwDpSNHNKoVLMYLj tBmUM PbGgGVB61qskSv Fev44hefNCZMiXGItIIpKP0OnBK4XJpCFoFbPXNUHDw1rTD9icD 5U wRFGSRRxXFI Ub50LRxXN8 A8 efgh example com 6 Use the showssh 8 command to delete the user public key XSCF gt showssh c pubkey XSCF gt SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 2 2 8 Https Administration Use https administration to specify the settings required for operating the web browser window of
92. files modified to carry prominent notices stating that you changed the files and the date of any change c You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License a If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility other than as an argument passed when the facility is invoked then you must make a good faith effort to ensure that in the event an application does not supply such function or table the facility still operates and performs whatever part of its purpose remains meaningful For example a function in a library to compute square roots has a purpose that is entirely well defined independent of the application Therefore Subsection 2d requires that any application supplied function or table used by this function must be optional if the application does not supply it the square root function must still compute square roots These requirements apply to the modified work as a whole If identifiable sections of that work are not derived from the Library and can be reasonably considered independent and separate works in themselves then this License and its terms do not apply to those sections when you distribute them as separate works But when you distribute the same sections as part of a whole which is a work based on the Library the distribution of the whole must be on th
93. firmware that is running Also the XCP file is imported only by the versions number of one generation 2 Update Writing the XSCF and OpenBoot PROM firmware programs that were imported in step 1 to flash memory in this system is called update Performing the download writes the XSCF firmware to the flash memory of the XSCF Unit resets the XSCF applies the XSCF firmware and completes the firmware update The OpenBoot PROM firmware is written to the flash memory on the system board The OpenBoot PROM firmware is applied during a reboot Caution IMPORTANT Even if this system is divided into domains the update is performed to newly write the OpenBoot PROM firmware to the flash memory on the XSB of every domain However unlike the XSCF firmware just the download of this firmware does not update the OpenBoot PROM firmware that is running To complete updating the OpenBoot PROM firmware in the target domain the domain must be rebooted 3 Application Making the firmware written to flash memory in this system actually usable is called application Note The number of domains that can be updated application is one or more To apply the OpenBoot PROM firmware in the target domain be sure to reboot the domain for firmware application SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Note The update of the pool system board is completed at the following timing Using DR functions when
94. for each environmental temperature execute the showenvironment 8 command Fan speed level indicates Low speed Middle speed or High speed Chapter 4 Operation of the Server 4 3 The M8000 M9000 servers do not indicate Middle speed The M3000 server indicates multi levels In case errors detected in the fan Full or High speed will be indicated TABLE 4 1 TABLE 4 2 and TABLE 4 3 list the fan speed level indicated by using the showenvironment 8 command which corresponding to the altitude configured and the environmental temperature TABLE 4 1 Fan speed levels corresponding to altitude and environmental temperature Entry Level system Fan speed levels Environmental temperatures by altitude 500 m or less 501 1000 m 1001 1500 m 1501 3000 m Low speed level 1 20 C or less 18 C or less 16 C or less 14 C or less Low speed level 2 19 22 C 17 20 C 15 18 C 13 16 C Low speed level 3 21 24 C 19 22 C 17 20 C 15 18 C Low speed level 4 23 26 C 21 24 C 19 22 C 17 20 C Middle speed level 5 25 28 C 23 26 C 21 24 C 19 22 C Middle speed level 6 27 30 C 25 28 C 23 26 C 21 24 C High speed level 7 29 32 C 27 30 C 25 28 C 23 26 C High speed level 8 31 34 C 29 32 C 27 30 C 25 28 C High speed level 9 More than 33 C More than 31 C More than 29 C More than 27 C TABLE 4 2 Fan speed levels corresponding to altitude and environmental temperature Midrange system Fan speed levels Environmental t
95. for the XCP version Firmware Update for Redundant XSCF Units In a system with redundant XSCF Units you have only to connect to the XSCF Unit on the active side and update the firmware The firmware upgrade is performed first on the XSCF Unit on the standby side and then on the active side automatically Due to resetting the XSCF and switching the networks of the XSCF Units on the active and standby sides the network is disconnected at this time Therefore the user must log in again For details see Section 8 1 10 Firmware Update Procedure on page 8 11 In a system with redundant XSCF Units if the system is operating with only the active XSCF Unit such as because of a failure the update of all firmware is suppressed Ensuring Proper Operation After a Firmware Update Supported Hardware When an improvement is made to the hardware such as Motherboard unit CPU Memory Board unit CPU module or XSCF Unit the firmware update must be performed by using the XCP data which supporting the new hardware function See the latest version of the Product Notes for your server for specific information about minimum softwares and firmware requirements when new hardware is supported Note If data for an older version of XCP is used for the firmware update of a system that is running system operation cannot be guaranteed SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Making Versions Agree With Each O
96. for the configuration the login process or retrieval of user privilege settings could fail Enable Disabl Enables or Disables logging of Active Directory setad This log is cleared on XSCF e log authentication and authorization diagnostic reset messages Display log Displays Active Directory authentication and showad authorization diagnostic messages Clear log Clears log file of Active Directory setad authentication and authorization diagnostic messages Default Resets Active Directory settings to factory setad default Before Active Directory settings Note the following before settings m Active Directory is supported in XCP1091 or later m The useradm privilege is required for the Active Directory settings m If the XSCF is configured to use LDAP Active Directory or LDAP SSL for user account data the user name and UID if specified must not already be in use locally or in LDAP Active Directory or LDAP SSL a To use host name for Active Directory server DNS settings need to be configured properly before setting Active Directory To support Active Directory a new system account named proxyuser is added Verify that no user account of that name already exists If one does use the deleteuser 8 command to remove it then reset XSCF before using the Active Directory feature 2 52 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 a While Active Directory is enabled when you attempt to login to X
97. functions are equivalent to the addboard 8 deleteboard 8 and moveboard 8 commands Please operate as well as the procedure in Section 2 2 13 Domain Configuration on page 2 146 When you use the DR function also run the procedure in the Dynamic Reconfiguration User s Guide In the M3000 server this function is not available Chapter 9 Howto Use the XSCF Web 9 15 Setting System TABLE 9 10 lists the functions for the network configuration of XSCF Select Settings Network Current or Settings Network Reserve in the Menu tree You can make the network configuration from both Current and Reserve menus The Current menu displays the XSCF network information which is running on the server and the Reserve menu can be used to confirm the data you configured Click the Apply and Reboot buttons on the Reserve menu to apply the setting values of network configuration TABLE 9 10 Network Configuration 1 of 2 Menu Function Remarks Current XSCF network information and status Displays the XSCF network information and status display and XSCF network configuration which is running on the server This function is equivalent to the shownetwork 8 and showhostname 8 commands Also this function sets each host name domain name IP address netmask and enabling disabling of the XSCF network interface This function is equivalent to the setnetwork 8 and sethostname 8 commands You can confirm the se
98. grants You a world wide royalty free non exclusive perpetual non sublicenseable license under patent claims owned or controlled by the Licensor that are embodied in the Original Work as furnished by the Licensor Licensed Claims to make use sell and offer for sale the Original Work Licensor hereby grants You a world wide royalty free non exclusive perpetual non sublicenseable license under the Licensed Claims to make use sell and offer for sale Derivative Works 3 Grant of Source Code License The term Source Code means the preferred form of the Original Work for making modifications to it and all available documentation describing how to access and modify the Original Work Licensor hereby agrees to provide a machine readable copy of the Source Code of the Original Work along with each copy of the Original Work that Licensor distributes Licensor reserves the right to satisfy this obligation by placing a machine readable copy of the Source Code in an information repository reasonably calculated to permit inexpensive and convenient access by You for as long as Licensor continues to distribute the Original Work and by publishing the address of that information repository in a notice immediately following the copyright notice that applies to the Original Work 4 Exclusions From License Grant Nothing in this License shall be deemed to grant any rights to trademarks copyrights patents trade secrets or any other intellectua
99. http www apache org licenses LICENSE 2 0 software WITHOUT Unless required by applicable law or agreed to in writing distributed under the License is distributed on an AS IS BASIS WARRANTIES OR CONDITIONS OF ANY KIND either express or implied See the License for the specific language governing permissions and limitations under the License APACHE HTTP SERVER SUBCOMPONENTS The Apache HTTP Server includes a number of subcomponents with separate copyright notices and license terms Your use of the source code for the these subcomponents is subject to the of the following licenses terms and conditions For the mod_mime_magic component je mod_mime_magic MIME type lookup via file magic numbers Copyright c 1996 1997 Cisco Systems Inc This software was submitted by Cisco Systems to the Apache Group in July 1997 Future revisions and derivatives of this source code must acknowledge Cisco Systems as the original contributor of this module All other licensing and usage conditions are those of the Apache Group Some of this code is derived from the free version of the file command originally posted to comp sources unix Copyright info for that program is included below as required c Ian F Darwin Copyright 1987 Written by Ian F Darwin This software is not subject to any license of the American Telephone and Telegraph Company or of the Regents of the University of Califo
100. https the XSCF reset is required Use the rebootxscf 8 command to reset the XSCF XSCF gt rebootxscf The XSCF will be reset Continue y n y m After the XSCF reset the XSCF session is disconnected Please log in again to the XSCF Importing a Web Server Certificate by Using the External CA or CA in Intranet a Command operation 1 Use the sethttps 8 command to create a web server private key XSCF gt sethttps c genserverkey Server key already exists Do you still wish to update y n y Enter passphrase XXXXXXXX Verifying Enter passphrase Xxxxxxxxx 2 Use the sethttps 8 command to create the CSR specifying the distinguished name DN See the DN description in External authentication in TABLE 2 15 lt Example gt Specify the DN JP Kanagawa Kawasaki Example Development scf host abc example com XSCF gt sethttps c gencsr JP Kanagawa Kawasaki Example Development scf_host abc example com 3 Use the sethttps 8 command to display the CSR Copy the displayed CSR BEGIN to END and save it in the text file XSCF gt showhttps HTTPS status disabled Server key installed in Jul 11 06 33 25 UTC 2006 CA key installed in Jul 11 06 33 21 UTC 2006 CA cert installed in Jul 11 06 33 21 UTC 2006 CSR Seas BEGIN CERTIFICATE REQUEST MIIByzCCATQCAQAwgYoxC zAJUBgNVBAYTAkpQMREWDWYDVQQIEWhLYW5hZ2F3YTER MA8GA1UEBxMIS2F3 YXNha2kxEDAOBgNVBAOTBO0ZVSk1UU1LUxDDAKBgNVBASTAO0VQ
101. incidental or computer failure even 9 Accepting Warranty or Additional Liability While redistributing the Work or Derivative Works thereof You may choose to offer and charge a fee for acceptance of support warranty indemnity or other liability obligations and or rights consistent with this License accepting such obligations You may act only on Your own behalf and on Your sole responsibility not on behalf of any other Contributor and only if You agree to indemnify defend and hold each Contributor harmless for any liability incurred by or claims asserted against by reason of your accepting any such warranty or additional liability However in such Contributor END OF TERMS AND CONDITIONS APPENDIX How to apply the Apache License to your work To apply the Apache License to your work attach the following boilerplate notice with the fields enclosed by brackets replaced with your own identifying information Don t include the brackets The text should be enclosed in the appropriate comment syntax for the file format We also recommend that a file or class name and description of purpose be included on the same printed page as the copyright notice for easier identification within third party archives Copyright yyyy name of copyright owner Licensed under the Apache License Version 2 0 the License you may not use this file except in compliance with the License You may obtain a copy of the License at
102. is 91 full You can clear space by manually transferring the current audit trail files to remote storage or by deleting them For details of transferring or deleting see Enabling or Disabling Audit Transferring a Log File and Deleting Audit Data the viewaudit 8 man page or the XSCF Reference Manual For audit policy details see the Administration Guide Note 5 For detail of viewaudit 8 command see the XSCF Reference Manual Chapter 2 Setting Up XSCF 2 123 Enabling or Disabling Audit Transferring a Log File and Deleting Audit Data a Command operation 1 Use the showaudit 8 command to display audit settings lt Example gt Display all information on the current audit status in the system XSCF gt showaudit all Auditing enabled Audit space used 13713 bytes Audit space free 4180591 bytes Records dropped 0 Policy on full trail count User global policy enabled Mail Thresholds 80 100 User policy Events AEV_AUDIT_START enabled AEV_AUDIT_STOP enabled 2 Use the setaudit 8 command to configure auditing lt Example 1 gt Disable writing to the audit trail and transfer the log file XSCF gt setaudit disable lt Example 2 gt Enable writing to the audit trail XSCF gt setaudit enable Turns on writing of the audit records for the audit trail lt Example 3 gt Request the log file transfer XSCF gt setaudit archive lt Example 4 gt
103. is under common control with you For purposes of this definition control means i the power direct or indirect to cause the direction or management of such entity whether by contract or otherwise or ii ownership of fifty percent 50 or more of the outstanding shares or iii beneficial ownership of such entity This license is Copyright C 2002 Lawrence E Rosen All rights reserved Permission is hereby granted to copy and distribute this license without modification This license may not be modified without the express written permission of its copyright owner Copyright c 1998 1999 2000 Thai Open Source Software Center Ltd and Clark Cooper Copyright c 2001 2002 2003 Expat maintainers Permission is hereby granted free of charge to any person obtaining a copy of this software and associated documentation files the Software to deal in the Software without restriction the rights to use copy modify merge publish distribute sublicense and or sell copies of the Software and to permit persons to whom the Software is furnished to do so subject to the following conditions including without limitation The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software THE SOFTWARE IS PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND EXPRESS OR IMPLIED INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE
104. m Check the number of XSCF users For information about the number of users see Chapter 2 and Chapter 3 Forgot the Login Password for XSCF m Ask a system administrator who has the platadm or useradm user privilege to reset your password using the password 8 command m Ifa system administrator forgets the login password log in using the default account Then use the password 8 command to register again For details about logging in using the default account see Chapter 2 D 1 Could Not Connect to XSCF Through the Serial Port Check the connection between the terminal software and the serial port Check the settings of the terminal software baud rate is set to 9600 bps delay is set to 0 etc For information about the settings see Connecting to XSCF via the serial port in Chapter 3 Could Not Connect Using Telnet to XSCF via the XSCF LAN Check the LAN cable connection between the XSCF terminal and the server Check the connection between the terminal software and the telnet port Use the shownetwork 8 command to check whether the setting for the XSCF LAN is enabled Use the showtelnet 8 command to check whether the setting for telnet is enabled Check whether the entered IP address and port number match their settings Confirm that the number of connections using telnet SSH does not exceed its maximum number For information about the maximum number see Chapter 2 and Chapter 3 If necessary use the conso
105. output to the domain console The following shows an example of the FMA message on the domain console lt Example gt FMA Message SUNW MSG ID SUN4U 800J3 C0O TYPE Fault VER 1 SEVERITY Critical EVENT TIME Wed Jun 28 17 45 36 PDT 2006 PLATFORM SUNW SPARC Enterprise CSN HOSTNAME dc102 SOURCE eft REV 1 5 EVENT ID 24fe9f8c 302 4128 c5b8 b38a4083769f DESC The number of errors associated with this CHIP has exceeded acceptable levels Refer to http sun com msg SUN4U 800J3 CO for more information Refer to SUN4U 800J3 CO for more information AUTO RESPONSE An attempt will be made to remove the affected CHIP from service GJ IMPACT The system will not be functioning at the same performance level with the CHIP removal REC ACTION Schedule a repair procedure to replace the affected CHIP Use fmdump v u to identify the smallest CPU Strand ID of the affected CORE on this CHIP Note The message format may change in future releases 2 Fault information in the FMA message is stored in the log Therefore the log file can be referenced on the domain console Perform an Oracle Solaris OS command such as the syslog reference command or fmdump 1M command on the domain console For how to identify fault information by using these commands see the Oracle Solaris OS documentation Appendix A Warning and Information Messages A 3 3 The contents of notif
106. platadm or fieldeng privilege the power on and power off operations for the entire system are not available For information about user privileges see the Administration Guide or XSCF Reference Manual Could Not Add an XSCF User Check the number of XSCF registration users For information about the number of registration users see Chapter 2 and Chapter 3 Otherwise contact the system administrator Appendix D Troubleshooting D 3 A Mail Report Was Not Received From XSCF m XSCF does not necessarily report all events It sends a mail message for each part fault or authentication failure event Check for the relevant event in the error log or use the reference for event logs in Appendix B to check whether this is an event in an event log to be reported m Use the showemailreport 8 command to check whether the appropriate setting is enabled If no mail message for this event has been received check whether an error mail message has been sent to the error mail recipient or check the log of recorded errors m If acellular phone is used for receiving mail messages check the phone settings for any set restriction on receiving messages Could Not Access the Top Page of the XSCF Web Function m Use the showhttps 8 command to check whether the setting for XSCF is enabled m Check whether the entered URL is correct e g whether the s in https is missing m Ask the system administrator to check whether access through the I
107. problem Msg Message ID that can be used to access the corresponding description of information at the specified URL site MSG ID The v option must be specified Use the message ID for accessing the specified URL to acquire detailed information corresponding to this problem For the specified URL see the web site information about the messages described in the Product Notes for your server For the message ID the following information can be confirmed at the web site Message type Type Fault level Severity Outline of fault Description Machine operation after the fault Automated response Influence Impact Action to be taken Action Detailed information Details Repair the fault according to the recommended processing For details of the showlogs 8 command see the XSCF Reference Manual or the man page Use the mdump 8 command to confirm the XSCF error log in a display format that is compatible with the Oracle Solaris OS Using the f mdump 8 Command to Confirm a Fault 1 Perform the fmdump 8 command on the XSCF Shell and reference the log XSCF gt fmdump TIME UUID MSG ID Dec 28 13 01 27 3919 bf36 0ea 9e47 42b5 Fc6f c0d979c4c8F4 FMD 8000 11 Dec 28 13 01 49 3765 3a186292 3402 40ff b5ae 810601be337d FMD 8000 11 Dec 28 13 02 59 4448 58107381 1985 48a4 b56 91d8a617ad83 FMD 8000 OW The layout of the command example is subject to change without previous notice for functional imp
108. recommended for failure notification For details on the settings see Chapter 2 Supported Browsers TABLE 9 2 lists the web browsers supported by the XSCF Web To use functions in any of the following web browsers enable the appropriate settings TABLE 9 2 Supported Browsers Browser Version Microsoft Internet Explorer 6 0 and later Firefox Oracle Solaris 10 2 0 and later Firefox Oracle Solaris 11 6 0 and later The first firmware to support the newer entry level server is the XCP 1080 firmware For specific information about minimum OS and firmware requirements see the latest version of the Product Notes no earlier than the XCP 1080 edition for your server Functions to be Enabled on the Browser The following functions are necessary for the browser 1 Secure Socket Layer Protocol SSL Ver 3 Transport Layer Security TLS Ver 1 2 JavaScript enabled 3 Cookies enabled for session management SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 9 2 4 Specifying the URL When specifying the URL specify the IP address configured with XSCF or the XSCF host name as the root directory Example URL https 192 168 111 111 Note The IP address of XSCF is input by number Alternatively https XSCF host name Note Not the host name of a domain Note At the beginning of communication the browser may request confirmation of a certificate In such cases check the contents
109. require b PSU 1 PSU 2 is displayed The above indicates the following PSU 1 and PSU 2 were detected as the first and second suspect components respectively with other components also detected It might be necessary to replace the respective components c IOU 0 PCI 3 is displayed The above indicates the following IOU 0 PCI 3 was detected as the suspect component and PCI slot No 3 of I O unit No 0 is problematic It might be necessary to replace the device connected to PCI slot No 3 as circumstances require d MBU_A MEMB 0 MEM 02A is displayed The above indicates the following MBU_A MEMB 0 MEM 02A was detected as the suspect component and memory slot No 02A of memory board No 0 on the MBU is problematic It may be necessary to replace memory slot No 02A as circumstances require e CMU 0 MEM 02A is displayed The above indicates the following CMU 0 MEM 02A was detected as the suspect component and memory slot No 02A of CMU 0 is problematic It may be necessary to replace memory slot No 02A as circumstances require CMU 0 MEM 02A 02B is displayed Appendix B_ XSCF Log Information B 3 The above indicates the following CMU 0 MEM 02A 02B was detected as the suspect component and memory slot No 02A and No 02B of CMU 0 are problematic It may be necessary to replace the memory as pairs in memory slots No 02A and No 02B as circumstances require 3 One row message to indicate an outline of the
110. serial number FRU number type and information on each PCI and DDC The displayed information on each PCI includes the unit number name property card type serial number type and FRU number The displayed information on each DDC includes the unit number and status In the M3000 server there is information on each PCI slot a External I O Expansion Unit IOBOX information Unit number serial number and information on each I O boat and power supply unit in an I O expansion unit see Note Chapter 4 Operation of the Server 4 7 4 8 The displayed information on each I O boat includes the unit number serial number and link information The displayed link information includes the version serial number and type The displayed information on each power supply unit includes the unit number and serial number a XSCF Unit information Unit number status version serial number and FRU number Crossbar Unit XBU information Unit number status version serial number and FRU number a Backplane BP information Unit number status version serial number FRU number and each DDC information The displayed information on each DDC includes the unit number version serial number and FRU number a Clock unit information Unit number status version serial number and FRU number Operator panel information Unit number status version serial number and FRU number a Power supply unit information Unit number status
111. set in two ways specifying last four digits of serial numbers such as iox nnnn and specifying instance numbers such as ioxn Also the preciseness is displayed together with the sensor measurement values Chapter 4 Operation of the Server 4 29 TABLE 4 5 External I O Expansion Unit Administration Continued Item Description Shell Command Display set Displays and sets the locator LED state for ioxadm locator LED individual components in the specified Note 2 External I O Expansion Unit Each locator LED is in one of the following states e Blinking e Lit e Off Any of the following locator LED states can be set e Enabled on e Disabled off Power on off Turns on or off power to the specified I O ioxadm board or power supply unit Note To forcibly disconnect an IO board belonging to a domain use the f option Remarks Only one locator LED can be enabled or disabled at a time in an External I O Expansion Unit Even after the power switch is set to off LEDs and fans continue operating as long as they are supplied with power Display set Displays and clears runtime of the card with ioxadm runtime of ESM card with ESM Note 1 Also called uplink cards They are mounted on I O boards Note 2 A locator LED that indicates a location The names of locator LEDs depend on the corresponding components For the External I O Expansion Unit and LED types and the descriptions
112. setad 8 commands Displays loads and removes an Active Directory server certificate This function is equivalent to the showad 8 and setad 8 commands Displays and configures privileges for all users authenticated via Active Directory This function is equivalent to the showad 8 and setad 8 commands Displays and configures up to five alternate Active Directory servers This function is equivalent to the showad 8 and setad 8 commands Displays and configures administrator groups operator groups and custom groups This function is equivalent to the showad 8 and setad 8 commands Displays and configures up to five user domains This function is equivalent to the showad 8 and setad 8 commands Displays and configures up to five DNS locator query This function is equivalent to the showad 8 and setad 8 commands 9 22 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 9 16 lists the functions for configuring XSCF user management Select Settings User Manager in the Menu tree TABLE 9 16 User Management Configuration Function Remarks User accounts list display Displays user accounts information and the state being registered now The useradm privilege is required This function is equivalent to the showuser 8 command User accounts addition and deletion Adds and deletes a user account The useradm privilege is required These functions are equivalent to t
113. specified XSCF Shell or XSCF Web operation will be locked you will not be able to complete the operation Writing any further entries to the audit trail stops until you either clear out some audit trail space or the until the audit policy is changed to count 2 122 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 If the audit trail becomes full while count is the specified policy new audit trail data is discarded and the number of times that records are dropped is counted If you plan to specify suspend you need to generate in advance a user account that has the auditadm privilege specified and whose audit policy is set to disable If an audit trail becomes full when suspend is specified XSCF will be locked When this happens login using the user account that you set up in advance with audit policy set to disable and clear the audit trail space Then continue with XSCF operation If the audit trail space becomes full when suspend is specified and you haven t previously set up in advance a user account with audit policy disable you will not be able to clear the audit trail space or perform any other functions In this case you must log in as default user from the console as described in Setup Summary by the XSCF Shell on page 2 2 Then clear the audit trail space as default user Note 4 Warnings are displayed as console messages and secure email The following is an example WARNING audit trail
114. such damage You acknowledge that this is a reasonable allocation of risk Part 1 CMU UCD copyright notice BSD like Copyright 1989 1991 1992 by Carnegie Mellon University Derivative Work Copyright 1996 1996 1998 2000 1998 2000 The Regents of the University of California All Rights Reserved Permission to use copy modify and distribute this software and its documentation for any purpose and without fee is hereby granted provided that the above copyright notice appears in all copies and that both that copyright notice and this permission notice appear in supporting documentation and that the name of CMU and The Regents of the University of California not be used in advertising or publicity pertaining to distribution of the software without specific written permission CMU AND THE REGENTS OF THE UNIVERSITY OF CALIFORNIA DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS IN NO EVENT SHALL CMU OR THE REGENTS OF THE UNIVERSITY OF CALIFORNIA BE LIABLE FOR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM THE LOSS OF USE DATA OR PROFITS WHETHER IN AN ACTION OF CONTRACT NEGLIGENCE OR OTHER TORTIOUS ACTION ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE Part 2 Networks Associates Technology Inc copyright notice BSD Copyright c reserved 2001 2003 Networks Associates Techno
115. the server then starts up the domains relieving the system administrator of extra work For details on operation settings for a power failure see Section 4 4 10 Shutdown Wait Time Administration on page 4 23 Support of Hot Swapping of Components XSCF supports maintenance work with the XSCF Shell during hot swapping of components For details on the XSCF Shell see Chapter 5 Component Configuration Recognition and Temperature Voltage Monitoring XSCF monitors component information such as the configuration status and the serial numbers of components in the server If an abnormality is detected in the component configuration it is displayed and reported to the user XSCF periodically monitors and displays the temperature inside the server the ambient temperature component temperatures voltage levels and FAN status Chapter 1 XSCF Overview 1 11 Internal Cabinet Configuration Recognition and Domain Configuration Control Functions To use XSCF you can display the system configuration status and create and change domain configuration definitions It also provides domain start and stop functions mainly for its own use In the server the user can configure a domain as a single Physical System Board PSB that has CPU memory and I O device or a PSB logically divided which are the eXtended System Boards XSBs The user assigns a domain and the Logical System Boards LSBs number that can be referenced from the domain t
116. the difference between a work based on the library and a work that uses the library The former contains code derived from the library whereas the latter must be combined with the library in order to run GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING DISTRIBUTION AND MODIFICATION 0 This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License also called this License Each licensee is addressed as you A library means a collection of software functions and or data prepared so as to be conveniently linked with application programs which use some of those functions and data to form executables The Library below refers to any such software library or work which has been distributed under these terms A work based on the Library means either the Library or any derivative work under copyright law that is to say a work containing the Library or a portion of it either verbatim or with modifications and or translated straightforwardly into another language Hereinafter translation is included without limitation in the term modification Source code for a work means the preferred form of the work for making modifications to it For a library complete source code means all the source code for all modules it contains p
117. the following items are displayed m Time at which each problem was logged Date This date is indicated in local time m DIAGCODE that the field engineer and authorized service personnel use for troubleshooting Code The user is requested to inform the field engineer and authorized service personnel of this Code This is useful in settling the problem at an early stage m Fault level of the component Status One of the following items is displayed B 2 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Alarm The relevant component failed Warning Some subcomponents in the relevant component failed or degraded Information Notification Notice System state notification m Time at which each problem occurred Occurred This is indicated in local time m Replacement component FRU that is probably faulty A comma separates two suspect components displayed For additional suspect components an asterisk is displayed after the comma Each component is displayed hierarchically in a component mounting path format Whether more suspect components are to be displayed depends on the position where the fault was detected The following explains cases where FRU is displayed a PSU 1 PSU 2 is displayed The above indicates the following PSU 1 and PSU 2 were detected as the first and second suspect components respectively It might be necessary to replace the respective components as circumstances
118. the following items can be optionally configured Each item is the same as the setting of Chapter 2 e User Account settings e XSCF Network Settings e Internal DSCP Network e Domain Name Service e Network Time Protocol e SSH e HTTPS Server e Email Reports setarchiving Configures the log archiving function of XSCF showarchiving Displays the settings of the log archiving function of XSCF setaudit Configures the auditing of XSCF showaudit Displays the settings of the audit of XSCF viewaudit Displays the audit records Audit trail of XSCF setsnmp Configures the SNMP Agent showsnmp Displays the SNMP Agent settings setsnmpusm showsnmpusm setsnmpvacm showsnmpvacm setsunmc showsunmc setdcl showdcl showboards showdevices showdomainstatus Configures the USM management information for the SNMP agent Displays the USM management information for the SNMP agent Configures the VACM management information for the SNMP agent Displays the VACM management information for the SNMP agent Start or stop the Sun Management Center agent and make changes to its configuration Show setup information and status of Sun Management Center agent Specifies the domain configuration information DCL Displays the domain configuration information Displays the component information and the COD information about a system board Displays the domain information specified for a system board Displays the domain status 5 4 SPAR
119. the server or domain the XSCF firmware collects an XSCF event log The field engineer and authorized service personnel use the XSCF event logs to analyze a fault that occurs investigate the server operation status or reference the history of maintenance operation This section explains how to reference XSCF event logs See TABLE 8 3 for the size and generation numbers of XSCF event logs Using the showlogs 8 Command to Reference XSCF Event Logs Specify the event option on the XSCF Shell and perform the showlogs 8 command to reference XSCF event logs Appendix B XSCF Log Information B 7 lt Example gt XSCF event logs are displayed as a list XSCF gt showlogs event Date Message Mar 30 17 45 31 JST 2005 System power on Mar 30 17 55 31 JST 2005 System power off The example is subject to change without previous notice for functional improvement In the example above the following items are displayed m Time at which each event log was gathered Date This is indicated in local time m Event message Message B 4 B 4 1 B 8 Using the showlogs Command to Display Other Logs This section explains how to reference the other main logs by using showlogs 8 command For details of each log option of showlogs 8 see the XSCF Reference Manual or the main page See TABLE 8 3 for the size and generation number of each log Monitor Message Log Using the showlogs 8 Command to Reference Monitor Message L
120. the setsnmp configration SNMP configration set by set snmp 8 to the default Display USM Displays the USM management information showsnmpusm management for the SNMP agent information 2 134 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 2 21 SNMP Administration Continued Item Description Shell Command Remarks USM Sets USM management information for the setsnmpusm e SNMPv3 settings management following for the SNMP agent e Specify the password information Display VACM management information VACM management information Specifying a user authentication algorithm Sets authentication encryption passwords for users Changing authentication encryption passwords for users Copying a user Deleting a user Displays VACM management information for the SNMP agent Sets VACM management information for the following for the SNMP agent Making access control group and access control view MIB view settings for a user Adds a user account to an access control group Deleting a user from an access control group Creating an MIB access control view Deleting an MIB access control view Providing an MIB access control view to a group Deleting a group from all MIB access control views over 8 characters showsnmpvacm setsnmpvacm e SNMPv3 settings e Any access control view that is provided to a group is a Read Only view Note 1 A user name authentication passwo
121. the standard time of the external NTP server XSCF No connection The XSCF Unit time is the time in initial system settings or the time set by the setdate 8 command For details on the setdate 8 command see the XSCF Reference Manual External NTP server The XSCF Unit time is adjusted to the standard time of the external NTP server 13 3 1 20 The CD RW DVD RW Drive Unit and Tape Drive Unit In the M3000 server one domain monopolizes the DVD drive unit In the M4000 M5000 servers the domain that uses a minimum XSB number of number 0 of the MotherBoard Unit MBU 0 can use the CD RW DVD RW drive unit and tape drive unit hereafter collectively called DVD drive tape drive unit SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 In the M8000 M9000 servers a basic cabinet and an expansion cabinet contain one DVD drive tape drive unit respectively and they are assigned to a single operating domain of each cabinet The DVD drive tape drive unit can be used by assigning it to a specific card port on the I O unit To assign a different port specify the unit by using the XSCF Shell For details on this DVD drive tape drive unit setting see Chapter 2 Note Do not use the CD_RW DVD RW drive unit and the tape drive unit at the same time 1 4 XSCE User Interfaces This section describes the XSCF user interfaces 1 XSCF Shell Ethernet Connection A set of XSCF Shell commands you can use from a
122. to a domain where a CPU or memory has a high load When the added system board becomes unnecessary the system board can be returned to the system board pool state Note 1 DR Abbreviation for Dynamic Reconfiguration This function dynamically adds a system board to a domain or deletes it from a domain For details on DR see the Dynamic Reconfiguration User s Guide Note 2 Specified or displayed by the DCL When the system board uses kernel or I O for details of the DR operation and notation see the Dynamic Reconfiguration User s Guide Note 3 Although a CMU with two CPUMs can be configured into Quad XSB mode on an M8000 M9000 server be aware of the following points Only an XSB with at least one valid CPUM and memory can be configured into a domain Memory within an XSB that does not have a CPUM becomes unavailable The result is loss of access to half the installed memory on the CMU You can add DIMMs to a CMU but you cannot reconfigure memory resident on a CMU to the valid XSBs to prevent that memory from becoming unavailable The server generates a configuration error message for those XSBs that do not have a CPUM and memory For details of components such as CPU Memory Board unit I O unit and Motherboard unit see the Service Manual for your server TABLE 2 24 lists the number of domains and XSBs for each system Chapter 2 Setting Up XSCF 2 149 TABLE 2 24 Number of Doma
123. trade names trademarks service marks or product names of the Licensor except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file 7 Disclaimer of Warranty Unless required by applicable law or agreed to in writing Licensor provides the Work and each Contributor provides its Contributions on an AS IS BASIS WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND either express or implied including without limitation any warranties or conditions of TITLE NON INFRINGEMENT MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this You are License 8 Limitation of Liability In no event and under no legal theory whether in tort including negligence contract or otherwise unless required by applicable law such as deliberate and grossly negligent acts or agreed to in writing shall any Contributor be liable to You for damages including any direct indirect special consequential damages of any character arising as a result of this License or out of the use or inability to use the Work including but not limited to damages for loss of goodwill work stoppage or malfunction or any and all other commercial damages or losses if such Contributor has been advised of the possibility of such damages
124. user informations from an Active Directory Chapter 5 Overview of the XSCF Shell 5 17 server The showldapss1 8 and setldapss1 8 commands display and specify LDAP SSL client settings which are used when retrieving user informations from an LDAP SSL server showaudit setaudit viewaudit The showaudit 8 and setaudit 8 commands display and specify information such as which events can be subject for auditing The system administrator can use the viewaudit 8 command to display audit records audit trail showloginlockout setloginlockout The showloginlockout 8 and setloginlockout 8 commands display and specify information on whether to refuse a user login for a certain period of time after multiple attempts to log in to that user account failed showssh setssh The showssh 8 and setssh 8 commands can be used to display and specify the information on whether or not to enable the SSH access when a user logs in to XSCF These commands can be used in generating the host key registering deleting the user public key setting the timeout period of XSCF Shell and setting whether or not to permit the SSH access from domain to XSCF via DSCP 5 8 5 18 Use the XSCF Other Commands The following XSCF Shell commands end the XSCF Shell and display version information Note m exit m version Note The server provides many other commands For details on these commands see the man page or the XSCF Reference Manual
125. user privilege required for control of this access record see Section 1 4 1 User Accounts and User Privileges on page 1 23 For details on login see Chapter 5 For details on authentication and Web functions see Chapter 9 For details on user account registration and mail function settings see Chapter 2 TABLE 1 6 outlines XSCF Functions and Connection Ports TABLE 1 6 XSCF Functions and Connection Ports XSCF LAN Functions Contents Serial port Ethernet XSCF Shell e Monitors the server S S The status of the system can be checked e System power can be controlled from a remote location The system power can be turned on and off and the system can be rebooted from a remote location e Displays the server configuration The internal configuration of the server can be checked e Set up the server Many server settings can be set e Supports system maintenance Issues instructions for firmware update operation and component replacement e OS console function You can access to the OS console and or OpenBoot PROM prompt 1 22 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 1 6 XSCF Functions and Connection Ports Continued XSCF LAN Functions Contents Serial port Ethernet XSCF Web Provides the same functions as the functions of the XSCF Shells _ S but provides graphical displays for easier operation Mail report Mail notification in the event of a failure enables prompt action
126. valid for at to give the same user the materials specified in Subsection 6a above for a charge no more than the cost of performing this distribution least three years a If distribution of the work is made by offering access to offer equivalent access to copy the specified materials from the same place copy from a designated place above e Verify that the user has already received a copy of these materials or that you have already sent this user a copy For an executable the required form of the work that uses the Library must include any data and utility programs needed for reproducing the executable from it However as a special exception distributed need not include anything that is normally distributed the materials to be in either source or binary form with the major components compiler kernel and so on of the operating system on which the executable runs that component itself accompanies the executable unless It may happen that this requirement contradicts the license restrictions that do not normally accompany the Such a contradiction means you cannot use both them and the Library together in an executable that you distribute of other proprietary libraries operating system 7 You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities and distribute such a combined library provided that the separate distributi
127. when the power is turned on at the power recovery after the power failure SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 4 4 10 4 4 11 Caution IMPORTANT When the power is turned on from the operator panel the air conditioning time and warm up time that you set are ignored If you have set these times and wish to observe them at startup perform the poweron 8 command Shutdown Wait Time Administration The shutdown wait time administration is a setting to delay the shutdown start by specifying the shutdown start time when a power failure has occurred in the system with the UPS Command operation 1 Use the showshutdowndelay 8 command to display the shutdown wait time XSCF gt showshutdowndelay UPS shutdown wait time 500 second s 2 Use the setshutdowndelay 8 command to set the shutdown wait time Set the shutdown wait time from 0 to 9999 sec The default is 10 sec lt Example gt The shutdown wait time is set to 600 sec XSCF gt setshutdowndelay s 600 Dual Power Feed Administration The dual power feed is a type of power feed for high reliability systems that contain dual lines to the power supply If one line stops the other line does not stop and enables the system to continue operation This capability can be enabled or disabled using an XSCF Shell command This setting is done by FEs Note The ability to enable and disable the dual powe
128. 0 3 2 Types of XSCF Connections 3 11 vi SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 3 2 1 Connecting XSCF via the XSCF LAN Port Or the Serial Port 3 12 3 2 2 XSCF LAN and Serial Connection Purposes 3 15 Operation of the Server 4 1 4 1 4 2 4 3 4 4 4 5 4 6 4 7 4 8 Display Server Hardware Environment 4 1 4 1 1 Displaying System Information 4 2 4 1 2 Display Server Configuration Status Information 4 6 Display Domain Information 4 9 4 2 1 Domain Information 4 10 Adding or Removing Domains 4 11 Server and Domain Power Operations 4 12 4 4 1 System Power On 4 13 4 4 2 System Power Off 4 14 4 4 3 Domain Power On 4 15 4 4 4 Domain Power Off 4 16 4 4 5 Sending a Domain Panic Request 4 17 4 4 6 Domain Reset 4 18 4 4 7 Sending a Break Signal to a Domain 4 19 4 4 8 Air Conditioning Wait Time Administration 4 20 4 4 9 Warm Up Time Administration 4 21 4 4 10 Shutdown Wait Time Administration 4 22 4 4 11 Dual Power Feed Administration 4 22 Identifying the Location of the System 4 24 Managing Fault Degradation 4 24 4 6 1 Displaying the Degraded Component 4 24 4 6 2 Clearing the Fault Degradation Information 4 25 Changing the Time 4 26 Switching the XSCF Unit 4 26 Contents vii 4 9 Displaying State of an External I O Expansion Unit and Administration 4 27 4 10 Restore Factory Settings of the Server or XSCF Unit 4 32 5 Overview of the XSCF Shell 5 1 5 1 5 2 5 3 5 4 5 5 5 6
129. 0 Servers XSCF User s Guide January 2012 3 The message includes the identification data Verify that the correct desired configuration file was selected and answer yes to continue 4 The XSCF will be reset After about 10 minutes the data is restored and the XSCF halts Note If a serial terminal is connected to the XSCF Unit you should see the message XSCF BOOT STOP recover by NFB OFF ON 5 Turn the input power supply of the server off then on Note For more about encrypted data see the man page or the XSCF Reference Manual of the restoreconfig 8 command Chapter 2 Setting Up XSCF 2 199 CHAPTER 3 Connecting to the XSCF and the Server This chapter describes how to connect consoles and terminals to XSCF in order to use the software and how to connect to the server 3 1 Connect Terminals to the XSCF XSCF monitors and controls the server You can use a terminal to interface with XSCF by connecting to the LAN or serial port of the XSCF Unit This section describes the modes for connecting terminals and the methods of establishing a connection to XSCF from a remote console For the initial settings for connection to XSCF see Chapter 2 3 1 sAm Terminal Operating Modes for Connection to XSCF The FIGURE 3 1 shows the terminal operating modes for connecting to XSCF FIGURE 3 1 Operating Modes for Connection to XSCF In Midrange Servers SSH telnet SSH telnet https https co
130. 00 server the number of the target domain is one Domain ID is fixed to 00 TABLE 9 7 lists the functions used for specifying each domain mode Select Operation Domain Operation Domain Mode Configuration in the Menu tree TABLE 9 7 Domain Mode Configuration Function Remarks Domain mode configuration display Sets a hardware initial diagnostic level Suppresses the send break Host watchdog and automatic boot functions Also displays the host ID the domain mode status and domain ethernet address mac address This function is equivalent to the setdomainmode 8 and showdomainmode 8 commands On the XSCF Web you cannot display configure the CPU operational mode Use the showdomainmode 8 and setdomainmode 8 commands Chapter 9 Howto Use the XSCF Web 9 13 TABLE 9 8 lists the functions used for System board configuration Select Operation Domain Configuration System Board Configuration in the Menu tree TABLE 9 8 System Board Configuration Function Remarks System board configuration information display System board detail display XSB division memory mirroring configuration Displays the XSB division information the XSB number and the memory mirror information for each PSB in the form of table Note The M3000 server does not display the system board configuration but displays the detail information in the system board detail display Displays the PSB and the XSB on t
131. 005 09 22 22 12 34 2 Use the setarchiving 8 command to set the host public key lt Example gt Specifying that the host key be downloaded XSCF gt setarchiving k download Downloading public host key from example com Key fingerprint in md5 c9 e0 be b2 1a 80 29 24 13 0d9 1 13 5 5c 2c 0F Accept this public key y n Y 2 130 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Setting Capacity Limits for the Log Archiving Function Command operation 1 Use the showarchiving 8 command to display the amount of space used for log archiving XSCF gt showarchiving v Archiving Configuration Archiving state Enabled Archive host example com Archive directory var logs this xscf xx User name for ssh login foo Archive host public key Server authentication disabled Archive host fingerprint Server authentication disabled Connection to Archive Host Latest communication 2005 09 22 22 12 34 Connection status OK AUDIT LOGS OTHER LOGS Archive space limit 10000 MB 5000 MB Archive space used 3010 MB 2252 MB Total archiving failures J74 2 Unresolved failures 4 0 2 Use the setarchiving 8 command to set capacity limits for logs lt Example gt Specifying capacity limits for the audit log and other logs XSCF gt setarchiving 1 Unlimited 10000 3 Use the showarchiving 8 command to
132. 1 Running 02 Running 03 Running 3 Use the poweroff 8 command to turn off power to all domains XSCF gt poweroff a DomainIDs to power off 00 01 02 03 Continue y n y 00 Powering off 01 Powering off 02 Powering off 03 Powering off Note This command only issues the instruction to power off The result of the instruction can be checked by the showlogs power 4 14 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 4 4 3 Note Only the domains that are able to be powered off are displayed Note If the poweroff 8 command is performed and the shutdown has completed then the domain is powered off 4 Use the showlogs power command to check the system power off XSCF gt showlogs power Feb 26 14 22 19 JST 2010 System Power Off Operator Service Domain Power On Command operation 1 Use the showdomainstatus 8 command to check the power status of all domains XSCF gt showdomainstatus a DID Domain Status 00 Powered Off 01 Running 02 Powered Off 03 Powered Off 2 Use the poweron 8 command to turn on power to the specified domain lt Example 1 gt Turn on power to the specified domain XSCF gt poweron d 0 DomainIDs to power on 00 Continue y n y 00 Powering on Note This command only issues the instruction to power on The result of the instruction can be checked by the showlogs powe
133. 17 04 48 2011 You will need to power cycle the entire system after this operation is completed Do you want to restore this configuration to your system y n 4 The message includes the identification data Verify that the correct desired configuration file was selected and answer yes to continue 5 The XSCF will be reset After about 10 minutes the data is restored and the XSCF halts When the restoration is complete disconnect the USB device from the USB connector Note If a serial terminal is connected to the XSCF Unit you should see the message XSCF BOOT STOP recover by NFB OFF ON 6 Turn the input power supply of the server off then on Note For more about encrypted data see the man page or the XSCF Reference Manual of the restoreconfig 8 command Restoring the Configuration Information from a Specified Target Directory Over a Network Note To view XSCF messages in the following procedure connect a serial connection terminal to the XSCF Unit Command operation 1 Power off all domains 2 Perform the restoreconfig 8 command specifying the target directory XSCF gt restoreconfig ftp server backup backup sca ff 2 16 txt Configuration backup created on Tue Jul 19 17 04 48 2011 You will need to power cycle the entire system after this operation is completed Do you want to restore this configuration to your system y n SPARC Enterprise Mx00
134. 17 Audit Configuration Function Remarks Audit enabling and disabling Request the archive and data deletion Audit policy display and setting Audit event class display and setting Enable and disable the auditing This function is equivalent to the setaudit 8 command Request the log archive for the audit trail Also delete the audit trail in the secondary partition This function is equivalent to the setaudit 8 command Display and specify the policy such as when an audit trail becomes full the local audit file usage threshold that triggers an alarm when reached the destination address for that alarm This function is equivalent to the setaudit 8 command Display the audit events and the audit classes Also Enable and disable the audit events and the audit classes This function is equivalent to the setaudit 8 command TABLE 9 18 lists the functions for configuring XSCF mail This page provides the SMTP server settings Select Settings SMTP in the Menu tree 9 24 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 9 18 Mail Configuration SMTP Function Remarks SMTP server display and configuration Authentication server display and configuration Reply address server display and setting Displays SMTP server setting information Sets the host name and the port number of the SMTP server These functions are equivalent to the showamtp 8 and setsmtp
135. 2 Other Problems Contact the system administrator If XSCF log data must be collected use the XSCF Shell command to collect it For information about the log collection method see Section 8 2 Collecting XSCF Logs on page 8 24 Frequently Asked Questions FAQ Q Is an IP address assigned by default to the LAN port used for the XSCF LAN A An IP address is not assigned by default If an IP address were assigned by default one IP address would be temporarily duplicated during the concurrent setup of multiple units This may affect the user LAN environment To prevent this the XSCF LAN network function is disabled by default However there is a default value for the IP address for the network connecting redundantly configured XSCF Units ISN For information about the default value see Section 2 2 1 Network Configuration on page 2 16 in Chapter 2 Q If an Oracle Solaris OS hang up event occurs during Oracle Solaris OS startup after the main unit is powered on can the main unit power be turned off A If an Oracle Solaris OS hang up event occurs the first action is to do the following instead of turning off the main unit power 1 First execute the reset 8 command with the panic option from the XSCF Shell 2 After doing Step 1 if the Oracle Solaris OS dump fails move to the ok prompt by executing Break or executing the reset 8 command with the xir option from the XSCF Shell At this point execute the sync
136. 255 255 255 0 n 192 168 1 0 m 255 255 255 0 g 192 168 1 1 xscf 0 lan 1 down Note When the XSCF Unit is in redundant configuration ISN addresses must be in the same network subnet 3 Use the rebootxscf 8 command to reset the XSCF and to complete the settings 2 34 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 XSCF gt rebootxscf The XSCF will be reset Continue y n y m At this time the window session is disconnected so please reconnect to the XSCF by using the new network interface and log in again 4 Display the Network Configuration by using the shownetwork 8 showhostname 8 showroute 8 and shownameserver 8 commands again and check the new network information 5 Use the nslookup 8 command to check the host name information lt Example gt Specify the host name information scf0 hostname XSCF gt nslookup scf0 hostname Server server example com Address 192 168 1 3 Name scf0 hostname company com Address 192 168 10 10 Confirm XSCF Network Connection Status Command operation 1 Use the shownetwork 8 command to display the network status XSCF gt shownetwork i Active Internet connections without servers Proto Recv Q Send Q Local Address Foreign Address State tcp 0 0 xx xx xx xx telnet xxxx 1617 ESTABLISHE D 2 Use the ping 8 command to confirm the response to network devices lt Example gt Send pa
137. 3 01 3 02 Powered Off 00 00 0 07 01 0 08 01 1 09 01 2 10 01 3 4 Use the showboards 8 command to display XSB status information XSCF gt showboards va XSB R DID LSB Assignment Pwr Conn Conf Test Fault COD 00 0 02 00 Assigned n n n Passed Normal n 01 0 02 07 Assigned n n n Passed Normal n 01 1 SP Available n n n Passed Normal n 01 2 02 09 Assigned n n n Passed Normal n 01 3 02 10 Assigned n n n Passed Normal n 5 Use the moveboard 8 command to move an XSB lt Example gt Delete XSBs and make XSB assignment to new domain XSCF gt moveboard c assign d 1 1 0 XSB 01 0 will be assigned to DomainID 1 immediately Continue y n Y XSCF gt Chapter 2 Setting Up XSCF 2 173 6 Use the showboards 8 command to display the XSB status again XSCF gt showboards va XSB R DID LSB Assignment Pwr Conn Conf Test Fault COD 00 0 02 00 Assigned n n n Passed Normal n 01 0 01 00 Assigned n n n Passed Normal n 01 1 SP Available n n n Passed Normal n 01 2 02 09 Assigned n n n Passed Normal n 01 3 02 10 Assigned n n n Passed Normal n 7 Use the poweron 8 command to start up all domains XSCF gt poweron a DomainIDs to power on 01 02 Continue y n y 01 Powering on 02 Powering on Note This command only issues the instruction to power on The result of the instruction can be checked by the showlogs power 8 Use the showboards 8 command t
138. 8 command does not include log archives The archived logs are stored on the archive host The log archives can be accessed by logging in to the archive host The log can be saved in the device using one of the following two methods Chapter 8 Upgrade of XSCF Firmware and Maintenance 8 27 m The configuration information can be saved and restored when a USB device has been connected to the USB connector mounted on the XSCF Unit front panel of the M4000 M5000 M8000 M9000 servers or on the rear panel of the M3000 server m The log data is transmitted through the network with an encryption protocol Note The USB device should only be formatted using the FAT32 file system Please ask authorized service personnel about the USB capacity and the handling of USB devices Note The snapshot 8 command can encrypt collected data by specifying an option If you collect the data be sure to ask the authorized service personnel to collect only the log file the encryption information and the method of sending the log file 8 28 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 The following is the procedure for saving logs Saving the Logs by Connecting the USB Device for Exclusive Use to the Front Panel of the XSCF Unit a Web browser operation 1 Select the snapshot Note menu for saves of the logs menu and display the saving operation page 2 Connect a USB device to the USB connector mounted on the
139. ABLE 2 21 SNMP Administration Item Description Shell Command Remarks Display SNMP setting information System management information Enable Disable Agent Displays the SNMP agent setting information and status showsnmp Makes the following settings as management setsnmp information that is common to the v1 v2c v3 agent protocol e Installation location of the agent system e Mail address of the administrator e Description of the agent system e Port number of the agent listening port number Enables disables SNMP agent You can specify the name of the MIB module as follows e SP MIB XSCF extension MIB e FM MIB Fault Management MIB e ALL All the MIB modules in this list When you do not specify the name of the MIB module it activates the SNMP agent with support for all MIB modules or stops the SNMP agent setsnmp e The default agent port number is 161 The default values of other port numbers are to be defined e You can use up to 128 characters to specify the mail address If the receiving address has a restriction check the settings e The default is disabled e FM MIB is the fault management MIB which has a format compatible with the Oracle Solaris OS The FM MIB is provided for users who are familiar with the Oracle Solaris OS Chapter 2 Setting Up XSCF 2 133 TABLE 2 21 SNMP Administration Continued Item Description Shell Command Remarks SNMPv1 Enab
140. AND NONINFRINGEMENT IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM DAMAGES OR OTHER LIABILITY WHETHER IN AN ACTION OF CONTRACT TORT OR OTHERWISE ARISING FROM OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE Apache License Version 2 0 January 2004 http www apache org licenses TERMS AND CONDITIONS FOR USE REPRODUCTION AND DISTRIBUTION 1 Definitions License shall mean the terms and conditions for use reproduction and distribution as defined by Sections 1 through 9 of this document Licensor shall mean the copyright owner or entity authorized by the copyright owner that is granting the License Legal Entity shall mean the union of the acting entity and all other entities that control are controlled by or are under common control with that entity For the purposes of this definition control means i the power direct or indirect to cause the direction or management of such entity whether by contract or otherwise or ii ownership of fifty percent 50 or more of the outstanding shares or iii beneficial ownership of such entity You or Your shall mean an individual or Legal Entity exercising permissions granted by this License Source form shall mean the preferred form for making modifications including but not limited to software source code documentation source and configuration files Object transformation or form sh
141. C Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 5 1 XSCF Commands Continued Command Description setupfru Specifies the number of XSB partitions of the system board and sets the memory mirror mode showfru Displays the specified number of XSB partitions of the system board and the memory mirror mode that is set testsb Diagnoses the system board addboard Adds a system board to a domain deleteboard Deletes a system board from a domain Alternatively it reserves a delete to the system board If the deletion is reserved the deletion is done after Oracle Solaris OS reboot moveboard Moves a system board to another domain Alternatively it reserves a move to the system board If the movement is reserved the deletion is done after Oracle Solaris OS reboot of source domain and the assignment to the new domain is done replacefru Replaces a CPU Memory Board unit I O unit fan unit PSU or XSCF Unit in work performed according to the applicable guide addfru Installs a CPU Memory Board unit I O unit fan unit or PSU in work performed according to the applicable guide deletefru Removes a CPU Memory Board unit or I O unit in work performed according to the applicable guide setdomainmode Sets a hardware initial diagnostic level No standard maximum Enables or disables break signal sending host watchdog automatic boot and sets CPU operation mode showdomainmode Displays the domain host ID the hardware
142. C implementation in crc32 c is due to Gary S Brown Comments in the file indicate it may be used for any purpose without restrictions COPYRIGHT C 1986 Gary S Brown code or tables extracted from it You may use this program or as desired without restriction Cryptographic attack detector for ssh source code Copyright c 1998 CORE SDI S A Argentina Buenos Aires All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that this copyright notice is retained THIS SOFTWARE IS PROVIDED AS IS IMPLIED WARRANTIES ARE DISCLAIMED IN NO EVENT SHALL CORE SDI S A BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES RESULTING FROM THE USE OR MISUSE OF THIS SOFTWARE AND ANY EXPRESS OR Ariel Futoransky lt futo core sdi com gt lt http www core sdi com gt Copyright 1995 1996 by David Mazieres lt dm lcs mit edu gt Modification and redistribution in source and binary forms is permitted provided that due credit is given to the author and the OpenBSD project by leaving this copyright notice intact ee ee version 3 0 December 2000 Optimised ANSI C code for the Rijndael cipher now AES author Vincent Rijmen lt vincent rijmen esat kuleuven ac be gt author Antoon Bosselaers lt antoon bosselaers esat kuleuven ac be gt author Paulo Barreto lt paulo barreto terra com br gt
143. D 2 XSCF gt poweron d 2 DomainIDs to power on 02 Continue y n y 02 Powering on Note This command only issues the instruction to power on The result of the instruction can be checked by the showlogs power 5 Use the console 8 command to connect a domain console Check the configuration by using prtdiag 1M lt Example gt Connect the OS console of domain ID 2 XSCF gt console d 2 Console contents may be logged Connect to DomainID 2 y n y exit from console To switch from the domain console to the XSCF Shell press the Enter default escape character and period keys 2 168 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 6 Use the showboards 8 command to confirm the XSB status See TABLE 2 27 XSCF gt showboards va XSB R DID LSB Assignment Pwr Conn Conf Test Fault COD 00 0 02 00 Assigned y y y Passed Normal n 01 0 02 07 Assigned y y y Passed Normal n 01 1 02 08 Assigned y y y Passed Normal n 01 2 02 09 Assigned y y y Passed Normal n 01 3 02 10 Assigned y y y Passed Normal n 7 Use the showdomainstatus 8 command to confirm the domain ID 2 status See TABLE 2 26 XSCF gt showdomainstatus a DID Domain Status 00 01 02 Running 03 Note When adding the system board to the domain using DR functions that operate the XSB without stopping the domain see the Dynamic Reconfi
144. DT 10 M4 1 0 00 00 00 M9 1 0 00 00 00 lt Example 2 gt Deletes the Daylight Saving Time information of current settings XSCF gt settimezone c deldst b JST o GMT 9 To reflect the Daylight Saving Time information which modified by c adddst or c deldst option log out and then log in again 3 Use the showtimezone 8 command to confirm the setting SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Setting the XSCF Time Command operation 1 Use the showdate 8 command to display the XSCF time lt Example 1 gt Display the current time with local time XSCF gt showdate Mon Jan 23 14 53 00 JST 2006 lt Example 2 gt Display the current time with UTC XSCF gt showdate u Mon Jan 23 14 53 00 JST 2006 2 Use the setdate 8 command to set the time lt Example 1 gt Set the current time to 2006 1 27 16 59 00 of a local time XSCF gt setdate s 012716592006 00 Fri Jan 27 16 59 00 JST 2006 The XSCF will be reset Continue y n y Fri Jan 27 07 59 00 UTC 2006 lt Example 2 gt Set the current time to 2006 1 27 07 59 00 of UTC XSCF gt setdate u s 012707592006 00 Fri Jan 27 07 59 00 UTC 2006 The XSCF will be reset Continue y n y Fri Jan 27 07 59 00 UTC 2006 Note After the time settings XSCF reset is done At this time the XSCF session is disconnected Please reconnect to the XSCF and log in again Also when the domains are running and if you us
145. Directory logs by using the showad 8 command For details of each log option of showad 8 see the XSCF Reference Manual or the main page See TABLE 8 3 for the size and generation number of each log Using the showad 8 Command to Confirm the Active Directory Log Perform the showad 8 command on the XSCF Shell When the Active Directory authentication and authorization for users the diagnostic messages are logged This log is for use in troubleshooting and is cleared on XSCF reset Specify the log option on the XSCF Shell and perform the showad 8 command to reference Active Directory logs The following items are displayed m Time at which each Active Directory log was collected m Console message B 7 LDAP SSL Log This section explains how to reference the LDAP SSL logs by using the showldapss1 8 command For details of each log option of showldapss1 8 see the XSCF Reference Manual or the main page See TABLE 8 3 for the size and generation number of each log Using the showldapss1 8 Command to Confirm the LDAP SSL Log Perform the showldapss1 8 command on the XSCF Shell When the LDAP SSL authentication and authorization for users the diagnostic messages are logged This log is for use in troubleshooting and is cleared on XSCF reset Specify the log option on the XSCF Shell and perform the showldapss1 8 command to reference LDAP SSL logs The following items are displayed m Time at which each LDAP SSL log was
146. EORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE oe ee EOE O OE OE O E OE E E Ph o OEO O O E OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE This product includes cryptographic software written by Eric Young eay cryptsoft com This product includes software written by Tim Hudson tjh cryptsoft com Copyright C 1995 1998 Eric Young eay cryptsoft com All rights reserved This package is an SSL implementation written by Eric Young eay cryptsoft com The implementation was written so as to conform with Netscapes SSL This library is free for commercial and non commercial use as long as the following conditions are aheared to The following conditions apply to all code found in this distribution be it the RC4 RSA lhash DES etc code not just the SSL code The SSL documentation included with this distribution is covered by the same copyright terms except that the holder is Tim Hudson tjh cryptsoft com Copyright remains Eric Young s and as such any Copyright notices in the code are not to be removed If this package is used in a product Young should be given attribution as the author of the parts of the library used Eric This can be in the form of a textual message at program startup or in documentation online or textual prov
147. Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 8 4 Other Logs Continued Standard Size Storage Period Type Description Entry Size Archiving Reference Method LDAP SSL Log for LDAP SSL authentication 250KB Not Archived e showldapss log and authorization diagnostic About 3000 1 8 messages lines e XSCF Web Temperature Log containing a history of the 16384 About 6 months e showlogs 8 and humidity temperature and humidity of the generations Archived e XSCE Web history log main unit environment x16B The humidity history is displayed Every 10 only in the high end server minutes COD activation log Log for COD hardware activation permits additions and deletions 1024 generations Archived x32KB e showcodact ivationhi story 8 e XSCF Web 8 2 2 Note The table is read in the same way as TABLE 8 3 For examples of logs see Appendix B Note When the log becomes full the log data is overwritten beginning with the oldest log Method of Collecting the Log Information The field engineers and authorized service personnel collect the log information Also the system administrator might collect the log information To download the log information execute the snapshot 8 command with some options in the XSCF Shell When the command is executed all XSCF log information is saved at the specified location Note The download information by using the snapshot
148. Example 3 gt Turn on power to I O board 0 again XSCF gt ioxadm poweron iox 12B4 iob0 4 32 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Displaying and Clearing the Card with ESM Command operation Use the ioxadm 8 command to display and clear runtime of the card with ESM lt Example 1 gt Display runtime of card with ESM using verbose output XSCF gt ioxadm v lifetime IOU 0 PCI 1 NAC Total Time On of life Warning Time Fault Time ITOU 0 PCI 1 1052370 100 1041120 1051200 lt Example 2 gt Clear runtime of card with ESM show runtime is cleared XSCF gt ioxadm lifetime z IOU 0 PCI 1 XSCF gt ioxadm lifetime IOU 0 PCI 1 NAC Total Time On of life TOU 0 PCI 1 0 0 4 10 Restore Factory Settings of the Server or XSCF Unit To restore the server or the XSCF Unit to the factory settings execute the restoredefaults 8 command on the XSCF Unit Caution IMPORTANT User information and error logs are cleared from the XSCF Unit The restoredefaults 8 command can initialize the server Operator panel and the XSCF Unit or the XSCF Unit When the command is executed on the active XSCF of the M8000 M9000 server both the active and standby XSCF or the server the operator panel and both XSCF Units are initialized However when the command is executed on the standby XSCF of the M8000 M9000 server only the standby XSCF is initialized The server or the active XSCF c
149. F User s Guide January 2012 TABLE 3 1 Types of Terminals Connected With XSCF Continued Port Terminal Type Port Number Cable Serial port XSCF Shell terminal A RS 232C serial One per XSCF Unit The XSCF Shell can be used immediately following connection crosscable is to a serial port required e As with that of the XSCF LAN port a screen transition to the If only a LAN cable domain console is possible is available a 9 pin e As with that of the XSCF LAN port after login if the XSCF conversionicable is Shell is not used for a certain period the user is forcibly logged a nie side out Domain console RW console e This console is similar to that of the XSCF LAN port Domain console RO console e This console is similar to that of the XSCF LAN port 3 1 3 Note A maximum of 20 users can be connected to the XSCF at the same time in the M3000 M4000 M5000 servers If 20 users are already connected to the XSCF access from the 21st 20 1 user attempting to establish a connection is denied In the M8000 M9000 servers there is a maximum of 100 users Note In one domain only one user can use the RW console While one user is using the RW console another user cannot start another RW console in the same domain A maximum of 20 consoles can be connected to RW console and RO console at the same time on the M3000 M4000 M5000 servers Ex M4000 M5000 servers domain ID 0 lt RW x 1 RO x 17 gt domain
150. F download is started XSCFU 0 bank 0 XCP version 1082 last version 1080 Firmware Element ID 07 version 01080004 last version 01080000 XSCF download has been completed XSCFU 0 bank 0 XCP version 1082 last version 1080 Firmware Element ID 07 version 01080004 last version 01080000 XSCF update has been completed XSCFU 0 bank 0 XCP version 1082 last version 1080 XSCF is rebooting to update the reserve bank 8 16 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Note The display might be different according to XCP version and system configuration At this time the XSCF will reset and the XSCF session will disconnect so please connect the XSCF again Only the application of the XSCF firmware is completed Note The work described below applies to a system with redundant XSCF Units i Before updating the firmware perform the showhardconf 8 command and check the Status of the XSCF Unit 0 1 which is Active or Standby ii Perform the firmware update in order beginning with the standby side and then the active side automatically After the update on the standby side is completed the active and standby sides are switched At this time the XSCF reset is done and the XSCF session is disconnected iii Re connect the XSCF and log in again iv XSCF firmware update is completed v When the firmware update completes the active and the standby states of the XSCF uni
151. FIGURE 2 2 lists the hardware resources that configure a domain XSCF manages the hardware configuration of each domain in the server The CPU and the memory DIMM are installed in a CMU or MBU The domain uses CPU memory and I O device logically divided as one system board FIGURE 2 2 Domain Component Hardware In Midrange and High End Servers System DomainID X LSB XSB Domain DomainDX e Memory Memory Memory Memory CPU CPU CPU CPU VO VO l I O 1 0 device device device device Note In the entry level server the number of domains is one and the domain fully uses the resources in the PSB Note FIGURE 2 3 is an XSCF domain correlation diagram XSCF enables domain configuration control and DR function control by using DSCP interface and SCF interface for XSCF domain modules control program communication Chapter 2 Setting Up XSCF 2 155 FIGURE 2 3 XSCF Domain Correlation Diagram XSCF modules DSCP Interface SCF Interface XSCF Domain network XSCF Domain Command Domain modules 2 156 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 FIGURE 2 4 and FIGURE 2 5 show XSB hardware configuration diagrams in the midrange servers The number of hardware resources depends on whether the PSB type is a Uni XSB or Quad XSB FIGURE 2 4 and FIGURE 2 5 are examples when two CMUs are mounted on the MBU FIGURE 2 4 XSB Configuration Diagram Uni XSB
152. GARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE FOR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE DATA OR PROFITS WHETHER IN AN ACTION OF CONTRACT NEGLIGENCE OR OTHER TORTIOUS ACTION ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE tk OF FOF OR FF Ok OF FO RF OE OE OE OE OE OE OE OE OE O The Open Software License v 1 0 This Open Software License the License applies to any original work of authorship the Original Work whose owner the Licensor has placed the following notice immediately following the copyright notice for the Original Work Licensed under the Open Software License version 1 0 License Terms 1 Grant of Copyright License Licensor hereby grants You a world wide royalty free non exclusive perpetual non sublicenseable license to do the following a to reproduce the Original Work in copies b to prepare derivative works Derivative Works Original Work based upon the c to distribute copies of the Original Work and Derivative Works to the public with the proviso that copies of Original Work or Derivative Works that You distribute shall be licensed under the Open Software License d to perform the Original Work publicly and e to display the Original Work publicly 2 Grant of Patent License Licensor hereby
153. H Host Key a Command operation 1 Use the showssh 8 command to display the host key and fingerprint XSCF gt showssh SSH status enabled SSH DSCP accept RSA key ssh rsa AAAAB3NzaClyc2 EAAAABIWAAATEAt OI G3wfpQnGr51znS9Xt zwHcBBb UUO0LNO8Si 1UXE6j av1lxdY7AFqQBf1lwGxLF Tx5pTa6HuZ8o08yUBbDZVJAAAAFQC fKPxarV 5q ZK4A43Qaigkqu 6QAAATBMLQ122G8pwibESrh5JmOhSxpLz 13P26ksI8qPr 7Bxmj LROk Fingerprint 1024 e4 35 6a 45 b4 7 e8 ce b0 b9 82 80 2e 73 33 c4 DSA key ssh dss AAAAB3NzaC1kc3MAAACBAU Sy4GxD7Tk4 xFvyW1DONUDGZQOPY3 PuY2IG7QC4BOl1lke wDnb1B8 JEqI 8pnfbWzmOWU3 7KHL19OEYNAV6vV WZT6RE 1U5Pyb8F16uq9 6L8QDMswF1ICMZgrn ilJNStr6r8KDJ EwOQMmK0eeDF J 2mL40NOv aLQ83 rRwW6Ny yF1Rgv6 PUpUgRLWw4VeRb u0 fmPRpe6 kb4z 10 htpWI9bay6CKOnrFRok z54ez7BrDFBOVUNZx9 PyEFezJG9ziEYVUag 23LIAiLxx BmW9Ipgqa WxC21Ja4RQVN3 009kmVwAAATAONILR 9J3dd7yyG18 Ue7eBBJHrCA0pkSzvfzzFFj5xXUzQBdabh5p5Rwz 1lvriawF1IZ19j2uhM 3HQdrvy SVBECMj aasF9hB6T uFwP8yqtd 6Y9Gdj BAhMWuH8F 1 3pxX4BtvK 9TeldqCscnOuu0e2r1lUol6GICMr64FLOYYBSwfbwL1z6PSA yKQe23dwf kSfcwOZN q 5pThGPi3tob5Qev2KCK20yED MCAOVV1MhqHuPNpX hE1 9nPdBFGzQ Fingerprint 1024 9e 39 8e cb 8a 99 f b4 45 12 04 2d 39 d3 28 15 2 Use the setssh 8 command to set the host key lt Example gt Update the host key XSCF gt setssh c genhostkey Host key create Continue y n Y SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012
154. ID Number used to uniquely identify the problem in an arbitrary system set a DIAGCODE Field engineers and authorized service personnel use this code for troubleshooting The user is requested to inform the field engineer and authorized service personnel of this code which is useful in resolving problems at an early stage m Msg Message to show summary of problem 6 4 6 6 Test Mail After XSCF mail function settings are made a test mail can be sent to verify the settings The send time of the test mail the local time is displayed and the information about the mail sender are displayed Also the Test Mail characters are included in the subject of the test mail SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 CHAPTER T XSCF SNMP Agent Function This chapter explains the XSCF SNMP agent function 7 1 Overview of the XSCF SNMP Agent XSCF supports the Simple Network Management Protocol SNMP agent function 7 1 7 2 FIGURE 7 1 shows an example of a network management environment using SNMP FIGURE 7 1 Example of a Network Management Environment SNMP agent SNMP agent Domain Fan speed NY 1206rpm Normal ee SNMP manager Q om Be 3 SNMP agent SNMP agent SNMP SNMP is a protocol for managing networks The SNMP manager consolidates management of the operating conditions of terminals and network problems The SNMP agent responds with management informati
155. ISCLAIMED IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE Part 5 Sparta Inc copyright notice BSD Copyright c 2003 2004 Sparta Inc All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution Neither the name of Sparta Inc nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF
156. LE 9 1 XSCF Web Pages Basic Page Description Login page XSCF Web console login page Log in with an XSCF user account from the login Masthead frame Menu frame Tree frame Main page Event frame Monitor message frame Status display System domain operation XSCF settings Utility pages Log display Standby side page page The page on the upper part of the screen The masthead frame displays the user account name specified at login the connected host name and so on When you log out from the masthead frame you are returned to the login page In the page displayed by default after login there is a frame of the tree navigator to select each page There are the following three kinds of tree navigators Menu The menu of various settings operations and state displays that are displayed in the tree Physical Physical components of the server are displayed in the tree Logical Logical components of each domain are displayed in the tree A generic name of the detailed page located at the right of the screen When you select an item from the menu in the tree frame the target page is displayed here A page that displays the monitoring message located under the screen Frame displaying the entire system events As for the monitor message frame the content of the display is regularly refreshed An initial value at refreshing intervals is 60 seconds You can change the interval value on the same frame Pa
157. License 7 If as a consequence of a court judgment or allegation of patent infringement or for any other reason not limited to patent issues conditions are imposed on you whether by court order agreement or otherwise that contradict the conditions of this License they do not excuse you from the conditions of this License If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations then as a consequence you may not distribute the Program at all For example if a patent license would not permit royalty free redistribution of the Program by all those who receive copies directly or indirectly through you then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program If any portion of this section is held invalid or unenforceable under any particular circumstance the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent app
158. Ll 3 12 Connecting XSCF via the XSCF LAN Port Or the Serial Port XSCF Connection via an XSCF LAN Port Recommended Establish an XSCF connection via a XSCF LAN port The Ethernet connection used for XSCF connection is shown in FIGURE 3 1 The XSCF connection to the LAN utilizes the functions listed below For the summary of these functions see Chapter 1 XSCF Shell XSCF Web SNMP agent function Mail notification function Time synchronization with an external NTP server Authentication function using an LDAP server Log archiving function SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 FIGURE 3 4 shows the intranet connection FIGURE 3 4 Intranet Connection In a High End Server SSH telnet SSH telnet https https connection connection Terminal Terminal Mail Notification Router XSCF LAN port Basic cabinet DomainID m HDomainiD n Nntranet DomainID x H DomainID y Serial port When you use the XSCF Shell you can have high security by using SSH not telnet The XSCF Web uses SSL to provide authentication security Chapter 3 Connecting to the XSCF and the Server 3 13 FIGURE 3 5 shows the connection via an external network FIGURE 3 5 Connection of External Internet Using VPN Communication In High End Server SSH telnet Plata https Terminal Terminal Mail Router Router Notification p __ VPN communication XSCF LAN port Basic
159. M3000 M4000 M5000 M8000 M9000 servers that run certain versions of XCP firmware as below M3000 server XCP 1082 or later M4000 M5000 servers XCP1100 or later M8000 M9000 servers XCP1090 or later For specific information about these minimum software and firmware requirements see the latest version of the Product Notes no earlier than the XCP 1081 edition for your server To display the power consumption use the showenvironment power command The results displays the maximum Permitted AC power consumption and actual Actual AC power consumption power consumption values When the power type is DC direct current power supply DC power is displayed To display the amount of exhaust air use the showenvironment air command You can also obtain the data of power consumption and exhaust air using the SNMP agent function The following is the showenvironment examples on M3000 server XSCF gt showenvironment air Air Flow 63CMH XSCF gt showenvironment power Permitted AC power consumption 470W Actual AC power consumption 450W Note Power consumption and airflow values are for reference only These values vary depending on factors such as system load Chapter 4 Operation of the Server 4 5 4 1 2 4 6 The showenvironment power and showenvironment air commands do not include the information of External I O Expansion Unit and peripheral I O device Also the M4000 M5000 M8000 M9000 serve
160. MPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE The names of the authors and copyright holders must not be used in advertising or otherwise to promote the sale use or other dealing in this Software without specific written prior permission Title to copyright in this Software shall at all times remain with copyright holders OpenLDAP is a registered trademark of the OpenLDAP Foundation Copyright 1999 2003 The OpenLDAP Foundation Redwood City California USA All Rights Reserved Permission to copy and distribute verbatim copies of this document is granted Copyright c 1995 Tatu Ylonen lt ylo cs hut fi gt Finland All rights reserved Espoo As far as I am concerned the code I have written for this software can be used freely for any purpose Any derived versions of this software must be clearly marked as such and if the derived work is incompatible with the protocol description in the RFC file it must be called by a name other than ssh or Secure Shell Tatu continues However I am not implying to give any licenses to any patents or copyrights he
161. MPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE The End CMU libsasl Tim Martin Rob Earhart Rob Siemborski Bf y Copyright reserved c 1998 2003 Carnegie Mellon University All rights Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 1 Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution o 3 The name Carnegie Mellon University must not be used to endorse or promote products derived from this software without prior written permission For permission or any other legal details please contact office of Technology Transfer Carnegie Mellon University 5000 Forbes Avenue Pittsburgh PA 15213 3890 412 268 4387 fax 412 268 7395 tech transfer andrew cmu edu 4 Redistributions of any form whatsoever must retain the following acknowledgment This product includes software developed by Computing Services at Carnegie Mellon University http www cmu edu computing CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH RE
162. Management of the Access Control Views of the MIB Definition File VACM Management m Step 1 Set change and delete user management information by performing the following operations individually Specifying a user authentication algorithm Setting authentication encryption passwords for users Changing authentication encryption passwords for users Copying a user Deleting a user m Step 2 Add user accounts in and delete users from access control groups and provide access control views MIB views by performing the following operations individually Adding a user account to an access control group Deleting a user from an access control group Creating an MIB access control view Deleting an MIB access control view Providing an MIB access control view to a group Deleting a group from all MIB access control views Note Perform USM management and VASM management for SNMPv3 7 10 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 CHAPTER 8 Upgrade of XSCF Firmware and Maintenance This chapter explains how to update the firmware and how to collect log data 8 1 8 1 1 Update the XSCF Firmware This section explains firmware update functions and how to update the firmware The firmware update work is performed by the system administrator or a field engineer Firmware Update Overview The firmware programs listed below are updated by the firmware update a POST and OpenBoot PROM
163. Mx000 Servers XSCF User s Guide January 2012 D 2 Troubleshooting the Server While XSCF Is Being Used D 7 E Software License Conditions E 1 Index Index 1 Contents xi xii SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Preface This manual describes the system monitor and control facility known as eXtended System Control Facility XSCF which is used to control monitor operate and service SPARC Enterprise M3000 M4000 M5000 M8000 M9000 servers and domains from Oracle and Fujitsu XSCF may also be referred to as the System Control Facility SCF Unless otherwise stated in this manual the SPARC Enterprise system is described as the server or the system Some references to server names and document names are abbreviated for readability For example if you see a reference to the M9000 server note that the full product name is the SPARC Enterprise M9000 server And if you see a reference to the XSCF Reference Manual note that the full document name is the SPARC Enterprise M3000 M4000 M5000 M8000 M9000 Servers XSCF Reference Manual Before reading this document you should read the overview guide for your server and the SPARC Enterprise M3000 M4000 M5000 M8000 M9000 Servers Administration Guide At publication of this document servers described herein were shipping with XCP 1110 firmware installed That might no longer be the latest available version or the version now installed Always see t
164. Network Configuration Terms Term Explanation XSCF network interface ISN Takeover IP address DSCP General term for an interface required in XSCF network configuration Such interfaces include the following First XSCF Unit e XSCF LAN O Active side e XSCF LAN 1 Active side e Inter SCF Network ISN Active side If the XSCF Unit is redundant Second XSCF Unit If the XSCF Unit is redundant e XSCF LAN O0 Standby side e XSCF LAN 1 Standby side e ISN Standby side Takeover IP address If the XSCF Unit is redundant e XSCF LAN 0s e XSCF LAN 1s Domain SP Communication Protocol DSCP e XSCF side One IP address is required e Domain side One IP address is required for each domain therefore the IP addresses for the maximum number of domains are required This network is between two XSCF Units active and standby ISN is used for a system with a redundant XSCF configuration A takeover IP address virtual IP address is set between each XSCF x LAN 0 s Unique addresses of two XSCF Units The XSCF x LAN 1s are also the same Even if the active XSCF and the standby XSCF are switched the IP address takeover can be done at each LANs This interface protocol is used between XSCF and a domain DSCP settings are made with XSCF The network of the domains and the XSCF connected by DSCP might be called DSCP links Note Systems with two XSCF Units can only be M8000 M9000 servers
165. Note Because micro release numbers may be updated more often than the documentation the micro release number may appear in documents as a variable An example might be XCP 108x The XSCF and OpenBoot PROM firmwares have different firmware version numbers You can use the version 8 command or XSCF Web to display the XCP version for the system or the version of a firmware program In the flash memory of firmware there are two bank fields the current bank and the reserve bank The firmware update is controlled by using these two banks In the current bank there is a firmware that the system is using now The reserve bank is used to do the firmware update safely Note To obtain the latest XCP information see the Product Notes that apply to the firmware on your server and those that apply to the latest firmware release Chapter 8 Upgrade of XSCF Firmware and Maintenance 8 5 8 1 5 8 6 Three Steps of the Firmware Update The firmware update for the server has three steps XCP import update application as explained below 1 XCP import Storing the obtained XCP data in this system is called XCP import The system administrator or a field engineer obtains the XCP data files from the network or external media CD ROM DVD ROM or flash drive then he or she imports the data file using an XSCF console from a client personal computer or workstation connected to the server Simply importing XCP does not update the
166. O EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE This software consists of voluntary contributions made by many individuals on behalf of the Apache Software Foundation For more information on the Apache Software Foundation please see lt http www apache org gt Portions of this software are based upon public domain software originally written at the National Center for Supercomputing Applications University of Illinois Urbana Champaign Pile y Copyright c 1987 1993 1994 The Regents of the University of California All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain the above copyright t eR RO SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 notice this list of conditions and the following disclaimer 2 Redistributions in binary form must re
167. P address 192 168 1 10 and netmask 255 255 255 0 for XSCF LAN 0 in the XSCFU 0 to enable it XSCF gt setnetwork xscf 0 lan 0 m 255 255 255 0 192 168 1 10 lt Example 2 gt Specify IP address 192 168 12 10 for the ISN in the XSCFU 0 to enable it XSCF gt setnetwork xscf 0 if 192 168 12 10 lt Example 3 gt Specify IP address 192 168 11 10 and netmask 255 255 255 0 for the takeover IP address in the XSCF LAN 0 XSCF gt setnetwork lan 0 m 255 255 255 0 192 168 11 10 lt Example 4 gt Disable XSCF LAN 1 in the XSCFU 0 XSCF gt setnetwork xscf 0 lan 1 c down lt Example 5 gt Remove the configured IP address and netmask of XSCF LAN 1 in the XSCFU 0 XSCF gt setnetwork r xscf 0 lan 1 Note The setting values like as IP address netmask enabling up or disabling down the network interface by setnetwork 8 sethostname 8 setroute 8 and setnameserver 8 commands are applied by performing the applynetwork 8 and the rebootxscf 8 commands SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 4 Use the setdscp 8 command see Note to specify network interface information lt Example 1 gt Specify the entire DSCP network IP address 192 168 2 0 and netmask 255 255 255 0 XSCF gt setdscp i 192 168 2 0 m 255 255 255 0 lt Example 2 gt Specify IP address 192 168 2 1 for the XSCF XSCF gt setdscp s i 192 168 2 1 lt Example 3 gt Specify the IP address of 192 168 2 2 to domain ID 1
168. P address that is set is permitted m Check whether the SSL TSL function setting of the web browser is enabled Could Not Display XSCF Web Windows m If XSCF Web windows are not displayed even after login to the system from the top page of XSCF Web JavaScript may be disabled in the web browser settings Enable JavaScript in the browser settings and retry login If pop up window display is disabled in the web browser settings XSCF Web windows cannot be displayed Check the browser settings Forgot the Login Password for the XSCF Web m Since XSCF Web authentication is the same as XSCF Shell authentication see the above Forgot the Login Password for XSCF Failed in the First Attempt to Access the XSCF Web Function After Login m Check whether Cookies are accepted in the web browser settings D 4 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Web Pages of the XSCF Web Function are not Displayed Correctly m Some versions of web browsers do not display the windows correctly See Supported browsers in Chapter 9 and update your browser to the latest version Alert Message is Displayed in XSCF Web m Please confirm the content of the security alert message and stop the use of XSCF Web Perform the countermeasure to the content of the confirmed warning When the expiration is over re set the https setting of XSCF For the details of settings see Section 2 2 8 Https Administration on page 2 113 in Chapter
169. POSE THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU SHOULD THE LIBRARY PROVE DEFECTIVE YOU ASSUME THE COST OF ALL NECESSARY SERVICING REPAIR OR CORRECTION 16 IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER OR ANY OTHER PARTY WHO MAY MODIFY AND OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE BE LIABLE TO YOU FOR DAMAGES INCLUDING ANY GENERAL SPECIAL INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Libraries If you develop a new library and you want it to be of the greatest possible use to the public we recommend making it free software that everyone can redistribute and change You can do so by permitting redistribution under these terms or alternatively under the terms of the ordinary General Public License To apply these terms attach the following notices to the library It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty at least the copyright line and a pointer to where the full notice is found and each fi
170. Pues gt is FANBP_C 9 4 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 FIGURE 9 3 shows an example of the Tree frame and main page FIGURE 9 3 Example of the Tree Frame and Main Page Menu Physical 2 Back to top E XSCF XCP Import gt Status gt Operation Registered XCP version gt Setting System Status io Utility Registerd XCP version XCP 1050 Firmware Update 4 Switch Over D Reboot XScr File Browse fa Loggin gt Logging Upload 2 Back to top XCP Update Note Screen layouts and displays are provided as image examples and they may be changed to improve functionality The screen displays shown may also depend on the model and other conditions 9 2 Start the XSCF Web This section describes how to start the XSCF Web console with the XSCF Web To use the XSCF Web log in via an XSCF LAN port This connection cannot be established from a serial port Note The browser window for the XSCF Web is called the XSCF Web console Chapter 9 How to Use the XSCF Web 9 5 9 2 1 O22 9 2 0 9 6 Prerequisites Some settings are disabled in the initial settings of the XSCF Web To use this function advance configuration is required as follows m Create an XSCF user account m Enable https at the https setting to use the XSCF Web m Register the web server certificate at the https setting a Specify mail notification
171. R DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES END OF TERMS AND CONDITIONS Appendix How to Apply These Terms to Your New Programs If you develop a new program and you want it to be of the greatest possible use to the public the best way to achieve this is to make it free software which everyone can redistribute and change under these terms To do so attach the following notices to the program It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty and each file should have at least the copyright line and a pointer to where the full notice is found lt one line to give the program s name and a brief idea of what it does gt Copyright C 19yy lt name of author gt This program is free software you can redistribute it and or modify it under the terms of the GNU General Public License as published by the Free Software Foundation either version 2 of the License or at your option any later version This program is distributed in the hope that it will be useful but WITHOUT ANY WARRANTY without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE See the GNU General Public License for more details You should have received a copy of the GNU General Public License
172. RE DISCLAIMED EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID SS com Ca Adobe PostScript Copyright 2007 2012 Fujitsu Limited Tous droits r serv s Oracle et ou ses soci t s affili es ont fourni et v rifi des donn es techniques de certaines parties de ce composant Oracle et ou ses soci t s affili es et Fujitsu Limited d tiennent et contr lent chacune des droits de propri t intellectuelle relatifs aux produits et technologies d crits dans ce document De m me ces produits technologies et ce document sont prot g s par des lois sur le copyright des brevets d autres lois sur la propri t intellectuelle et des trait s internationaux Ce document le produit et les technologies aff rents sont exclusivement distribu s avec des licences qui en restreignent l utilisation la copie la distribution et la d compilation Aucune partie de ce produit de ces technologies ou de ce document ne peut tre reproduite sous quelque forme que ce soit par quelque moyen que ce soit sans l autorisation crite pr alable d Oracle et ou ses soci t s affili es et de Fujitsu Limited et de leurs ventuels bailleurs de licence Ce document bien qu il vous ait t fourni ne vous conf re aucun droit et aucune licence expresses ou tacites concernant le produit ou la technologie auxquels il se rapporte Par ailleurs il ne contient ni ne repr sente aucun engagement de quelque type que ce soit de la part
173. RE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE Part 4 Sun Microsystems Inc copyright notice BSD Copyright 2003 Sun Microsystems Inc 4150 Network Circle California 95054 U S A All rights reserved Santa Clara Use is subject to license terms below This distribution may include materials developed by third parties Sun Sun Microsystems the registered trademarks of Sun Microsystems countries Sun logo and Solaris are trademarks or Inc in the U S and other Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer Appendix E Software License Conditions E 13 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution Neither the name of the Sun Microsystems Inc nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE D
174. RESSLY STATED IN THE IMMEDIATELY PRECEEDING SENTENCE THE ORIGINAL WORK IS PROVIDED UNDER THIS LICENSE ON AN AS IS BASTS WITHOUT WARRANTY EITHER EXPRESS OR IMPLIED INCLUDING WITHOUT LIMITATION THE WARRANTY OF NON INFRINGEMENT AND WARRANTIES THAT THE ORIGINAL WORK IS MERCHANTABLE OR FIT FOR A PARTICULAR PURPOSE THE ENTIRE RISK AS TO THE QUALITY OF THE ORIGINAL WORK IS WITH YOU THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE NO LICENSE TO ORIGINAL WORK IS GRANTED HEREUNDER EXCEPT UNDER THIS DISCLAIMER 7 Limitation of Liability UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY WHETHER TORT INCLUDING NEGLIGENCE CONTRACT OR OTHERWISE SHALL THE LICENSOR BE LIABLE TO ANY PERSON FOR ANY DIRECT INDIRECT SPECIAL INCIDENTAL OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER ARISING AS A RESULT OF THIS LICENSE OR THE USE OF THE ORIGINAL WORK INCLUDING WITHOUT LIMITATION DAMAGES FOR LOSS OF GOODWILL WORK STOPPAGE COMPUTER FAILURE OR MALFUNCTION OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES EVEN IF SUCH PERSON SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU 8 Acceptance a
175. Replaceable in units of MBU XSCF redundancy Not available Not available Available Number of domains Number of CPUs Mounted processor System board division Memory mirroring DR COD option 1 SPARC64 VII SPARC64 VII Not available Not available Not available Not available Max 2 M4000 Max 4 M5000 Max 4 M4000 Max 8 M5000 SPARC64 VII SPARC64 VII SPARC64 VI Available Available Available Available Max 16 M8000 Max 24 M9000 Max 16 M8000 Max 32 M9000 Max 64 M9000 with expansion cabinet SPARC64 VII SPARC64 VII SPARC64 VI Available Available Available Available For an overview of the system board and the component see the Overview Guide and the Service Manual for your server SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 1 3 Types of Connection to XSCF This section outlines types of connection to the XSCF XSCF enables access to the server over a serial port or from networks connected to XSCF LAN FIGURE 1 4 outlines the connections to the XSCF FIGURE 1 4 Connections to XSCF In the Midrange Servers SSHftelnet rita https ps connection connection M 76 te ae XSCF LAN Terminal Ethernet connection Router Server Domain Connection to the serial port E IE Terminal Note In the systems with two XSCF Units the XSCF Unit is in a redundant configuration and there are physically twice as many X
176. SCF LAN ports and serial ports Also in the entry level server there is only one domain Chapter 1 XSCF Overview 1 15 13 4 1 16 The following connections in the XSCF Unit connection configuration shown in FIGURE 1 4 are described below m Serial port connection m XSCF LAN Ethernet connection Serial Port Connection The serial port enables workstations PCs and ASCII terminals to connect to the XSCF through the serial RS 232C port The user can use the XSCF Shell and access the domain console through the XSCF Shell XSCF LAN Ethernet Connection XSCF LAN Ethernet enables workstations and PCs to connect to the XSCF through the XSCF LAN port The following can be used with XSCF LAN Ethernet m XSCF Shell via a SSH or telnet connection m XSCF Web from a web browser running on the terminal m Domain console access m Mail reports a SNMP notification For details on these XSCF functions see the following chapters m Settings for each function Chapter 2 m Shell terminal and console connections Chapter 3 m XSCF Shell Chapter 5 m XSCF mail functions Chapter 6 m XSCF SNMP Agent functions Chapter 7 m XSCF Web Chapter 9 Examples of LAN Connection Operations The XSCF Unit has two 10 100 Mbps XSCF LAN two ports TABLE 1 2 to TABLE 1 4 outlines three XSCF LAN operation examples SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 1 2 XSCF LAN Operation Examples 1 LAN Name Operation
177. SCF Units it is necessary to specify the IP address The ISN address has been set up with the default value see TABLE 2 2 If the IP address of XSCF LAN conflicts with the default subnet address of ISN you must specify the IP address of ISN see 7 and 8 in FIGURE 2 1 Also both ISN addresses must be in the same network subnet Users cannot access this network See shownetwork 8 setnetwork 8 4 Specify the DSCP address After configured the domain see Section 2 2 13 Domain Configuration on page 2 146 specify the DSCP address Specify one DSCP IP address in the XSCF side and one for each of the domains See 9 10 or later in FIGURE 2 1 By specifying the option you can specify one DSCP address which is used in all of the DSCP links In this case the IP addresses used by the XSCF and each domain specific DSCP link are automatically selected from within the range of addresses indicated by the DSCP network address All DSCP addresses must be in the same network subnet Since the DSCP is the network for the communication between domain and XSCF users can t access to this network When you changed the DSCP address you must reset XSCF by using the rebootxscf 8 command before domain start up in order to maintain the consistency between XSCF and the domain After XSCF resetting the domain restart is required See showdscp 8 setdscp 8 Chapter 2 Setting Up XSCF 2 23 2 24 5 Specify the host name rout
178. SCF via the telnet you might fail to login due to timeout of the query to secondary alternated server or later m If the specified timeout is too brief for the configuration the login process or retrieval of user privilege settings could fail In such case specify larger value for the timeout and then try again m If you are an Active Directory user you cannot upload a user public key When you set the user public key to XSCF before XCP1100 delete the user public key The Active Directory users can access to XSCF via SSH by using the password authentication and can login to XSCF Enabling or Disabling the Active Directory Server Command operation 1 Use the showad 8 command to display the use of Active Directory server XSCF gt showad dnslocatormode disabled expsearchmode disabled state disabled strictcertmode disabled timeout 4 logdetail none 2 Use the setad 8 command to enable or disable the use of Active Directory server lt Examplel gt Enable the use of Active Directory server XSCF gt setad enable lt Example2 gt Disable the use of Active Directory server XSCF gt setad disable 3 Use the showad 8 command to confirm the use of Active Directory server XSCF gt showad dnslocatormode disabled expsearchmode disabled state enabled strictcertmode disabled timeout 4 logdetail none Chapter 2 Setting Up XSCF 2 53 Specifying an Active Directory Server
179. SCFU only Chapter 3 Connecting to the XSCF and the Server 3 19 CHAPTER 4 Operation of the Server This chapter mainly describes operation of the server hardware 4 1 Display Server Hardware Environment This section describes methods for checking the configuration and status of the server hardware during system configuration or operation To display the configuration and status of a server use the XSCF Shell Commands Used to Display Information Execute the following commands individually as appropriate For details of these commands see Chapter 5 m showhardconf m version m showdate m showenvironment m showstatus m cfgdevice 4 1 4 1 1 Displaying System Information Command operation 1 Use the showhardcon f 8 command to check the mode switch status XSCF gt showhardconft SPARC Enterprise xxxx Power_Supply_System Single SCF ID XSCF 0 Domain 0 Domain_Status Powered Off Serial PP20605005 Operator_Panel_Switch Locked System_Power On System_Phase Cabinet Power On MBU_B Status Normal Ver 0101h Serial 7867000282 2 Use the showdate 8 command to display the system time XSCF gt showdate Thu Jul 6 14 48 01 UTC 2006 3 Use the version 8 command to display the XCP comprehensive firmware version XSCF version and OpenBoot PROM version XSCF gt version c xcp v XSCF 0 Active XCPO Current 1082 OpenBoot PROM 02 09
180. SL so see the available LDAP Active Directory and LDAP SSL manuals 10 Configure the LDAP settings a Configure XSCF as an LDAP client e Display and set LDAP client information showldap 8 set 1dap 8 See Section 2 2 3 LDAP Administration on page 2 44 11 Configure the Active Directory settings Configure XSCF as an Active Directory client e Display and set Active Directory client information showad 8 setad 8 See Section 2 2 4 Active Directory Administration on page 2 49 12 Configure the LDAP SSL settings m Configure XSCF as an LDAP SSL client e Display and set LDAP SSL client information showldapss1 8 setldapss1 8 See Section 2 2 5 LDAP SSL Administration on page 2 71 13 Configure the user account settings m Configure XSCF local account e Add or delete a user account e Change a user account password e Display user account information e Enable or disable a user account e Specify a user privilege e Display lockout settings and configure lockout for user accounts adduser 8 deleteuser 8 password 8 showuser 8 enableuser 8 disableuser 8 setprivileges 8 showloginlockout 8 setloginlockout 8 See Section 2 2 2 User Account Administration on page 2 36 Chapter 2 Setting Up XSCF 2 9 14 Configure the log archiving settings e Display log archiving settings and showarchiving 8 setarchiving
181. SL Administration Terms Term Description LDAP SSL LDAP SSL is a distributed directory service like Active Directory LDAP SSL offers enhanced security to LDAP users by way of Secure Socket Layer SSL technology Like an LDAP directory service it is used to authenticate users LDAP SSL provides both authentication of user credentials and authorization of the user access level to networked resources LDAP SSL uses authentication to verify the identity of users before they can access system resources and to grant specific access privileges to users in order to control their rights to access networked resources User privileges are either configured on XSCF or learned from a server based on each user s group membership in a network domain A user can belong to more than one group User domain is the authentication domain used to authenticate a user LDAP SSL authenticates users in the order in which the users domains are configured Once authenticated user privileges can be determined in the following ways In the simplest case user s privileges are determined directly through the LDAP SSL configuration on the XSCF There is a defaultrole parameter for LDAP SSL If this parameter is configured or set all users authenticated via LDAP SSL are assigned privileges set in this parameter Setting up users in an LDAP SSL server requires only a password with no regard to group membership If the defaultrole parameter is not configur
182. SPARC Enterprise M3000 M4000 M5000 M8000 M9000 Servers XSCF User s Guide amp Sun Fujitsu eya M SPARC Manual Code C120 E332 11EN January 2012 Copyright 2007 2012 Fujitsu Limited All rights reserved Oracle and or its affiliates provided technical input and review on portions of this material Oracle and or its affiliates and Fujitsu Limited each own or control intellectual property rights relating to products and technology described in this document and such products technology and this document are protected by copyright laws patents and other intellectual property laws and international treaties This document and the product and technology to which it pertains are distributed under licenses restricting their use copying distribution and decompilation No part of such product or technology or of this document may be reproduced in any form by any means without prior written authorization of Oracle and or its affiliates and Fujitsu Limited and their applicable licensors if any The furnishings of this document to you does not give you any rights or licenses express or implied with respect to the product or eee ae to which it pertains and this document does not contain or represent any commitment of any kind on the part of Oracle or Fujitsu Limited or any affiliate of either of them This document and the product and technology described in this document may incorporate third party intellectual property copyrighted
183. Setting Up XSCF 2 1 2 1 2 2 XSCF Setup Summary 2 1 2 1 1 Setup Summary by the XSCF Shell 2 2 2 1 2 Setup Summary Using the XSCF Web 2 12 Specifying the XSCF Settings 2 15 2 2 1 Network Configuration 2 16 2 2 2 User Account Administration 2 35 2 2 3 2 2 4 2 2 5 2 2 6 2 2 7 2 2 8 2 2 9 2 2 10 2 2 11 2 2 12 2 2 13 2 2 14 2 2 15 2 2 16 2 2 17 2 2 18 LDAP Administration 2 43 Active Directory Administration 2 48 LDAP SSL Administration 2 70 Time Administration 2 90 SSH Telnet Administration 2 101 Https Administration 2 109 Audit Administration 2 116 Log Archiving Administration 2 123 SNMP Administration 2 128 Mail Administration 2 139 Domain Configuration 2 142 System Board Configuration 2 170 Domain Mode Configuration 2 173 Locale Administration 2 184 Altitude Administration 2 185 DVD Drive Tape Drive Unit Administration 2 186 2 3 Save and Restore XSCF Configuration Information 2 189 3 Connecting to the XSCF and the Server 3 1 3 1 Connect Terminals to the XSCF 3 1 3 1 1 3 1 2 3 1 3 3 1 4 3 1 5 3 1 6 3 1 7 Terminal Operating Modes for Connection to XSCF 3 2 Port and Terminal Types Connected to the XSCF 3 2 About the XSCF LAN the DSCP Link Port Number and the Function and the Firewall 3 5 Connecting to XSCF via the Serial Port 3 7 Connecting to XSCF Using SSH via the LAN Port 3 8 Connecting to XSCF Using Telnet via the LAN Port 3 9 Switching Between the XSCF Shell and the Domain Console 3 1
184. TABILITY AND FITNESS IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL DIRECT INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE DATA OR PROFITS WHETHER IN AN ACTION OF CONTRACT NEGLIGENCE OR OTHER TORTIOUS ACTION ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE Id COPYRIGHT v 1 6 2 4 2004 03 15 04 44 37 marka Exp Portions Copyright C 1996 2001 Nominum Inc Permission to use copy modify and distribute this software for any purpose with or without fee is hereby granted provided that the above copyright notice and this permission notice appear in all copies THE SOFTWARE IS PROVIDED AS IS AND NOMINUM DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS IN NO EVENT SHALL NOMINUM BE LIABLE FOR ANY SPECIAL DIRECT INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE DATA OR PROFITS WHETHER IN AN ACTION OF CONTRACT NEGLIGENCE OR OTHER TORTIOUS ACTION ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE This document is freely plagiarised from the Artistic Licence distributed as part of the Perl v4 0 kit by Larry Wall which is available from most major archive sites This documents purpose is to state the conditions under which these Packages See definition below viz Crack the Unix Password Cracker and CrackLib
185. TABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT A Appendix E Software License Conditions E 17 INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE eR HH O from telnetd h 5 3 Berkeley 3 1 91 Id telnetd h v 1 2 1999 03 27 07 46 21 dholland Exp ye Copyright c 1989 The Regents of the University of California All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 All advertising materials mentioning features or use of this software must display the following acknowledgement
186. This section describes the typical XSCF Shell commands that manage resource assignment to domains and resource removal from domains install devices remove devices replace devices and enable or disable functions m showdevices cfgdevice m console m showdcl setdcl m showfru setupfru m addfru deletefru replacefru m showboards addboard deleteboard moveboard m showdomainmode setdomainmode showdevices cfgdevice The cf gdevice 8 command displays the domain to which a DVD drive unit or tape drive unit is assigned Also the cfgdevice 8 command can be used only on M8000 M9000 servers The showdevices 8 command displays the operating status of resources installed on a system board XSB The system administrator can use this command to determine the devices to be assigned to a domain and check whether the DR function can be used to connect or disconnect an XSB SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 console The console 8 command establishes a connection to the domain console This command supports both interactive and read only connections showdcl setdcl The showdc1 8 command displays the domain configuration information DCL specified for individual domains or LSBs that compose a domain and the setdc1 8 command specifies the configuration The system administrator refers to and specifies DCL when adding an XSB to a domain showfru setupfru The showfru 8 command di
187. U GPL are required INSTEAD OF the above restrictions This clause is necessary due to a potential conflict between the GNU GPL and the restrictions contained in a BSD style copyright THIS SOFTWARE IS PROVIDED AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE AUTHOR S BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE Copyright c 1998 Red Hat Software Permission is hereby granted free of charge to any person obtaining a copy of this software and associated documentation files the Software to deal in the Software without restriction including without limitation the rights to use copy modify merge publish distribute sublicense and or sell copies of the Software and to permit persons to whom the Software is furnished to do so subject to the following conditions The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Softwar
188. UDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE o O The licence and distribution terms for any publically available version or derivative of this code cannot be changed i e be copied and put under another distribution licence including the GNU Public Licence m f this code cannot simply Redistribution and use in source and binary forms of Linux PAM with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain any existing copyright notice and this entire permission notice in its entirety including the disclaimer of warranties 2 Redistributions in binary form must reproduce all prior and current copyright notices this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 The name of any author may not be used to endorse or promote products derived from this software without their specific prior written permission ALTERNATIVELY this product may be distributed under the terms of the GNU General Public License in which case the provisions of the GN
189. Up to Data is displayed in units of audit records three delimiters can be used Records after the specified time e The return values are as Records before the specified time follows Records the specified range of time Siccess Ti Failure Other then 0 none No return value Records on a specific date 24 hours of records on that date in local time Audit class Audit event Audit session ID User privilege none indicates that no audit token has a return value Return value success failure or none User name or UID Also to display an audit trail specify the following formats Line by line printing Delimiter specified The default delimiter is the comma Suppressing conversion of UIDs into user names and IP addresses into hostnames Printing in XML format Note 5 Note 1 If audit is disabled writing to the audit trail is stopped all requests to the log file transfer to the log archive function are also stopped When audit is enabled writing restarts Rebooting the system disables and then enables access auditing Also the local audit file of XSCF have the primary and secondary files The data is kept as is even if you perform archiving unless it exceeds the threshold of audit file Therefore the usage of the audit file never becomes 0 Note 2 For detail of global policy see the Administration Guide Note 3 If an audit trail becomes full while suspend is
190. Use the showsnmp 8 command to display SNMP settings lt Example gt Display of the status when settings have been made for SNMPv1 and SNMPv2c XSCF gt showsnmp Agent Status Enabled Agent Port 161 System Location MainTower21F System Contact foo example com System Description DataBaseServer Trap Hosts Hostname Port Type Community String Username Auth Protocol host1 162 v1 public n a n a host2 1162 v2 public n a n a SNMP V1 V2c Status Enabled Community String public 2 Use the setsnmp 8 command to make SNMPv3 trap settings lt Example gt Specify a user name an engine ID an authentication algorithm authentication and encryption passwords and the host name or IP address of the trap destination XSCF gt setsnmp addv3traphost u yyyyy n Ox r SHA host3 Authentication Password Encryption Password xxxxxxxx Chapter 2 Setting Up XSCF 2 137 3 Confirm the SNMPv3 trap settings XSCF gt showsnmp Agent Status Enabled Agent Port 161 System Location MainTower21F System Contact musha jp fujitsu com System Description DataBaseServer Trap Hosts Hostname Port Type Community String Username Auth Protocol host 162 v3 n a yyyyy SHA host1 62 v1 public n a n a host2 1162 v2 public n a n a SNMP V1 V2c Status Enabled Community String public Enabled MIB Modules SP MIB FM MIB Disabling Traps to the Target Host of SNMPv3
191. XSCF Reference Manual SPARC Enterprise M4000 M5000 M8000 M9000 Servers Dynamic Reconfiguration DR User s Guide SPARC Enterprise M4000 M5000 M8000 M9000 Servers Capacity on Demand COD User s Guide SPARC Enterprise M3000 M4000 M5000 M8000 M9000 Servers Product Notest SPARC Enterprise M3000 Server Product Notes SPARC Enterprise M4000 M5000 Servers Product Notes SPARC Enterprise M8000 M9000 Servers Product Notes External I O Expansion Unit Product Notes SPARC Enterprise M3000 M4000 M5000 M8000 M9000 Servers Glossary This is a printed document Beginning with the XCP 1100 release Preface Xv xvi Text Conventions This manual uses the following fonts and symbols to express specific types of information Font symbol Meaning Example AaBbCc123 What you type when contrasted XSCF gt adduser jsmith with on screen computer output This font represents the example of command input in the frame AaBbCc123 The names of commands files and XSCF gt showuser p directories on screen computer User Name jsmith output Privileges useradm This font represents the example of auditadm command output in the frame Italic Indicates the name of a reference See the SPARC Enterprise n manual a variable or user replaceable text Indicates names of chapters sections items buttons or menus M3000 M4000 M5000 M8000 M9 000 Servers XSCF User s Guide See Chapter 2 System Features SPARC Enterprise M
192. XSCF gt setdscp d 1 i 192 168 2 2 lt Example 4 gt Setting DSCP addresses using Interactive mode XSCF gt setdscp DSCP network 192 168 244 0 gt 192 168 2 0 DSCP netmask 255 255 255 0 gt 255 255 255 0 XSCF address 192 168 2 1 gt 192 168 2 1 Domain 00 address 192 168 2 2 gt 192 168 2 2 Commit these changes to the database y n y It is necessary to configure DSCP to enable it for the domains For details about the Domain Configuration see Section 2 2 13 Domain Configuration on page 2 146 Setting DSCP addresses can only be done when affected domains are not running Use of the i and m options to set all DSCP addresses can only be done when no domains are running Setting the XSCF address can only be done when no domains are running since this would affect the XSCF s communication to running domains Setting individual domain addresses can be done only if the specified domain is not running When you changed the DSCP address you must reset XSCF by using the rebootxscf 8 command before domain start up in order to maintain the consistency between XSCF and the domain After XSCF resetting the domain restart is required You can specify a network address for use by all of the DSCP links using the i and m options In this mode of operation the IP addresses used by the XSCF and each domain specific DSCP link are automatically selected from within the range of addresses indicated by the netwo
193. _ S to be taken SNMP trap Enables consolidated control for system administration in _ S report conjunction with SNMP manager 1 4 1 Note Symbols S Supported Not supported User Accounts and User Privileges The system administrator and field engineers log in to XSCF with XSCF user accounts that allow them to refer to the status of any part of the entire system and work on all parts of the system Each domain administrator uses an XSCF user account that enables system control of one domain For the server the system administrator must consider both a user account that controls the whole system and a user account that administers each domain When a user is registered the user is assigned a privilege that controls the XSCF operations available to that user This is referred to as the user privilege of the registered user account For example to set up a domain administrator the user privilege for the domain is specified Moreover you can provide system monitoring privileges for instance without system operation privileges You can also limit privileges to specific domains TABLE 1 7 lists user privilege names and outlines the user privileges Chapter 1 XSCF Overview 1 23 TABLE 1 7 User Privilege Names and Descriptions User privilege Outline Description of Defined Contents domainop n domainmgr n domainadm n platop platadm useradm auditop Reference of the status of any pa
194. able set by Status of mode switch in the setdomainmode 8 Key position of mode switch prtdig 1M output on Service UNLOCK off UNLOCK on Locked LOCK off UNLOCK For details of the setdomainmode 8 command see the XSCF Reference Manual For details of the prtdiag 1M command see the Oracle Solaris OS documentation SPARC64 VII SPARC64 VII and SPARC64 VI Processors and CPU Operational Modes The M4000 M5000 M8000 M9000 support system boards that contain SPARC64 VII SPARC64 VIL and SPARC64 VI processors or a mix of these processor types The M3000 servers support only SPARC64 VII or SPARC64 VII processors This section applies only to M4000 M5000 M8000 M9000 servers that run or will run SPARC64 VII or SPARC64 VII processors On the M3000 server only SPARC64 VII or SPARC64 VII processor is mounted and Oracle Solaris OS operates in SPARC64 VII enhanced mode Chapter 2 Setting Up XSCF 2 181 2 182 Note Supported firmware releases and Oracle Solaris releases vary based on processor type For details see the Product Notes that apply to the XCP release running on your server and the latest version of the Product Notes no earlier than XCP version 1100 The first firmware to support the newer M3000 server is the XCP 1080 firmware For specific information about minimum OS requirements see the Product Notes for your server FIGURE 2 9 shows an example of a mixed configuration of SPARC64 VI and SPARC64 VII processo
195. abled timeout 4 logdetail none Use the set 1dapss1 8 command to enable or disable the use of LDAP SSL server lt Examplel gt Enable the use of LDAP SSL server XSCF gt setldapssl enable lt Example2 gt Disable the use of LDAP SSL server XSCF gt setldapssl disable Chapter 2 Setting Up XSCF 2 75 3 Use the showldapss1 8 command to confirm the use of LDAP SSL server XSCF gt showldapss1l usermapmode disabled state enabled strictcertmode timeout 4 logdetail disabled none Specifying an LDAP SSL Server and Port Number a Command operation 1 Use the showldapss1 8 command to display LDAP SSL server settings XSCF gt showldapssl server Primary Server address none port 0 XSCF gt showldapssl server i Alternate Server address none port 0 Alternate Server 2 address none port 0 Alternate Server 3 address none port 0 Alternate Server 4 address none port 0 Alternate Server 5 address none port 0 2 Use the setldapss1 8 command to configure LDAP SSL servers lt Example 1 gt Specify the XSCF gt setldapssl server lt Example 2 gt Specify the XSCF gt setldapssl server primary server and port number 10 18 76 230 4041 alternative server i 1 10 18 76 231 2 76 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 3 Use the showldapss1 8 command to confirm the LDAP SSL server setting
196. ails on specifying the timeout period see Chapter 2 m In one domain only one user can use the RW console write enabled console While one user is using the RW console another user cannot start another RW console in the same domain For details on console connection see Chapter 3 m When a login fails see Appendix D Note In this manual the window of the XSCF Shell terminal is called the XSCF console Operation From a Terminal Connected to the Serial Port This section describes how to log in from a terminal connected to the serial port 1 After the terminal is connected to the serial port press the Enter key on the terminal 2 Enter a user account and password when prompted by XSCF 3 Enter XSCF commands at the shell prompt XSCF gt that is displayed after login to XSCE The following is a login example login jsmith Password XXXXXXXX XSCF gt Operation for Connecting Via the XSCF LAN SSH This section describes how to log in to XSCF through an XSCF LAN SSH connection 1 Before logging in using SSH check that the fingerprint is pre stored If you did not save the fingerprint please connect to the serial port and use showssh 8 to make a memo of the fingerprint of the host public key SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 2 From an SSH client specify the IP address or host name of XSCF and the port number if necessary default port number 22
197. ain period the user is forcibly logged out For details on setting XSCF session timeout see the description on the setautologout 8 command To return to the shell window from the domain console press the default escape character and period while holding down the Enter key For details on changing these default keys see the description on the console 8 command Domain console RW console Note 2 OS console enabled for input and output The RW console is enabled by specifying a write enabled console in the console 8 command from the shell terminal In one domain only one user one connection at a time can use the RW console When you return to XSCF Shell console without logging out from the domain the return causes automatically logging out from the domain At this time a background program is forced to quit To avoid the background program force quit return to XSCF Shell console with logging out from the domain For detailed instructions on setting the session timeout value for domain console see the Oracle Solaris OS manual Domain console RO console OS console used for display only The RO console is enabled by specifying a reference only console in the console 8 command from the shell terminal XSCF Web The XSCF Web can be used by specifying a URL in a browser SSH 22 telnet 23 A LAN cable is required https 443 A LAN cable is required 3 4 SPARC Enterprise Mx000 Servers XSC
198. al modes 2 177 cpumode 2 178 cpumode auto 2 178 cpumode compatible 2 178 Creating a web server certificate by constructing the self CA 2 115 D Daylight saving time 2 938 DCL information 2 147 displaying or specifying 2 160 Deleting a system board from a domain 2 165 Displaying or specifying DCL information 2 160 Displaying the audit logs 27122 Displaying the XSB status 2 159 Dividing a PSB into XSBs 2 171 Domain assigning or configuring 2 162 control and maintenance 5 13 deleting system board 2 165 moving system board 2 167 Domain configuration 2 142 Domain configuration procedure 2 156 Domain console and XSCF shell 3 10 Domain mode configuration 2 173 Index 2 Domain Time setting to XSCF time 2 100 Dual power feed 4 22 DVD drive tape drive unit administration 2 186 E Enabling or disabling XSCF network 2 24 Enabling or disabling audit 2 120 Enabling or disabling ssh telnet 2 104 Enabling or disabling the automatic boot function 2 181 Enabling or disabling the Host watchdog function and the Break signal suppression 2 180 Enabling or Disabling the LDAP SSL Server 2 73 Enabling or disabling the log archiving 25120 Enabling or disabling the mail report function 2 142 Enabling Disabling the SNMP agent 22132 Enabling disabling the SNMPv1 and v2c 2 135 Error messages XSCF web 9 30 Event log B 7 Extended MIB C 3 F Failover 1 2 3 16 H Hardware diagnostic level c
199. ale Locale Specify the following a default locale setlocale English e Japanese UTF8 Setting Locale Command operation 1 Use the showlocale 8 command to check the current locale information lt Example 1 gt Japanese locale XSCF gt showlocale ja_JP UTF 8 lt Example 2 gt English locale XSCF gt showlocale C 2 Use the setlocale 8 command to set a locale lt Example 1 gt Specify a Japanese locale XSCF gt setlocale s ja_JP UTF 8 lt Example 2 gt Specify a English locale XSCF gt setlocale s C The locale setting becomes effective at the next login 2 190 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Deal Altitude Administration This section explains the altitude settings The server changes the system monitoring due to the altitude of the server Therefore the operator must set the altitude during the initial system setting This setting is done by FEs With the altitude setting the fan speed level varies by the environmental temperature To display the fan speed level for each environmental temperature execute the showenvironment 8 command For the fan speed level corresponding to the altitude and the environmental temperature see Section 4 1 1 Displaying System Information on page 4 2 TABLE 2 36 lists setting items and the corresponding shell commands TABLE 2 36 Altitude Administration Item Description Shell Command Remar
200. all any form resulting mechanical translation of a Source form including but not limited to compiled object code generated documentation and conversions to other media types mean from Work shall mean the work of authorship whether in Source or Object form made available under the License as indicated by a copyright notice that is included in or attached to the work an example is provided in the Appendix below Derivative Works form shall mean any work whether in Source or Object that is based on or derived from the Work and for which the editorial revisions annotations elaborations or other modifications represent as a whole an original work of authorship For the purposes of this License Derivative Works shall not include works that remain separable from or merely link or bind by name to the interfaces of the Work and Derivative Works thereof E 10 Contribution shall mean any work of authorship including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner For the purposes of this definition submitted means any form of electronic verbal or written communication sent to the Licensor or its representatives including but not limited to communication on electronic ma
201. along with this program if not write to the Free Software Foundation Inc 51 Franklin Street Fifth Floor Boston MA 02110 1301 USA Also add information on how to contact you by electronic and paper mail If the program is interactive make it output a short notice like this when it starts in an interactive mode Gnomovision version 69 Copyright C 19yy name of author Gnomovision comes with ABSOLUTELY NO WARRANTY for details type show w This is free software and you are welcome to redistribute it under certain conditions type show c for details The hypothetical commands show w and show c should show the appropriate parts of the General Public License Of course the commands you use may be called something other than show w and show c they could even be mouse clicks or menu items whatever suits your program You should also get your employer if you work as a programmer or your school if any to sign a copyright disclaimer for the program if necessary Here is a sample alter the names Yoyodyne Inc hereby disclaims all copyright interest in the program Gnomovision which makes passes at compilers written by James Hacker lt signature of Ty Coon gt 1 April 1989 Ty Coon President of Vice This General Public License does not permit incorporating your program into proprietary programs If your program is a subroutine library you may consider it more useful to permit linking propriet
202. and 2 152 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 2 27 XSB Status Information Item Explanation XSB number XSB number DID Domain ID LSB LSB number that is used for domain assignment Status of pre arranged registration in a domain Assignment unavailable The XSB is in the system board pool not assigned to a domain and its status is one of the following not yet diagnosed under diagnosis or diagnosis error All XSBs that are not mounted are also shown as Unavailable available XSB is in the system board pool and its diagnosis has completed normally assigned XSB assigned to the domain power Indicates the XSB power status Pwr Ts oes XSB power off state Yi wees XSB power on state connectivity Indicates the state of a hardware connection to a domain Conn Deke System board pool state The XSB has been deleted from the domain by hardware This includes a domain shutdown y XSB connected by hardware to the domain The XSB is active in the domain or ready to be added to the Oracle Solaris OS configuration Status of a logical connection to a domain Conf Hoo Not added to the domain Oracle Solaris OS Paisa Active and added to the domain Oracle Solaris OS test Indicates the diagnosis status Note Test Unmount XSB not yet mounted or defined Unknown Diagnosis not yet performed Testing Diagnosis in progress Passed Diagnosis comp
203. and and response protocol is used to test and change configuration parameters of LANs and WANs that are connected to bridges routers switches or other devices via networks Currently SNMPv1 SNMPv2c and SNMPv3 are available SNMPv3 has added encryption and authentication functions in comparison with SNMPv1 and SNMPv2c MIB Abbreviation for Management Information Base This is the information database used to manage the SNMP agent function which responds with MIB information to requests from the SNMP manager USM Abbreviation for User based Security Model This user based security model is defined by SNMPv3 2 132 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 2 20 SNMP Administration Terms Continued Term Description VACM Abbreviation for View based Access Control Model This view based access control model is defined by SNMPv3 Group Users belonging to a VACM model The group is defined in the access privilege of every user in the group OID Abbreviation for Object Identifier This is an object identification number a numerical address for an object in the MIB definition file expressed with integers using a dot as the delimiter View Method of referring to the MIB definition file A view is a subtree of the MIB which is MIB View defined with OIDs and OID masks An MIB access control view can be provided to a group TABLE 2 21 lists settings and the corresponding shell commands T
204. and Port Number a Command operation 1 Use the showad 8 command to display Active Directory server settings XSCF gt showad server Primary Server address none port 0 XSCF gt showad server i Alternate Server address none port 0 Alternate Server 2 address none port 0 Alternate Server 3 address none port 0 Alternate Server 4 address none port 0 Alternate Server 5 address none port 0 2 Use the setad 8 command to configure Active Directory servers lt Example 1 gt Specify the primary server and port number XSCF gt setad server 10 24 159 150 8080 lt Example 2 gt Specify the alternative server XSCF gt setad server i 1 10 24 159 151 2 54 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 3 Use the showad 8 command to confirm the Active Directory server setting XSCF gt showad server Primary Server address 10 24 159 150 port 8080 XSCF gt showad server i Alternate Server 1 address 10 24 159 151 port 0 Alternate Server 2 address none port 0 Alternate Server 3 address none port 0 Alternate Server 4 address none port 0 Alternate Server 5 address none port 0 Enabling or Disabling the DNS locator Mode Command operation 1 Use the showad 8 command to display the DNS locator mode status XSCF gt showad dnslocatormode disabled expsearchmode disabled state enabled strictcertmo
205. and all the SPARC64 VI processors later fail the Oracle Solaris OS will see only the SPARC64 VII and SPARC64 VII processors because the failed SPARC64 VI processors will have been degraded and it will reboot the domain in SPARC64 VII Enhanced Mode You will be able to use DR to delete the bad SPARC64 VI boards so you can remove them But you will not be able to use DR to add replacement or repaired SPARC64 VI boards until you change the domain from SPARC64 VII Enhanced Mode to SPARC64 VI Compatible mode which requires a reboot Setting cpumode to compatible in advance enables you to avoid possible failure of a later DR add operation and one or more reboots SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Changing the Initial Hardware Diagnostic Level Command operation 1 Use the showdomainmode 8 command to display the initial hardware diagnostic level lt Example gt Display the initial hardware diagnostic levels of domain ID 0 XSCF gt showdomainmode d 0 v Host ID 0 010f 10 Diagnostic Level min Secure Mode LOEE Autoboot on CPU Mode auto Ethernet Address 00 0b 5d e2 01 0c Note The v option and the display for ethernet address is supported in XCP1082 or later Chapter 2 Setting Up XSCF 2 185 2 Use the setdomainmode 8 command to change the initial hardware diagnostic level lt Example gt Specify the maximum initial hardware diagnostic level for d
206. and save the data to a specific directory of the client The following screen is an example Chapter 2 Setting Up XSCF 2 5 XSCF gt showssh SSH status enabled SSH DSCP accept RSA key ssh rsa AAAAB3NzaC1lyc2EAAAABIWAAATEArmf 46B4xSvunUNZPWOi 4mRbqO9hsunxHitwR OP6NTQObDNK8BqCpCsyzK6nfJjraARztOlrgXIdF XLDELY2hudEkuMCjyorX1HK d8WH C7eydTCM8Edwwtwm00406 6peB QwI 0L41DCNRg 4aGyWUHZBwmiwahum 7MJDCKs KKM Fingerprint 1024 14 75 fd 5c e1 68 79 6 db cb a7 36 25 53 25 9a DSA key ssh dss AAAAB3NzaC1kc3MAAACBAMMG1 ewTyceFX7 EnKuDIp1BVnuxf UTtALVinkf XLQbUn gn84G8xp9GPnWOpNqiWXxAL8wiInQrpz9wFd7n4sZk74HALM gThpj bpdXR7 6FpEvO MzCi6qYuv4yQ 0 uKCHmJE zIOvOnDoofVELXYRKxTIyQOY5 mtsf 44IloGzJbxAAA AFQCTNSxe0 5hbDziCOlgvch7FdUM3 QAAAIBKGSbFr3XMYxubT7ViDHHIFgF pj EMw DREJD05g7XwlslgFX4Ff2nqItepyfnok CeDilbv1Xs0JGAGsbcwpBeKe7YcSepM3 xe8vGXSIdVqGbf Dvqb09 P1qin58qEKTA2Cj5L9a 6usSYfKHOSDhnvxX3R8 Hk liy 6EUaVSaJUHj gAAATAZ qQahRLAMu0g5FCuQ000xgfZzExRBIlalQ7sBhMTrg1dksKP yPN9Yj Iw6QJTXUD6 9acCWHD nIKBTnSdO NdwxDRKU2 9cOvNriUpbs5RoZgiCNCd 7nMMQUMFTzc7 8nd3w pcj D5mBB6kELKuQurWbIDELTgYJcfm52C9T1R5WA Fingerprint 1024 e2 66 1a c8 8f 37 6f ec 6c 2a d4 93 a7 6 dce 5c 7 Installing the user public key m Before using the SSH user key for an XSCF LAN connection generate a user private key and a user public key for a created XSCF user account with your client software Then in
207. and status of a domain Note For details on domain management configuration and each command see Chapter 2 the XSCF Reference Manual or the Administration Guide Commands Used to Display Domain Information Execute the following commands individually as appropriate For details of commands see Chapter 5 m showdcl m showboards m showdomainstatus m version Chapter 4 Operation of the Server 4 9 4 2 1 Domain Information Command operation 1 Use the showdc1 8 command to check the domain ID LSB number configuration policy No memory state true false No IO state true false floating board state and degradation information lt Example 1 gt In the SPARC Enterprise M4000 M5000 M8000 M9000 servers XSCF gt showdcl va DID LSB XSB Status No Mem No IO Float Cfg policy 00 Running FRU 00 00 0 False False False 01 02 03 04 01 0 False True False 05 15 lt Example 2 gt In the M3000 servers XSCF gt showdcl va DID LSB XSB Status No Mem No IO Float Cfg policy 00 Running FRU 00 00 0 False False False 2 Use the showdomainstatus 8 command to check the domain status XSCF gt showdomainstatus a DID Domain Status 00 Running 01 02 Powered Off 03 Panic State 04 Shutdown Started 05 Booting OpenBoot PROM prompt 06 Initialization Phase 07 OpenBoot Execution Completed 4 10 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 3 Use the sh
208. and use SSH connection via XSCF LAN 3 Enter a user account and password when prompted by XSCF 4 The fingerprint of the host public key may be displayed with a request to confirm its authenticity If it is authentic enter yes as the response since the XSCF is correct with confirming the fingerprint 5 Enter XSCF commands at the shell prompt XSCF gt that is displayed after log in to XSCFE Note To set the password for an XSCF user account use the password 8 command The shownetwork 8 command can be used to display XSCF LAN setting information and the current network connection status Chapter 5 Overview of the XSCF Shell 5 9 The following is a login example foo phar foo ssh june 192 168 0 2 The authenticity of host 192 168 0 2 192 168 0 2 can t be established RSA key fingerprint is 03 4b b4 b2 3d 4d 0c 24 03 ca 1 63 2 a7 3 35 Are you sure you want to continue connecting yes no yes Warning Permanently added 192 168 0 2 RSA to the list of known hosts foo phar s password xxxxxx XSCF gt 5 2 4 When the SSH connection is done using a user key install the user public key in XSCF in advance See Chapter 2 for instructions on how to install the user public key The following example shows a login using a user public key client ssh nana 192 168 1 12 Enter passphrase for key home nana ssh id_rsa XXXXXXX Warning No xauth data using fake authenticat
209. ange the address of the XSCF s own local clock In value specify the least significant byte of the clock address of the local clock 127 127 1 x for value A numeric from 0 to 3 can be 2 102 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 specified By specifying either from 1 to 3 the address of an NTP server which is referring to the local clock does not correspond to the address of the XSCF internal local clock anymore and a server which is referring to the local clock can also be set as the NTP server of XSCF Setting the Domain Time to the XSCF Time Command operation 1 Use the showdate 8 command to display the XSCF time XSCF gt showdate Mon Jan 23 14 53 00 JST 2006 2 Use the showdateoffset 8 command to confirm the difference the XSCF time with each domain time XSCF gt showdateoffset a DID Domain Date Offset 00 128 sec 01 0 sec 02 1024 sec 03 9999999 sec 3 Use the poweroff 8 command to turn off power to all domains XSCF gt poweroff a DomainIDs to power off 00 01 02 03 Continue y n y 00 Powering off 01 Powering off 02 Powering off 03 Powering off Note This command only issues the instruction to power off The result of the instruction can be checked by the showlogs power XSCF gt 4 Use the resetdateoffset 8 command to reset the time subtractions between the domains with the XSCE XSCF gt resetdateoffset XSCF gt
210. annot be initialized from the standby XSCF Command operation To execute this command 1 Connect to the XSCF over a serial connection Chapter 4 Operation of the Server 4 33 2 Log in the XSCF Unit 3 Use the restoredefaults 8 command to initialize the server operator panel and XSCF Unit or the XSCF Unit For specifying an option in the restoredefaults 8 command see the XSCF Reference Manual Note For this command support information see the Product Notes for your server 4 34 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 CHAPTER 5 Overview of the XSCF Shell This chapter describes how to use the XSCF Shell The chapter also describes how to use commands and log in with an XSCF user account It also explains command errors 5 1 Overview of the XSCF Command Shell Performing certain XSCF commands on the XSCF Shell terminal can display the server status so that control and configuration information related to system operation can be viewed The XSCF commands are effectively used by users who have created user accounts for the XSCF Shell terminal but cannot use the XSCF Web The following XSCF commands can be used from the XSCF Shell prompt XSCF gt displayed after login to XSCF There are nine user privilege types as described below For details on setting the user privilege see Chapter 2 For details on the operations available with each user privilege level
211. archmode disabled state enabled strictcertmode disabled timeout 4 logdetail none 2 Use the setad 8 command to enable or disable the expanded search mode lt Examplel gt Enable the expanded search mode XSCF gt setad expsearchmode enable lt Example2 gt Disable the expanded search mode XSCF gt setad expsearchmode disable 3 Use the showad 8 command to confirm the expanded search mode status XSCF gt showad dnslocatormode enabled expsearchmode enabled state enabled strictcertmode disabled timeout 4 logdetail none Enabling or Disabling the Strictcert Mode Command operation 1 Use the showad 8 command to display the strictcert mode status XSCF gt showad dnslocatormode enabled expsearchmode enabled state enabled strictcertmode disabled timeout 4 logdetail none Chapter 2 Setting Up XSCF 2 57 2 58 2 Use the setad 8 command to enable or disable the strictcertmode lt Examplel gt Enable the strictcertmode XSCF gt setad strictcertmode enable lt Example2 gt Disable the strictcertmode XSCF gt setad strictcertmode disable 3 Use the showad 8 command to confirm the strictcertmode status XSCF gt showad dnslocatormode enabled expsearchmode enabled state enabled strictcertmode enabled timeout 4 logdetail none If strictcertmode is enabled the server s certificate must have already been uploade
212. ardware configuration diagrams in an entry level server The PSB type is fixed to Uni XSB In the entry level server the number of domains is one and the domain fully uses the resources in the PSB FIGURE 2 8 XSB Configuration Diagram Uni XSB In the Entry Level Server PSB O is Uni XSB type XSB 00 0 Domain Configuration Procedure and Reference Sources The steps from making domain configuration settings to activating a domain are shown below Each step contains a reference to where you can find additional information In the M3000 server Step 2 and Step 4 are not required Perform Step 1 Step 3 and Step 5 only if you change the domain configuration policy 1 Log in to XSCF 2 Make memory mirror mode and Uni Quad XSB settings for each PSB Note See showfru 8 setupfru 8 and Section 2 2 14 System Board Configuration on page 2 175 3 Create the DCL information corresponding to a domain LSB and XSB See showdc1 8 setdc1 8 4 Assign an XSB to the domain according to the created DCL information See addboard 8 showboard 8 5 Turn on the power to the domain Note Make these settings only to change the number of XSB divisions and the mirror mode Chapter 2 Setting Up XSCF 2 161 Note For the procedure for installing removing or replacing a system board in the server see the Service Manual for your server Also for details on using the DR function see the Dy
213. are to deal in the Software without restriction including without limitation the rights to use copy modify merge publish distribute sublicense and or sell copies of the Software and to permit persons to whom the Software is furnished to do so subject to the following conditions The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software THE SOFTWARE IS PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND EXPRESS OR IMPLIED INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM DAMAGES OR OTHER LIABILITY WHETHER IN AN ACTION OF CONTRACT TORT OR OTHERWISE ARISING FROM OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE Redistribution and use in source and binary forms of libcap with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain any existing copyright notice and this entire permission notice in its entirety including the disclaimer of warranties SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 2 Redistributions in binary form must reproduce all prior and current copyright notices this list of conditions and the following disclaimer in the documentation and or other materials provi
214. ary applications with the library If this is what you want to do use the GNU Library General Public License instead of this License GNU LESSER GENERAL PUBLIC LICENSE version 2 1 February 1999 Copyright C 1991 1999 Free Software Foundation 51 Franklin Street Fifth Floor Boston MA 02110 1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document but changing it is not allowed Inc This is the first released version of the Lesser GPL It also counts as the successor of the GNU Library Public License version 2 version number 2 1 hence the Preamble The licenses for most software are designed to take away your freedom to share and change it By contrast the GNU General Public Licenses are intended to guarantee your freedom to share and change free software to make sure the software is free for all its users This license the Lesser General Public License applies to some specially designated software packages typically libraries of the Free Software Foundation and other authors who decide to use it You can use it too but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case based on the explanations below Appendix E Software License Conditions When we speak of free software we are referring to freedom of use not price Our General Public Licenses are designed to make
215. as is without express or implied warranty of any kind These notices must be retained in any copies of any part of this documentation and or software The apr_md5_encode routine uses much code obtained from the FreeBSD 3 0 MD5 crypt function which is licenced as follows THE BEER WARE LICENSE lt phk login dknet dk gt wrote this file you can do whatever you want with this stuff think this stuff is worth it you can buy me a beer in return Revision 42 As long as you retain this notice If we meet some day and you Poul Henning apr_ldap_compat c LDAP v2 v3 compatibility things Original code from auth_ldap module for Apache v1 3 Copyright 1998 1999 Enbridge Pipelines Inc Copyright 1999 2001 Dave Carrigan a es Portions Copyright c 1992 1996 Regents of the University of Michigan All rights reserved Redistribution and use in source and binary forms are permitted provided that this notice is preserved and that due credit is given to the University of Michigan at Ann Arbor The name of the University may not be used to endorse or promote products derived from this software without specific prior written permission This software is provided or implied warranty 7 as is without express Appendix E Software License Conditions Copyright c 1998 1999 2000 Thai Open Source Software Center Ltd and Clark Cooper Permission is he
216. assword XXXXXXXX lt Example 2 gt Specifying a host name port number reply address and POP authentication XSCF gt setsmtp Mail Server 192 1 4 2 192 1 4 5 Port 25 Authentication Mechanism none pop POP Server 192 1 4 2 User Name usr001 Password XXXXXXXX Reply Address yyyy example com 3 Check the SMTP server setting information XSCF gt showsmtp Mail Server 192 1 4 5 Port 25 Authentication Mechanism pop User Name usr001 Password x Reply Address yyyy example com Chapter 2 Setting Up XSCF 2 145 poi be Enabling or Disabling the Mail Report Function and Specifying the Recipient Address Used for Notification Command operation 1 Set the SMTP server as described in Specifying the Host Name Port Number and Reply Address of the SMTP Server Use the showemailreport 8 command to display mail report setting information XSCF gt showemailreport E Mail Reporting disabled 2 Use the setemailreport 8 command to set mail report information lt Example gt Enabling the mail report function and specifying a reply addresses XSCF gt setemailreport Enable E Mail Reporting no yes E mail Recipient Address xxxxx example com Do you want to send a test mail now no yes Sending test mail to xxxxx example com 3 Use the showemailreport 8 command to confirm mail report setting information XSCF gt showema
217. at is part of the Library the object code for the work may be a derivative work of the Library even though the source code is not Whether this is true is especially significant if the work can be linked without the Library or if the work is itself a library The threshold for this to be true is not precisely defined by law I such an object file uses only numerical parameters data structure layouts and accessors and small macros and small inline functions ten lines or less in length then the use of the object file is unrestricted regardless of whether it is legally a derivative work Executables containing this object code plus portions of the Library will still fall under Section 6 Otherwise if the work is a derivative of the Library you may distribute the object code for the work under the terms of Section 6 Any executables containing that work also fall under Section 6 whether or not they are linked directly with the Library itself 6 As an exception to the Sections above you may also combine or link a work that uses the Library with the Library to produce a work containing portions of the Library and distribute that work under terms of your choice provided that the terms permit modification of the work for the customer s own use and reverse engineering for debugging such modifications You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered
218. ation See Appendix B for the corrective action c Otherwise check the XSCF event logs and server status by using the XSCF Shell through the serial port Appendix D Troubleshooting D 7 Use the following commands to check the events that occurred at the time the problem occurred m showlogs error m showlogs event m showlogs power showlogs monitor ms showlogs console a fmdump If you find an error see Appendix B in this manual for the corrective action d Check the XSCF console log or panic log for the latest messages A message may have been output by the Oracle Solaris OS after it detected the problem In cases involving a panic use the showlogs 8 command with the panic option to check the events that occurred at the time the panic occurred For information about using the command see the XSCF Reference Manual 3 If you cannot find any problem after checking the above points restart the system 4 If you find any problem see Appendix B and take measures based on the corrective action that is described such as using the maintenance guidance of the XSCF Shell command for replacement of the relevant component D 8 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 APPENDIX E Software License Conditions Some of the software functions explained in this manual are licensed under public licenses GNU Public License GPL GNU Lesser Public License LGPL and others This appendix lists these public lic
219. ation Terms Term Description Domain PSB XSB LSB System board Uni XSB Quad XSB Note 3 Hardware resource When hardware resources in the server are logically divided into one or more units each set of divided resources can be used as one system which is called a domain An Oracle Solaris OS can operate in each domain The PSB is made up of physical components and can include 1 CMU CPU Memory Board unit and 1 IOU I O unit or just 1 CMU In the M4000 M5000 servers the CMU is mounted on the MBU A PSB can also be used as to describe a physical unit for addition deletion exchange of hardware The PSB can be used in one of two methods one complete unit undivided status or divided into four subunits However in the M3000 server the PSB can be used in one complete unit undivided status only Note On the M4000 M5000 servers 1 PSB is 1 CMU In an M4000 server a PSB makes up the entire MBU In an M5000 server there are two PSBs on the single Motherboard unit one PSB contains CPUs 0 to 3 and the other PSB contains CPUs 4 to 7 In the M3000 server a PSB makes up the entire MBU There is only one PSB which contains CPU I O and memory The PSB cannot be divided into four subunits The XSB is made of physical components In the XSB the PSB can be either one complete unit undivided status or divided into four subunits The XSB is a unit used for domain construction and identification and can be also us
220. aust air see the latest version of the Product Notes no earlier than the XCP 1080 edition for your server The list below explains the group summary of the extension MIB supported by the XSCF 1 scfInfo group This group provides general information pertaining to the XSCF 2 scfState group This group provides overall status information known to the XSCF 3 scfMonitorInfo group This group provides environmental information for a variety of components within the system 4 scfSystemInfo group This group provides general System information and LED states 5 scfDomainInfo group This group provides information specific to all Domains known to the XSCF 6 scfXsbInfo group This group provides information specific to all XSBs known to the XSCF 7 scfLsbInfo group This group provides information specific to all LSBs 8 scfBoardInfo group This group provides information pertaining to specific board components within a System 9 scfCpulnfo group This group provides information for all CPU Modules Cores within the System 10 scfMemoryInfo group This group provides information for all Memory Modules within the System C 4 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 11 scfloBoxInfo group This group provides information for the External I O Expansion Unit IOBOX that is attached to the system and the components which make it up The components include I O boats Link Cards and Power Sup
221. by this License You must supply a copy of this License If the work during execution displays copyright notices you must include the copyright notice for the Library among them as well as a reference directing the user to the copy of this License Also you must do one of these things a Accompany the work with the complete corresponding machine readable source code for the Library including whatever changes were used in the work which must be distributed under Sections 1 and 2 above and if the work is an executable linked with the Library with the complete machine readable work that uses the Library as object code and or source code so that the user can modify the Library and then relink to produce a modified executable containing the modified Library It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions b Use a suitable shared library mechanism Library A suitable mechanism is one that copy of the library already present on the rather than copying library functions into for linking with the 1 uses at run time a user s computer system the executable and 2 will operate properly with a modified version of the library if the user installs one as long as the modified version is interface compatible with the version that the work was made with c Accompany the work with a written offer
222. cabinet Doran DomainID y Serial port For security reasons using Virtual Private Network VPN as the external network is strongly recommended 3 14 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 hya XSCF Connection via a Serial Port Establish an XSCF connection via a serial port Connect the serial port as shown in FIGURE 3 1 An XSCF connection via the serial port has the following functions and advantages m XSCF Shell m Advantageous when connection to the LAN is not desirable for reasons of security a Displaying the initial diagnostic message at the XSCF connection XSCF Connection via XSCF LAN and Serial Ports Establish the XSCF connection via XSCF LAN and serial ports This type of connection is also shown in FIGURE 3 1 The XSCF connection via both ports has the following advantage in addition to those for the connection via the XSCF LAN port m A user who connected with the serial port can safely use the XSCF Shell XSCF LAN and Serial Connection Purposes The XSCF Unit has one serial port and two XSCF LAN ports with 10 100 Mbps interfaces This section describes examples of using the XSCF LAN ports and the serial port Caution IMPORTANT The IP address of XSCF LAN 0 and IP address of XSCF LAN 1 must be specified in different subnet addresses Using Two LAN Ports and Making the LAN Redundant FIGURE 3 6 shows an example of a configuration where the two XSCF LAN ports of on
223. cal tree When you select a component the component information and the state are displayed in the main page This information is equivalent to the showhardconf 8 command To refer to the information and status of logical components that belong to each domain select the target component in the Logical tree When you select a component the logical component information and the state are displayed in the main page This information is equivalent to the showboards 8 and showhardcon 8 commands In addition the state of each component on the Physical tree and the Logical tree can be updated by pushing the REFRESH button of the XSCF Web Console If there is a component with an abnormal status a mark is added to the component on the tree Select the component so marked and confirm its details Note Screen layouts and configurations may be changed to improve functionality Chapter9 Howto Use the XSCF Web 9 31 9 5 9 32 XSCF Web Error Messages TABLE 9 27 lists the typical messages category from the XSCF Web Moreover in each category detailed messages are displayed Also the message from XSCF Web is almost the same as the error message of the XSCF Shell command For typical messages from the XSCF Shell command see Chapter 5 TABLE 9 27 Error Messages of XSCF Web Message Meaning Authentication Failed Login failed XSCF ERROR XSCF abnormally ended Note The error message depends on the XSCF Web
224. ced This function is equivalent to the flashupdate 8 command To switch the XSCF select Utility Switch Over in the menu tree This function is equivalent to the switchscf 8 command This function is available in the M8000 M9000 servers only On the page which is displayed after you log in to the standby XSCF Unit you can perform operations such as XSCF switching and log collection To reset the XSCF select Utility Reboot XSCF in the menu tree This function is equivalent to the rebootxc 8 command Chapter9 Howto Use the XSCF Web 9 29 Logs TABLE 9 26 lists the functions for referring and saving each log Select Logs in the Menu Tree and select a target log TABLE 9 26 Log Collection Function Remarks Error log display Power log display Event log display Console log display Panic log display Temperature and humidity history log display Environment Log IPL message log display Monitor message log display Audit log display Active Directory log display Display the error log Also you can search the logs This function is equivalent to the error option of the showlogs 8 command Display the power log Also you can search the logs This function is equivalent to the power option of the showlogs 8 command Display the event log Also you can search the logs This function is equivalent to the event option of the showlogs 8 command Display the console log This fu
225. cert console Warning About to load certificate for Alternate Server 1 Continue y n y Please enter the certificate zanet BEGIN CERTIFICATE MIIETjCCAzagAwIBAgIBADANBgkqhkiCG9w0OBAQQFADB8MQswCQYDVQQGEwJVUZET MBEGA1UECBMKO2FsaWZvcm5pYTESMBAGA1UEBxMJU2 Ful ERpZWdvMRkwFwYDVOOK ExBTdwW4gTW1jcm9zeXN0ZW1 ZMRUWEWYDVOOLEWxTeXN0 ZWOgR30VdXAxEj AOBgNV SS Sa END CERTIFICATE lt Press Ctrl and D keys gt SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 3 Use the showad 8 command to confirm that the server certificate is loaded XSCF gt showad cert Primary Server certstatus certificate present issuer DC local DC xscf CN apl serial number 55 1f ff c4 73 7 5a b9 4e 16 3c fc e5 66 5e 5a subject DC local DC xscf CN apl valid from Mar 9 11 46 21 2010 GMT valid until Mar 9 11 46 21 2015 GMT version 3 0x02 XSCF gt showad cert i 1 Alternate Server 1 certstatus certificate present issuer DC local DC aplle CN aplle local serial number 0b 1d 43 39 ee 4b 38 ab 46 47 de 0a b4 a9 ea 04 subject DC local DC aplle CN aplle local valid from Aug 25 02 38 15 2009 GMT valid until Aug 25 02 44 48 2014 GMT version 3 0x02 4 Use the setad 8 command to delete the server certificate XSCF gt setad rmcert Warning About to delete certificate for Primary Server Conti
226. city pertaining to distribution of the program without specific prior permission and notice be given in supporting documentation that copying and distribution is by permission of Livingston Enterprises Inc the as is Inc makes no about representations It is provided Livingston Enterprises suitability of this software for any purpose without express or implied warranty C The Regents of the University of Michigan and Merit Network Inc 1992 1993 1994 1995 All Rights Reserved Permission to use copy modify and distribute this software and its documentation for any purpose and without fee is hereby granted provided that the above copyright notice and this permission notice appear in all copies of the software and derivative works or modified versions thereof and that both the copyright notice and this permission and disclaimer notice appear in supporting documentation THIS SOFTWARE IS PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESS OR IMPLIED INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE THE REGENTS OF THE UNIVERSITY OF MICHIGAN AND MERIT NETWORK INC DO NOT WARRANT THAT THE FUNCTIONS CONTAINED IN THE SOFTWARE WILL MEET LICENSEE S REQUIREMENTS OR THAT OPERATION WILL BE UNINTERRUPTED OR ERROR FREE The Regents of the University of Michigan and Merit Network Inc shall not be liable for any special indirect incidental or consequential damages with respec
227. cket to the host name scf0 hostname three times XSCF gt ping c 3 scf0 hostname PING scf0 hostname XX XX XX XX 56 data bytes 64 bytes from XX XX XX XX icmp_seq 0 ttl 64 time 0 1 ms 64 bytes from XX XX XX XX icmp_seq 1 ttl 64 time 0 1 ms 64 bytes from XX XX XX XX icmp_seq 2 ttl 64 time 0 1 ms scf0 hostname ping statistics 3 packets transmitted 3 packets received 0 packet loss round trip min avg max 0 1 0 1 0 1 ms Chapter 2 Setting Up XSCF 2 35 3 Use the traceroute 8 command to confirm the network path to network devices lt Example gt Display the network path to the host server example com XSCF gt traceroute server example com traceroute to server example com XX XX XX XX 30 hops max 40 byte packets 1 XX XX XX 1 XX XX XX 1 1 792 ms 1 673 ms 1 549 ms 2 XX XX XX 2 XX XX XX 2 2 235 ms 2 249 ms 2 367 ms 3 XX XX XX 3 XX XX XX 3 2 199 ms 2 228 ms 2 361 ms 4 XX XX XX 4 XX XX XX 4 2 516 ms 2 229 ms 2 357 ms 5 KX XX XK 5 KX XK 5 2 546 ms 2 347 ms 2 272 ms 6 server example com XX XX XX XX 2 172 ms 2 313 ms 2 36 ms 2i Note The confirming functions of the XSCF network by ping 8 and traceroute 8 commands are supported only on M3000 M4000 M5000 M8000 M9000 servers that run certain versions of XCP firmware beginning with XCP 1080 User Account Administration User account administration is used to specify XSCF local user accounts passwords and user privileges a
228. cluding its conflict of law provisions The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded Any use of the Original Work outside the scope of this License or after its termination shall be subject to the requirements and penalties of the U S Copyright Act 17 U S C 101 et seq the equivalent laws of other countries and international treaty This section shall survive the termination of this License 11 Attorneys Fees In any action to enforce the terms of this License or seeking damages relating thereto the prevailing party shall be entitled to recover its costs and including reasonable attorneys fees and costs incurred in connection with such action including any appeal of such action the termination of this License expenses without limitation This section shall survive Appendix E Software License Conditions 12 Miscellaneous This License represents the complete agreement concerning the subject matter hereof If any provision of this License is held to be unenforceable such provision shall be reformed only to the extent necessary to make it enforceable 13 Definition of You in This License You throughout this License whether in upper or lower case means an individual or a legal entity exercising rights under and complying with all of the terms of this License For legal entities You includes any entity that controls is controlled by or
229. collected Appendix B XSCF Log Information B 13 m Console message B 8 B 14 COD Activation Log When an addition and a deletion of COD hardware activation permit occurs in the server the XSCF firmware collects an COD activation log Specify the log option on the XSCF Shell and perform the showcodactivationhistory 8 command to reference COD activation logs For details of each log option of showcodactivationhistory 8 see the XSCF Reference Manual or the man page See TABLE 8 3 for the size and generation number of each log SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 APPENDIX C XSCF MIB This appendix explains the XSCF Management Information Base MIB which is supported by the XSCF SNMP agent function C 1 MIB Object Identifiers TABLE C 1 below explains the MIB object identifiers supported by the XSCF TABLE C 1 MIB Object Identifiers internet OBJECT IDENTIFIER iso org 3 dod 6 1 directory OBJECT IDENTIFIER internet 1 mgmt OBJECT IDENTIFIER internet 2 experimental OBJECT IDENTIFIER internet 3 private OBJECT IDENTIFIER internet 4 mib 2 OBJECT IDENTIFIER mgmt 1 system OBJECT IDENTIFIER mib 2 1 interfaces OBJECT IDENTIFIER mib 2 2 at OBJECT IDENTIFIER mib 2 3 ip OBJECT IDENTIFIER mib 2 4 icmp OBJECT IDENTIFIER mib 2 5 tcp OBJECT IDENTIFIER mib 2 6 TABLE C 1 MIB Object Identifiers C
230. ction describes the configuration of pages available with the XSCF Web console Menu and page configuration are described below e Menu tree When you select an item on the menu the XSCF target page is displayed on the main page Status Pages which are the system domain state display the system domain operation the XSCF configuration firmware update and log display are provided Also the page System Status Domain Status Device Status for switching XSCF is included on the Operation M8000 M9000 servers only Domain Operation For information about the function of the Domain Power target page see TABLE 9 3 or later Domain Mode Configuration Domain Configuration System Board Configuration Domain Configuration Settings Network Current Reserve Time SSH Telnet LDAP LDAP SSL Active Directory User Manager Audit SMTP Email Reporting SNMP SNMP Security Log Archives Capacity on Demand Sun MC Autologout Chapter 9 How to Use the XSCF Web 9 9 9 10 Continued Utility Firmware Update Switch Over Reboot XSCF Logs Error Log Power Log Event Log Console Log Panic Log Environment Log IPL Message Log Monitor Message Log Audit Log Active Directory Log LDAP SSL Log Snapshot or Data Collector COD Activation History e Physical tree Physical components in the server When you select each
231. cumentation and or other materials provided with the distribution ee Oe OF 3 All advertising materials mentioning features or use of this software must display the following acknowledgment This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit http www openssl org 4 The names OpenSSL Toolkit and OpenSSL Project must not be used to endorse or promote products derived from this software without prior written permission please contac openssl core openssl org For written permission 5 Products derived from this software may not be called OpenSSL nor may OpenSSL appear in their names without prior written permission the OpenSSL Project 6 Redistributions of any form whatsoever must retain the following acknowledgment This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit http www openssl org THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT AS IS AND ANY EXPRESSED OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY TH
232. d ii Re connect the XSCF and log in again iii XSCF firmware update is completed iv To switch the XSCF select Utility Switch Over d Refer to the Monitor message log to confirm that the XSCF firmware update has finished 6 To complete the update of the OpenBoot PROM firmware restart the domain 7 Confirm that the version of the system firmware that is running is that of the firmware applied from the XSCF Web console Updating XCP From External Media 1 Insert the external media with the XCP file into the drive Insert the external media into a drive connected to the network that XSCF has access to If necessary copy the XCP file to an arbitrary folder 2 Confirm the XCP version in the XCP file tar gz of external media The latest XCP information is released on external media or a web site To obtain the URL of the web site see the description of the firmware download in the Product Notes for your server 3 Perform the same steps in Updating XCP From the Network Confirming That the OpenBoot PROM Firmware is Updated When a CMU MBU Is Added or Replaced Note This function is not available when you are using the M3000 server When a MBU is replaced you must match the number of the firmware versions See Confirming That the XSCF Firmware Is Updated When the MBU Is Replaced in the M3000 server Chapter 8 Upgrade of XSCF Firmware and Maintenance 8 19 8 20 1 After a CMU MBU addition or replacem
233. d to the XSCF SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Loading or Deleting the Server Certificate Command operation 1 Use the showad 8 command to display the server certificate information XSCF gt showad cert Primary Server certstatus certificate not present issuer none serial number none subject none valid from none valid until none version none XSCF gt showad cert i Alternate Server 1 certstatus certificate not present issuer none serial number none subject none valid from none valid until none version none Alternate Server 2 Alternate Server 5 certstatus certificate not present issuer none serial number none subject none valid from none valid until none version none Chapter 2 Setting Up XSCF 2 59 2 60 2 Use the setad 8 command to load the server certificate to the XSCF lt Examplel gt Loads a server certificate for the primary server using a username and password XSCF gt setad loadcert u yoshi http domain_2 UID_2333 testcert Warning About to load certificate for Primary Server Continue y n y Password lt Example2 gt Copy and paste the server certificate in the window to load the certificate for alternative server 1 on the console Please press Enter and press the Ctrl and D keys Then the loading is completed XSCF gt setad load
234. d sets the trap host for SNMPv1v2c or SNMPv3 This functions is equivalent to the showsnmp 8 and setsnmp 8 commands 9 26 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 9 21 lists the functions for configuring security access for SNMPv3 Select Settings SNMP Security in the Menu tree TABLE 9 21 SNMP Configuration Security Access Function Remarks USM management information display and setting VACM management information display and setting Displays and sets the USM management information for SNMPv3 This function is equivalent to the showsnmpusm 8 and setsnmpusm 8 commands For details of the USM management see TABLE 2 21 Displays and sets the VACM management information for SNMPv3 This functions is equivalent to the showsnmpvacm 8 and setsnmpvacm 8 commands For detail of VACM management information see TABLE 2 21 TABLE 9 22 lists the functions for configuring Log archiving for XSCF Select Setting Log Archives in the Menu tree TABLE 9 22 Log Archiving Configuration Function Remarks Log archiving display and configuration Host public key setting Displays and sets the archiving host to save the XSCF log information enabling and disabling log archiving and the log capacity limits These functions are equivalent to the showlogarchiving 8 and set logarchiving 8 commands Sets a public key used in server authentication for the a
235. d to the XSCF Shell console m The update is performed with the maintenance terminal connected to the XSCF serial port or XSCF LAN port 8 1 3 Method of Delivering Firmware Delivering the XCP Files The XCP files are stored at the locations and in the format described below After obtaining the XCP files you can import XCP regardless of whether the operating system is running or stopped a Ata web site a Format Compressed tar file tar gz or Windows executable exe Note To obtain the URL of the Web site see the description of the firmware download in the Product Notes for your server Note When the operation is done by Service or Field Engineers SEs FEs a CD ROM DVD ROM or flash drive may be used 8 4 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 8 1 4 Method of Checking the Firmware Version The firmware version for this system is called the XCP version Higher version numbers represent newer firmware Before updating the firmware be sure to check the XCP version in the current system The following example shows a command that displays the XCP version XSCF gt version c xcp XSCF 0 Active XCPO Current 1080 XCP1 Reserve 1080 XSCF 1 Standby XCPO Current 1080 XCP1 Reserve 1080 The XCP version number appears as xyyz by four digits where a x Major firmware release number a yy Minor release number m z Micro release number
236. de January 2012 TABLE 2 4 User Account Administration Continued Item Description Shell Command Remarks Enable disable Enables or disables the lockout function setloginlockout The lockout is disabled lockout function To disable the lockout specify 0 minutes by default for lockout period To enable lockout e After three sequential specify a period other than 0 minutes login failures it locks out the user login for a specified period of time Range of the lockout period is 0 to 1440 minutes Note 2 Note 1 If the password policy is set then the password policy is applied to the users added after that When you change the password for another user by using the user operand they system password policy is not enforced When changing another user s password be sure to choose a password that conforms with the system password policy Note 2 After the login authentication failure XSCF locks out the user login for a period of time that specified in the last account lockout setting On the M8000 M9000 servers the account lockout function is enabled in both active standby XSCF When the user login locked out a message will be saved in the audit log The setloginlockout s 0 will disable the account lockout When the account lockout is disabled a user can attempt to login and fail an unlimited number of times If a user needs to access their locked account before the lockout time is complete the
237. de disabled timeout 4 logdetail none 2 Use the setad 8 command to enable or disable the DNS locator mode lt Example1 gt Enable the DNS locator mode XSCF gt setad dnslocatormode enable lt Example2 gt Disable the DNS locator mode XSCF gt setad dnslocatormode disable Chapter 2 Setting Up XSCF 2 55 3 Use the showad 8 command to confirm the DNS locator mode status XSCF gt showad dnslocatormode enabled expsearchmode disabled state enabled strictcertmode disabled timeout 4 logdetail none Configuring the DNS locator Query Command operation 1 Use the showad 8 command to display the configuration of the DNS locator query XSCF gt showad dnslocatorquery i 1 service 1 none XSCF gt showad dnslocatorquery i 2 service 2 none 2 Use the setad 8 command to configure the DNS locator query XSCF gt setad dnslocatorquery i 1 _ldap _tcp gc _msdcs 3 Use the showad 8 command to confirm the DNS locator query XSCF gt showad dnslocatorquery i 1 service 1 _ldap _tcp gc _msdcs DNS and DNS locator mode must be enabled for DNS locator queries to work SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Enabling or Disabling the Expanded Search Mode Command operation 1 Use the showad 8 command to display the expanded search mode status XSCF gt showad dnslocatormode enabled expse
238. ded with the distribution 3 The name of any author may not be used to endorse or promote products derived from this software without their specific prior written permission ALTERNATIVELY this product may be distributed under the terms of the GNU General Public License in which case the provisions of the GNU GPL are required INSTEAD OF the above restrictions This clause is necessary due to a potential conflict between the GNU GPL and the restrictions contained in a BSD style copyright THIS SOFTWARE IS PROVIDED AS IS AND ANY EXPRESS OR IMPLIEDWARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE AUTHOR S BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaime
239. describes the XSCF mail function 6 1 Overview of XSCF Mail Function The mail report function used by XSCF firmware to send messages to the administrator has the following features Notification by email of faults in system components monitored by the XSCF Even if a system failure or a serious error that disables reboot occurs an email message is guaranteed to be sent POP authentication facility and SMTP authentication at email sendings are possible To prevent illegal Mail Sending POP Authentication POP before SMTP or SMTP Authentication SMTP AUTH can be done before mail sending is accepted with a SMTP server 6 1 FIGURE 6 1 outlines the XSCF mail function FIGURE 6 1 XSCF Mail Function Mail server SMTP server POP auth SMTP auth server server Via SMTP sever alls cation Internet nz Parts fault Unauthorized Mail terminal access XSCF Email Notification Path The email notification path is described below The setting for notification is made with the XSCF Shell m Sending an email message through the SMTP server The host name or IP address of the SMTP server must be set m Sending an email with POP authentication or SMTP authentication It is necessary to specify whether to do the authentication And the POP authentication or the SMTP authentication must be selected Then ID and password for the authentication is required 6 2 SPARC Enterprise Mx000 Servers XSCF User s Guide
240. ds gt Service state gt Locked gt Return XSCF gt When the server is running normally the mode switch is set to the Locked position 2 Set the password policy e Display and set a password policy showpasswordpolicy 8 setpasswordpolicy 8 See Section 2 2 2 User Account Administration on page 2 36 This table includes the example of setting items and command used It is similar thereafter 3 Create an XSCF user account password and privileges m Create at least one user account with the user privileges of platadm and useradm XSCF gt adduser yyyy XSCF gt password yyyy XSCF gt setprivileges xxxxxx See Section 2 2 2 User Account Administration on page 2 36 The screen is an operating procedure image m The default user account is publicly available information When installation is completed create an appropriate user account for the user environment and log in again with the new user account For details on the user privileges see the Administration Guide a When you add the user account use the showuser 8 command with 1 option to confirm that there is no illegal user account in the user account list Note In preparation for maintenance work please create an account for a field engineer FE with the privilege of fieldeng during the initial set up SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 4 Set the time e S
241. e If the automatic boot function is suppressed it stops at an ok prompt so that the user can start the Oracle Solaris OS in single user mode in an Oracle Solaris OS installation for example Break means to forcibly interrupt data sending and restore the initial state The signal used for this purpose is called a break signal When a break signal is sent from a domain console XSCF receives the signal and stops the domain at an ok prompt Switches on the operator panel The mode switch has the following two modes e Locked Normal operation mode e Service Maintenance mode Operational mode for CPU hardware that Oracle Solaris OS uses The CPU operational mode includes the following two types e SPARC64 VII enhanced mode Operates using the enhanced functions of the SPARC64 VII and SPARC64 VII processors This mode is set to domains that consist only of SPARC64 VII and SPARC64 VII processors and when the CPU operational mode is determined automatically by Oracle Solaris OS e SPARC64 VI compatible mode All the mounted CPUs operate with the functions equivalent to the SPARC64 VI processor This mode can be set for a domain of any CPU configuration Note When the mode switch on the operator panel is set to Service the automatic boot and host watchdog functions are suppressed and the break signal is received regardless of the domain mode settings Chapter 2 Setting Up XSCF 2 179 TABLE 2 32 lists setting items and t
242. e THE SOFTWARE IS PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND EXPRESS OR IMPLIED INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT IN NO EVENT SHALL THE X CONSORTIUM BE LIABLE FOR ANY CLAIM DAMAGES OR OTHER LIABILITY WHETHER IN AN ACTION OF CONTRACT TORT OR OTHERWISE ARISING FROM OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE Except as contained in this notice the name of the X Consortium shall not be used in advertising or otherwise to promote the sale use or other dealings in this Software without prior written authorization from the X Consortium SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 pes Copyright c 1990 The Regents of the University of California All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 All advertising materials mentioning features or use of this software must display the following acknowledgement
243. e January 2012 19 Configure the domain settings Display domain information and specify showboards 8 showdc1 8 setdc1 8 the domain configuration DCL displaying and settings configuration policy settings System board settings Add delete or move a system board addboard 8 deleteboard 8 moveboard 8 See Section 2 2 13 Domain Configuration on page 2 146 20 In the M3000 server you cannot perform operations such as setting the domain configuration or adding or deleting the system board The domain has been configured by default and cannot be changed However you can set the configuration policy and display the domain information The Domain Component List DCL is definition data for the hardware resources that constitute a domain There is one DCL per the logical system board Each domain has up to 16 logical system boards The DCL is used to add a hardware resource that constitutes a domain and to display resource configuration information For details on the DCL see Section 2 2 13 Domain Configuration on page 2 146 the Administration Guide and the Dynamic Reconfiguration User s Guide In the configuration policy settings a degradation range applicable to errors detected during initial hardware diagnosis can be specified Configure the domain mode settings Display and make the domain mode showdomainmode 8 setdomainmode 8 settings Diagnostic level Break signal See Sectio
244. e Mar Mar Mar Mar 30 30 30 30 Lies aly L ys lt Example 2 gt specifying a Date Power logs are displayed as a list XSCF gt showlogs power 25 31 JST 2005 35 31 JST 2005 45 31 JST 2005 50 31 JST 2005 Power logs are listed in order of the most to least start time and end time XSCF gt showlogs power t Mar3017 302005 T Mar3017 492005 Mar 30 17 45 31 JST 2005 Mar 30 17 35 31 JST 2005 Event System System Domain Domain off On Off On Power Power Power Power Event Domain Power Off System Power On Cause DID Pow Fail Recov Pow Fail Recov Operator 00 Operator 00 r Cause DID Operator 00 Pow Fail Recov Switch Service Locked Locked Service recent by Switch Locked Locked B 6 The examples are subject to change without previous notice for functional improvement In the examples above the following items are displayed m Time at which each power log was collected Date This is indicated in local time m Type of power event that occurred Event The following lists each event and its meaning Event SCF Reset Domain Power ON Domain Power OFF System Power ON System Power OFF XIR Domain Reset Meaning The XSCF was reset The domain power supply was turned on The domain power supply was turned off The power supply of the server common section was turned on The power supply of the server common section was
245. e auto SS 0S The specified modes will be changed Continue y nl y configured Diagnostic Level max Secure Mode on host watchdog available Break signal non receive Autoboot on autoboot on CPU Mode auto 3 Use the showdomainmode 8 command to confirm the secure mode is on Also to apply the setting to the domain restart the domain Enabling or Disabling the Automatic Boot Function Command operation 1 Use the showdomainmode 8 command to specify automatic boot XSCF gt showdomainmode d 0 Host ID 0 010f 10 Diagnostic Level max Secure Mode son Autoboot on CPU Mode sauto Chapter 2 Setting Up XSCF 2 187 2 Use the setdomainmode 8 command to disable automatic boot lt Example gt Disable automatic boot for domain ID 0 XSCF gt setdomainmode d 0 m autoboot off Diagnostic Level max e Secure Mode on gt Autoboot on gt off CPU Mode auto gt The specified modes will be changed Continue y nl y configured Diagnostic Level max Secure Mode on host watchdog available Break signal non receive Autoboot off autoboot off CPU Mode auto 3 Use the showdomainmode 8 command to confirm that autoboot is off Also to apply the setting to the domain restart the domain Specifying the CPU Operational Mode Note In the M3000 server CPU operational mode cannot be configured Command operation 1 Power off the domain 2 Use
246. e operator panel has been pressed to power off all domains and System Power Off is displayed in the showlogs power command execution result XSCF gt showlogs power Feb 26 13 52 19 JST 2010 SCF Reset Power on Service Or Feb 26 13 52 19 JST 2010 System Power Off Operator Service 2 Use the poweron 8 command to turn on power to all domains XSCF gt poweron a DomainIDs to power on 00 01 02 03 Continue y n y 00 Not powering on The power supply has already been turned on 01 Powering on 02 Powering on 03 Powering on Note This command only issues the instruction to power on The result of the instruction can be checked by the showlogs power Note Only the domains that are able to be powered on are displayed Chapter 4 Operation of the Server 4 13 3 Use the showlogs power command to check the system power on XSCF gt showlogs power Feb 26 14 12 19 JST 2010 System Power On Operator Service Note Use the showdomainstatus 8 command to check the power status of the domain 4 4 2 System Power Off Command operation 1 Use the showlogs power command to check the power status of the system XSCF gt showlogs power Feb 26 14 12 19 JST 2010 System Power On Operator Service 2 Use the showdomainstatus 8 command to check the power status of the system XSCF gt showdomainstatus a DID Domain Status 00 Running 0
247. e 7 gt Delete a group from all MIB access control views XSCF gt setsnmpvacm deleteaccess group1 3 Use the showsnmpvacm 8 command to confirm the settings XSCF gt showsnmpvacm Mail Administration The mail report function is used to send an email to the system administrator when the fault has occurred in the system This section explains how to set up the XSCF mail report function Note You should set up the mail configuration so the designated users platadm system administrators and so on can receive immediate notification of faults that occur on the platform or domain Chapter 2 Setting Up XSCF 2 143 TABLE 2 22 lists the settings and the corresponding shell commands TABLE 2 22 Mail Administration Shell Item Description Command Remarks Display SMTP Displays SMTP server setting showsmtp server settings information SMTP server Sets the host name or IP address of the setsmtp No default value has been SMTP server set Only one SMTP server can be specified If you specify a host name for an SMTP server the server name must be resolvable by DNS server Authentication If you enable the Authentication at the setsmtp Default is disable server same time select the POP authentication authentication or the SMTP authentication When you enable the authentication specify the host name or IP address of the authentication server user ID and password Port number Sets the port number
248. e Oracle Solaris OS domain will obtain its initial time of day from the XSCF NTP server which will then be used to keep the Oracle Solaris domain and the XSCF unit in sync m An Oracle Solaris domain can be set up as an NTP client from an external NTP server In this case the initial time for Oracle Solaris OS will be obtained from the XSCF Unit If you connect the domain to an external NTP server connect a high rank NTP server that supplies the time at the same accuracy for the domain as for XSCF m If you use the Oracle Solaris OS date command to set the time on an Oracle Solaris OS domain the time offset between the Oracle Solaris OS domain and the XSCF Unit will be preserved over reboots Whenever the Oracle Solaris OS domain boots its initial time of day will be the XSCF Unit time adjusted by the time offset created the last time the Oracle Solaris OS date command was used on the domain SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 2 11 TABLE 2 11 lists the settings and the corresponding shell commands Setting Time and Date Item Description Shell Command Remarks Display time zone Time zone Display system time Date and time Display NTP server settings NTP server Displays the time zone and Daylight Saving Time information Sets the time zone and Daylight Saving Time e Standard time zone e Custom time zone and Daylight Saving Time For the abbreviations o
249. e XSCF Unit are used for the same purpose This configuration makes the XSCF LAN redundant The purpose is as follows m The two LANs which are redundantly configured are used for the system administrator m The two LANs which are redundantly configured are used for the remote maintenance service a FE uses either of the two LANs or a maintenance terminal that is serially and directly connected Chapter 3 Connecting to the XSCF and the Server 3 15 In the example of the configuration shown in FIGURE 3 6 if errors occur in either of the two LAN ports and its switch hub its LAN is replaced by the other LAN Moreover if an error occurs in the switch hub the other LAN can be relied on for notification If an error occurs in the active XSCF Unit in the systems with two XSCF Units XSCF generates a failover then the LAN of the other XSCF Unit can be used 3 16 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 FIGURE 3 6 Example of LAN Port Connections Made Redundant Fire Wall Remote Services Basic cabinet DomainID m Maintenance port apr xsoru K O Huef panenan DomainID x DomainID x DomainID y Fire Wall System administration port Serial Direct attach port Serial for initial setup maintenance Port from XSCFU 0 Port from XSCFU 1 System with redundant XSCFU only Using Two LAN Ports Selectively for Management and Maintenance FIGURE 3 7 shows an
250. e XSCF as an NTP server please perform a domain reboot or apply the changed time to the domain using the ntpdate 1M command Note When replacing the XSCF unit be sure to note the time set on the replacement XSCF If the replacement XSCF time does not match the current time set it to the current time For the replacement XSCF unit execute the showdate 8 command to check the time and reset it using the setdate 8 command Chapter 2 Setting Up XSCF 2 97 Configuring an NTP Server a Command operation 1 Use the showntp 8 command to display the NTP server for the XSCF network XSCF gt showntp a server ntpl example com prefer server ntp2 example com 2 Use the showntp 8 command to check synchronization and display the status XSCF gt showntp 1 remote refid st t when poll reach delay offset jitter 192 168 0 27 192 168 1 56 20 27 64 377 12 929 2 756 1 993 192 168 0 57 192 168 1 86 2 ay 32 64 377 13 030 2 184 94 421 127 127 1 0 LOCL 5 1 44 64 377 0 000 0 000 0 008 3 Use the setntp 8 command to add an NTP server lt Example 1 gt Add the three IP addresses 192 168 1 2 130 34 11 111 and 130 34 11 117 as NTP servers for XSCF XSCF gt setntp c add 192 168 1 2 130 34 11 111 130 34 11 117 Please reset the XSCF by rebootxscf to apply the ntp settings lt Example 2 gt Add the two host names ntpl red com and ntp2 blue com as NTP servers for XSCF XSCF gt setntp c add
251. e of air exhausted from the server the plant administrator can identify the specific areas in the installation site where the energy consumption can be reduced showlocator setlocator These commands display status information indicated by the LEDs on devices and the operator panel of the server Finding out information on device errors is helpful in component degradation and replacement Also the system administrator can use the commands to identify the target device among many devices showconsolepath The showconsolepath 8 command displays the operating status of the domain console By finding out the users of domain consoles the system administrator can notify the users before a user performs a server operation or server control Chapter 5 Overview of the XSCF Shell 5 11 5 12 fmadm fmdump fmstat The server has an architecture that performs fault management FMA for CPUs memory and the I O system during Oracle Solaris OS operation The system administrator can use the fmadm 8 command to display configuration and status information about individual FMA modules that detect faults perform fault diagnoses and resolve faults The command can also list faulty and degraded resources The mstat 8 command displays the processing time and number of events for each FMA module The f mdump 8 command displays detailed fault information so that system administrator can determine faulty resources showdomainstatus The showdomai
252. e of this software must display the following acknowledgement This product California Berkeley and its contributors 4 Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission includes software developed by the University of THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE DAMAGES ee ee ee es Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above
253. e prepared after the server starts the power on processing Once the warm up time is set the OpenBoot PROM will start after the server power supply is turned on the power on processing starts and the set warm up time elapses Note The fan in an M3000 M4000 M5000 server is driven at low speed as the server starts the power on process Command operation 1 Use the showpowerupdelay 8 command to display the warm up time warmup time XSCF gt showpowerupdelay warmup time 10 minute s wait time 20 minute s 2 Use the setpowerupdelay 8 command to set the warm up time Set the warm up time from 0 to 255 min The default is 0 min lt Example gt The warm up time is set to 5 min XSCF gt setpowerupdelay c warmup s 5 3 Use the showpowerupdelay 8 command to confirm the setting Also to apply the setting turning on the server power supply XSCF gt showpowerupdelay warmup time 5 minute s wait time 20 minute s 4 When turning on the server power supply the next time please confirm that it takes more time than usually by checking the amount of time it takes from the power on until the time when the first Power On Self Test POST start message is displayed Note Once the air conditioning time is set the warm up time will be valid after the power is turned on and the air conditioning time elapses The air conditioning time and the warm up time are also valid
254. e server and the search path configuration information This function is equivalent to the applynetwork 8 command Also this function configures the name server and the search path This function is equivalent to the setnameserver 8 command Displays and applies the network settings This function is equivalent to the applynetwork 8 command After saving the settings to complete the settings XSCF reset is required This function is equivalent to the rebootxsc 8 command Note The Current and Reserve menus are supported in XCP1090 or later Note The DSCP link address cannot be set and displayed through the XSCF Web Set and display the address by using the setdscp 8 and showdscp 8 commands Chapter9 Howto Use the XSCF Web 9 17 Note The IP packet filtering rules cannot be set and displayed through the XSCF Web Set and display the filtering rules by using the setpacket filters 8 and showpacket filters 8 commands 9 18 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 9 11 lists the functions for setting the XSCF time Select Settings Time in the Menu tree TABLE 9 11 Time Settings Function Remarks System time display and setting NTP server display and configuration Displays and sets the current system time This function is equivalent to the applynetwork 8 and rebootxscf 8 commands After setting the XSCF is reset Display
255. e showhttp 8 or the showhttps 8 command to display https settings lt Example gt Display the https settings XSCF gt showhttps HTTPS status enabled Server key installed in Apr 24 12 34 56 JST 2006 CA key installed in Apr 24 12 00 34 JST 2006 CA cert installed in Apr 24 12 00 34 JST 2006 CSR BEGIN CERTIFICATE REQUEST MI IBwjCCASSCAQAwGYEXC zAJBgNVBAYTAmpqMQ4wDAYDVQQIEwVzdGF0ZTERMA8G A1UEBxMIbG9 j YWwxpdHkxFTATBgNVBAOTDG9yZ2FuaxphdG1vbj EPMAOGA1UECxMG b30nYW5pMO8wDOYDVOQDEWwZjb21tb24xFjAUBgkghkiG9w0BCQEWB2V1Lm1lhaWww gZ8wDOYJKoZThvcNAQEBBOADgGYOAMIGJAOGBAJ5D57X k42LcipTWBWzv2GrxaVM 5GEyx3 bdBWws 7WZhnd3uiZ9 AN1VvRAuw YYy71I pAD NQJesBcBjuyj9x 1iJd1l9F MriI5 R8pOlywVOdbMPCar09rrU45bVeZhTyi uQOdWLoX Dhq0 m2BpYuh9WukT5 pTEg 2dABg 8UdHmNAgMBAAGgADANBgkqhkiG9w0BAQQFAAOBgQAux1 j H3dyB6xXho PgBuVIlakDzIKEPipkK9qQfC57YI43uRBGRubu0AHEcLVue5yTub6G5SxHTCq07tV5g 3 8UHSg5Kqy9QuWHWMri hxm0kQ4gBpApjNb6F B ngBE3j thGbEuvJb 0wbycvu 5jrhB ZV9k8X MbDOxSx U5nF Zuyw TENNE END CERTIFICATE REQUEST 2 Use the sethttps 8 command to make the https settings lt Example 1 gt Enable https XSCF gt sethttps c enable Continue y n y Please reset the XSCF by rebootxscf to apply the https settings lt Example 2 gt Disable https XSCF gt sethttps c disable SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 3 To enable the
256. e terms of this License whose permissions for other licensees extend to the entire whole and thus to each and every part regardless of who wrote it Thus it is not the intent of this section to claim rights or contest your rights to work written entirely by you rather the intent is to exercise the right to control the distribution of derivative or collective works based on the Library In addition mere aggregation of another work not based on the Library with the Library or with a work based on the Library on a volume of a storage or distribution medium does not bring the other work under the scope of this License SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 3 You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library To do this you must alter all the notices that refer to this License so that they refer to the ordinary GNU General Public License version 2 instead of to this License If a newer version than version 2 of the ordinary GNU General Public License has appeared then you can specify that version instead if you wish Do not make any other change in these notices Once this change is made in a given copy it is irreversible for that copy so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy This option is useful when you wish to copy part of the code of the
257. ecify the IP addresses and port numbers of the primary and secondary LDAP servers Specify IP addresses or host names for the addresses e g ldap foobar east ldaps 10 8 31 14 636 Sets the maximum time seconds allowed for an LDAP search Tests the connection to an LDAP server showlookup setlookup showldap setldap setldap setldap setldap setldap setldap setldap If this specifies that authentication data and user privilege data be placed together on an LDAP server the system first searches the local area and it searches the LDAP server only if the target data is not found locally Bind ID maximum length is 128 characters A password can consist of 8 to 16 characters e If this item is omitted the command searches the tree beginning from the top e Search base maximum length is 128 characters e The certificate chain must be in PEM format Note 1 e A password may need to be entered to import an scp from a remote file The default LDAP port number is 636 for Idaps 389 for ldap when the port number is not specified Chapter 2 Setting Up XSCF 2 45 2 46 Note PEM Abbreviation for Privacy Enhanced Mail Mail to be sent is encrypted for increased privacy Enabling or Disabling the LDAP Server Command operation 1 Use the showlookup 8 command to display the lookup method of authentication and user privileges XSCF gt showlookup Priv
258. ections see Chapter 3 For details on specifying IP addresses see Chapter 2 Chapter 1 XSCF Overview 1 19 1 3 2 NTP Configuration and Time Synchronization The system uses the XSCF Unit clock for the system standard time The domains in the server synchronize their times based on the XSCF Unit clock when the domains are started The XSCF Unit clock can be adjusted to the exact time through a network connection to an external NTP server In that way the XSCF Unit becomes the NTP server and an NTP client Only domains may specify XSCF as an NTP server Also when the XSCF is used as an NTP server XSCF permits only the confirmation of the time synchronization to the inquiry from the NTP client Note Alternatively the domains can synchronize their times through a connection to an external NTP server However there is a possibility that time differences exist between the XSCF and the domain If you connect the domain to an external NTP connect the high rank NTP server that supplies the time of the same accuracy as the domain as for XSCF For details about NTP server setting see Chapter 2 TABLE 1 5 outlines XSCF and domain time synchronization methods TABLE 1 5 XSCF Unit and Domain Time Synchronization Client Primary NTP Server Time Synchronization Method Domain XSCF Unit The domain time is adjusted to the XSCF Unit clock time XSCF Unit operates as the NTP server External NTP server The domain time is adjusted to
259. ed Mail yyyy example com Thresholds 50 75 90 User policy Events AEV_AUDIT_START enabled AEV_AUDIT_STOP enabled AEV_LOGIN_BUI enabled AEV_LOGIN_CONSOLE enabled AEV_LOGIN_SSH enabled AEV_LOGIN_TELNET enabled Displaying the Audit Logs Command operation Use the viewaudit 8 command to display the audit trail XSCF gt viewaudit 13 45 33 653 09 00 subject 1 default normal console command showpasswordpolicy platform access granted return 0 file 1 2006 06 29 13 42 59 128 09 00 20060629044259 0000000000 localhost header 20 1 audit start localhost header 31 1 login console localhost localdomain 2006 06 29 13 45 03 755 09 00subject 1 default normal console header 60 1 command showpasswordpolicy localhost localdomain 2006 06 29 localdomain 2006 06 29 13 42 59 131 09 00 For the method of displayi 2 126 ng the audit logs see Appendix B SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 2 2 10 Log Archiving Administration This section explains how to set the log archiving function which saves the logs retained on an XSCF Unit The archive host the archive directory enable disable for the log archiving and so on are set Note Logs archived on the log host should be rotated at regular intervals to avoid loss of log information For example logadm 1M can be used to configure log rotation on systems that run the Oracle Solaris OS
260. ed as a logical unit A logical unit name assigned to an XSB Each domain has its own set of LSB assignments LSB numbers are used to control how resources such as kernel memory get allocated within domains The hardware resources of a PSB or an XSB A system board is used to describe the hardware resources for operations such as domain construction and use In this manual the system board refers to the XSB One of the division types for a PSB to be configured Uni XSB is a name for when a PSB is logically only one unit undivided status It is a default value setting for the division type for a PSB The division type can be changed by using the XSCF command setupfru 8 Uni XSB may be used to describe a PSB division type or status One of the division types for a PSB to be configured Quad XSB is a name for when a PSB is logically divided into four parts The division type can be changed by using the XSCF command setupfru 8 Quad XSB may be used to describe a PSB division type or status Hardware components contained on a system board that configures a domain Chapter 2 Setting Up XSCF 2 147 TABLE 2 23 Domain Configuration Terms Continued Term Description Domain Divides hardware resources in this system into independent software based units Configuration Partitioning is performed with XSCF as follows Domain ID DID Domain Component List DCL Memory mirror mode DIMM Memory Configuration policy Note 2
261. ed for the DSCP Link and the functions When you want to strengthen security of domain side the following each port must be permitted to pass packets as necessary TABLE 3 3 DSCP Link Port Numbers and Connection Directions for Functions Port Number Protocol Function Connection Direction 12 TCP FMA event translation XSCEF gt Domain 22 TCP SSH Domain gt XSCF 24 TCP FMA event translation XSCEF gt Domain 665 TCP DR control XSCF gt Domain 123 UDP Time synchronization Domain gt XSCF 3 6 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 3 1 4 Connecting to XSCF via the Serial Port The following is the procedure for connecting to a terminal to XSCF via the serial port 1 Confirm that a serial cable is inserted into the serial connector on the front of the XSCF Unit and confirm that the PC and workstation to be used are correctly connected 2 Check whether the following are set on the terminal software Baud rate 9600 bps Data length 8 bit No parity STOP bit 1 bit No flow control Delay Except for 0 FIGURE 3 2 shows an example with settings FIGURE 3 2 Example of Terminal Software Settings Tera Term Serial port setup Port COM1 Baud rate 600 bd Data Parity none Stop 1 bit x Help Cance ii LE Flow control none X Transmit delay fio msec char 10 msec line Note Please increase the delay when you cannot co
262. ed or set user privileges are learned from the LDAP SSL server based on the user s group membership On XSCF the group parameter must be configured with the corresponding group name from the Chapter 2 Setting Up XSCF 2 71 LDAP SSL server Each group has privileges associated with it which are configured on the XSCF A user s group membership is used to determine the user s privileges once authenticated 2 72 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 2 10 lists setting items and the corresponding shell commands TABLE 2 10 LDAP SSL Administration Item Description Display the status of LDAP SSL Enable disable the use of LDAP SSL Display LDAP SSL server LDAP SSL server port Enable disable usermapmode Display usermap Usermap Enable disable strictcertmode Display server certificate Displays the current setting of LDAP SSL such as enabled disabled usermapmode and so on Enables or disables the use of an LDAP SSL server for managing authentication and privilege Display the primary and up to five alternate LDAP SSL servers Sets an IP address or a port number of the primary and up to five alternate LDAP SSL servers Specify IP addresses or host names for the addresses If you specify a host name for an LDAP SSL server the server name must be resolvable by DNS server Enables or disables the usermapmode When enabled user attributes specif
263. emperatures by altitude 500 m or less 501 1000 m 1001 1500 m 1501 3000 m Low speed 25 C or less 23 C or less 21 C or less 19 C or less Middle speed 23 30 C 21 28 C 19 26 C 17 24 C High speed More than 28 C More than 26 C More than 24 C More than 22 C TABLE 4 3 Fan speed levels corresponding to altitude and environmental temperature High end system Fan speed levels Environmental temperatures by altitude 500 m or less 501 1000 m 1001 1500 m 1501 3000 m Low speed 27 C or less 25 C or less 23 C or less 21 C or less High speed level 9 More than 24 C More than 22 C More than 20 C More than 18 C For the altitude setting see Section 2 2 17 Altitude Administration on page 2 191 4 4 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Power consumption and Exhaust air To display power consumption and exhaust air of a server use the power consumption monitoring function and the airflow indicator Power consumption monitoring function and airflow indicator make it possible to routinely confirm the amount of power consumed on and airflow emitted while the server is up and running Note The power consumption monitoring function is supported only on M3000 server that run certain versions of XCP firmware as below The M4000 M5000 M8000 M9000 servers do not support the power consumption monitoring function M3000 server XCP 1081 or later The airflow indicator is supported only on
264. ended to apply in other circumstances particular circumstance It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims this section has the sole purpose of protecting the integrity of the free implemented by public license Many people have made generous contributions to the wide range software distribution system which is practices Appendix E Software License Conditions E of software distributed through that system in reliance on consistent application of that system it is up to the author donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License 12 If the distribution and or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries so that distribution is permitted only in or among countries not thus excluded In such case this License incorporates the limitation as if written in the body of this License 13 The Free Software Foundation may publish revised and or new versions of the Lesser General Public License from time to time Such new versions will
265. enses and conditions E 1 GNU GENERAL PUBLIC LICENSE Version 2 June 1991 Copyright C 1989 1991 Free Software Foundation Inc 51 Franklin Street Fifth Floor Boston MA 02110 1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document but changing it is not allowed Preamble The licenses for most software are designed to take away your freedom to share and change it By contrast the GNU General Public License is intended to guarantee your freedom to share and change free software to make sure the software is free for all its users This General Public License applies to most of the Free Software Foundation s software and to any other program whose authors commit to using it Some other Free Software Foundation software is covered by the GNU Library General Public License instead You can apply it to your programs too When we speak of free software we are referring to freedom not price Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software and charge for this service if you wish that you receive source code or can get it if you want it that you can change the software or use pieces of it in new free programs and that you know you can do these things To protect your rights we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights These restrictions translate to certai
266. ent task and an allocation to a domain have completed turn on power to the domain The update of the OpenBoot PROM firmware is automatically performed at this time automatic matching of versions 2 Confirm that the firmware version of the target domain agrees with the version of the XSB firmware allocated to the added or replacement CMU MBU Command operation a Execute the version 8 command and confirm it XSCF gt version c cmu DomainID 0 02 09 0000 DomainID 1 02 09 0000 DomainID 3 02 09 0000 m Web browser operation a Display the Firmware Update menu b Display the OpenBoot PROM firmware version and confirm it Confirming That the XSCF Firmware is Updated When an XSCF Unit Is Replaced There Are Redundant XSCF Units a Operation in State of the Input Power On 1 After doing an XSCF Unit replacement task by using the maintenance guidance for FEs the version of the XSCF firmware is automatically set to match the appropriate firmware 2 Confirm the firmware version of replaced XSCF Unit Note When a component is replaced in the state of input power off a cold replacement the firmware is not updated automatically The operator must match the number of versions b Operation in State of the Input Power Off The procedures below explain the firmware update when the replacement of one XSCF Unit is done When you replace both XSCF Units see Confirming That the XSCF Firmware Is
267. er Name jsmith Privileges useradm auditadm Enabling or Disabling a User Account Command operation 1 Use the showuser 8 command to display user account settings XSCF gt showuser a 2 Use the enableuser 8 command to enable a user account lt Example gt Enable a user account XSCF gt enableuser jsmith Specifying a Password Policy Command operation 1 Use the showpasswordpolicy 8 command to display password policy settings XSCF gt showpasswordpolicy Mindays 0 Maxdays 90 Warn Inactive Expiry Retry Difok Minlen Deredit Ucredit Leredit Ocredit Remember N H f EE me E um G o E ae EE o e OG aa 3 DE ae 2 42 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 2 Use the setpasswordpolicy 8 command to specify a password policy lt Example gt Specify 3 for the retry count an eight character password containing at least two digits 60 days for the expiration period and 15 days for the advance notice of expiration XSCF gt setpasswordpolicy y 3 m 8 d 2 u 0 1 0 o O M 60 w 15 3 Use the showpasswordpolicy 8 command to confirm the settings XSCF gt showpasswordpolicy Mindays 0 Maxdays 60 Warn T5 Inactive 1 Expiry Retry Difok Minlen Dcredit Ucredit Leredit Ocredit Remember WODOONArRWO Enabling or Disabling the Lockout Function Command
268. er feed will be enabled the next time the platform is powered on 4 Confirm whether the setting is valid after turning off on the input power XSCF gt showdualpowerfeed Dual power feed is enabled 4 24 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 4 5 Identifying the Location of the System When more than one same type of system is installed in the same area it may be difficult to locate the target system You can easily find target machine even when it does not have any faulty components by using the XSCF Shell showlocator 8 command and looking for the blinking the CHECK LED on the operator panel Command operation 1 Use the showlocator 8 command to display the current status of the CHECK LED XSCF gt showlocator Locator LED status Off 2 Use the showlocator 8 command to blink or reset the CHECK LED lt Example 1 gt Blink the CHECK LED XSCF gt setlocator blink lt Example 2 gt Reset the CHECK LED XSCF gt setlocator reset 3 Use the showlocator 8 command to display the state of the CHECK LED XSCF gt showlocator Locator LED status Blinking 4 6 4 6 1 Managing Fault Degradation Displaying the Degraded Component The status of a faulty or degraded component or a part of such component can be displayed by using the following methods Chapter 4 Operation of the Server 4 25 4 6 2 4 26
269. erarchical structure To perform a search specify the subtree to be searched in the hierarchical structure To do so specify the identification name DN of the top of the target subtree This DN is referred to as the search base basedDN Certificate chain List of certificates including a user certificate and certification authority certificate OpenSSL and TLS certificates must be downloaded in advance TLS Abbreviation for Transport Layer Security This is a protocol for encrypting information for transmission via the Internet SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 2 6 lists setting items and the corresponding shell commands TABLE 2 6 LDAP Administration Item Description Shell command Remarks Display the use of LDAP Enable disable the use of LDAP Display client Bind ID password Search base Certificate chain LDAP server port Timeout LDAP test Displays the use of an LDAP server for authentication and privilege lookup Enables or disables the use of an LDAP server for authentication and privilege lookup Displays LDAP client setting information Bind an ID for a connection to bind authenticate an LDAP server Sets a password used to bind an LDAP server Sets an LDAP tree search base baseDN Imports the certificate chain of an LDAP server Import a certificate chain as follows e Import a secure copy scp from a remote file Sp
270. erm Description DVD drive unit Tape drive unit DVD digital video disk drive unit A basic cabinet and an expansion cabinet contain one DVD drive unit respectively which is accessed through I O unit card A IOUA mounted in an I O unit The DVD drive unit is connected to a specified I O unit and is used to a single domain that use the I O unit In the M8000 M9000 servers the DVD drive unit can be assigned to the specified IOUA port In the M3000 M4000 M5000 servers the DVD drive is assigned to a specific system board but the port cannot be specified A basic cabinet and an expansion cabinet contain one tape drive unit respectively which is accessed through IOU card A IOUA mounted in an I O unit The tape drive unit is connected to a specified I O unit and is assigned to a single domain that uses the I O unit In the M8000 M9000 servers the tape drive unit can be assigned to the specified IOUA port In the M3000 M4000 M5000 servers the tape drive unit is assigned to a specific system board but the port cannot be specified Note The DVD drive tape drive unit cannot be used to back up XSCF information 2 192 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 2 38 lists the settings and the corresponding shell commands TABLE 2 38 DVD Drive Tape Drive Unit Configuration Item Description Shell Command Remarks Display DVD Displays the DVD drive tape drive unit setting cfgdevice dri
271. esponsible for any legal consequences yourself Use only at your own responsibility You I am not making any claims whether possessing or using this is legal or not in your country and I am not taking any responsibility on your behalf NO WARRANTY BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE THERE IS NO WARRANTY FOR THE PROGRAM TO THE EXTENT PERMITTED BY APPLICABLE LAW EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND OR OTHER PARTIES PROVIDE THE PROGRAM AS IS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESSED OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU SHOULD THE PROGRAM PROVE DEFECTIVE YOU ASSUME THE COST OF ALL NECESSARY SERVICING REPAIR OR CORRECTION IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER OR ANY OTHER PARTY WHO MAY MODIFY AND OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE BE LIABLE TO YOU FOR DAMAGES INCLUDING ANY GENERAL SPECIAL INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES The 32 bit CR
272. ess the POWER switch on the operator panel to turn on or off the whole system or the user can use XSCF to turn on and off the supply of power to the whole system or individual domains The user can power on and off the server by using XSCF as follows m Power on off the server or a domain The user can turn on turn off or reset the server by using the XSCF Shell command from a remote terminal which is connected to XSCF over a LAN or serial connection When the user instructs power off the Oracle Solaris OS is automatically shut down and then power will be turned off 1 10 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 m Automatically shut down and cancel a power on operation when an error is detected If a system abnormality occurs the Oracle Solaris OS is automatically shut down and the subsequent power on will not be started This can minimize damage to the system m Control power during power failure and power restoration XSCF performs the following operations when a power failure occurs that causes the system to turn off a When a power failure occurs XSCF performs emergency power off when the power failure occurs When a UPS is connected any running domains may also be shut down automatically For a momentary power failure XSCF may allow the system to continue working without any shutting down a When power is restored The system can be set up such that XSCF automatically turns on the power to
273. essages a Command operation 1 Use the showad 8 command to display the log detail level XSCF gt showad dnslocatormode enabled expsearchmode enabled state enabled strictcertmode enabled timeout 10 logdetail none 2 Use the setad 8 command to set the log detail level lt Examplel gt Enable the log and trace is set for detail level XSCF gt setad logdetail trace lt Example2 gt Disable the log XSCF gt setad logdetail none 3 Use the showad 8 command to confirm the log detail level XSCF gt showad dnslocatormode enabled expsearchmode enabled state enabled strictcertmode enabled timeout 10 logdetail trace Display the Diagnostic Messages and Clear the Log File a Command operation 1 Use the showad 8 command to display the log detail level XSCF gt showad dnslocatormode enabled expsearchmode enabled state enabled strictcertmode enabled timeout 10 logdetail trace 2 68 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 2 Use the showad 8 command to display the diagnostic messages lt Example gt Displays diagnostic messages in real time XSCF gt showad log f Mon Nov 16 14 47 53 2009 ActDir module loaded OPL Mon Nov 16 14 47 53 2009 ActDir error authentication status auth ERROR Mon Nov 16 14 48 18 2009 ActDir module loaded OPL 3 Use the setad 8 command to clear the log file of d
274. et and display the time zone showtimezone 8 settimezone 8 e Set and display the XSCF time showdate 8 setdate 8 Reset and display the time subtraction showdateoffset 8 between the XSCF and the domain resetdateof fset 8 See Section 2 2 6 Time Administration on page 2 92 m When the system time is updated the XSCF reset is done and the XSCF session is disconnected Please log in again to the XSCF using the new user account m NTP settings setntp 8 are done after the Network settings or the Domain Configuration 5 Configure the SSH telnet settings e Select SSH or telnet and set SSH access control setssh 8 settelnet 8 from domain e Display and specify the timeout monitoring showautologout 8 period setautologout 8 See Section 2 2 7 SSH Telnet Administration on page 2 104 m XSCF reset is required to enable SSH to disable telnet and to set the SSH access control from domain Go to the next step when you reset it later If you want to reset XSCF immediately use the rebootxsc 8 command After the XSCF reset the XSCF session is disconnected Log in again to the XSCF m Youcan enable SSH and telnet at the same time However the telnet connection is not a secure connection protocol We recommend that when you enable SSH that you disable telnet 6 Confirm the XSCF host public key m Before using SSH for XSCF LAN connection record the fingerprint Or copy the text data of the host public key
275. etdcl d XSCF gt setdcl d NNNN lt Example 2 gt In domain and false for floating board 7 1 0 policy system no mem false 7 no io false 7 float false 7 ID 2 specify XSB 00 0 for an LSB 00 XSB 00 1 for an LSB 01 XSB 01 1 for an LSB 08 XSB 01 2 for an LSB 09 XSB 01 3 for an LSB 10 XSCF gt setdcl d 2 a 0 0 0 1 0 1 8 1 1 9 1 2 10 1 3 lt Example 3 gt Delete the data defined for LSB 01 in domain ID 2 XSCF gt setdcl d 2 r 1 Chapter 2 Setting Up XSCF 2 165 2 166 3 Use the showdc1 8 command to display DCL information 02 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 XSCF gt showdcl va DID LSB XSB 00 0 System No Mem Powered Off False False False False False No IO False False False False False Float False False False False False Cfg policy System SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Assigning or Configuring a System Board to a Domain Command operation 1 After the DCL information use the showfru 8 showdc1 8 commands to display XSB status information XSCF gt showfru a sb Device Location XSB Mode sb 00 Uni sb 01 Quad XSCF gt XSCF gt showdcl va DID LSB XSB System No Mem 02 Powered Off 00 00 0 False 01 02 03 04 05 06 07 01 0 False 08 01 1 False 09 01 2 False 10 01 3 False 11 12 13 14 15 Memory Mirror Mode no no No IO Float
276. example of a configuration where the two XSCF LANSs of one XSCF Unit are used selectively for the system administrators and the FE This configuration does not make the XSCF LAN redundant The purpose is as follows m One LAN is used for the system administrator m The other LAN is used for the remote maintenance service only or by the FE Chapter 3 Connecting to the XSCF and the Server 3 17 FIGURE 3 7 Example of LAN Port Connections Not Made Redundant Fire Wall Basic cabinet Remote Services Maintenance port System administration port Serial Direct attach port Serial for initial setup maintenance Port from XSCFU 0 Port from XSCFU 1 System with redundant XSCFU only Using a Single LAN Port for Management and Remote Maintenance FIGURE 3 8 shows an example where one XSCF LAN port of an XSCF Unit is used as follows m The XSCF LAN port is used by the system administrator m The same XSCF LAN port is used for the remote maintenance service An FE uses either the other XSCF LAN port with the other LAN or a maintenance terminal that is serially and directly connected 3 18 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 FIGURE 3 8 Example of a Connection With One LAN Port Fire Wall Basic cabinet Remote Services Maintenance port Direct attach port for initial setup maintenance Serial Serial Port from XSCFU 0 Port from XSCFU 1 System with redundant X
277. ezone c settz a Africa Abidjan Africa Accra lt Example 2 gt Set the timezone XSCF gt settimezone c settz s Asia Tokyo Asia Tokyo The set time zone takes effect after executing the command 3 Use the showt imezone 8 command to confirm the setting Specifying a Daylight Saving Time Command operation 1 Use the showtimezone 8 command to display the time zone lt Example 1 gt Display the timezone XSCF gt showtimezone c tz Asia Tokyo lt Example 2 gt Displays the Daylight Saving Time information as follows the abbreviation of time zone is JST the offset from GMT is 9 hours the name of Daylight Saving Time is JDT Daylight Saving Time is 1 hour ahead and the time period is from the last Sunday of March 2 00 JST to the last Sunday of October 2 00 JDT XSCF gt showtimezone c dst m custom JST 9JDT M3 5 0 M10 5 0 Chapter 2 Setting Up XSCF 2 95 2 96 2 Use the sett imezone 8 command to set the Daylight Saving Time information lt Example 1 gt Sets the Daylight Saving Time information as follows abbreviation of time zone is JST the offset from GMT is 9 hours the name of Daylight Saving Time is JDT the offset of Daylight Saving Time from GMT is 10 hours and the time period is from the first Sunday of April 0 00 JST to the first Sunday of September 0 00 JDT XSCF gt settimezone c adddst b JST o GMT 9 d JDT p GMT 10 f M4 1 0 00 00 00 t M9 1 0 00 00 00 JST 9J
278. f audit trail Audit Class and Audit audit policy administration information Event by delimiting them e Enable disable auditing Note 1 with the comma in a shell command e Request the log archive Note 1 Y to 128 ou can use up to Data deletion characters to specify the Also specify the audit policy as follows mail address If the e Enable or disable auditing for the specified receiving address has a user only or for global policy Note 2 restriction check the e Enable or disable an audit class settings e Enable of disable an audit event The default write mode when an audit trail becomes e Enable or disable auditing for all users full is count global policy e Specify the destination address for the mail The shell command can set sent when usage of the local audit file maximum of four warning teaches the threshold thresholds delimited by the comma The default e Specify the write suspend count applied warning threshold is 80 when an audit trail becomes full Note 3 e Specify the local audit file usage threshold that triggers an alarm when reached Note 4 Chapter 2 Setting Up XSCF 2 121 TABLE 2 17 Audit Administration Continued Item Description Shell Command Remarks Display audit Displays an audit trail viewaudit To use a delimiter as part of trail To display an audit trail select one of the items input data enclose it in listed below quotation marks
279. f data when routing is done in each subnet lt Example gt XSCF Unit 0 XSCF Unit 1 xscf 0 lan 0 192 168 1 10 xscf 1 lan 0 192 168 1 20 XSCF LAN 0 XSCF LAN 0 XSCF Unit 0 XSCF Unit 1 xscf 0 lan 1 10 12 108 10 xscf 1 lan 1 10 12 108 20 XSCF LAN 1 XSCF LAN 1 Destination Gateway Netmask Interface 192 168 1 0 255 255 255 0 xscf 0 lan 0 default 192 168 1 1 0 0 0 0 xscf 0 lan 0 192 168 1 0 255 255 255 0 xscf 1 lan 0 default 192 168 1 1 0 0 0 0 xscf 1 lan 0 10 12 108 0 255 255 255 0 xscf 0 lan 1 default 10 12 108 1 0 0 0 0 xscf 0 lan 1 10 12 108 0 255 255 255 0 xscf 1 lan 1 default 10 12 108 1 0 0 0 0 xscf 1 lan 1 Note The method of determining the routing for an XSCF interface depends on the network environment at the installation site The network environment for system operation must have a suitable configuration Note You cannot set the routing to the takeover IP address Command operation 1 Use the showroute 8 command to display the routing environment XSCF gt showroute a Destination Gateway Netmask Flags Interface 10 12 108 0 X 2557255525570 U xscf 0 lan 0 default 10 12 108 1 0 0 0 0 UG xscf 0 lan 0 Chapter 2 Setting Up XSCF 2 29 2 30 2 Use the setroute 8 command to specify the routing environment for a network interface
280. f time zone and the name of Daylight Saving Time specify the alphabets of 3 letters or more You can specify it in the format which complies with RFC2822 Displays the time and date of the XSCF by the local time or the Coordinated Universal Time UTC Sets a date and time to a local time or UTC The specification format is as follows e yyyy mm dd HH MM SS e mmddHHMMyyyy SS yyyy Year mm Month dd Day of the month HH Hour 24 hour system MM Minute SS Second Displays NTP server settings Configures an NTP server for XSCF network In this case XSCF is an NTP client Specify the IP address or host name of an NTP server You can synchronize with up to three NTP servers showtimezone settimezone showdate setdate showntp setntp The time zone provided by default is pursuant to POSIX standard The timezone list may be changed each year The setting time zone list can be referred by specifying a option The settings can be enabled when all of the domains are powered off XSCF reset is done after the settings Synchronization is also checked No default setting has been specified When an NTP server is registered the existing setting is deleted and overwriting is performed with the specified NTP server If you specify a host name for an NTP server the server name must be resolvable by DNS server Chapter 2 Setting Up XSCF 2 93 TABLE 2 11 Setting Time and
281. firmwares hereafter collectively called the OpenBoot PROM firmware m XSCF firmware When updating the firmware the new XCP firmware see Note is obtained from a web site or from external media such as a CD ROM disk and downloaded to an arbitrary folder on a personal computer or workstation connected to the server The firmware update sequence is 1 XCP import in the system and 2 update Note XCP Abbreviation for the XSCF Control Package XCP contains the control programs that configure a computing system The XSCF firmware and the OpenBoot PROM firmware are included in the XCP file The firmware update functions provided by XSCF are used to manage XCP 8 1 8 2 FIGURE 8 1 is a conceptual diagram of the firmware update FIGURE 8 1 Conceptual Diagram of the Firmware Update Web site CD ROM DVD ROM or flash drive Server Flash memories of CMUs MBUs Flash memory of the XSCF PROM XCP data Sl aed DomainID 0 he PROM B DomainID 1 PROM DomainID 2 XSCF OpenBoot PROM firmware firmware 1 XCP import 2 Update includes application of the XSCF firmware SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 8 1 2 Note The OpenBoot PROM firmware is applied by a domain reboot In the M3000 server this function updates the OpenBoot PROM firmware which is in the flash memory of the single MBU And the number of domains to be updated is one User Interfaces The
282. following function is used for the firmware update m Firmware update using XSCF Web in a browser a XCP Import Imports firmware to this system a XCP Update Updates the firmware to flash memory applies the XSCF firmware and the OpenBoot PROM firmware a Version Displays the firmware version Using the XSCF Web console the user can easily update firmware from a browser Also regular maintenance and emergency firmware updates are supported For the method of starting XSCF Web see Chapter 9 a Firmware update using the XSCF Shell Use the following commands to update the firmware a getflashimage 8 command Imports firmware to this system a flashupdate 8 command Downloads the firmware to flash memory and applies the XSCF firmware a poweron 8 command and reset 8 command Applies the OpenBoot PROM firmware a version 8 command Displays the firmware version Note For details on these four commands see the man pages or the XSCF Reference Manual Firmware Update Conditions and Environment User Privileges The firmware update can be performed with either of the following two user privileges platadm Chapter 8 Upgrade of XSCF Firmware and Maintenance 8 3 a fieldeng Firmware Update Environment The following environment is required for the firmware to update properly m The update is performed from a browser connected to the XSCF LAN m The update is performed after the domain console is switche
283. for your server Chapter 1 XSCF Overview 1 5 1 6 XSCF LAN Port Ethernet Port There are two XSCF LAN ports Both use an RJ 45 connector and are compatible with 10BASE T 100BASE T TX The XSCF LAN ports are used with the XSCF Shell and XSCF Web to perform system administrator operations output the system status perform domain operations and display the console With a connection between the PC workstation and LAN the XSCF LAN ports are used with the XSCF Shell and XSCF Web by system administrators or FEs to configure the system settings display the system status and perform component replacement tasks For details on using the LAN ports see Section 1 3 Types of Connection to XSCF on page 1 15 and Chapter 3 Link Speed LED Located on each of the XSCF LAN ports the Link Speed LED is a LAN LED that lights up in green The Link Speed LED is turned on when a 100 Mbps LAN connection is established and it is not turned on when a 10 Mbps LAN connection is established ACT LED Located on each of the XSCF LAN ports the ACT LED is a LAN LED that lights up in green When the communication state is Link up the ACT LED lights up When the communication state is Link down the ACT LED light is off The ACT LED light is off while data is being sent received though the associated LAN connection So the ACT LED looks as if it is blinking UPC Port There are two UPC ports These ports are a connection between the XSCF Unit and
284. ge displaying the status of the entire system and the domain status The page display includes the External I O expansion Unit status Page for operations for the entire system and individual domains When a setting item is selected by the menu a target page is displayed The pages include pages for power operations domain configuration management and DR operations Pages for making XSCF operation settings When a setting item is selected by the tree frame menu a target page is displayed Pages such as firmware update remote maintenance service XSCF reset and XSCF switch M8000 M9000 servers only Page displaying logs Error logs power logs event logs console logs and other logs are displayed Page is displayed when you login to standby Unit M8000 M9000 servers only This page is included for XSCF switch and log collection 9 2 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 The following figures show examples of these pages in a web browser FIGURE 9 1 shows an example of the Login page FIGURE 9 1 Example of the Login Page XSCF Web Console User Name Password Login Chapter 9 How to Use the XSCF Web 9 3 FIGURE 9 2 shows an example of the Tree frame FIGURE 9 2 Example of the Tree Frame al Menu Physical Logical p Physical Tree gt E meve gt H ouro a DDC_A 0 gt DDCR gt our gf DDC_A O gt DDCR Ey xScru gy OPNL gf Psuto gf PSU gf PS5U 2 gf
285. gned domain or the addboard 8 command with configure specified would configure the board into a running Oracle Solaris OS domain the DR function 2 162 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 2 28 Domain Configuration Continued Item Description Shell command Remarks Delete from domain Move to domain Deletes an XSB from a domain deleteboard Specify the following e Number of the deleted XSB e unassign Specify one of the following states after deletion when the domain is running the DR operation e disconnect deletion assigned state e unassign complete deletion pool state e reserve reserve deletion Moves an XSB from its current domain to another domain After the XSB is deleted from its domain the function adds or assigns it to the other domain moveboard Specify the following Domain ID and XSB number of the move destination e assign Specify one of the following movement integration states when the domain is running the DR function e configure configure into Oracle Solaris OS e assign assign the XSB to the move destination reserve e reserve reserve movement e The XSB is placed in the assigned state when disconnect is performed At this state a reboot of the domain or the addboard 8 command would add the XSB again e If the XSB is placed in the reserve reserve deletion state turning off power
286. gs The following items are displayed m Domain ID DomainID m Time at which each IPL log was collected Date This is indicated in local time m IPL message Message B 5 B 10 Audit Log This section explains how to reference the audit logs by using the viewaudit 8 command For details of each log option audit class and audit event of viewaudit 8 see the XSCF Reference Manual or the main page See TABLE 8 3 for the size and generation number of each log SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Using the viewaudit 8 Command to Confirm the Audit Trail Perform the viewaudit 8 command on the XSCF Shell lt Example gt Display all audit records XSCF gt viewaudit file 1 2006 04 26 21 37 25 626 00 00 20060426213725 0000000000 SCF 4 0 header 20 1 audit start 0 0 0 0 2006 04 26 21 37 25 660 00 00 header 43 1 authenticate 0 0 0 0 2006 04 26 22 01 28 902 00 00 authentication failure unknown user telnet 27652 0 0 197 33 header 37 1 login telnet 0 0 0 0 2006 04 26 22 02 26 459 00 00 subject 1 opl normal telnet 50466 10 18 108 4 header 78 1 command setprivileges 0 0 0 0 2006 04 26 22 02 43 246 00 00 subject 1 opl normal telnet 50466 10 18 108 4 command setprivileges opl useradm platform access granted return 0 In the example above By default records are displayed in text format one token per line with a comma as the field separator The following list
287. gt reset d 0 panic DomainID to panic 00 Continue y n y 00 Panicked Note This command only issues the instruction to reset The result of the instruction can be checked by the showlogs power 4 18 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 4 4 6 Domain Reset Command operation 1 Use the showdomainstatus 8 command to check the power status of the domain XSCF gt showdomainstatus a DID Domain Status 00 Running 01 Running 02 Running 03 Running 2 Use the reset 8 command to issue a reset instruction to the specified domain lt Example 1 gt Issue a domain ID 0 reset instruction XSCF gt reset d 0 por DomainID to reset 00 Continue y n y 00 Reset Note This command only issues the instruction to reset The result of the instruction can be checked by the showlogs power lt Example 2 gt Issue an XIR reset instruction XSCF gt reset d 0 xir DomainID to reset 00 Continue y n y 00 Reset Note This command only issues the instruction to reset The result of the instruction can be checked by the showlogs power Chapter 4 Operation of the Server 4 19 4 4 7 4 20 3 Use the showdomainstatus 8 command to check the power status of the domain specified to be reset XSCF gt showdomainstatus a DID Domain Status 00 Booting OpenBoot PROM prompt 01 Running 02 Running 03 Running Note
288. guration User s Guide Chapter 2 Setting Up XSCF 2 169 Deleting a System Board From a Domain a Command operation 1 Use the showdevices 8 command to display the usage of XSB resources lt Example gt Display usage of XSB resources of domain ID 2 XSCF gt showdevices d 2 CPU DID XSB id state speed ecache 02 01 0 0 on line 2376 0 02 01 0 1 on line 2376 0 02 01 0 2 on line 2376 0 02 01 0 3 on line 2376 0 02 01 1 488 on line 2376 0 02 01 1 489 on line 2376 0 02 01 1 490 on line 2376 0 02 01 1 491 on line 2376 0 02 01 2 40 on line 2376 0 02 01 2 41 on line 2376 0 02 01 2 42 on line 2376 0 02 01 2 43 on line 2376 0 02 01 3 50 on line 2376 0 02 01 3 51 on line 2376 0 02 01 3 52 on line 2376 0 02 01 3 53 on line 2376 0 Memory board perm base domain target deleted remaining DID XSB mem MB mem MB address mem MB XSB mem MB mem MB 02 01 0 8192 2048 0x000003c000000000 32768 02 01 1 8192 O 0x0000020000000000 32768 02 01 2 8192 O 0x000001c000000000 32768 02 01 3 8192 0 0x0000018000000000 32768 IO Devices DID XSB device resouce usage 02 01 0 sdo dev dsk c0t0d0s0 mounted filesystem 02 01 0 sdo dev dsk c0t0d0s1 swap area 02 01 0 sdo dev dsk c0t0d0s1 dump device swap 2 170 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 2 Use the showboards 8 command to display XSB status information XSCF gt showboards va XSB R DID LSB Assignment Pwr Con
289. h it is incompatible for in The documentation PCRE supplied the doc distributed under the same terms as the software itself directory is End PCRE LICENCE es ZeusBench V1 01 This program is Copyright C Zeus Technology Limited 1996 This program may be used and copied freely providing this copyright notice is not removed This software is provided as is and any express or implied waranties including but not limited to the implied warranties of merchantability and fitness for a particular purpose are disclaimed In no event shall Zeus Technology Ltd be liable for any direct indirect incidental special exemplary or consequential damaged including but not limited to procurement of substitute good or services loss of use data or profits or business interruption however caused and on theory of liability Whether in contract strict liability or tort including negligence or otherwise arising in any way out of the use of this software even if advised of the possibility of such damage Written by Adam Twiss adam zeus co uk March 1996 Thanks to the following people for their input Mike Belshe mbelshe netscape com Michael Campanella campanella stevms enet dec com ali Copyright c 1998 1999 2000 Thai Open Source Software Center Ltd and Clark Cooper Permission is hereby granted free of charge to any person obtaining a copy of this software and associated documentation files the Softw
290. h setting m When the XSCF Unit is redundant the https settings are automatically applied to the standby XSCF Unit b Using the self CA 1 Construct the self CA for the XSCF 2 Create a web server private key for the XSCF 3 Make a web server certificate self signed by the XSCF 4 Enable https When one option of the sethttps 8 command for the self authentication is specified the settings for Step 1 Step 3 above are automatically completed at a time m When the XSCF Unit is redundant the https settings are automatically applied to the standby XSCF Unit TABLE 2 15 lists setting items and the corresponding shell commands TABLE 2 15 https Administration Item Description Shell Command Remarks Display https Displays the https settings showhttps setting Information on whether https is enabled or disabled and key states are displayed Enabling Enables or disables https sethttps disabling 2 114 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 2 15 https Administration Continued Item Description Shell Command Remarks External When the external CA and CA in Intranet are sethttps Specify the following authentication used set the following Distinguished Name for e Create a web server private key of XSCF making a CSR e Make the Certificate Signing Request CSR e Country 2 letter Ex US by XSCF and Request the issue of the JP Province Locality certificate to CA Organization
291. hanging 2 179 Host watchdog function enabling or disabling 2 180 HTTPS administration 2 109 Importing a web server certificate by using the external CA or CA in intranet 2 113 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Installing and Uninstalling an ssh user public key 2 107 L LDAP 2 43 2 48 2 70 Locale setting 2 184 Locale Administration 2 184 Log audit B 10 confirm the audit trail B 10 B 12 B 13 console B 9 event B 7 humidity B 8 ipl B 9 panic B 9 power B 5 reference B 7 reference power logs B 9 temperature B 8 using the fmdump 8 command to confirm a fault B 4 using the showlogs 8 command to confirm a fault B 2 XSCF error log B 1 Log archiving enabling or disabling 2 125 Log archiving administration 2 123 Login to XSCF 2 3 5 7 9 7 M Mail administration 2 139 Mail report function enabling or disabling 2 142 Making XSCF DNS settings 2 29 Management information USM 2 137 VACM 2 138 Memory mirror mode 2 170 Message types A 1 Messages in functions A 3 information A 1 monitoring A 2 types A 1 warning A 1 MIB definition file 7 3 extended C 3 object identifiers C 1 standard C 3 Monitoring message A 2 Moving a system board from one domain to another 2 167 N Network configuration 2 16 NTP server configuring 2 95 P Parts fault notification 6 5 Password policy specifying 2 41 Permitting or refusing ssh
292. he PSB detail information This function is equivalent to the showfru 8 showhardconf 8 and showboards 8 commands Divides a PSB into XSBs and sets the memory mirror mode This function is equivalent to the setupfru 8 command Note In the M3000 server this function is not available 9 14 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 9 9 lists the functions for the domain configuration Select Operation Domain Configuration Domain Configuration in the Menu tree TABLE 9 9 Domain Configuration Function Remarks Domain configuration information display DCL Displays the DCL information for a system board in the specified domain and sets the configuration policy for the domain These functions are equivalent to the showdc1 8 and setdc1 8 commands In the M3000 server the information for domain ID 0 is displayed and only the configuration policy can be set Configure the DCL information Sets the DCL information Specify configuration for the LSB of a specified domain This function is equivalent to the setdc1 8 command For detail of configuration information see TABLE 2 26 In the M3000 server this function is not available XSB addition deletion and movement Specifies the XSB configuration modification to the domain as below e Assign or configure a system board to a domain e Delete a system board from a domain e Move a system board form one domain to another These
293. he Product Notes that apply to the firmware on your server and those that apply to the latest firmware release This chapter includes the following sections m Audience on page xiv m Related Documentation on page xiv m Text Conventions on page xvi m Syntax of the Command Line Interface CLI on page xvii a Documentation Feedback on page xvii Preface xiii Audience This guide is written for experienced system administrators with working knowledge of computer networks and advanced knowledge of the Oracle Solaris Operating System Oracle Solaris OS Related Documentation All documents for your server are available online at the following locations Documentation Link Sun Oracle software related manuals http www oracle com documentation Oracle Solaris OS and so on Fujitsu documents http www fujitsu com sparcenterprise manual Oracle M series server documents http www oracle com technetwork documentation s parc mseries servers 252709 html The following table lists titles of related documents Related SPARC Enterprise M3000 M4000 M5000 M8000 M9000 Servers Documents SPARC Enterprise M3000 Server Site Planning Guide SPARC Enterprise M4000 M5000 Servers Site Planning Guide SPARC Enterprise M8000 M9000 Servers Site Planning Guide SPARC Enterprise Equipment Rack Mounting Guide SPARC Enterprise M3000 Server Getting Started Guide SPARC Enterprise M4000 M5000 Ser
294. he Source form or documentation if provided along with the Derivative Works or within a display generated by the Derivative Works if and wherever such third party notices normally appear The contents of the NOTICE file are for informational purposes only and do not modify the License You may add Your own attribution notices within Derivative Works that You distribute alongside or as an addendum to the NOTICE text from the Work provided that such additional attribution notices cannot be construed as modifying the License You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use reproduction or distribution of Your modifications or for any such Derivative Works as a whole provided Your use reproduction and distribution of the Work otherwise complies with the conditions stated in this License 5 Submission of Contributions Unless You explicitly state otherwise any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License without any additional terms or conditions Notwithstanding the above nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 6 Trademarks This License does not grant permission to use the
295. he adduser 8 and deleteuser 8 commands Enabling disabling user accounts Enable and disable a user account The useradm privilege is required These functions are equivalent to the enableuser 8 and disableuser 8 commands User accounts information display and change Displays a user account information and changes the password privilege password policy The useradm privilege is required These function are equivalent to the password 8 setprivileges 8 and setpasswordpolicy 8 commands Your own account information display and Displays information of your own account without password change the useradm privilege and changes the password These functions are equivalent to the showuser 8 and password 8 commands Password policy display and setting Display the current system password policy And set the password policy that will be applied now These function are equivalent to the showpasswordpolicy 8 and setpasswordpolicy 8 commands Privileges for remote user account settings Change the privilege for a user account that is defined in an LDAP repository This function is equivalent to the setprivileges 8 command Note The login lockout function is not supported by XSCF Web Set the function by using setloginlockout 8 and showloginlockout 8 commands Chapter 9 Howto Use the XSCF Web 9 23 TABLE 9 17 lists the functions for configuring XSCF audit Select Settings Audit in the Menu tree TABLE 9
296. he corresponding shell commands TABLE 2 32 Domain Mode Configuration Item Description Shell command Remarks Display Displays domain host ID ethernet address mac showdomainmode domain mode address and domain mode setting information setting on the specified domain information Initial Sets the initial hardware diagnostic level for the setdomainmode The default level is diagnostic specified domain or all domains standard level The following diagnostic levels are available If you set this with diag e Maximum max domain power on an e Standard min error will occur e None none Host Enables on or disables off host watchdog and The host watchdog is watchdog break signal suppression for the specified domain enabled and the break Break signal or all domains signal suppression is suppression Jf Disable is specified host watchdog is not enabled by default secure performed and break signals are received for the To apply the setting to domain s the domain restart the domain Automatic Enables on or disable off automatic boot for The function is enabled boot the specified domain or all domains by default autoboot If the function is disabled automatic boot is not To apply the setting to performed for the domain s the domain restart the domain CPU Mode Specifies the setting method of the CPU The default setting is cpumode operational mode for CPUs mounted in the auto domain If you set this with The followi
297. he explanation of FIGURE 1 1 1 8 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 ACTIVE LED The ACTIVE LED lights up in green If the XSCF Unit is in a redundant configuration the ACTIVE LED indicates the active XSCF Unit Connector That Connects the XSCF Unit for the Base Cabinet With the XSCF Unit for the Expansion Cabinet The connector for connecting between XSCF Units is used to connect the Base cabinet to an Expansion cabinet on the M9000 server Field engineers should connect this connector 1 2 XSCEF Functions This section describes XSCF functions Monitoring the Server Status and RAS Function Fault Management XSCF constantly monitors the server status so the system can operate with stability If XSCF detects a system abnormality it collects a hardware log immediately and analyzes it to locate the fault and determine the failure status by using the Fault Management Architecture FMA XSCF displays the status and if necessary degrades the faulty parts degrades the faulty domains or resets the system to prevent another problem from occurring XSCF thereby maintains high system reliability availability and serviceability RAS XSCF Shell and XSCF Web XSCF provides the XSCF Shell and XSCF Web that enable the user to display the server status operate the system operate domains and display the console XSCF Unit Diagnosis When the input power is turned on or the XSCF is reset XSCF pe
298. he original version so that the original author s reputation will not be affected by problems that might be introduced by others Finally software patents pose a constant threat to the existence of any free program restrict the users of a free program by obtaining a restrictive license from a patent holder Therefore we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license We wish to make sure that a company cannot effectively Most GNU software including some libraries is covered by the ordinary GNU General Public License This license the GNU Lesser General Public License applies to certain designated libraries and is quite different from the ordinary General Public License We use this license for certain libraries in order to permit linking those libraries into non free programs When a program is linked with a library whether statically or using a shared library the combination of the two is legally speaking a combined work a derivative of the original library The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom The Lesser General Public License permits more lax criteria for linking other code with the library Lesser General Public License because it does Less to protect the user s freedom than the ordinary General Public License It also provides other f
299. iagnostic messages XSCF gt setad log clear Warning About to clear log file Continue y n y Change the Active Directory Settings Back to the Default Command operation 1 Use the showad 8 command to display the Active Directory settings XSCF gt showad dnslocatormode enabled expsearchmode enabled state enabled strictcertmode enabled timeout 10 logdetail trace 2 Use the setad 8 command to change the Active Directory setting back to the default XSCF gt setad default y Warning About to reset settings to default Continue y n y Chapter2 Setting Up XSCF 2 69 3 Use the showad 8 command to confirm the default settings XSCF gt showad dnslocatormode disabled expsearchmode disabled state disabled strictcertmode disabled timeout 4 logdetail none 2 70 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 22 0 LDAP SSL Administration LDAP SSL administration is used to specify items relating to LDAP SSL clients The LDAP SSL server loading of server certificate group name privileges user domain log and so on are set In the LDAP SSL server the XSCF user information is managed Note This section does not cover LDAP SSL configuration and administration An administrator who is familiar with LDAP SSL should perform the LDAP SSL design TABLE 2 9 lists terms used in LDAP SSL Administration TABLE 2 9 LDAP S
300. ication or fault information can be confirmed by accessing the specified URL according to the message ID GSUNW MSG ID displayed on the domain console If no message ID MSG ID is found acquire detailed information from the syslog information 4 To acquire more detailed information log in to the XSCF and perform the fmdump 8 or showlogs 8 command to identify the fault information For details of these two commands see Appendix B 5 Repair the fault according to processing recommended by the information provided on the specified URL Note In some cases the user may recognize the fault by referring to the console messages panic messages IPL messages or monitoring messages stored in the XSCF log The showlogs 8 command of the XSCF Shell with each log option specified can be used to reference this log information Note For up to date URL information see the web site information about the messages listed in the Product Notes for your server Recognizing a Fault in a Message Reported by Email 1 The user recognizes status notification or fault information as the Subject of the email reported by XSCF or in the text of the message For an example of a mail message see Chapter 6 2 According to the displayed message ID MSG ID the user can access the specified URL to confirm the information Authorized service personnel can use the DIAGCODE output in the message to acquire detailed information 3 To obtain more deta
301. ided with the package Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain the copyright notice this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 All advertising materials mentioning features or use of this software must display the following acknowledgement This product includes cryptographic software written by Eric Young eay cryptsoft com The word cryptographic can be left out if the rouines from the library being used are not cryptographic related E 16 4 If you include any Windows specific code or a derivative thereof from the apps directory application code you must include an acknowledgement This product includes software written by Tim Hudson tjh cryptsoft com THIS SOFTWARE IS PROVIDED BY ERIC YOUNG AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCL
302. ied with the usermap operand rather than userdomain are used for user authentication Display the settings of usermap Configures the usermap The usermap is used for user authentication Enables or disables the strictcertmode If strictcertmode is enabled the server s certificate must have already been uploaded to the server so that the certificate signatures can be validated when the server certificate is presented Displays the following e Certificate information for the primary and up to five alternate LDAP SSL servers e The full certificate Shell command Remarks showldapss1l setldapssl LDAP SSL is disabled by default showldapssl A port number of 0 indicates that the default port for LDAP SSL is used setldapssl When the port number is not specified the default port is used setldapssl The usermapmode is disabled by default showldapss1l setldapssl The usermapmode must be enabled for using usermap setldapssl Thestrictcertmode is disabled by default showldapssl Chapter 2 Setting Up XSCF 2 73 TABLE 2 10 LDAP SSL Administration Continued Item Description Shell command Remarks Load Delete Loads or deletes the certificate of primary and setldapssl The strictcertmode must be in certificate up to five alternate LDAP SSL servers the disabled state for a certificate to be removed Display Displays the userdomain showldapss1 userdomain Userdomain Configures up to five userdomain
303. ilable por Domain system reset request Domain panic instruction xir Domain CPU reset Sets the warm up time and the air conditioning wait time Displays the warm up time and the air conditioning wait time settings Sets the UPS shutdown delay time at power failure Displays the UPS shutdown delay time at power failure Sets the dual power feed Displays the dual power feed Enables or disables the CHECK LED blinking Displays the LED status Switches the XSCF Unit state Active Standby Configures the External I O Expansion Unit IOBOX Displays the External I O Expansion Unit settings Sets Displays the number of clock unit CLKU used when the next platform is powered on Rewrites the OpenBoot PROM environment variable that is compulsory Gets the firmware update program Updates the firmware program Displays the comprehensive firmware XCP version Displays the XSCF firmware version Displays the OpenBoot PROM firmware version Displays the FRU ROM data Saves XSCF configuration information to the specified destination Restores XSCF configuration information from the specified destination 5 6 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 5 1 XSCF Commands Continued Command Description restoredefaults Initializes the server or XSCF Unit to the factory shipping state snapshot Saves log information to the specified destination showmonitorlog Displays the XSCF monitori
304. ilable so the operator s update is needed 8 8 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 8 1 describes the firmware update types and update times TABLE 8 1 Firmware Update Types and Timing Type Description Conditions Update Time Operator s update XCP update Automatic update Automatic matching of versions Note In the M3000 server automatic update is not available Imports XCP and updates the XSCF firmware and OpenBoot PROM firmware on the XSBs belonging to all domains including pooled domains This is also referred to as XCP update e When a CPU Memory Board unit Note 1 is added or replaced or the XSCF Unit is replaced the firmware version of each replacement component is automatically matched to the version of the replaced component Note 2 However when a component is replaced in the state of input power off The cold replacement the firmware is not updated automatically e When the DR function is used to add move or replace a system board XSB the firmware version is automatically matched to the firmware version in the domain that uses the system board The system power is off input power is on and all domains are stopped or power to the domains is on Note The update is completed at the time of a reboot for application in all domains The system power is off input power is on and all domains are stopped
305. iled information log in to the XSCF and perform the fmdump 8 or showlogs 8 command to identify the fault information 4 Repair the fault according to the processing recommended by the information provided on the specified URL Recognizing Status Notification or Fault Information in an SNMP Trap Message 1 The user recognizes status notification or fault information in the trap information issued by the SNMP manager from the XSCF The contents of the report are the same as those of email 2 Perform Step 2 to Step 4 above in Recognizing a Fault in a Message Reported by Email A 4 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Recognizing Status Notification or Fault Information in a Monitoring Message on the XSCF Shell Terminal 1 The user recognizes status notification or fault information in a XSCF monitoring message output by using showmonitorlog 8 comannd The following shows an example of the XSCF monitoring message Jun 16 12 20 37 JST 2005 FF2 5 0 Alarm CMU 0 CPU 0 XSCF Uncorrectable error 80006000 20010000 0108000112345678 The example is subject to change without previous notice for functional improvement 2 To obtain more detailed information specify the error option and perform the showlogs 8 command to identify fault information 3 In the XSCF error log confirm the contents of entry corresponding to the fault See Appendix B 4 Specify the error detail option in sho
306. ileges lookup Local only Authentication lookup Local and LDAP 2 Use the set lookup 8 command to enable or disable the LDAP server lt Example gt Enable the use of LDAP server for both user authentication and user privilege XSCF gt setlookup a ldap XSCF gt setlookup p ldap 3 Use the showlookup 8 command to confirm the lookup method XSCF gt showlookup Privileges lookup Local and LDAP Authentication lookup Local and LDAP Specifying an LDAP Server Port Number Bind ID Bind Password Search Base BaseDN and Search Time Timeout Period Command operation 1 Use the showldap 8 command to display LDAP client settings XSCF gt showldap Bind Name Not set Base Distinguished Name Not set LDAP Search Timeout 0 Bind Password Not set LDAP Servers Not set CERTS None SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 2 Use the setldap 8 command to configure an LDAP client lt Example 1 gt Specify bind ID and search base baseDN XSCF gt setldap b cn Directory Manager B ou People dc users dc ap1 dc com o isp lt Example 2 gt Specify bind password XSCF gt setldap p Password XXXXXXxXX lt Example 3 gt Specify the primary and secondary LDAP servers and port numbers XSCF gt setldap s ldap onibamboo 389 1daps company2 com 636 lt Example 4 gt Specify the timeout period for LDAP search XSCF gt setldap
307. iling lists source code control systems and issue tracking systems that are managed by or on behalf of the Licensor for the purpose of discussing and improving the Work but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as Not a Contribution Contributor shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work 2 Grant of Copyright License this License each Contributor Subject to the terms and conditions of hereby grants to You a perpetual worldwide non exclusive no charge royalty free irrevocable copyright license to reproduce prepare Derivative Works of publicly display publicly perform sublicense and distribute the Work and such Derivative Works in Source or Object form 3 Grant of Patent License Subject to the terms and conditions of this License each Contributor hereby grants to You a perpetual worldwide non exclusive no charge royalty free irrevocable except as stated in this section patent license to make have made use offer to sell sell import and otherwise transfer the Work where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution s alone or by combination of their Contribution s with the Work to which such Contribution s was submitted If You ins
308. ilreport E Mail Reporting enabled Recipient Address xxxxx example com 4 Confirm the test mail by checking if an email with the subject Test Mail was received Domain Configuration Domain Configuration logically assigns by partitioning multiple system boards XSBs mounted in the server to domains One PSB can be logically divided into 1 Not divided or 4 units It cannot be divided into 2 or 3 There are two PSBs in the maximum M4000 M5000 server configuration You can assign each of the divided system boards to any of the configured domains In the M3000 server however the system board cannot be configured The system board has been configured to 1 unit Not divided by default For details on whether to divide a PSB into 1 Not divided or 4 units see Section 2 2 14 System Board Configuration on page 2 175 2 146 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 In the M3000 server you cannot perform the operations such as setting the domain configuration or adding or deleting the system board Domain has been configured by default and cannot be changed However you can set the configuration policy and display the domain information For an overview of the domain and the system board see the Overview Guide for your server Also for an overview of the components see the Service Manual for your server TABLE 2 23 lists terms used in Domain Configuration TABLE 2 23 Domain Configur
309. in 1 none domain 2 none domain 3 none domain 4 none domain 5 none 2 Use the setldapss1 8 command to set the user domain lt Examplel gt Set the user domain 1 XSCF gt setldapssl userdomain i 1 davidc example2 aCompany com lt Example2 gt Set the user domain 2 XSCF gt setldapssl userdomain i 2 CN lt USERNAME gt CN Users DC davidc DC example2 DC aCompany DC com 3 Use the showldapss1 8 command to confirm the user domain XSCF gt showldapssl userdomain domain 1 lt USERNAME gt davidc example2 aCompany com domain 2 CN lt USERNAME gt CN Users DC davidc DC example2 DC aCompany DC com domain 3 none domain 4 none domain 5 none Setting default roles a Command operation 1 Use the showldapss1 8 command to display default roles XSCF gt showldapssl defaultrole Default role none 2 Use the setldapss1 8 command to set default roles XSCF gt setldapssl defaultrole platadm platop 2 84 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 3 Use the showldapss1 8 command to confirm the default roles XSCF gt showldapssl defaultrole Default role platadm platop Chapter 2 Setting Up XSCF 2 85 2 86 Setting Group name and privileges a Command operation 1 Use the showldapss1 8 command to display the group name lt Example1 gt Displa
310. information in a format specific to the platform Conversely the fmdump command displays fault information in a format compatible with the Oracle Solaris OS This latter command is provided for users who are familiar with the Oracle Solaris OS When the log is referenced by these two commands there is a difference in display format but little difference in the information Use these commands in the following cases m To check whether a fault occurred if a message is output to the domain console and XSCF console See Appendix A m To check whether the information is fault information if it was reported to the previously registered email address m To check whether the information is fault information if TRAP occurred in the SNMP manager Using the showlogs 8 Command to Confirm a Fault 1 Specify the error option on the XSCF Shell and perform the showlogs 8 command to reference the XSCF error log XSCF gt showlogs error Date Mar 30 15 45 31 JST 2005 Code 00112233 44556677 8899aabbcceeff00 Status Warning Occurred Mar 30 15 45 26 000 JST 2005 FRU PSU 1 PSU 2 Msg ACFAIL occurred ACS 3 FEP type A1 Date Mar 30 17 45 31 JST 2005 Code 00112233 44556677 8899aabbcceeff00 Status Alarm Occurred Mar 30 15 45 26 000 JST 2005 FRU PSU 1 PSU 2 Msg ACFAIL occurred ACS 3 FEP type Al The layout of the command example is subject to change without previous notice for functional improvement In the example above
311. ing and DNS In the M8000 M9000 servers subsequently to the XSCFU O0 side specify the host name and the routing of the XSCFU 1 side See showhostname 8 sethostname 8 showroute 8 setroute 8 shownameserver 8 and setnameserver 8 6 Configure IP packet filtering rules Configure IP packet filtering rules for XSCF LANs See showpacket filters 8 setpacket filters 8 7 Apply network settings See applynetwork 8 rebootxsc 8 Note An XSCF reset or failover might prevent any of the setting commands operation from completing If a reset or failover occurs during the setting operation log in to the active XSCF to determine if the operation succeeded If not try it again SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Enabling or Disabling the XSCF Network and Specifying an IP Address and Netmask for the Network and DSCP Command operation 1 Use the shownetwork 8 command to display network interface information lt Example 1 gt Display information on all network interfaces of XSCF XSCF gt shownetwork a lt Example 2 gt Display information on network interfaces of LAN 1 in the XSCF Unit 0 XSCFU 0 XSCF gt shownetwork xscf 0 lan 1 xscf 0 lan 1 Link encap Ethernet HWaddr 00 0A 48 09 C9 0E inet addr 192 168 10 11 Bcast 192 168 10 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 54424 errors 0 dropped 0 overruns 0 frame 0 TX
312. ing distributing or modifying the Library or works based on it 10 or any work based on the Library the recipient automatically receives a license from the original distribute link with or modify the Library subject to these terms and conditions You may not impose any further restrictions exercise of the rights granted herein You are not responsible for enforcing compliance by third parties with this License Each time you redistribute the Library licensor to copy on the recipients 11 If as a consequence of a court judgment or allegation of patent infringement or for any other reason not limited to patent issues whether by court order agreement or that contradict the conditions of this License they do not If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations then as a consequence you may not distribute the Library at all For example if a patent license would not permit royalty free redistribution of the Library by all those who receive then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library conditions are imposed on you otherwise excuse you from the conditions of this License copies directly or indirectly through you If any portion of this section is held invalid or unenforceable under any the balance of the section is intended to apply and the section as a whole is int
313. ing a User Account in an Access Control Group Deleting a User Account From an Access Control Group Creating and Deleting MIB Access Control Views Providing an MIB Access Control View to a Group and Deleting a Group From All MIB Access Control Views All of Which is VACM Management Information Command operation 1 Use the showsnmpvacm 8 command to display VACM management information XSCF gt showsnmpvacm Groups Groupname Username XXXXX userl user2 Views View Subtree Mask Type all_view sl ff include Access View Group all_view XXXXX 2 142 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 22 12 2 Use the setsnmpvacm 8 command to set VACM management information lt Example 1 gt Add a user to an access control group XXXXX XSCF gt setsnmpvacm creategroup u yyyyy XXXXX lt Example 2 gt Delete a user from an access control group XXXXX XSCF gt setsnmpvacm deletegroup u yyyyy XXXXX lt Example 3 gt Create an MIB access control view without conditions XSCF gt setsnmpvacm createview s 1 all_view lt Example 4 gt Create an MIB access control view by using an OID mask XSCF gt setsnmpvacm createview s 1 3 6 1 2 1 m fe excl_view lt Example 5 gt Delete an MIB access control view XSCF gt setsnmpvacm deleteview s 1 3 6 1 2 1 excl_view lt Example 6 gt Provide an MIB access control view to a group XSCF gt setsnmpvacm createaccess r all_view XXXXX lt Exampl
314. initial diagnostic level information of enabled or disabled status on break signal sending Host watchdog automatic boot and displays CPU operation mode ethernet address mac address sendbreak Sends a break signal to the server showresult Displays the exit status of the most recently executed command setlocale Sets locale showlocale Displays locale setaltitude Sets altitude showaltitude Displays altitude cfgdevice Sets the connection destination of the DVD drive unit and tape drive unit Displays the setting status information console Connects to a domain console showconsolepath Displays the operating status of the main console Chapter 5 Overview of the XSCF Shell 5 5 TABLE 5 1 XSCF Commands Continued Command Description showenvironment Displays the temperature humidity voltage fan rotation speed power consumption and exhaust airflow showstatus Lists degraded components showhardconf Displays all components mounted in the server poweron Turns on power to all domains or the specified domain poweroff Turns off power to all domains or the specified domain reset Resets the specified domain setpowerupdelay showpowerupdelay setshutdowndelay showshutdowndelay setdualpowerfeed showdualpowerfeed setlocator showlocator switchscf ioxadm clockboard setdomparam getflashimage flashupdate version prtfru dumpconfig restoreconfig Note The following three reset modes are ava
315. ins and XSBs for Each System System Range of Domain ID Maximum Number of XSBs Memory Mirror Note Entry level systems Midrange systems High end systems High end system with expansion cabinet The system containing 1 CPU chip M3000 server The system containing up to 4 CPU chips M4000 server The system containing up to 8 CPU chips M5000 server The system containing up to 32 CPU chips M9000 The system containing up to 16 CPU chips M8000 The system containing up to 64 CPU chips M9000 0 1 4 1x4 8 2 x 4 32 8 x 4 16 4x 4 64 16 x 4 Not available Enabled for both Uni XSBs and Quad XSBs Uni XSBs only Enabled Note Enabling Memory Mirror would require twice the amount of memory of a domain used for operation If the system board is a Quad XSB in the M8000 M9000 servers Memory Mirror cannot be used TABLE 2 25 lists the PSB XSB and LSB numbers to be assigned The PSB number is same as the CPU Memory Board unit or I O unit slot number 2 150 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 If a PSB has one XSB number the Uni XSB configuration is assumed and if it has four XSB numbers the Quad XSB configuration is assumed TABLE 2 25 PSB XSB and LSB Numbers to be Assigned Decimal PSB Number Note XSB Number Uni XSB Note XSB Number Quad XSB Note LSB Number 00 01 02
316. ion RW console RW Read and Write This is a write enabled OS console domain console RO console RO Read Only This is a read only OS console SSH Client In this system you can use the following SSH clients m Oracle Solaris Secure Shell OpenSSH m PuTTY m UTF 8 TeraTerm Pro with TTSSH2 Please refer to each software manual for command usage instructions TABLE 2 13 lists setting items and the corresponding shell commands TABLE 2 13 SSH Telnet Administration Item Description Shell command Remarks Display SSH setting information Enable disable SSH SSH access control from domain Displays SSH settings Information on whether SSH is enabled or disabled SSH access control from domain the host key fingerprint and your user public key is displayed Enables or disables SSH Specifies whether or not to permit SSH access from domain via the DSCP showssh setssh setssh The SSH port number is 22 When the user public key is displayed with a user name the useradm privilege is required The SSH is disabled by default The SSH access is permitted by default Specifies deny when you don t want to login to XSCF using SSH from domain via the DSCP Chapter 2 Setting Up XSCF 2 105 TABLE 2 13 SSH Telnet Administration Continued Item Description Shell command Remarks Host key Generates an SSH2 host key RSA key and setssh When the SSH is enabled DSA
317. ion data for X11 forwarding Last login Mon Sep 1 10 19 37 2006 from client XSCF gt Operation For Connecting Via the XSCF LAN Telnet This section describes how to log in to XSCF via an XSCF LAN telnet connection 1 Enter the IP address or host name of XSCF and port number 23 and use telnet via XSCF LAN 2 Enter a user account and password from the XSCF console 3 Enter XSCF commands at the shell prompt XSCF gt that is displayed after you login to XSCF 4 The following is a login example login jsmith Password XXXXXXXX XSCF gt 5 10 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 2 0 View Server Status and Control Commands This section describes the typical XSCF Shell commands that can be used to display the server status operate the server and control the server For details on the commands see the man page or the XSCF Reference Manual For XSCF setup commands see Chapter 2 m showenvironment m showlocator setlocator m showconsolepath fmadm fmdump fmstat m showdomainstatus m reset poweron poweroff m sendbreak showenvironment The showenvironment 8 command displays the values of all sensors in the server By finding out the intake temperature humidity voltage and fan rotation speed in the server the system administrator can check for errors in the system environment In addition by knowing the power consumption and volum
318. isplaying temperature voltage power Displays the exhaust temperature voltage value consumption and fan information and fan speed of each component Also displays the power consumption of server The power consumption is displayed for the M3000 server This function is equivalent to the showenvironment 8 command Chapter9 Howto Use the XSCF Web 9 11 TABLE 9 4 lists the functions for displaying the status of a domain Select Status Domain Status in the Menu tree TABLE 9 4 Domain Status Display Function Remarks Domain configuration information display Domain status display XSB information display Displays the XSB number corresponding to each LSB number of each domain in the form of a table Note In the M3000 server this function does not display the table of the corresponding XSB and LSB but displays the detail information which is displayed with the domain status display function and the XSB information display function Configuration policy and domain power status are displayed This function is equivalent to the showdc1 8 command XSB status is displayed This function is equivalent to the showdc1 8 showboards 8 and showstatus 8 commands TABLE 9 5 lists the function for displaying the status of CPU memory and I O devices in each XSB Select Status Device Status in the Menu tree TABLE9 5 Device Status Display Function Remarks CPU status display Memory informati
319. it 4 If you find an unmatched version of the replaced XSCF Unit select the XCP sync In the window match the version of the current firmware 5 Display the XCP version and XSCF firmware version and confirm them Chapter 8 Upgrade of XSCF Firmware and Maintenance 8 21 8 22 Confirming That the XSCF Firmware Is Updated When the XSCF Unit Is Replaced in a System With a Single XSCF Unit or Both Replacement in a System With Redundant XSCF Units 1 Turn on power to the server after completing the XSCF Unit replacement task 2 If the replacement unit and the replaced unit have different versions a message is displayed such as the following In this case the firmware is not updated automatically The operator must perform a update to match the number of the firmware versions Panel XCP version of Panel EEPROM 1080 XSCF FM EEPROM and XSCF FMEM mismatched EM 1090 3 When you update follow the procedure in Updating XCP From External Media or Updating XCP From the Network to update XCP and confirm the version Confirming That the XSCF Firmware Is Updated When the MBU Is Replaced in the M3000 server 1 Turn on power to the server after completing the Motherboard unit replacement task 2 If the replacement unit and the replaced unit have different versions a message is displayed such as the following In this case the firmware is not updated automatically The operat
320. item Therefore you will occasionally see more messages SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 APPENDIX A Warning and Information Messages This appendix explains the XSCF fault and informational messages output during the operation with the console mail or SNMP function of the server A 1 Message Types m syslog message The Oracle Solaris OS outputs this message to the domain console For instructions on how to reference syslog messages see the Oracle Solaris OS documentation m FMA message The FMA message describes the results of a diagnosis automatically generated for hardware or software faults by the server s Fault Management Architecture FMA fault management facility When this message is output to the domain console the user can identify the portion corresponding to the notified fault in the server The FMA message is retained as log information in a fault log or error log The Oracle Solaris fmdump 1M command or the fmdump 8 or showlogs 8 command of the XSCF Shell can be used to display the message contents for more detailed investigation The user can also confirm the contents by using the specified URL based on the MSG ID displayed on the console m IPL message This message is output during the system startup The IPL message is output to the domain console and retained as log information in an IPL log in the XSCF The IPL log retains the information corresponding t
321. itioning wait time is intended to prevent the server from performing power on processing until the room temperature environment is prepared by air conditioning facilities Once the air conditioning wait time is set the server will start power on processing after its power is turned on and the set air conditioning time elapses a Command operation 1 Use the showpowerupdelay 8 command to display the air conditioning wait time wait time XSCF gt showpowerupdelay warmup time 10 minute s wait time 20 minute s 2 Use the setpowerupdelay 8 command to set the air conditioning wait time Set the air conditioning wait time from 0 to 255 min The default is 0 min lt Example gt The air conditioning wait time is set to 15 min XSCF gt setpowerupdelay c wait s 15 3 Use the showpowerupdelay 8 command to confirm the setting Also to apply the setting turning on the server power supply XSCF gt showpowerupdelay warmup time 10 minute s wait time 15 minute s 4 Confirm whether the setting time is valid when turning on the server power supply the next time by checking the time from when you perform the power on till when the power supply unit is actually turned on Chapter 4 Operation of the Server 4 21 4 4 9 4 22 Warm Up Time Administration The warm up time is intended to prevent the power supply unit and the fan from running until the power supply environments of peripheral units ar
322. iversity see Copyright below Portions of Content MD5 code Copyright C Research Inc Bellcore see Copyright below Portions extracted from mpack John G Myers jgm cmu edu 1994 Jeff Hostetler Cc 1993 Spyglass 1994 by Carnegie 1991 Bell Communications Content MD5 Code contributed by Martin Hamilton martin net lut ac uk these portions extracted from mpack John G Myers jgm cmu edu C Copyright 1993 1994 by Carnegie Mellon University All Rights Reserved Permission to use copy modify distribute and sell this software and its documentation for any purpose is hereby granted without fee that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation and that the name of Carnegie Mellon University not be used in advertising or publicity pertaining to distribution of the software without specific written prior permission Carnegie Mellon University makes no representations about the suitability of this software for any purpose It is provided as is without express or implied warranty provided CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE FOR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES
323. key first the host key is generated The DSA key length is 1024 bits The RSA key length is 1024 bits by default Either 2048 or 1024 can be specified for RSA key length Display Displays telnet settings showtelnet The telnet port number is telnet setting The displayed telnet settings include 23 information information indicating whether telnet is enabled or disabled Enable Enables or disables telnet settelnet The telnet is disabled by disable telnet default Display Display the timeout period for automatic showautologout timeout logout timeout After logging in XSCF if the system is not setautologout The default timeout period used for a certain period logout is is 10 minutes A value automatically performed Specify the timeout ranging from 1 to 255 can period minutes Note that no time be specified for the monitoring is performed while the domain timeout period console is the current console Install Install and uninstall the SSH user public key setssh When you install Uninstall uninstall the user public user public key One user can install multiple user public keys key the useradm privilege is required 2 106 To enable the SSH to set the SSH access control from domain and to disable the telnet the XSCF reset is required Please reset the XSCF using by reboot xsc 8 command After the XSCF reset the XSCF session is disconnected Please log in again to the XSCF The SSH or telnet settings are automatica
324. key for the archive host use RSA An MD5 key The public key is specified in any of the is displayed fora following ways fingerprint e Not specified e Ifa public key is set but e Specifying a key by downloading it from the tiot used for this archive host authentication the blic key is deleted e Using text to specify a public key for the aa 18 deere archive host Capacity Sets limits for the space consumed by archives setarchiving Specify integer values in There are two limits one for each category of units of megabytes for the logs capacity in order e Audit log beginning with the audit e Other logs log and then other logs Note 1 The ranges for this setting are as follows Note 2 Audit log 0 or unlimited 500 50000 Other logs 500 50000 Note For the types of logs that can be saved see Chapter 8 Note When you set neither a defined value nor a value outside the specified range an error is displayed In this event no setting is made and the process is terminated 2 128 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Specifying a Host Name Directory Name Login User Name and Password for the Target of Log Archiving and Enabling or Disabling the Log Archiving Command operation 1 Use the showarchiving 8 command to display log archiving settings lt Example gt No values have been set for the settings XSCF gt showarchiving Archiving Configuration
325. ks Display settings Display the altitude settings for the server showaltitude Altitude Specify the location altitude of the server setaltitude A negative altitude A set unit is specified in increments of 100 meters cannot be set The setting of less than 100 meters is rounded up Setting Altitude a Command operation 1 Use the showaltitude 8 command to check the current altitude settings XSCF gt showaltitude 1000m 2 Use the setaltitude 8 command to set the altitude settings lt Example 1 gt Specify an altitude of 1000 meters XSCF gt setaltitude s altitude 1000 1000m lt Example 2 gt Specify an altitude of 200 meters XSCF gt setaltitude s altitude 200 200m Note To apply the specified configuration execute the rebootxsc 8 command and reset XSCF Chapter 2 Setting Up XSCF 2 191 2 2 18 DVD Drive Tape Drive Unit Administration DVD drive tape drive unit configuration is used to specify a DVD drive unit and tape drive unit by specifying a PCI card port that can connect to the DVD tape drive Note A DVD drive unit and tape drive unit needs to be specified only for M8000 M9000 servers In an M3000 M4000 server the MBU 0 on a MBU_A has the DVD drive unit In an M5000 server the MBU 0 on a MBU_B has the DVD drive unit TABLE 2 37 lists terms used in DVD drive tape drive unit administration TABLE 2 37 DVD Drive Tape Drive Unit Administration Terms T
326. l property of Licensor except as expressly stated herein No patent license is granted to make use sell or offer to sell embodiments of any patent claims other than the Licensed Claims defined in Section 2 No right is granted to the trademarks of Licensor even if such marks are included in the Original Work Nothing in this License shall be interpreted to prohibit Licensor from licensing under different terms from this License any Original Work that Licensor otherwise would have a right to license 5 External Deployment The term External Deployment means the use or distribution of the Original Work or Derivative Works in any way such that the Original Work or Derivative Works may be accessed or used by anyone other than You whether the Original Work or Derivative Works distributed to those persons made available as an application intended for use over a computer network or used to provide services or otherwise deliver content to anyone other than You As an express condition for the grants of license hereunder You agree that any External Deployment by You shall be deemed a distribution and shall be licensed to all under the terms of this License as prescribed in section 1 c are herein 6 Warranty and Disclaimer of Warranty LICENSOR WARRANTS THAT THECOPYRIGHT IN AND TO THE ORIGINAL WORK IS OWNED BY THE LICENSOR OR THAT THE ORIGINAL WORK IS DISTRIBUTED BY LICENSOR UNDER A VALID CURRENT LICENSE FROM THE COPYRIGHT OWNER EXCEPT AS EXP
327. ld by third parties and the software includes parts that are not under my direct control As far as I know all included source code is used in accordance with the relevant license agreements and can be used freely for any purpose the GNU license being the most restrictive see below for details SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 However none of that term is relevant at this point in time All of these restrictively licenced software components which he talks about have been removed from OpenSSH i e RSA is no longer included found in the OpenSSL library IDEA is no longer included its use is deprecated DES is now external in the OpenSSL library GMP is no longer used and instead we call BN code from OpenSSL Zlib is now external in a library The make ssh known hosts script is no longer included TSS has been removed MD5 is now external in the OpenSSL library RC4 support has been replaced with ARC4 support from OpenSSL Blowfish is now external in the OpenSSL library The licence continues Note that any information and cryptographic algorithms used in this software are publicly available on the Internet any major bookstore scientific library and patent office worldwide More information can be found e g at http www cs hut fi crypto and at The legal status of this program is some combination of all these permissions and restrictions will be r
328. le m Log in lt Web browser screen image gt login yyyy Password XXXXXXXX This screen image is an example and differs from the actual screen display Note When connecting using https a warning message appears in the web browser until the certificate is installed 11 Open the XSCF Administration window lt Web browser screen image gt XSCF Web console Remote Maintenance Service Administration Firmware Update This screen image is an example and differs from the actual screen display m The remaining setting items are the same as those applicable to setup using the XSCF Web Referring to the setup flow proceed to Step 9 and later steps in Section 2 1 1 Setup Summary by the XSCF Shell on page 2 3 For details on the commands used to make settings see the corresponding parts of Section 2 2 Specifying the XSCF Settings on page 2 15 2 14 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 22 Specifying the XSCF Settings This section describes the XSCF settings in detail XSCF settings can be made in the following ways On the PC connected to the serial port or you can specify the IP address of the XSCF to establish a connection to the XSCF and then use the XSCF Shell over an Ethernet or a user LAN connection Specify the host name or the IP address of the XSCF in a web browser running on a PC with an XSCF LAN connection in order to
329. le on the personal computer that is directly connected to XSCF through the serial port to log in to the XSCF Shell and check the XSCF LAN settings by using the shownetwork 8 command Could Not Connect Using SSH to XSCF via the XSCF LAN Check the LAN cable connection between the XSCF terminal and the server Use the shownetwork 8 command to check whether the setting for the XSCF LAN is enabled Use the showssh 8 command to check whether the setting for SSH is enabled Check whether the entered IP address and port number match their settings Confirm that the number of connections using telnet SSH does not exceed limit For information about the limitation see Chapter 3 If necessary use the console on the personal computer that is directly connected to XSCF through the serial port to log in to the XSCF Shell and check the XSCF LAN settings using the shownetwork 8 command Check whether the host key has the correct setting During XSCF Unit replacement the host key setting is restored to the preset key setting of XSCF Check whether the client software has the correct settings D 2 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Do Not Know the IP Address of XSCF Use the shownetwork 8 command to check the current network configuration If it has not yet been set ask the network administrator to check the setting If necessary use the console on the personal computer that is directly connected to XSCF
330. le should have lt one line to give the library s name and a brief idea of what it does gt Copyright C lt year gt lt name of author gt This library is free software you can redistribute it and or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation either version 2 1 of the License or at your option any later version This library is distributed in the hope that it will be useful but WITHOUT ANY WARRANTY without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE See the GNU Lesser General Public License for more details You should have received a copy of the GNU Lesser General Public License along with this library if not write to the Free Software Foundation Inc 51 Franklin Street Fifth Floor Boston MA 02110 1301 USA Also add information on how to contact you by electronic and paper mail You should also get your employer if you work as a programmer or your school if any to sign a copyright disclaimer for the library if necessary Here is a sample alter the names Yoyodyne Inc hereby disclaims all copyright interest in the library Frob a library for tweaking knobs written by James Random Hacker lt signature of Ty Coon gt 1 April 1990 Ty Coon President of Vice That s all there is to it Version 1 1 The Apache Software License Copyright reserved c 2000 2003 The Apache Software
331. les disables SNMPv1 and SNMPv2c setsnmp The community string SNMPv2c communication used to enable communication SNMPv1 SNMPv2c is Read Only SNMPv3 trap Makes the following SNMPv3 trap settings setsnmp e Must start with Ox but e User name Note 1 also consist of an even e Authentication password Note 1 eee of hexadecimal e Encryption password Note 1 Da One of the following two e Engine ID of local agent or request of an He ae authentication acknowledgement from the receiving host algorithms is selected Port number of the trap destination MD5 Secure Hash e Host name of the trap destination Algorithm SHA e The default values of the trap destination host are to be defined e The default port number of the trap destination is 162 SNMPv1 Makes the following SNMPv1 and SNMPv2c_ setsnmp e One of the following SNMPv2c Trap trap settings three trap types is e Trap type setting selected v1 v2 inform e Community string Note 2 Port number of the trap destination Thedefault port number REES of the trap destination is e Host name of the trap destination 162 Disable Disables trap sending to the target host with setsnmp SNMPv3 trap the following specified e User name e Trap destination host Disable Disables trap sending to the target host with setsnmp SNMPv1 the following specified SNMPv2c trap Defined protocol type v1 v2c e Trap destination host Initialize SNMP Stops the SNMP agent and change
332. leted normally Failed A diagnosis error was detected and XSB continuous operation is not possible Chapter 2 Setting Up XSCF 2 153 TABLE 2 27 XSB Status Information Continued Item Explanation fault_code Indicates that state of a degradation in the XSB Fault Normal Normal Degraded A component is to be removed Faulted Error found in initial diagnosis Reservation Displays the reservation status of XSB R If mark is displayed in the XSB DR processing is reserved When the domain is rebooted the XSB is incorporated into or disconnected from the domain and the domain configuration is changed COD Displays the COD status of XSB COD Nis There is no components of COD Von There is a component of COD Note The result of the initial diagnosis by test sb 8 command is displayed in specified PSB Also you can use the showboards 8 command to check diagnosis results such as the Test or Fault status For details about the command see the XSCF Reference Manual In the M3000 server the test sbh 8 command is not available so confirm the diagnosis result by executing the poweron 8 command For details on XSB status transitions during system board installation removal and replacement in the server see the Dynamic Reconfiguration User s Guide 2 154 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Domain Hardware and Software Configurations
333. lication of that system it is up to the author donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License 8 If the distribution and or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries so that distribution is permitted only in or among countries not thus excluded In such case this License incorporates the limitation as if written in the body of this License 9 The Free Software Foundation may publish revised and or new versions of the General Public License from time to time Such new versions will be similar in spirit to the present version but may differ in detail to address new problems or concerns Each version is given a distinguishing version number If the Program specifies a version number of this License which applies to it and any later version you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation If the Program does not specify a version number of this License you may choose any version ever published by the Free Software Foundation 10 If yo
334. licy only Display domain status as follows Powered Off Power off state Initialization Phase State that POST is proceeding or initializing is started by OpenBoot PROM OpenBoot Executing Completed State that initializing is completed by OpenBoot PROM Booting OpenBoot PROM prompt The Oracle Solaris OS is booting Or due to the domain shutdown or reset the system is in the OpenBoot PROM running state or is suspended in the OpenBoot PROM ok prompt state Running State that Oracle Solaris OS is running Shutdown Started State that the power off is started Panic State State that panic is occurred and reset is not started One domain can use up to 16 LSBs The user can define the different XSB in each LSB by using XSCF Also multiple domains can assign LSBs to the same XSB If multiple domains assign them to the same XSB however the domains not using that XSB are in a state Unconfigured that does not allow them to use the XSB until the domain using it Assigned or Configured releases it Caution IMPORTANT If the XSB associated with the specified LSB has been configured in the domain configuration the information that is set for the LSB cannot be changed Also if the specified domain is running the value of configuration policy cannot be changed To change the value first turn off power to the domain TABLE 2 27 lists the XSB status information This information can be displayed by the showboards 8 comm
335. lled to copy the source along with the object code 4 You may not copy modify sublicense or distribute the Program except as expressly provided under this License Any attempt otherwise to copy modify sublicense or distribute the Program is void and will automatically terminate your rights under this License However parties who have received copies or rights from you under this License will not have their licenses terminated so long as such parties remain in full compliance 5 You are not required to accept this License since you have not signed it However nothing else grants you permission to modify or distribute the Program or its derivative works These actions are prohibited by law if you do not accept this License Therefore by modifying or distributing the Program or any work based on the Program you indicate your acceptance of this License to do so and all its terms and conditions for copying distributing or modifying the Program or works based on it SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 6 Each time you redistribute the Program or any work based on the Program the recipient automatically receives a license from the original licensor to copy distribute or modify the Program subject to these terms and conditions You may not impose any further restrictions on the recipients exercise of the rights granted herein You are not responsible for enforcing compliance by third parties to this
336. lly applied to the standby XSCF Unit for a system with a redundant XSCF configuration In this system the RW or RO consoles from multiple domains can be used Only one RW console can be used for each domain Use the console 8 command to specify either the RW console or RO console as a domain console For details about consoles see Chapter 3 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Note The control function of SSH access from domain by XSCF Shell command is supported only on M3000 M4000 M5000 M8000 M9000 servers that run certain versions of XCP firmware beginning with XCP 1081 Note The XCP 1110 is the first release to support the RSA key of 2048 bit length Chapter 2 Setting Up XSCF 2 107 Enabling or Disabling SSH Telnet a Command operation 1 Use the showssh 8 command to display SSH settings or use the showtelnet 8 command to display telnet settings lt Example 1 gt Display SSH settings XSCF gt showssh SSH status enabled SSH DSCP accept RSA key DSA key lt Example 2 gt Display telnet settings XSCF gt showtelnet Telnet status disabled 2 Use the setssh 8 command to make the SSH settings or use the settelnet 8 command to make the telnet settings lt Example 1 gt Enable SSH XSCF gt setssh c enable Continue y n y Please reset the XSCF by rebootxscf to apply the ssh settings lt Example 2 gt Disable telnet XSCF gt settel
337. logy Inc All rights Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution Neither the name of the Networks Associates Technology Inc nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE
338. ls on the High End Servers FIGURE 1 3 includes an outline drawing of the XSCF Unit front panel on the M8000 M9000 servers For connections between the model and an expansion cabinet an XSCF Unit as shown at the bottom of FIGURE 1 3 is mounted in the expansion cabinet The XSCF Unit of the M8000 M9000 servers is a removable unit In the M8000 M9000 servers for details on mounting the XSCF Unit see the SPARC Enterprise M8000 M9000 Servers Service Manual Chapter1 XSCF Overview 1 7 FIGURE 1 3 Outline Drawing of the XSCF Unit Front Panel In High End Servers XSCF Unit Front 1 La T E z XSCF Unit Front in Expansion cabinet co q fi ron ACTIVE o0 oA O O O T Number Description Number Description 1 Link Speed LED 7 RCI port 2 ACT LED 8 ACTIVE LED 3 ETHERNET 0 port 9 READY LED XSCF LAN 0 port 4 ETHERNET 1 port 10 CHECK LED XSCF LAN 1 port 5 USB port 11 Connector that connects the XSCF Unit for base cabinet with the XSCF Unit for expansion cabinet 6 Serial port The Link Speed LED ACT LED XSCF LAN ports USB port serial port RCI port READY LED and CHECK LED shown in FIGURE 1 3 have the same functions as those of the M3000 server For descriptions of their functions see t
339. lus any associated interface definition files plus the scripts used to control compilation and installation of the library Activities other than copying distribution and modification are not covered by this License they are outside its scope The act of running a program using the Library is not restricted and output from such a program is covered only if its contents constitute a work based on the Library independent of the use of the Library in a tool for writing it Whether that is true depends on what the Library does and what the program that uses the Library does 1 You may copy and distribute verbatim copies of the Library s complete source code as you receive it in any medium provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty keep intact all the notices that refer to this License and to the absence of any warranty and distribute a copy of this License along with the Library You may charge a fee for the physical act of transferring a copy and you may at your option offer warranty protection in exchange for a fee 2 You may modify your copy or copies of the Library or any portion of it thus forming a work based on the Library and copy and distribute such modifications or work under the terms of Section 1 above provided that you also meet all of these conditions a The modified work must itself be a software library b You must cause the
340. m is not used for a certain period logout is automatically performed Displays and specifies the timeout period in minutes The authentication timeout is 10 minutes by default The monitoring interval ranges from 1 to 255 minutes 9 28 Utility The Pages of Utility include remote maintenance service firmware update XSCF reset and XSCF switch M8000 M9000 servers only Note This document does not provide details on the function of the remote maintenance service For information of the remote maintenance service see the Product Notes for your server SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 9 25 lists the functions for the firmware update Select Utility Firmware Update in the Menu tree TABLE 9 25 Firmware Updating Function Remarks XCP version display XSCF OpenBoot PROM version display XCP importing Firmware update Version matching M8000 M9000 servers only Displays the XCP version This function is equivalent to the version 8 command Displays the XSCF firmware and the OpenBoot PROM firmware versions This function is equivalent to the version 8 command Import the XCP file into the server This function is equivalent to the getflashimage 8 command Update the firmwares of XCP This function is equivalent to the flashupdate 8 command Match the firmware versions of the two XSCF Units This is done when the XSCF Unit is repla
341. m the console 8 command After that you can use the domain console see Note below You can return to the XSCF Shell console by pressing the default escape character and period keys while holding down the Enter key The XSCF functions do not vary according to the port type Note that the XSCF Web cannot be used on PCs and workstations that are connected via serial port Note The function used to switch from the XSCF Shell to the domain console by a command is called the XSCF console redirection function In the server each system board is serially and directly connected to the XSCF Unit multipath configuration When the user performs the console 8 command XSCF automatically selects a path to the valid domain Chapter 3 Connecting to the XSCF and the Server 3 3 TABLE 3 1 lists the types of terminals connected to each port shown in FIGURE 3 1 and corresponding port numbers TABLE 3 1 Types of Terminals Connected With XSCF Port Terminal Type Port Number Cable XSCF LAN port XSCF Shell terminal 2 ports per XSCF Unit e 10 100 Mbps You can use the XSCF Shell with SSH or telnet connection Either of the two XSCF LAN ports can be used concurrently by more than one user Note 1 Switching to the domain console is enabled by the console 8 command For details on changing these default keys see the description on the console 8 command After login if the XSCF Shell is not used for a cert
342. mainID 0 DomainID 1 DomainID X Ethernet WM 1 6 Addresses of XSCF LAN Inside LAN 7 8 Addresses of Inter SCF Network ISN A 9 10 10 X Addresses of DSCP links Chapter 2 Setting Up XSCF 2 21 2 22 Number Description Number Description 1 XSCF LAN O0 address 7 ISN address XSCFU 0 side XSCFU O side 2 XSCF LAN 0 address 8 ISN address XSCFU 1 side XSCFU 1 side 3 Takeover IP address 9 DSCP link address between XSCF LAN 0s XSCF side 4 XSCF LAN 1 address 10 or DSCP link addresses XSCFU O0 side later Domains side 5 XSCF LAN 1 address XSCFU 1 side 6 Takeover IP address between XSCF LAN 1s XSCF network configuration procedure and the reference The procedure to set up the XSCF network is as follows Each step offers the detailed procedure reference Note You must set XSCF LAN ISN and DSCP to different subnet addresses If two XSCF LAN ports are used each must be assigned to a different subnet The ISN address has been set up with the default value see TABLE 2 2 1 Specify the IP address of Ethernet XSCF LAN You can use two XSCF LAN ports in accordance with the network configuration In the M3000 M4000 M5000 servers specify either or both of the following IP addresses m XSCF LAN 0 of XSCFU 0 See 1 in FIGURE 2 1 m XSCF LAN 1 of XSCFU 0 See 4 in FIGURE 2 1 In the M8000 M9000 servers subsequently to the XSCFU O side specify the IP address of XSCF LAN
343. mand a Change the clock source that the NTP server being set in XSCF refers to Use the showntp 1 command and check the clock source of the NTP server which is set in XSCF An NTP server which indicates the refid of LOCAL 0 in the output is referring to the local clock which has the address of 127 127 1 0 and you should change it to refer to another clock source When you change the clock source of an NTP server make sure in advance that it has no impact on other NTP clients b Change the address of the local clock of the NTP server Of the NTP server which XSCF refers to change the address of the local clock to 127 127 1 1 127 127 1 2 or 127 127 1 3 Change etc inet ntp conf of Oracle Solaris OS To enable the change restart of the NTP daemon is required When you change the address of the local clock of an NTP server make sure in advance that it has no impact on other NTP clients c Change the stratum value of the NTP server Of the NTP server which XSCF refers to change the stratum value to 1 An NTP server which has the stratum value of 1 becomes the most significant clock source and has no refid Therefore there is no chance that it will have the same address as the XSCF s own local clock When you change the stratum value of an NTP server make sure in advance that it has no impact on other NTP clients d Change the address of the XSCF s own local clock By using the setntp m localaddr value command ch
344. may distribute the programs of this Package in object code or executable form provided that you do at least ONE of the following a distribute a Standard Version of the executables and library files together with instructions in the manual page or equivalent on where to get the Standard Version b accompany the distribution with the machine readable source of the Package with your modifications c accompany any non standard executables with their corresponding Standard Version executables giving the non standard executables non standard names and clearly documenting the differences in manual pages or equivalent together with instructions on where to get the Standard version d make other distribution arrangements with the Copyright Holder 5 You may charge a reasonable copying fee for any distribution of this Package You may charge any fee you choose for support of this Package YOU MAY NOT CHARGE A FEE FOR THIS PACKAGE ITSELF However you may distribute this Package in aggregate with other possibly commercial programs as part of a larger possibly commercial software distribution provided that YOU DO NOT ADVERTISE this package as a product of your own 6 The name of the Copyright Holder may not be used to endorse or promote products derived from this software without specific prior written permission he THIS PACKAGE IS PROVIDED AS IS AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING WITHOUT LIMITATION THE I
345. me servers XSCF gt setnameserver c del a lt Example 3 gt Deletes the two DNS servers that is repeated three times XSCF gt shownameserver nameserver 10 24 1 2 nameserver 10 24 1 2 nameserver 10 24 1 2 XSCF gt setnameserver c del 10 24 1 2 10 24 1 2 XSCF gt shownameserver nameserver 10 24 1 2 lt Example 4 gt Add the one domain name companyl com as search path XSCF gt setnameserver c addsearch companyl com lt Example 5 gt Delete all available search paths XSCF gt setnameserver c delsearch a Note If you set the search path you must also specify the name server Chapter 2 Setting Up XSCF 2 31 2 32 Configuring IP Packet Filtering Rules for XSCF Network Command operation 1 Use the showpacket filters 8 command to display the IP packet filtering rules for XSCF LANSs 124 0 0 0 XSCF gt 102K ACCI 0 ACC 0 ACC 0 ACC EPT EPT prot all all all all lt Example 1 gt Display the IP packet filtering rules settings for XSCF network XSCF gt showpacketfilters a i xscf 0 lan 0 j ACC i xscf 0 lan 1 j ACC s 173 16 0 0 255 255 0 0 j ACCEPT s 205 168 148 100 255 255 255 255 j ACCEPT lt Example 2 gt Display status of current IP packet filtering rules XSCF gt showpacketfilters 1 pkts bytes target EPT EPT EPT EPT in source xscf 0 lan 0 0 0 0 0 0 0 0 0 xscf 0 lan 1 0 0 0 0 0 0 0 0 173 16 0 0 255 255 0 0
346. mode 8 command to display the related function settings and the setdomainmode 8 command to suppress or disable one of these functions for a domain Also the showdomainmode 8 command displays a domain host ID and ethernet address mac address 5 6 5 16 View and Archive the XSCF Logs This section describes the XSCF commands that fetch and display server operation logs console logs temperature histories and error logs from XSCF log files which also configure the information for archiving XSCF logs to a host For details on error logs see Appendix B m showlogs m showarchiving setarchiving showlogs The showlogs 8 command displays error logs power logs event logs console logs panic logs IPL logs and temperature humidity logs The system administrator can use the command to check the operating status of the server and the cause of any error in the system showarchiving setarchiving The showarchiving 8 and setarchiving 8 commands display and specify respectively the information required for saving XSCF log information to servers The system administrator can use these commands to set up automatic secure archiving of logs to a specified archive host SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Y4 User Management and Security Commands This section describes the typical XSCF commands for user management and security management m showuser adduser deleteuser enableuse
347. modify and distribute this software for any purpose with or without fee is hereby granted provided that the above copyright notice and this permission notice appear in all copies THE SOFTWARE IS PROVIDED AS IS AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS IN NO EVENT SHALL INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL DIRECT INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE DATA OR PROFITS WHETHER IN AN ACTION OF CONTRACT NEGLIGENCE OR OTHER TORTIOUS ACTION ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE This code is based on the UltraSPARC atomics library by Mike Bennett The Initial Developer of the Original Code is Mike Bennett 1 mbennett netcom com Copyright C 1999 All Rights Reserved This code is based on the sparc architecture Manual version 9 section J 11 page 333 this software provided that the author is not construed to be liable for any results of using the software as such alterations are clearly marked and this notice is not modified Based on libdl dlfcn c dlfcn h which is Copyright c 1992 1993 1995 1996 1997 1988 Jens Uwe Mager Helios Software GmbH Hannover Germany Not derived from licensed software Permission is granted to freely use copy modify and redistribute
348. n 2 2 15 Domain Mode sending on off enable disable Host Configuration on page 2 178 watchdog monitoring automatic boot setting CPU operational mode The automatic boot setting configures whether to automatically boot the Oracle Solaris OS or to stop in the OpenBoot PROM mode ok prompt It is the same operation as to set true or false in auto boot which is the OpenBoot PROM environmental variable Chapter 2 Setting Up XSCF 2 11 21 Configure the Locale settings e Display and set the Locale showlocale 8 setlocale 8 See Section 2 2 16 Locale Administration on page 2 190 22 Configure the Altitude Administration settings e Display altitude settings and configure showaltitude 8 setaltitude 8 altitude See Section 2 2 17 Altitude Administration on page 2 191 Note Normally the Altitude Administration is set up by FE Also the privilege of fieldeng is required 23 Configure the DVD drive tape drive unit settings e Display DVD drive tape drive unit cfgdevice 8 information including connection See Section 2 2 18 DVD Drive Tape Drive information and configure the devices Unit Administration on page 2 192 24 Configure the capacity on demand COD settings e Display and set the COD For COD settings and command information see the COD User s Guide and the XSCF Reference Manual Note In the M3000 server COD is not available
349. n Conf Test Fault COD 00 0 02 00 Assigned y y y Passed Normal n 01 0 02 07 Assigned y y y Passed Normal n 01 1 02 08 Assigned y y y Passed Normal n 01 2 02 09 Assigned y y y Passed Normal n 01 3 02 10 Assigned y y y Passed Normal n 3 Use the poweroff 8 command to power off domain ID 2 XSCF gt poweroff d 2 DomainIDs to power off 02 Continue y n y 02 Powering off Note This command only issues the instruction to power off The result of the instruction can be checked by the showlogs power 4 Use the showboards 8 command to display XSB status information XSCF gt showboards va XSB R DID LSB Assignment Pwr Conn Conf Test Fault COD 00 0 02 00 Assigned n n n Passed Normal n 01 0 02 07 Assigned n n n Passed Normal n 01 1 02 08 Assigned n n n Passed Normal n 01 2 02 09 Assigned n n n Passed Normal n 01 3 02 10 Assigned n n n Passed Normal n 5 Use the deleteboard 8 command to delete an XSB lt Example gt Delete XSBs and make XSBs pool state XSCF gt deleteboard c unassign 1 1 XSB 01 1 will be unassigned from domain immediately Continue y n Y XSCF gt Chapter 2 Setting Up XSCF 2 171 Note When you delete the system board please confirm the domain status the system board status the device usage status on the system board and also the processes usage that are bound to the CPU or are accessing I O devices Then confirm whether you sh
350. n as the user created in the LDAP server Confirm the registration using the user s password login sysadmin Password XXXXXXXX 3 Use the showuser 8 command to confirm whether the displayed privilege is the same as the one created in the LDAP server XSCF gt showuser User Name sysadmin nonlocal UID 110 Privileges platadm 2 48 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 2 2 4 Active Directory Administration Active Directory administration is used to specify items relating to Active Directory clients The Active Directory server loading of server certificate group name privileges user domain log DNS locator query and so on are set In the Active Directory server the XSCF user information is managed Note This section does not cover Active Directory configuration and administration An administrator who is familiar with Active Directory should perform the Active Directory design TABLE 2 7 lists terms used in Active Directory Administration TABLE 2 7 Active Directory Administration Terms Term Description Active Active Directory is a distributed directory service from Microsoft Directory Corporation Like an LDAP directory service it is used to authenticate users User domain User domain is the authentication domain used to authenticate a user DNS locator The query is used to query DNS server to determine the Active Directory query server to use for
351. n responsibilities for you if you distribute copies of the software or if you modify it For example if you distribute copies of such a program whether gratis or for a fee you must give the recipients all the rights that you have You must make sure that they too receive or can get the source code And you must show them these terms so they know their rights We protect your rights with two steps 1 copyright the software and 2 offer you this license which gives you legal permission to copy distribute and or modify the software Also for each author s protection and ours we want to make certain that everyone understands that there is no warranty for this software If the software is modified by someone else and passed on we want its recipients to know that what they have is not the original so that any problems introduced by others will not reflect on the original authors reputations free Finally any free program is threatened constantly by software patents We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses in effect making the program proprietary To prevent this we have made it clear that any patent must be licensed for everyone s free use or not licensed at all The precise terms and conditions for distribution and modification follow copying GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING DISTRIBUTION AND MODIFICATION 0 This License ap
352. n the XSCF Shell and the Domain Console With a PC or workstation connected to an XSCF LAN port or the serial port the XSCF Shell and domain console can be operated through one window exclusively The following is the switching procedure SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 1 Perform the console 8 command on the XSCF Shell terminal screen to select the domain console XSCF gt console d 0 Note One RW console can be connected in one domain If a user with platadm or domainadm user privilege forcibly connects a RW console the currently connected RW console is disconnected 2 To switch from the domain console to the XSCF Shell press the default escape character and period keys while holding down the Enter key 3 Confirm that the XSCF Shell prompt XSCF gt is displayed in the terminal 4 To set a escape character different from the default value perform the console 8 command with specifying the option It is enabled only at the current session lt Example gt Change the escape character to XSCF gt console d 0 s Console contents may be logged Connect to DomainID 0 y n y Note For details on types of the escape character see the man page or the XSCF Reference Manual O 2 Types of XSCF Connections This section provides some examples of XSCF connection Chapter 3 Connecting to the XSCF and the Server 3 11 A
353. n the firmware update of the standby side is completed the standby side that has new firmware is switched to the active side Then the firmware on the standby XSCF Unit formerly the active XSCF Unit is updated in turn Q Can the update of the OpenBoot PROM firmware be applied to all domains at one time Yes it can By specifying all domains in the poweron 8 command the new firmware can be applied simultaneously to all the domains Chapter 8 Upgrade of XSCF Firmware and Maintenance 8 23 8 2 Collecting XSCF Logs Log information for the XSCF firmware is used for investigating hardware or firmware faults XSCF log information can be viewed by the system administrator domain administrators and FEs 8 2 1 Log Types and Reference Commands You can view XSCF log information from the XSCF console after logging in to XSCF When the log archiving function is enabled logs are stored on the archive host see Section 8 2 2 Method of Collecting the Log Information on page 8 27 The logs include the following types Logs containing fault information m Other logs 8 24 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Logs Containing Fault Information If a failure occurs in the system the system and XSCF collects some fault information logs TABLE 8 3 lists the types of logs that are collected descriptions and reference methods For details on commands see the XSCF Reference Manual and the man page
354. n the web site there will be the XCP file the firmware program tar gz the MIB definition file and a document concerning the XCP There are three types of firmware program files tar gz as described below a The firmware program for M3000 servers the file name begins with IKXCP a The firmware program for M4000 M5000 servers the file name begins with FFXCP a The firmware program for M8000 M9000 servers the file name begins with DCXCP When you import the firmware the XCP importing choose the appropriate firmware program for your system Chapter 8 Upgrade of XSCF Firmware and Maintenance 8 13 2 Confirm the XCP version To confirm the XCP version see the figure of a four digit number that exists in the firmware program tar gz file name The latest XCP information is released on a web site To obtain the URL of the web site see the description of the firmware download in the Product Notes for your server Command operation 1 Log in to XSCF Shell 2 Import XCP a Use the getflashimage 8 command to confirm the list of the firmware program files tar gz that are still on the system XSCF gt getflashimage 1 Existing versions Version Size Date FFXCP1080 tar gz 51298982 Thu Jan 15 20 09 09 JST 2009 b Use the get flashimage 8 command to specify the firmware program tar gz file and import XCP to the system The update is not performed at this point lt Example gt Login
355. nBoot PROM 02 07 0000 XSCF 01 08 0001 XCP1 Reserve 1010 OpenBoot PROM 02 07 0000 XSCF 01 08 0001 OpenBoot PROM BACKUP 0 02 03 0000 1 02 07 0000 b Use the flashupdate 8 command to confirm whether to be able to update the new firmware version If the XCP update is possible with domains up message is displayed you can update the firmware XSCF gt flashupdate c check m xcp s 1082 Note If the XCP firmware version is 1050 or before and if the XCP update enabled during system powered on state message is displayed you can update the firmware Chapter 8 Upgrade of XSCF Firmware and Maintenance 8 15 Note If the XCP update requires all domains to be rebooted Previous OpenBoot PROM update has not been completed message is displayed you cannot update the firmware because previous OpenBoot PROM firmware update has not been completed Perform the firmware update again after rebooting all domains c Use the flashupdate 8 command to update the firmware In the system with redundant XSCF Units before updating the firmware perform the showhardconf 8 command and check the Status of the XSCF Unit 0 1 which is Active or Standby lt Example gt Update XCP from an early version 1080 to the newer 1082 version XSCF gt flashupdate c update m xcp s 1082 The XSCF will be reset Continue y n y XCP update is started XCP version 1082 last version 1080 OpenBoot
356. namic Reconfiguration User s Guide Note For an overview of configuring domains including an extensive example refer to the Administration Guide TABLE 2 28 lists setting items and the corresponding shell commands TABLE 2 28 Domain Configuration Item Description Shell command Remarks Display XSB Displays the XSB status for the specified showboards status domain or all domains For XSB status information see TABLE 2 27 Display Displays one of the following items for the showdomainstatus domain status current domain status showdcl For details of domain status see TABLE 2 26 Display Displays the use status of devices and showdevices resource use resources on an XSB state Display DCL Displays the DCL information for a system showdcl information board in the specified domain DCL Sets DCL information setdcl Omit memory Add to domain Specify configuration for LSB of specified domain For details of configuration information see TABLE 2 26 Adds or assigns an XSB to a domain according to DCL information Specify the following e Domain ID and number of the added XSB e assign Specify one of the following integration states when the domain is running the DR function e configure configure into Oracle Solaris OS e assign e reserve assign reserve Omit I O and Floating board are false by default addboard If the XSB is placed in the assign state a reboot of the assi
357. nction is equivalent to the console option of the showlogs 8 command Display the panic log This function is equivalent to the panic option of the showlogs 8 command Display temperature and humidity history log in the server environment Also you can search the logs This function is equivalent to the env option of the showlogs 8 command The humidity history is displayed only in M8000 M9000 servers Display the IPL message log This function is equivalent to the ipl option of the showlogs 8 command Display the monitor message log This function is equivalent to the monitor option of the showlogs 8 command Display the audit log This function is equivalent to the viewaudit 8 command Display the Active Directory log This function is equivalent to the log option of the showad 8 command 9 30 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 9 26 Log Collection Continued Function Remarks LDAP SSL log display Display the LDAP SSL log This function is equivalent to the log option of the showldapss1 8 command Snapshot or Data Collector Collects the log This function is equivalent to the COD log display snapshot 8 command Display the COD log This function is equivalent to the showcodactivationhistory 8 command Component Information To refer to the information and status of physical components in the server select the target component in the Physi
358. nd Termination Nothing else but this License or another written agreement between Licensor and You grants You permission to create Derivative Works based upon the Original Work and any attempt to do so except under the terms of this License or another written agreement between Licensor and You is expressly prohibited by U S copyright law the equivalent laws of other countries and by international treaty Therefore by exercising any of the rights granted to You in Sections 1 and 2 herein You indicate Your acceptance of this License and all of its terms and conditions This license shall terminate immediately and you may no longer exercise any of the rights granted to You by this License upon Your failure to honor the proviso in Section 1 c herein 9 Mutual Termination for Patent Action This License shall terminate automatically and You may no longer exercise any of the rights granted to You by this License if You file a lawsuit in any court alleging that any OSI Certified open source software that is licensed under any license containing this Mutual Termination for Patent Action clause infringes any patent claims that are essential to use that software 10 Jurisdiction Venue and Governing Law You agree that any lawsuit arising under or relating to this License shall be maintained in the courts of the jurisdiction wherein the Licensor resides or in which Licensor conducts its primary business and under the laws of that jurisdiction ex
359. nd can be reasonably considered independent and separate works in themselves then this License and its terms do not apply to those sections when you distribute them as separate works But when you distribute the same sections as part of a whole which is a work based on the Program the distribution of the whole must be on the terms of this License whose permissions for other licensees extend to the entire whole and thus to each and every part regardless of who wrote it Thus it is not the intent of this section to claim rights or contest your rights to work written entirely by you rather the intent is to exercise the right to control the distribution of derivative or collective works based on the Program In addition mere aggregation of another work not based on the Program with the Program or with a work based on the Program on a volume of a storage or distribution medium does not bring the other work under the scope of this License 3 You may copy and distribute the Program or a work based on it under Section 2 in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following a Accompany it with the complete corresponding machine readable source code which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange or b Accompany it with a written offer valid for at least three years to give any third party f
360. nd the password policy To manage user accounts you can either configure the XSCF local accounts or you can configure the user accounts to authenticate against a remote user database such as LDAP Active Directory or LDAP SSL For details of setting LDAP Active Directory and LDAP SSL see Section 2 2 3 LDAP Administration on page 2 44 Section 2 2 4 Active Directory Administration on page 2 49 and Section 2 2 5 LDAP SSL Administration on page 2 71 TABLE 2 3 lists a term used in user account administration TABLE 2 3 User Account Administration Term Term Description UID ID that is assigned automatically to a user account Also the UID can be specified The ID values start from 100 and end at 60000 Lockout After multiple failures of login tried with a certain user account this function locks out the function subsequent login trials with that user account for a certain period of time You can use this function at logging in by SSH telnet on XSCF Shell and XSCF Web 2 36 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 2 4 lists setting items and the corresponding shell commands TABLE 2 4 User Account Administration Item Description Shell Command Remarks Display user Displays user account management showuser The item displayed is account information Never which means management unlimited information Add deleteuser Adds or deletes a user account adduser The maxim
361. net c disable Please reset the XSCF by rebootxscf to apply the telnet settings 3 To enable the SSH and to disable the telnet the XSCF reset is required Use the rebootxscf 8 command to reset the XSCF XSCF gt rebootxscf The XSCF will be reset Continue y n y m After the XSCF reset the XSCF session is disconnected Please log in again to the XSCF 2 108 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Permitting or Refusing the SSH Access to XSCF from Domain via DSCP Command operation 1 Use the showssh 8 command to display SSH settings XSCF gt showssh SSH status enabled SSH DSCP accept RSA key DSA key 2 Use the setssh 8 command to permit or refuse the SSH access to XSCF from domain via DSCP lt Example 1 gt Permit SSH access XSCF gt setssh m dscp accept Continue y n y Please reset the XSCF by rebootxscf to apply the ssh settings lt Example 2 gt Refuse SSH access XSCF gt setssh m dscp deny Continue y n y Please reset the XSCF by rebootxscf to apply the ssh settings 3 To permit and refuse the SSH access the XSCF reset is required Use the rebootxscf 8 command to reset the XSCF XSCF gt rebootxscf The XSCF will be reset Continue y n y m After the XSCF reset the XSCF session is disconnected Please log in again to the XSCF Chapter 2 Setting Up XSCF 2 109 2 110 Specifying an SS
362. ng CPU operational mode settings are domain power on an available error will occur e auto Automatically determines the operational mode of the CPU at domain startup Depending on the CPU configuration in the domain Oracle Solaris OS automatically determines and sets the appropriate mode either SPARC64 VII enhanced mode or SPARC64 VI compatible mode e compatible Oracle Solaris OS operates in SPARC64 VI compatible mode 2 180 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Note The display for domain ethernet address mac address by the showdomainmode 8 command is supported only on M3000 M4000 M5000 M8000 M9000 servers that run certain versions of XCP firmware beginning with XCP 1082 The Status of the Mode Switch on Oracle Solaris OS When you execute the prtdiag 1M command on Oracle Solaris OS either LOCK or UNLOCK is displayed in the output as the status of the mode switch of the operator panel The output varies depending on the combination of the value of the secure variable which is set on each domain by using the setdomainmode 8 command and the key position of the mode switch on the operator panel TABLE 2 33 shows the status of the mode switch displayed in the prtdiag 1M command output which depends on the value of secure variable and the key position of the mode switch on the operator panel TABLE 2 33 Value of Secure Variable and Status of Mode Switch Value of secure vari
363. ng messages on console in real time showlogs Displays an error log power log event log console log panic log IPL log temperature humidity log and monitor message log fmadm Monitors or controls the Fault Management Diagnosis Engines FMDE fmdump Dumps the fault event log containing FM diagnosis results fmstat Displays the FMDE status unlockmaintenance rebootxscf who man exit Forcibly release the locked status of the XSCF Resets the XSCF Displays users who login to the XSCF Displays the man page of the specified command You can see the list of commands by executing man intro Ends the XSCF Shell Note In the M3000 M4000 M5000 M8000 M9000 servers some of the commands are not available depending on the model in use For the support information of each command see the man page or the XSCF Reference Manual 3 2 Login to XSCF Shell This section describes how to log in to XSCF The user can log in to XSCF from an XSCF LAN port using either SSH or telnet or from the serial port 5 2 1 Before Logging In Note the following before attempting to log in m For details on how to create add and delete user accounts see Chapter 2 Chapter 5 Overview of the XSCF Shell 5 7 oe 920 5 8 m After login if the shell has not been accessed for a certain period XSCF automatically terminates the shell The default timeout period is 10 minutes The timeout period can be specified For det
364. ning network can be used even if one subnetwork is faulty In this way high system availability can be achieved FIGURE 1 5 and FIGURE 1 6 show the network which belongs to one or two different subnets In FIGURE 1 5 and FIGURE 1 6 the ordinary lines represent subnetwork connections and the thick lines represent network connections FIGURE 1 5 shows configurations with a single mounted XSCF Unit one where the LAN is not redundant and the other with a redundant LAN FIGURE 1 5 XSCF LAN Redundancy In Entry level and Midrange Servers a No redundant LAN b Redundant LAN Fail f i age ee Subnet Failure of a path E _ _ _ _ SubnetB ne stem In the configuration examples shown in FIGURE 1 6 the XSCF LANs are redundant and the XSCF Unit is in a redundant configuration In the configuration with a single XSCF Unit XSCF LAN cannot be used by any XSCF Unit failure even if the XSCF LANs are redundant duplicated If one subnetwork is faulty the remaining path can be used FIGURE 1 6 c If the active XSCF Unit is faulty XSCF initiates failover FIGURE 1 6 d Therefore high network availability can be achieved 1 18 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 FIGURE 1 6 Two XSCF LANs and Two XSCF Units Configuration In High End Servers c A subnet failed Failure of a path Subnet A Subnet B d XSCF failed Subnet A Subnet B Active XSCF For details on LAN configurations and conn
365. nnect Chapter 3 Connecting to the XSCF and the Server 3 7 3 On the PC or workstation to be used use one of the following procedures m Connecting the XSCF Shell terminal a Establish a connection via the serial port to use the XSCF Shell terminal b Enter a user account and password to login to the XSCF Shell c Confirm that the XSCF Shell prompt XSCF gt is displayed d The XSCF Shell can now be used m Connecting the domain console OS console a If the domain is powered off use the poweron 8 command for the domain on the XSCF Shell terminal and turn it on to start the Oracle Solaris OS b Follow Step a to Step c in the above Connecting the XSCF Shell terminal c Perform the console 8 command d Confirm the change into the specified domain console 3 5 Connecting to XSCF Using SSH via the LAN Port The procedure described below assumes that SSH is enabled in the SSH telnet settings of XSCF as described in Chapter 2 For details on cable connections between the server and a LAN and the connection between a PC and workstation see the Installation Guide for your server The following is the procedure for connecting to XSCF using SSH via the XSCF LAN port 1 Confirm that a LAN cable is inserted into the XSCF LAN port connector on the front of the XSCF Unit or confirm that the PC and workstation to be used are correctly connected 2 On the PC or workstation to be used use one of the following procedu
366. nnection connection Terminal Mail Terminal Router notification XSCF LAN Ethernet connection Server J Domain Connection to the serial port Terminal Note In a system that has one XSCF Unit M3000 M4000 M5000 servers the number of XSCF LAN ports is two and the number of serial ports is one In systems with two XSCF Units M8000 M9000 servers the number of actual XSCF LAN and serial ports is twice that of the system with one XSCF Unit 3 2 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 31 2 Port and Terminal Types Connected to the XSCF As shown in FIGURE 3 1 two types of ports serial and Ethernet can be used for connecting to the XSCF and the XSCF terminal Serial The XSCF Shell and domain console OS console can be used while a terminal is connected to a serial port Ethernet The XSCF Shell and domain console can be used with SSH or telnet at a terminal using an Ethernet referred to as XSCF LAN in this document connection Also the XSCF Web can be used with the appropriate browser settings Other functions which rely on XSCF LAN Ethernet connectivity are the mail notification function the SNMP function the log archiving function the remote maintenance service function time synchronization with an external NTP server and user authentication with an LDAP server Connect cables to the appropriate connectors log in to XSCF from the XSCF terminal and then perfor
367. nstatus 8 command displays the current operating status of a domain The system administrator can find out the status of each domain from its power on time to its operation start time reset poweron poweroff There are three types of resets the system reset the panic instruction and the CPU reset To reset a domain the system administrator can perform the reset 8 command with one of these three types specified Performing the poweron 8 or poweroff 8 command can turn power on or off to a constructed domain in the system configuration sendbreak The system administrator can use the sendbreak 8 command to send a break signal to the Oracle Solaris OS SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 5 4 Server Configuration Information Commands This section describes the typical XSCF Shell commands used to display configuration information on components in the server such as the number of CPUs and memory capacity the XSCF network configuration the time and degradation information m showhardconf a shownetwork showhostname showroute shownameserver showdscp showntp showdate a showstatus showhardconf The showhardconf 8 command lists all the components mounted in the server and their status information A problem component is indicated by a mark The system administrator can check the component configurations and the numbers of different types of components shownetwork
368. nt is replaced For a component replacement please contact a field engineer SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 4 7 Changing the Time The time of the server is based on the XSCF time Time can be displayed or set to local time or UTC For details on displaying or setting the system time see Chapter 2 4 8 Switching the XSCF Unit In some cases such as when an error occurs in the LAN route of the XSCF Unit on the active side in a system in which the XSCF Unit is redundantly configured it may be necessary to switch the active side over to the standby side The procedure for switching the XSCF Unit status from standby to active is as follows Command operation 1 Log in the XSCF Unit on the standby side 2 Use the switchscf 8 command to switch the XSCF Unit from standby status to active status Note If possible confirm that the ACTIVE LED states changes on the front panels of both XSCF Units Execute the switchscf 8 command only on one side active side or standby side of the XSCF Units to automatically switch active standby status of the other XSCF Unit For specifying an option in the switchsc 8 command see the XSCF Reference Manual Processing Continued at XSCF Reset or Failover In case an XSCF reset or failover was generated while the following processes are executing the process will be continued Domain power on process Domain power off process
369. ntenance you may not want to use automatic boot enable automatic boot suppression suppress a break signal from the console enable break signal suppression or suppress a panic during a Host watchdog reset In the M3000 server CPU operational mode cannot be configured SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 2 31 lists terms used in domain mode configuration TABLE 2 31 Domain Mode Configuration Terms Term Description Initial hardware diagnostic level Host watchdog Automatic boot Break signal Mode switch CPU operational mode Sets a POST diagnostic level The following levels can be set e Maximum e Standard e None Based on communication between XSCF and a domain the host watchdog function checks whether the domain is alive heart beat or alive check XSCF periodically monitors the operational status of Oracle Solaris OS to detect the Oracle Solaris OS hang up When detected the Oracle Solaris OS hang up XSCF generates an Oracle Solaris OS panic on the relevant domain To enable or disable host watchdog set the configuration file of scfd driver scfd conf that installed in the Oracle Solaris OS of the relevant domain By enabling host watchdog Alive Check function XSCF monitors the relevant domain The automatic boot function automatically boots the Oracle Solaris OS such as to start a domain and sets the auto boot OpenBoot PROM variable to either true or fals
370. nter an XSCF user account and password 3 Select Utility Firmware Update to display the menu 4 Import XCP a Display the XCP import window b Following instructions in the window specify the firmware program tar gz file and import XCP to the system The update is not performed at this point 5 If complete message is displayed the XCP importing has ended Perform the firmware update The XSCF firmware is downloaded and applied and the OpenBoot PROM firmware is downloaded a Display the XCP update window The version of the imported XCP firmware and the version of the firmware currently running has already displayed in the screen b Make a selection for the firmware version check Confirm whether or not it is possible to update to the new firmware version c Make a selection for the firmware update Following instructions in the window update the firmware At this time the XSCF will reset and the XSCF session will disconnect so please connect the XSCF again Only the application of the XSCF firmware is completed 8 18 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Note In a system with redundant XSCF Units i Perform the firmware update in order beginning with the standby side and then the active side automatically After the update on the standby side is completed the active and standby sides are switched At this time the XSCF reset is done and the XSCF session is disconnecte
371. nterprise Mx000 Servers XSCF User s Guide January 2012 Before LDAP SSL settings Note the following before settings LDAP SSL is supported in XCP1091 or later The useradm privilege is required for the LDAP SSL settings If the XSCF is configured to use LDAP Active Directory or LDAP SSL for user account data the user name and UID if specified must not already be in use locally or in LDAP Active Directory or LDAP SSL To use host name for LDAP SSL server DNS settings need to be configured properly before setting LDAP SSL To support LDAP SSL a new system account named proxyuser is added Verify that no user account of that name already exists If one does use the deleteuser 8 command to remove it then reset XSCF before using the LDAP SSL feature If the specified timeout is too brief for the configuration the login process or retrieval of user privilege settings could fail In such case specify larger value for the timeout and try again If you are an LDAP SSL user you cannot upload a user public key When you set the user public key to XSCF before XCP1100 delete the user public key The LDAP SSL users can access to XSCF via SSH by using the password authentication and can login to XSCF Enabling or Disabling the LDAP SSL Server 1 Command operation Use the showldapss1 8 command to display the use of LDAP SSL server XSCF gt showldapss1l usermapmode disabled state disabled strictcertmode dis
372. ntpl red com ntp2 blue com Please reset the XSCF by rebootxscf to apply the ntp settings 4 Use the setntp 8 command to delete NTP servers for XSCF network lt Example gt Delete NTP servers for XSCF XSCF gt setntp c del 192 168 1 2 Please reset the XSCF by rebootxscf to apply the ntp settings Note When you use the setntp 8 command with the c adq or c del options execute the rebootxscf 8 command to apply the specified configuration and reset the XSCF 2 98 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 5 Use the showntp 8 command to confirm the NTP server XSCF gt showntp a server ntpl red com prefer server ntp2 blue com Specifying or Canceling prefer for NTP Server Command operation 1 Use the showntp 8 command to display the prefer settings XSCF gt showntp m prefer on localaddr 0 2 Use the setntp 8 command to set the prefer lt Example 1 gt Specify prefer for NTP server XSCF gt setntp m prefer on Please reset the XSCF by rebootxscf to apply the ntp settings lt Example 2 gt Cancel prefer for NTP server XSCF gt setntp m prefer off Please reset the XSCF by rebootxscf to apply the ntp settings When you use the setntp 8 command to change the prefer execute the rebootxscf 8 command to apply the specified configuration and reset the XSCF 3 Use the showntp 8 command to confirm the prefer settings
373. nue y n y 5 Use the showad 8 command to confirm that the server certificate is deleted XSCF gt showad cert Primary Server certstatus certificate not present issuer none serial number none subject none valid from none valid until none version none The strictcertmode must be in the disabled state for a certificate to be removed Chapter 2 Setting Up XSCF 2 61 Setting a user domain a Command operation 1 Use the showad 8 command to display user domains XSCF gt showad userdomain domain 1 none domain 2 none domain 3 none domain 4 none domain 5 none 2 Use the setad 8 command to set the user domain lt Examplel gt Set the user domain 1 XSCF gt setad userdomain i 1 davidc example aCompany com lt Example2 gt Set the user domain 2 XSCF gt setad userdomain i 2 CN lt USERNAME gt CN Users DC davidc DC example DC aCompany DC com 3 Use the showad 8 command to confirm the user domain XSCF gt showad userdomain domain 1 lt USERNAME gt davidc example aCompany com domain 2 CN lt USERNAME gt CN Users DC davidc DC example DC aCompany DC com domain 3 none domain 4 none domain 5 none If a user domain is specified at the login prompt for example login ima admin dc01 example com that user domain is used for this login attempt Setting
374. o confirm that the XSB has been added to domain ID 1 XSCF gt showboards va XSB R DID LSB Assignment Pwr Conn Conf Test Fault COD 00 0 02 00 Assigned y y y Passed Normal n 01 0 01 00 Assigned y y y Passed Normal n 01 1 SP Available y n n Passed Normal n 01 2 02 09 Assigned y y y Passed Normal n 01 3 02 10 Assigned y y y Passed Normal n Note When moving the system board to the domain by using the DR function that operates the XSB without stopping the domain see the Dynamic Reconfiguration User s Guide 2 174 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 2 2 14 System Board Configuration System board configuration settings are used to specify XSB division information for a PSB and configure the memory mirror mode System board configuration is a function which is available on the M4000 M5000 M8000 M9000 servers In the M3000 server the system board has been configured by default and you cannot change the settings However you can refer to the system board information Before dividing a PSB into XSBs or changing the memory mirror mode make sure that the PSB is not assigned to any domain system board pool state unassign TABLE 2 29 lists a term used in system board configuration TABLE 2 29 System Board Configuration Term Term Description Memory mirror mode In this mode a PSB has two memory units one mirroring the other Saving the same data in
375. o one another Example Audit events in the login audit class SSH login telnet login https login logout Multiple audit classes can be specified Example ACS_AUDIT AUDIT 2 all One audit record is information specifying one audit event An audit record contains an event the event time and other related information Audit records are stored in audit files This is also called an audit log file One audit file log file contains multiple audit records 2 120 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 2 16 Audit Administration Terms Continued Term Description Audit trail Set of audit files The user refers to an audit trail to analyze the information contained in it Audit policy Audit settings The audit policy mainly defines whether auditing is enabled or disabled and the management method when audit trail becomes full Audit token One field in an audit record An audit token contains an audit event attribute such as user or privilege TABLE 2 17 lists the setting items and the corresponding shell commands TABLE 2 17 Audit Administration Item Description Shell Command Remarks Display audit Displays audit settings showaudit setting Information on whether access audit is enabled information or disabled and the Audit policy is displayed Enable Sets a value for an audit setting setaudit e Specify values for User disable audit Specify the following types o
376. o the XSBs for control of the domain configuration The type of the PSB not logically divided is called Uni XSB and the type of the PSB logically divided into four is called Quad XSB For details on domain configuration see the Overview Guide for your server and Chapter 2 Also for each term see Glossary Note In the M3000 server the domain configuration control function is not available The M3000 server consists of a single PSB Uni XSB equipped with one CPU and operates with one domain only Unlike the M4000 M5000 M8000 M9000 servers the user cannot configure a domain by logically dividing the PSB Dynamic Reconfiguration Function XSCF supports dynamic system board configuration change operations while the domains are operating Dynamic reconfiguration DR of a domain can be achieved using XSCF For details on DR see the Dynamic Reconfiguration User s Guide Note In the M3000 server the DR function is not available Console Redirection Function XSCF provides a function that displays the OS console of the Oracle Solaris OS of each domain With an SSH Secure Shell or telnet connection to XSCF the user can access the console of any domain in the system For details on the console see Chapter 3 1 12 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Capacity on Demand Function Capacity on Demand is an option to purchase spare processing resources CPUs for your server The spare res
377. o the last single system startup for each domain The showlogs 8 command of the XSCF Shell can be used to display the IPL log A 1 m Panic message This message is output in case of panic The panic message is output to the domain console and retained as log information in the XSCF The panic log retains the information corresponding to the last single panic event that occurred The showlogs 8 command of XSCF can be used to display the panic log m Console message The console message is a general term used to describe syslog messages FMA messages panic messages IPL messages and other messages output by POST OpenBoot PROM and the Oracle Solaris OS The console messages are output to each domain console and are retained as log information in a console log in the XSCF The showlogs 8 command of the XSCF Shell can be used to display the console log Note Console messages are overwritten beginning with the oldest message Even when the wraparound feature causes a console message to be overwritten the system startup message is retained in the IPL log and in case of panic the log is retained in the panic log When the XSCF unit is redundant the console messages retained in the XSCF Unit on the active side are not copied to the standby side Accordingly after the XSCF Unit is switched the console messages on the previously active side cannot be referenced Monitoring message The XSCF firmware outputs this message
378. ocal clock is fixed to 127 127 1 0 On the other hand when the address of the local clock of the NTP server which XSCF refers to is set to 127 127 1 0 the address of the clock source refid has the same value as the address of the XSCF s own local clock An NTP server like this is excluded from the target of XSCF time synchronization You can execute the showntp 1 command to refer to the address of the NTP server s own clock source which is set in XSCF and the address of the XSCF s own local clock Chapter 2 Setting Up XSCF 2 101 XSCF gt showntp 1 remote refid st t when poll reach delay offset jitter 192 168 1 2 LOCAL 0 3 u 10 1024 377 0 000 0 000 0 000 RI eh TaLe LOCL 5 1 28 64 377 0 000 0 000 0 008 Of the two NTP server outputs the upper 192 168 1 2 indicates the NTP server which is set by using the setntp 8 command The refid is LOCAL 0 which means that the local clock which has the address of 127 127 1 0 is set to the clock source of this NTP server On the other hand the lower indicates the XSCF s own local clock The address of the XSCF s own local clock is fixed to 127 127 1 0 Due to this the NTP server 192 168 1 2 is excluded from the target of XSCF time synchronization which results in the XSCF synchronizes with its own local clock With any of the following measures to avoid the trouble time can be correctly synchronized with the NTP server which is set by using the setntp 8 com
379. ode Command operation 1 Use the showldapss1 8 command to display the strictcert mode status XSCF gt showldapss1l usermapmode enabled state enabled strictcertmode disabled timeout 4 logdetail none 2 Use the set1ldapss1 8 command to enable or disable the strictcertmode lt Examplel gt Enable the strictcertmode XSCF gt setldapssl strictcertmode enable lt Example2 gt Disable the strictcertmode XSCF gt setldapssl strictcertmode disable Chapter 2 Setting Up XSCF 2 79 2 80 3 Use the showldapss1 8 command to confirm the strictcertmode status XSCF gt showldapss1l usermapmode enabled state enabled strictcertmode enabled timeout 4 logdetail none If strictcertmode is enabled the server s certificate must have already been uploaded to the XSCF SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Loading or Deleting the Server Certificate Command operation 1 Use the showldapss1 8 command to display the server certificate information XSCF gt showldapssl cert Primary Server certstatus certificate not present issuer none serial number none subject none valid from none valid until none version none XSCF gt showldapssl cert i Alternate Server 1 certstatus certificate not present issuer none serial number none subject none valid from none valid until none versi
380. of components contained in an External I O Expansion Unit see the External I O Expansion Unit Installation and Service Manual for your server 4 30 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Displaying a List of External I O Expansion Units I O Boards Link Cards and Power Supply Units or Displaying Their Environment Information a Command operation Use the ioxadm 8 command to display a list of External I O Expansion Units and downlink card paths and to display information for each component lt Example 1 gt Display a list of External I O Expansion Units and downlink cards XSCF gt ioxadm list IOX Link 0 Link 1 TOX 5309 TOU 2 PCLI 2 TOU 3 PCI 1 TOX A3B5 TOU 1 PCI 1 oy IOU 2 PCI 1 lt Example 2 gt Display a list of External I O Expansion Units I O ports link cards and power supply units XSCF gt ioxadm v list IOU 1 PCI 1 Location Type FW Ver Serial Num Part Num State TOX A3B5 TOX 1 4 CP0001 5016937 01 On IOX A3B5 PS0 A195 PS0001 3001701 02 On lt Example 3 gt Display a card using host_path in verbose mode with headers suppressed XSCF gt ioxadm p v list IOU 1 PCI 2 IOU 1 PCI 2 F20 000004 5111500 01 On lt Example 4 gt Display environment information based on sensor measurements XSCF gt ioxadm env te IOX A3B5 Location Sensor Value Res Units IOX A3B5 PS0 T_AMBIENT 28 000 1 000 C IOX A3B5 PS0 V_ISHARE 0 632 0 040 V IOX A3B5 PS0 I_DC 2 316 0 289 A IOX A3B5
381. of the SMTP server setsmtp The default port number of the SMTP server is 25 Reply address Sets the mail address to be specified in setsmtp To send an error mail when the From header of a mail message there is a problem in the path to the recipient address from the mail server the mail address is specified Display mail Displays mail report function setting showemailreport settings information Enable Enables or disables the mail report setemailreport The default setting is Disable function Disable Recipient Sets the recipient address for a mail setemailreport e Multiple addresses can address message to be sent to the system be specified to up to 255 administrator characters by using a comma as the delimiter e Include one mark per address Ex namel domain1 name2 domain2 name3 domain3 2 144 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Specifying the Host Name Port Number and Reply Address of the SMTP Server a Command operation 1 Use the showsmtp 8 command to display SMTP server setting information XSCF gt showsmtp Mail Server Port 25 Authentication Mechanism none Reply address 2 Use the setsmtp 8 command to set SMTP server setting information lt Example 1 gt Specifying a host name port number reply address and SMTP authentication XSCF gt setsmtp s mailserver 192 1 4 5 s port 25 s replyaddress yyyy Gexample com s auth smtp auth s usr usr001 s p
382. of the XSCFU 1 side see 2 and 5 in FIGURE 2 1 See shownetwork 8 setnetwork 8 Use the same subnet address to specify the LAN ports which share the same number in each XSCF unit so that you can connect to both of the XSCF in case the XSCF failover generated SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 To make the IP address redundant specify the same subnet address to the LAN port of XSCFU 0 side and to the LAN port of XSCFU 1 side which share the same LAN port number Also The IP address of XSCF LAN 0 and the IP address of XSCF LAN 1 must be specified in different subnet addresses 2 Perform the following setting to specify the takeover IP address in a redundant XSCF configuration When you specify the takeover IP address in case the XSCF failover occurred the control switching between the active side and the standby side performed and then the IP address will be taken over The user who accesses the takeover IP address can always connect to the active side XSCF without being aware of the XSCF switching Sets IP address respectively of XSCF LAN 0 and XSCF LAN 1 In addition on each LAN port of XSCF LAN 0 and XSCF LAN 1 in the redundant system specify the takeover IP address one by one see 3 and 6 in FIGURE 2 1 See shownetwork 8 setnetwork 8 3 In a redundant XSCF configuration specify the two IP addresses of ISN Since ISN is a network for the communication between the redundant X
383. ogs An event that occurred in the server is displayed as a monitoring message in real time for the user who logged in the XSCF The XSCF firmware collects this message in a monitor message log Specify the monitor option on the XSCF Shell and perform the showlogs 8 command to reference the monitor message log The following items are displayed m Time at which the monitoring message was collected Date This is indicated in local time Monitoring message Message SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 B 4 2 B 4 3 Temperature and Humidity History Log Using the showlogs 8 Command to Reference Temperature and Humidity History Logs The XSCF firmware collects the environment and temperature and humidity history regarding the server in a temperature and humidity log The temperature and humidity history log is displayed at ten minute intervals Specify the env option on the XSCF Shell and perform the showlogs 8 command to reference temperature and humidity history logs The following items are displayed m Time at which each thermal log was collected Date This is indicated in local time m Temperature Temperature Humidity Humidity The humidity is only displayed in the M8000 M9000 servers a Power supply status ON or OFF of the server Power Console Log Using the showlogs 8 Command to Reference Console Logs The XSCF firmware collects the domain console messages output
384. omain ID 0 XSCF gt setdomainmode d 0 m diag max Diagnostic Level min gt max Secure Mode off gt Autoboot on gt CPU Mode sauto gt The specified modes will be changed Continue y nl y configured Diagnostic Level max Secure Mode off host watchdog unavailable Break signal receive Autoboot on autoboot on CPU Mode auto 3 Use the showdomainmode 8 command to confirm the initial hardware diagnostic level lt Example gt Display the initial hardware diagnostic levels of domain ID 0 XSCF gt showdomainmode d 0 Host ID 0f010f10 Diagnostic Level max Secure Mode off Autoboot on CPU Mode auto Enabling or Disabling the Host Watchdog Function and the Break Signal Suppression a Command operation 1 Use the showdomainmode 8 command to display the host watchdog and break signal suppression setting lt Example gt Display the setting for domain ID 0 XSCF gt showdomainmode d 0 Host ID 0 010 10 Diagnostic Level max Secure Mode off Autoboot on CPU Mode sauto 2 186 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 2 Use the setdomainmode 8 command to specify host watchdog and break signal suppression lt Example gt Enable Host watchdog and Break signal suppression for domain ID 0 XSCF gt setdomainmode d 0 m secure on Diagnostic Level max gt Secure Mode SOLE gt on Autoboot on gt CPU Mod
385. on none Alternate Server 2 Alternate Server 5 certstatus certificate not present issuer none serial number none subject none valid from none valid until none version none Chapter 2 Setting Up XSCF 2 81 2 82 2 Use the setldapss1 8 command to load the server certificate to the XSCF lt Examplel gt Loads a server certificate for the primary server using a username and password XSCF gt setldapssl loadcert u yoshi http domain_3 UID_2333 testcert Warning About to load certificate for Primary Server Continue y n y Password lt Example2 gt Copy and paste the server certificate in the window to load the certificate for alternative server 1 on the console Please press Enter and press the Ctrl and D keys Then the loading is completed XSCF gt setldapssl loadcert console Warning About to load certificate for Alternate Server 1 Continue y n y Please enter the certificate oesee BEGIN CERTIFICATE MIIETJCCAzagAwIBAgIBADANBgkqhkiG9w0BAQOFADB8M0swCOYDVOOGEWJVUZET MBEGA1UECBMKO2FsaWZvcm5pYTESMBAGA1UEBxMJU2 Ful ERpZWdvMRkwFwYDVOOK ExBTdW4gTW1jcm9 zeXN0ZW1 ZMRUWEWYDVOOLEwWxTeXN0ZWOgR30VdXAxEj AOBgNV END CERTIFICATE lt Press Ctrl and D keys gt SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 3 Use the showldapss1 8 command to confirm that the server certificate i
386. on display I O device information display Displays the CPU status corresponding to a specified XSB number or Domain ID This function is equivalent to the showdevices 8 command Displays the memory information corresponding to a specified XSB number or Domain ID This function is equivalent to the showdevices 8 command Displays the I O device information corresponding to a specified XSB number or Domain ID This function is equivalent to the showdevices 8 command Note In the M3000 server this function displays the device information corresponding to Domain ID 0 and XSB 00 0 9 12 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 System and Domain Operation TABLE 9 6 lists the function used for the system as a whole and individual domains Select Operation Domain Operation Domain Power in the Menu tree TABLE 9 6 System and Domain Operation Function Remarks System power on off Domain power on off Reset Send break Specifies the system power on off This function is equivalent to the poweron 8 powerof f 8 commands Specifies the domain power on off This function is equivalent to the poweron 8 powerof 8 commands System reset XIR reset and panic for the domain are performed This function is equivalent to the reset 8 command Specifies the send break This function is equivalent to the sendbreak 8 command Note In the M30
387. on from the Management Information Base MIB to requests from the manager Also a function called Trap can be used by the SNMP agent to exchange special information in asynchronous communication with the manager Note The SNMP agent uses the 161 port and the 162 port for trap by default SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 7 2 MIB Definition File The SNMP agent responds with management information from the MIB information to requests from the manager Standard MIB XSCF supports MIB II supports SNMPv2c and SNMPv3 and MIB I supports SNMPv1 which are Internet standards to manage mainly the following information m Basic XSCF LAN information such as administrator name m XSCF LAN communication processing information m XSCF SNMP agent behavior information For a list from the standard MIB information supported by XSCF see Appendix C Extended MIB Other than the standard MIB two extended MIBs are supported by this system as follows m The XSCF extension MIB which has been extended for the XSCF SNMP agent m The Fault Management MIB which has a format compatible with the Oracle Solaris OS They are used to manage the following information m Basic system information such as serial number m Different types of system status information such as operating status of a higher level Oracle Solaris OS m Information on parts faults in the system Chapter 7 XSCF SNMP Agent
388. on of the work based on the Library and provided not covered by this License and of the other library facilities is otherwise permitted that you do these two things a Accompany the combined library with a copy of the same work based on the Library uncombined with any other library facilities This must be distributed under the terms of the Sections above b Give prominent notice with the combined library of the fact and explaining where to find the accompanying uncombined form of the same work that part of it is a work based on the Library 8 You may not copy modify sublicense link with or distribute the Library except as expressly provided under this License Any attempt modify sublicense link with or distribute the Library is void and will automatically terminate your rights under this License parties who have received copies or rights from you under this License will not have their licenses terminated so long as such otherwise to copy However parties remain in full compliance 9 You are not required to accept this License since you have not signed it However nothing else grants you permission to modify or distribute the Library or its derivative works These actions are prohibited by law if you do not accept this License Therefore by modifying or distributing the Library or any work based on the Library you indicate your acceptance of this License to do so and all its terms and conditions for copy
389. one Operator Group 3 name none Operator Group 4 name none Operator Group 5 name none lt Example3 gt Confirm custom group XSCF gt showad group custom Custom Group 1 name CN CtmGroup1 OU SCFTEST DC aplle DC local roles platadm platop Custom Group 2 name none roles none Custom Group 3 name none roles none Custom Group 4 name none roles none Custom Group 5 name none roles none SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 The administrator group has platadm useradm and auditadm privileges and you cannot change that Also the operator group has platop and auditop privileges and you cannot change that Setting timeout Command operation 1 Use the showad 8 command to display timeout period XSCF gt showad dnslocatormode enabled expsearchmode enabled state enabled strictcertmode enabled timeout 4 logdetail none 2 Use the setad 8 command to set the transaction timeout lt Example gt The timeout priod is set to 10 sec XSCF gt setad timeout 10 3 Use the showad 8 command to confirm the timeout XSCF gt showad defaultrole dnslocatormode enabled expsearchmode enabled state enabled strictcertmode enabled timeout 10 logdetail none Chapter 2 Setting Up XSCF 2 67 Enabling or Disabling the Logging of Active Directory Authentication and Authorization Diagnostic M
390. ons about the suitability this software for any purpose It is provided as is without express or implied warranty FOI ICICI ICI ICICI ICICI I ICICI III IRI I ae RE The OpenLDAP Public License version 2 8 17 August 2003 Redistribution and use of this software and associated documentation Software are permitted provided that the following conditions are met with or without modification 1 Redistributions in source form must retain copyright statements and notices 2 Redistributions in binary form must reproduce applicable copyright statements and notices this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution and 3 Redistributions must contain a verbatim copy of this document The OpenLDAP Foundation may revise this license from time to time Each revision is distinguished by a version number You may use this Software under terms of this license revision or under the terms of any subsequent revision of the license THIS SOFTWARE IS PROVIDED BY THE OPENLDAP FOUNDATION AND ITS CONTRIBUTORS CAS IS AND ANY EXPRESSED OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE OPENLDAP FOUNDATION ITS CONTRIBUTORS OR THE AUTHOR S OR OWNER S OF THE SOFTWARE BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXE
391. ontinue y n y 3 Use the showldapss1 8 command to confirm the default settings XSCF gt showldapss1l usermapmode disabled state disabled strictcertmode disabled timeout 4 logdetail none Chapter 2 Setting Up XSCF 2 91 2 2 6 2 92 Time Administration Time administration is used to specify the time and the NTP settings for this system The server all domains uses the XSCF Unit clock as the reference time Note The customer should decide the NTP server operating mode For details on NTP see the NTP manuals The XSCF Unit can be optionally configured to be an NTP client If you do not configure the XSCF Unit as an NTP client the XSCF Unit will run its internal realtime clock RTC based on the setdate 8 command alone Domains can be configured to use a time of day management policy on an individual basis so that each domain can manage its own time of day in a different manner Domain time of day policies include m If no time or date configuration is done on the Oracle Solaris OS domain that is you do not set up the system as an NTP client and you do not use the Oracle Solaris OS date command to set the domain s date the Oracle Solaris OS domain will obtain its initial time of day from the XSCF Unit m An Oracle Solaris OS domain can be set up as an NTP client with the XSCF Unit being the NTP server In this case the XSCF Unit must be set up as an NTP server In this case th
392. ontinued udp snmp enterprises fujitsu product solaris sparcEnterprise opISpMIB scfObjects scfInfo scfState scfMonitorInfo scfSystemInfo scfDomainInfo scfXsbInfo scfLsbInfo scfBoardInfo scfCpulnfo scfMemoryInfo scfloBoxInfo scfComponentInfo scfMIBTraps scfMIBTrapPrefix scfMIBTrapData scf MIBConformances scf MIBCompliances scfMIBGroups OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER OBJECT IDENTIFIER mib 2 7 mib 2 11 private 1 enterprises 211 fujitsu 1 product 15 solaris 3 sparcEnterprise 1 opISpMIB 1 scfObjects 1 scfObjects 2 scfObjects 3 scfObjects 4 scfObjects 5 scfObjects 6 scfObjects 7 scfObjects 8 scfObjects 9 scfObjects 10 scfObjects 11 scfObjects 12 opISpMIB 2 scfMIBTraps 0 scfMIBTraps 1 opISpMIB 3 scfMIBConformances 1 scfMIBConformances
393. operation 1 Use the showloginlockout 8 command to display lockout settings XSCF gt showloginlockout 2 Use the setloginlockout 8 command to set lockout function lt Example 1 gt Enable the lockout function to specify 20 minutes for the lockout period XSCF gt setloginlockout s 20 lt Example 2 gt Disable the lockout function XSCF gt setloginlockout s 0 The lockout period becomes effective at the next login When you specifies 0 minutes if someone login successfully by a user account at the next time the lockout function will be disabled Chapter 2 Setting Up XSCF 2 43 2 2 9 2 44 LDAP Administration LDAP administration is used to specify items relating to LDAP clients The LDAP server bind ID password baseDN and so on are set In the LDAP server the XSCF user information is managed Note This section does not cover LDAP configuration and administration An administrator who is familiar with LDAP should perform the LDAP design For details on adding user information to an account on an LDAP server see the Administration Guide TABLE 2 5 lists terms used in LDAP Administration TABLE 2 5 LDAP Administration Terms Term Description LDAP Abbreviation for Lightweight Directory Access Protocol LDAP is a protocol used to access directory databases in TCP IP networks baseDN Abbreviation for base Distinguished name Under LDAP directory information is in a hi
394. opp es par Oracle et ou ses soci t s affili es SPARC64 est une marque de SPARC International Inc utilis e sous licence par Fujitsu Microelectronics Inc et Fujitsu Limited Tout autre nom mentionn peut correspondre des marques appartenant a d autres propri taires United States Government Rights Commercial use U S Government users are subject to the standard government user license agreements of Oracle and or its affiliates and Fujitsu Limited and the applicable provisions of the FAR and its supplements Avis de non responsabilit les seules garanties octroy es par Oracle et Fujitsu Limited et ou toute soci t affili e de l une ou l autre entit en rapport avec ce document ou tout produit ou toute technologie d crits dans les pr sentes correspondent aux garanties express ment stipul es dans le contrat de licence r gissant le produit ou la technologie fournis SAUF MENTION CONTRAIRE EXPRESSEMENT STIPULEE DANS CE CONTRAT ORACLE OU FUJITSU LIMITED ET LES SOCI T S AFFILIEES A L UNE OU L AUTRE ENTITE REJETTENT TOUTE REPRESENTATION OU TOUTE GARANTIE QUELLE QU EN SOIT LA NATURE EXPRESSE OU IMPLICITE CONCERNANT CE PRODUIT CETTE TECHNOLOGIE OU CE DOCUMENT LESQUELS SONT FOURNIS EN L TAT EN OUTRE TOUTES LES CONDITIONS REPRESENTATIONS ET GARANTIES EXPRESSES OU TACITES Y COMPRIS NOTAMMENT TOUTE GARANTIE IMPLICITE RELATIVE A LA QUALIT MARCHANDE A L APTITUDE A UNE UTILISATION PARTICULI RE OU A L ABSENCE DE CONTREFA
395. or Redundant XSCF Units 8 9 8 1 9 Ensuring Proper Operation After a Firmware Update 8 9 8 1 10 Firmware Update Procedure 8 10 8 1 11 If an Error Occurs During XSCF Firmware Update 8 21 8 1 12 Frequently Asked Questions 8 21 Collecting XSCF Logs 8 22 8 2 1 Log Types and Reference Commands 8 22 8 2 2 Method of Collecting the Log Information 8 25 How to Use the XSCF Web 9 1 Overview of the XSCF Web 9 1 Start the XSCF Web 9 5 9 2 1 Prerequisites 9 6 9 2 2 Supported Browsers 9 6 9 2 3 Functions to be Enabled on the Browser 9 6 9 2 4 Specifying the URL 9 7 Logging In and Out of the XSCF Web 9 7 9 3 1 Logging into XSCF 9 7 9 3 2 Access Status Monitoring 9 7 9 3 3 Logging Out From XSCF 9 8 Contents ix 9 4 XSCF Web Pages 9 9 9 5 XSCF Web Error Messages 9 30 A Warning and Information Messages A 1 A 1 Message Types A 1 A 2 Messages in Each Function A 3 B XSCF Log Information B 1 B 1 XSCF Error Log B 1 B 2 Power Log B 5 B 3 EventLog B 7 B 4 Using the showlogs Command to Display Other Logs B 8 B 4 1 Monitor Message Log B 8 B 4 2 Temperature and Humidity History Log B 8 B 4 3 Console Log B 9 B 4 4 Panic Log B 9 B 4 5 IPLLog B 9 B 5 Audit Log B 10 B 6 Active Directory Log B 12 B 7 LDAP SSL Log B 12 B 8 COD activation Log B 13 C XSCF MIB C 1 C 1 MIB Object Identifiers C 1 C 2 Standard MIB C 3 C 3 Extended MIB C 3 C 4 Trap C 5 D Troubleshooting D 1 D 1 Troubleshooting XSCF and FAQ D 1 x SPARC Enterprise
396. or a charge no more than your cost of physically performing source distribution a complete machine readable copy of the corresponding source code to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange or c Accompany it with the information you received as to the offer to distribute corresponding source code This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer in accord with Subsection b above The source code for a work means the preferred form of the work for making modifications to it For an executable work complete source code means all the source code for all modules it contains plus any associated interface definition files plus the scripts used to control compilation However as a special exception the include anything that is normally distributed in either source or binary form with the major components compiler kernel and so on of the operating system on which the executable runs unless that component itself accompanies the executable and installation of the executable source code distributed need not If distribution of executable or object code is made by offering access to copy from a designated place then offering equivalent access to copy the source code from the same place counts as distribution of the source code even though third parties are not compe
397. or must match the number of the firmware versions XCP version of Panel EEPROM 1080 XSCF FM Panel EEPROM and XSCF FMEM mismatched EM 1090 3 When you update follow the procedure in Updating XCP From External Media or Updating XCP From the Network to update XCP and confirm the version SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 8 1 11 8 1 12 If an Error Occurs During XSCF Firmware Update If the system hangs or any of the messages shown below is output during the firmware update the XSCF Unit on the faulty side cannot be used and is treated as a faulty component Try the firmware update again when an error occurs while updating the XSCF firmware The second attempt may succeed where the first failed m Case where the XSCF Unit is redundantly configured on M8000 M9000 servers Error involving a failed write or reset operation on the standby or active side m Case where there is one XSCF Unit on M3000 M4000 M5000 servers Error involved a failed write or reset operation Frequently Asked Questions Q Is there any problem in executing reboot twice when applying the OpenBoot PROM firmware There is no problem Q In cases with redundant XSCF Units why are the XSCF Units on the active and standby sides switched while the update is in progress XSCF on the active side has control for updating firmware on the XSCF Unit on the standby side Whe
398. ot the system for application to all domains Note If the system has redundant XSCF Units the XSCF Units are switched while the update is in progress Imports XCP from the CD ROM disk by using XSCF Use the XSCF Web or the XSCF Shell for the firmware update The rest of the task is the same as updating XCP from the network The firmware update is automatically performed Confirm the version of the OpenBoot PROM firmware in the update target domain This function is available when you are using the M4000 M5000 M8000 M9000 servers In the M3000 server when a Motherboard unit is replaced the operator must match the number of the firmware versions e In the system with a XSCF Unit About 45 minutes e In the system with redundant XSCF Units About 120 minutes Excludes the time for component replacement work e In the system with a XSCF Unit About 45 minutes e In the system with redundant XSCF Units About 120 minutes Excludes the time for component replacement work About 5 minutes Excludes the time for component replacement work 8 12 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 8 2 Firmware Update Tasks Continued Firmware Update Task Item Outline Task time Confirming That the XSCF Firmware is Updated When an XSCF Unit Is Replaced There Are Redundant XSCF Units Confirming That the XSCF Firmware Is Updated When the XSCF Unit Is Replaced in a
399. ould be able to delete the system board Remember that CPU Memory Board unit resources also define the I O resources so deleting one resource will affect the other For details about operating the XSB while the Oracle Solaris OS is running and for details about DR messages see the Dynamic Reconfiguration User s Guide 6 Use the showboards 8 command to confirm that the XSB has been deleted from the domain XSCF gt showboards va XSB R DID LSB Assignment Pwr Conn Conf Test Fault COD 00 0 02 00 Assigned n n n Passed Normal n 01 0 02 07 Assigned n n n Passed Normal n 01 1 SP Available n n n Passed Normal n 01 2 02 09 Assigned n n n Passed Normal n 01 3 02 10 Assigned n n n Passed Normal n Moving a System Board From One Domain to Another Command operation 1 Use the showdc1 8 command to display DCL information XSCF gt showdcl a DID LSB XSB Status 02 Powered Off 00 00 0 07 01 0 08 01 1 09 01 2 10 01 3 2 Use the setdc1 8 command to define the LSB of a new domain lt Example gt In domain ID 1 specify XSB 01 0 for an LSB 00 XSB 01 1 for an LSB 01 XSB 01 2 for an LSB 02 XSB 01 3 for an LSB 03 XSCF gt setdcl d 1 a 0 1 0 1 1 1 2 1 2 3 1 3 2 172 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 3 Use the showdc1 8 command to confirm the DCL information XSCF gt showdcl a DID LSB XSB Status 01 Powered Off 00 00 0 01 01 1 02 01 2 0
400. ources are provided in the form of one or more CPUs on COD boards that are installed on your server When you need the spare processing resources CPUs for the server XSCF assists the operation to add or delete the resources For details on COD see the COD User s Guide Note In the M3000 server the COD function is not available Functions for Monitoring and Notification During Operation XSCF constantly monitors the system operating status FAN status ambient temperature etc Using the network function of the cabinet XSCF accesses the server to provide the following services m Monitoring the server even when the Oracle Solaris OS is inactive m Enabling remote operation of the server m Reporting error messages by email to specified addresses For details see Chapter 6 m Trapping notification with the SNMP Agent functions For details see Chapter 7 Hardware Fault Information Collection Hardware Log Collection XSCF collects hardware fault information and saves it on the XSCF itself The XSCF hardware failure log makes it possible to identify the location of a failure The log also provides assistance in anticipating failures on the server and immediately reports precise information about failures to the user For details on error messages and their contents see Appendix A and Appendix B The displayed messages types are as follow a An initial diagnostic message is displayed at system startup m XSCF monito
401. output will display SPARC64 VII on the System Processor Mode line If the domain is in SPARC64 VI Compatible Mode nothing is displayed on that line By default the Oracle Solaris OS automatically sets a domain s CPU operational mode each time the domain is booted based on the types of processors it contains It does this when the cpumode variable which can be viewed or changed by using the setdomainmode 8 command is set to auto You can override the above process by using the setdomainmode 8 command to change the cpumode from auto to compatible which forces the Oracle Solaris OS to set the CPU operational mode to SPARC64 VI Compatible Mode on reboot To do so power off the domain execute the setdomainmode 8 command to change the cpumode setting from auto to compatible then reboot the domain TABLE 2 34 shows CPU configuration for domain at DR operations and the CPU operational mode The system board XSB which can be added by DR is decided by the CPU operational mode currently set to the domain which is as follows TABLE 2 34 CPU configuration for domain at DR operations and the CPU operational mode CPU configuration of a system board Domain CPU configuration Value of CPU Mode Current CPU operational mode which can be added by DR operation SPARC64 VII VI auto SPARC64 VII enhanced SPARC64 VII VII mode SPARC64 VII VII compatible SPARC64 VI compatible Any CPU configuration mode SPARC64 VII VII auto or SPARC64 VI com
402. owboards 8 command to check the XSB number domain ID LSB number and XSB status XSCF gt showboards a XSB DID LSB Assignment Pwr Conn Conf Test Fault 00 0 00 00 Assigned y y y Passed Normal 00 1 00 01 Assigned y y y Passed Normal 00 2 SP Available y n n Passed Normal y n n 00 3 02 00 Unavailable Unknown Normal 4 Use the version 8 command to check the OpenBoot PROM version of a domain XSCF gt version c cmu DomainID 0 02 09 0000 DomainID 1 02 09 0000 DomainID 3 02 09 0000 4 3 Adding or Removing Domains The system can adopt a domain configuration by combining multiple system boards in a server Each domain can operate independently To configure domains for a server use the XSCF Web console or the XSCF Shell commands Note In the M3000 server the domain configuration policy can be changed by using the setdc1 8 command However other domain configurations cannot be changed Commands Used to Setup or Display Information Execute the following commands individually as appropriate For details of these commands see Chapter 5 m setdcl m setupfru m addboard Chapter 4 Operation of the Server 4 11 m deleteboard m moveboard For details on adding or changing a domain see Chapter 2 of the XSCF Reference Manual or the Administration Guide For details on using the DR function to change the domain configuration see the Dynamic Reconfiguration User s
403. ownlink card that is mounted in a PCI slot in an I O unit of the path server and connected to an External I O Expansion Unit An External I O Expansion Unit is connected to one or two downlink cards A downlink card path represents the layer location indicating which downlink card is connected to the External I O Expansion Unit in the layer structure Example IOU 1 PCIE 2 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 4 5 lists setting items and the corresponding shell commands TABLE 4 5 External I O Expansion Unit Administration Item Description Shell Command Remarks Display list Display environment information Displays a list of External I O Expansion ioxadm Units and cards in the host slot is identified by the host_path to the card The following is displayed e Set External I O Expansion Unit numbers and downlink card paths e External I O Expansion Units I O boards link cards Note 1 downlink cards power supply unit types firmware versions serial numbers part numbers and states Displays the status of the environment of the ioxadm specified External I O Expansion Unit or downlink card as sensor measurement values Also displays the environmentals of a FRU in an I O Expansion Unit or a card in a host slot The following is displayed e Current A e Voltage V e Fan speed RPM e Temperature C e LED state e SWITCH External I O Expansion Unit numbers are
404. packets 14369 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 20241827 19 3 MiB TX bytes 2089769 1 9 MiB Base address 0xe000 lt Example 3 gt Display the ISN information on network interfaces of XSCFU 0 XSCF gt shownetwork xscf 0 if xscf 0 if Link encap Ethernet HWaddr 00 0A 48 09 C9 1E inet addr 192 168 10 128 Bcast 192 168 10 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 54424 errors 0 dropped 0 overruns 0 frame 0 TX packets 14369 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 0 0 0 B TX bytes 17010 16 6 KiB Base address 0xe000 lt Example 4 gt Display the takeover IP address information of the XSCF LAN 0 XSCF gt shownetwork lan 0 lan 0 Link encap Ethernet HWaddr 00 00 00 12 34 56 inet addr 192 168 1 10 Beast 192 168 1 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 Base address 0xe000 Chapter 2 Setting Up XSCF 2 25 2 26 2 Use the showdscp 8 command to display DSCP information lt Example gt Display DSCP information XSCF gt showdscp DSCP Configuration Network 192 168 244 0 Netmask 255 255 255 0 Location Address XSCF 192 168 244 Domain 00 192 168 244 Domain 01 192 168 244 Domain 02 192 168 244 Domain 03 192 168 244 OO BUNE 3 Use the setnetwork 8 command to specify network interface information lt Example 1 gt Specify I
405. patible Any CPU configuration and SPARC64 VI compatible mode SPARC64 VI auto or SPARC64 VI compatible Any CPU configuration compatible mode For details of the CPU operational mode and the DR operation see the Dynamic Reconfiguration User s Guide Chapter 2 Setting Up XSCF 2 183 2 184 DR operations work normally on M4000 M5000 M8000 M9000 server domains running in SPARC64 VI Compatible Mode You can use DR to add delete or move boards with any of the processor types which are all treated as if they are SPARC64 VI processors The M3000 servers do not support DR operations DR also operates normally on domains running in SPARC64 VII Enhanced Mode with one exception You cannot use DR to add or move into the domain a system board that contains any SPARC64 VI processors To add a SPARC64 VI processor you must power off the domain change it to SPARC64 VI Compatible Mode then reboot the domain In an exception to the above rule you can use the DR addboard 8 command with its c reserve or c assign option to reserve or register a board with one or more SPARC64 VI processors in a domain running in SPARC64 VII Enhanced Mode The next time the domain is powered off then rebooted it comes up running in SPARC64 VI Compatible Mode and can accept the reserved or registered board Note Change the cpumode from auto to compatible for any domain that has or is expected to have SPARC64 VI processors If you leave the domain in auto mode
406. plies Fans For details about these components see the Service Manual for your server 12 scfComponentInfo group This group provides FRU and Status information for every component in the System Obtaining the Latest Extension MIB For details on obtaining the XSCF extension MIB definition file and the Fault Management MIB definition file see the Product Notes for your server or download site for the XCP firmware C4 Trap Traps are classified as either a standard Trap or an extension Trap Standard Trap is provided for each device defined in SNMP as standard For a description of a standard Trap see the general document In this document the Trap in cases where an event native to this system is recognized is called an extension Trap For more information about traps see Chapter 7 Appendix C XSCF MIB C 5 C 6 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 APPENDIX D Troubleshooting This chapter describes problems that can occur during use of the XSCF console or during the operation of the system and provides solutions for them D 1 Troubleshooting XSCF and FAQ This section describes problems that may occur during the use of XSCF and provides solutions for the problems The section also contains frequently asked questions along with their answers Could Not Log in to XSCF m Check whether you entered the correct user name for login m Check whether you entered the correct password
407. plies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License The Program below refers to any such program or work and a work based on the Program means either the Program or any derivative work under copyright law that is to say a work containing the Program or a portion of it either verbatim or with modifications and or translated into another language Hereinafter translation is included without limitation in the term modification Each licensee is addressed as you Activities other than copying distribution and modification are not covered by this License they are outside its scope The act of running the Program is not restricted and the output from the Program is covered only if its contents constitute a work based on the Program independent of having been made by running the Program Whether that is true depends on what the Program does 1 You may copy and distribute verbatim copies of the Program s source code as you receive it in any medium provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty keep intact all the notices that refer to this License and to the absence of any warranty and give any other recipients of the Program a copy of this License along with the Program You may charge a fee for the physical act of transferring a cop
408. ppendix B varbind 7 6 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 FIGURE 7 2 is a conceptual diagram of issuance of a Trap FIGURE 7 2 Trap Issuance Trap issued fi SNMP manager Event reports Chapter 7 XSCF SNMP Agent Function 7 7 7 4 Setting Up the XSCF SNMP Agent Function This section explains how to set up the XSCF SNMP agent function The workflow is as described below Perform each setup step with the setsnmp 8 command of the XSCF Shell For details on setup see Chapter 2 Starting Transmission m Step 1 For setting items common to the agent protocols of SNMPv1 SNMPv2c and SNMPv3 specify the management information listed below The following setting items are reflected in the MIB information a Installation location of the agent system a Mail address of the administrator a Description of the agent system a Port number of the agent listening port number m Step 2 Specify the following management information for SNMPv3 SNMPv1 and SNMPv2c SNMPv3 management information settings a User name Note a Authentication password Note a Encryption password Note a Authentication algorithm Port number of the trap destination a Host name of the trap destination Note A user name authentication password and encryption password that are common to both the sending and receiving sides must be set for SNMPv3 SNMPv1 and SNMPv2c management information settings
409. produce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 All advertising materials mentioning features or use of this software must display the following acknowledgement This product includes software developed by the University of California Berkeley and its contributors 4 Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE Copyright c 1996 by Internet Software Consortium Permission to use copy
410. r lt Example 2 gt Cancel domain power on in progress XSCF gt poweron d 0 DomainIDs to power on 00 Continue y n n XSCF gt Chapter 4 Operation of the Server 4 15 4 4 4 Domain Power Off Command operation 1 Use the showdomainstatus 8 command to check the power status of all domains XSCF gt showdomainstatus a DID Domain Status 00 Running 01 Running 02 Running 03 Powered Off 2 Use the poweroff 8 command to turn off power to the specified domain lt Example 1 gt Turn off power to the specified domain XSCF gt poweroff d 1 DomainIDs to power off 01 Continue y n y 01 Powering off Note This command only issues the instruction to power off The result of the instruction can be checked by the showlogs power lt Example 2 gt Cancel domain power off in progress XSCF gt poweroff d 1 DomainIDs to power off 01 Continue y n n lt Example 3 gt Forcibly turn off power to a domain XSCF gt poweroff f d 1 DomainIDs to power off 01 The f option will cause domains to be immediately reset Continue y n y 01 Powering off Note This command only issues the instruction to power off The result of the instruction can be checked by the showlogs power 4 16 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 4 4 5 Note If the poweroff 8 command is performed and the shutdown has completed then
411. r 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED AS IS AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING WITHOUT LIMITATION THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE This library libselinux is public domain software i e not copyrighted Warranty Exclusion You agree that this software is a non commercially developed program that may contain bugs as that term is used in the industry and that it may not function as intended The software is licensed as is NSA makes no and hereby expressly disclaims all warranties express implied statutory or otherwise with respect to the software including noninfringement and the implied warranties of merchantability and fitness for a particular purpose Limitation of Liability In no event will NSA be liable for any damages including loss of data lost profits cost of cover or other special incidental consequential direct or indirect damages arising from the software or the use thereof however caused and on any theory of liability This limitation will apply even if NSA has been advised of the possibility of
412. r disableuser m password setprivileges showpasswordpolicy setpasswordpolicy a showlookup setlookup showldap setldap showad setad showldapssl setldapssl showaudit setaudit viewaudit m showloginlockout setloginlockout m showssh setssh showuser adduser deleteuser enableuser disableuser The showuser 8 command can be used to list XSCF user accounts or display information about a particular user account The adduser 8 and deleteuser 8 commands add and delete user accounts The enableuser 8 and disableuser 8 commands enable and disable respectively user accounts password setprivileges showpasswordpolicy setpasswordpolicy The password 8 and setprivileges 8 commands set passwords and user privileges respectively for user accounts The showpasswordpolicy 8 and setpasswordpolicy 8 commands display and specify the validity of passwords and other password policy information showlookup setlookup showldap setldap showad setad showldapssl setldapssl The showlookup 8 and setlookup 8 commands display and specify information on whether an LDAP server should be used for looking up the authentication and the user privilege The showldap 8 and set1dap 8 commands display and specify LDAP client settings which are used when retrieving data from an LDAP server The showad 8 and setad 8 commands display and specify Active Directory client settings which are used when retrieving
413. r The only warranties granted by Oracle and Fujitsu Limited and or any affiliate of either of them in connection with this document or any product or technology described herein are those expressly set forth in the license agreement pursuant to which the product or technology is provided EXCEPT AS EXPRESSLY SET FORTH INSUCH AGREEMENT ORACLE OR FUJITSU LIMITED AND OR THEIR AFFILIATES MAKE NO REPRESENTATIONS OR WARRANTIES OF ANY KIND EXPRESS OR IMPLIED REGARDING SUCH PRODUCT OR TECHNOLOGY OR THIS DOCUMENT WHICH ARE ALL PROVIDED AS IS AND ALL EXPRESS OR IMPLIED CONDITIONS REPRESENTATIONS AND WARRANTIES INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTY OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE OR NON INFRINGEMENT ARE DISCLAIMED EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID Unless otherwise expressly set forth in such agreement to the extent allowed by applicable law in no event shall Oracle or Fujitsu Limited and or any of their affiliates have any liability to any third party under any legal theory for any loss of revenues or profits loss of use or data or business interruptions or for any indirect special incidental or consequential damages even if advised of the possibility of such damages DOCUMENTATION IS PROVIDED AS IS AND ALL EXPRESS OR IMPLIED CONDITIONS REPRESENTATIONS AND WARRANTIES INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE OR NON INFRINGEMENT A
414. r feed or display its current status is available on M3000 M4000 M5000 servers only However the dual power feed mode cannot be used with 100V power on M4000 M5000 servers When the optional power cabinet for dual power feed is connected on M8000 M9000 servers it automatically configures the dual power feed mode For details about the setting the dual power feed see the Installation Guide for your server Chapter 4 Operation of the Server 4 23 Command operation 1 Use the showdualpowerfeed 8 command to display the current setting status of the dual power feed XSCF gt showdualpowerfeed Dual power feed is disabled 2 Use the setdualpowerfeed 8 command to enable or disable the dual power feed of this system lt Example 1 gt Enabling the dual power feed XSCF gt setdualpowerfeed s enable disable gt enable NOTE Dual power feed will be enabled the next time the platform is powered on lt Example 2 gt Disabling the dual power feed XSCF gt setdualpowerfeed s disable enable gt disable NOTE Dual power feed will be disabled the next time the platform is powered on 3 Confirm the new setting and if it is correct turn off the input power and then turn on to apply the specified configuration When you enabled the dual power feed mode you can apply the configuration by executing the rebootxsc 8 command XSCF gt showdualpowerfeed disable gt enable NOTE Dual pow
415. r group has platadm useradm and auditadm privileges and you cannot change that Also the operator group has platop and auditop privileges and you cannot change that Setting timeout Command operation 1 Use the showldapss1 8 command to display timeout period XSCF gt showldapss1l usermapmode enabled state enabled strictcertmode enabled timeout 4 logdetail none 2 Use the setldapss1 8 command to set the transaction timeout A Example gt The timeout priod is set to 10 sec XSCF gt setldapssl timeout 10 3 Use the showldapss1 8 command to confirm the timeout XSCF gt showldapssl defaultrole usermapmode enabled state enabled strictcertmode enabled timeout 10 logdetail none Enabling or Disabling the Logging of LDAP SSL Authentication and Authorization Diagnostic Messages Command operation 1 Use the showldapss1 8 command to display the log detail level XSCF gt showldapss1l usermapmode enabled state enabled strictcertmode enabled timeout 10 logdetail none Chapter 2 Setting Up XSCF 2 89 2 90 2 Use the set 1dapss1 8 command to set the log detail level lt Examplel gt Enable the log and trace is set for detail level XSCF gt setldapssl logdetail trace lt Example2 gt Disable the log XSCF gt setldapssl logdetail none 3 Use the showldapss1 8 command to confirm the log detail level XSCF gt sho
416. r of the event This function is called a Trap see FIGURE 7 2 The XSCF Trap covers the following events 1 XSCF failover 2 Additions removals and replacements of a component such as a system board Qo Part fault occurrences in the system or replacement of a faulty component in the system and system recovery see note Divided mode change of a system board Hung domain or panicked domain Configures an XSB into a domain or unassigns an XSB from domain ND oO p Additions and removals of an External I O expansion unit I O box 8 External I O expansion unit LED state change 9 External I O expansion unit temperature faults 10 XSCF SNMP agent function startup Standard trap 11 Occurrence of unauthorized access to the XSCF SNMP agent Standard trap 12 Cold start trap generated at changing in composition of managed object for when the SNMP agent starts up Standard trap Note In case 3 above the target components are those whose fault location and part number can be identified from among the system components monitored by the XSCF Even if the component cannot be identified a Trap is issued during the XSCF event notification Note For trap types see the MIB definition file For details on obtaining the XSCF extension MIB definition file and the Fault Management MIB definition file see the Product Notes for your server or download site for firmware The following shows an example of the SNMP
417. r the same conditions they received it 1 You may make and give away verbatim copies of the source form of the Standard Version of this Package without restriction provided that you duplicate all of the original copyright notices and associated disclaimers 2 You may apply bug fixes portability fixes and other modifications derived from the Public Domain or from the Copyright Holder A Package modified in such a way shall still be considered the Standard Version 3 You may otherwise modify your copy of this Package in any way provided that you insert a prominent notice in each changed file stating how and when AND WHY you changed that file and provided that you do at least ONE of the following a place your modifications in the Public Domain or otherwise make them Freely Available such as by posting said modifications to Usenet or an equivalent medium or placing the modifications on a major archive site such as uunet uu net or by allowing the Copyright Holder to include your modifications in the Standard Version of the Package b use the modified Package only within your corporation or organization c rename any non standard executables so the names do not conflict with standard executables which must also be provided and provide separate documentation for each non standard executable that clearly documents how it differs from the Standard Version d make other distribution arrangements with the Copyright Holder 4 You
418. rchive host This function is equivalent to the setlogarchiving 8 command Select Setting Capacity on Demand in the Menu tree for configuring COD The following functions are supported m COD resource use status display and headroom configuration COD management information for each domain s display and setting a COD hardware activation permit COD permit information display and COD hardware activation key COD key addition and deletion Chapter9 Howto Use the XSCF Web 9 27 For COD settings and command information see the COD User s Guide and the XSCF Reference Manual Note In the M3000 server this function is not available TABLE 9 23 lists the functions for configuring Sun Management Center agent Select Setting Sun MC in the Menu tree TABLE 9 23 Sun Management Center Agent Configuration Function Remarks Sun Management Center Agent Configuration Displays setup information and status of Sun Management Center agent Start or stop the Sun Management Center agent and make changes to its configuration These functions are equivalent to the showsunmc 8 and setsunmc 8 commands TABLE 9 24 lists the functions for configuring the authentication timeout period for XSCF Web console Select Settings Autologout in the Menu tree TABLE 9 24 Auto Logout Configuration XSCF Web Function Remarks Timeout period display and configuration After logging in XSCF if the syste
419. rd and encryption password that are common to both the sending and receiving sides are set for an SNMPv3 user Note 2 If inform is specified InformRequest is sent using the SNMPv2c agent Chapter 2 Setting Up XSCF 2 135 Setting the SNMP Agent s System Management Information and Enabling Disabling the SNMP Agent a Command operation 1 Use the showsnmp 8 command to display the SNMP settings lt Example gt Display of the status when no management information has been set XSCF gt showsnmp Agent Status Disabled Agent port 161 System Location Unknown System Contact Unknown System Description Unknown 2 Use the setsnmp 8 command to make the SNMP settings lt Example gt Specifying the installation location of the system system description and mail address of the administrator XSCF gt setsnmp 1 MainTower21F c foo example com d DataBaseServer 3 Use the setsnmp 8 command to enable the SNMP agent lt Example 1 gt Enabling the agent XSCF gt setsnmp enable lt Example 2 gt Disabling the agent XSCF gt setsnmp disable 4 Confirm the SNMP settings XSCF gt showsnmp Agent Status Enabled Agent port 161 System Location MainTower21F System Contact foo example com System Description DataBaseServer 2 136 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Setting SNMPv3 Trap Command operation 1
420. reby granted free of charge to any person obtaining a copy of this software and associated documentation files the Software to deal in the Software without restriction including without limitation the rights to use copy modify merge publish distribute sublicense and or sell copies of the Software and to permit persons to whom the Software is furnished to do so subject to the following conditions The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software THE SOFTWARE IS PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND EXPRESS OR IMPLIED INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM DAMAGES OR OTHER LIABILITY WHETHER IN AN ACTION OF CONTRACT TORT OR OTHERWISE ARISING FROM OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE Copyright C 2004 Internet Systems Consortium Copyright C 1996 2003 Internet Software Consortium Inc ISC Permission to use copy modify and distribute this software for any purpose with or without fee is hereby granted provided that the above copyright notice and this permission notice appear in all copies THE SOFTWARE IS PROVIDED AS IS AND ISC DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHAN
421. ree software developers Less of an advantage over competing non free programs These disadvantages are the reason we use the ordinary General Public License for many libraries However the Lesser license provides advantages special circumstances We call this license the in certain For example on rare occasions there may be a special need to encourage the widest possible use of a certain library facto standard To achieve this non free programs must be allowed to use the library A more frequent case is that a free library does the same job as widely used non free libraries In this case there is little to gain by limiting the free library to free software only Lesser General Public License so that it becomes a de so we use the In other cases permission to use a particular library in non free programs enables a greater number of people to use a large body of free software For example permission to use the GNU C Library in non free programs enables many more people to use the whole GNU operating system as well as its variant the GNU Linux operating system Although the Lesser General Public License is Less protective of the users freedom it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library and conditions for The precise terms modification follow copying distribution and Pay close attention to
422. res a Connecting the XSCF Shell terminal a To establish an SSH connection start an SSH client and specify the IP address of XSCEF In the systems with redundant XSCF Units specify the IP address of active XSCF b Enter a user account and password to login to the XSCF Shell c Confirm that the XSCF Shell prompt XSCF gt is displayed The XSCF Shell can now be used 3 8 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 3 1 6 Note To start up the SSH client see your SSH manual For details on login see Chapter 5 a Connecting the domain console OS console a If the domain is powered off use the poweron 8 command for the domain on the XSCF Shell terminal and turn it on to start the Oracle Solaris OS b Follow Step a to Step c in the above Connecting the XSCF Shell terminal c Perform the console 8 command d Confirm the change into the specified domain console Note In this system you can use SSH to access from domain to XSCF via DSCP And you can use the setssh 8 command to disable the SSH access from domain to XSCEF For details on the SSH access control via DSCP see Section 2 2 7 SSH Telnet Administration on page 2 104 Connecting to XSCF Using Telnet via the LAN Port The procedure described below assumes that telnet is enabled in the SSH telnet settings of XSCF as described in Chapter 2 For details on cable connections between the server and a LAN and
423. rface can be set up to e Network interface eight respectively e Destination IP address Destination e Gateway e netmask Display DNS Displays XSCF name servers and search shownameserver paths 2 18 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 2 2 Network Configuration Continued Item Description Shell Command Remarks Add delete DNS Add or delete the IP address of a name setnameserver No default setting server and the domain name of a search has been specified path If the DNS Up to three name servers can be registered connection is Names can be solved in the order specified MECeSSary this Up to five search paths can be registered setting is done Domain names are assigned in the order specified and they are referred to the DNS server Display IP Displays IP packet filtering rules showpacketfilters packet filtering rules IP packet Sets IP packet filtering rules for XSCF LANs setpacketfilters You can set the IP filtering rules to permit the IP packets to go through or to filtering rules to the drop the IP packets input packets not to the output packets Apply network Apply network settings applynetwork In systems with two XSCF Units the two XSCF Units are connected by system internal ports which are the RS 232C serial ports and the LAN ports Each XSCF Unit monitors the status of the other one and they exchange system information through these communication paths When
424. rfc1952 txt gzip format sy SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Index A Adding or deleting a user account and specifying a password 2739 Administration altitude 2 185 audit 2 116 https 2 109 locale 2 184 log archiving 2 123 mail 2 139 security 2 43 2 48 2 70 SNMP 2 128 ssh telnet 2 101 Altitude setting 2 185 Altitude Administration 2 185 Applying the XSCF Network settings 2733 Assigning or Configuring a System Board to a Domain 2 162 Audit enabling or disabling 2 120 Audit administration 2 116 Audit class 2 116 Audit event 2 116 Audit logs displaying 2 122 Audit policy specifying 2 121 Audit record 2 116 Audit token 2 117 Audit trail 2 117 Automatic boot function enabling or disabling 2 181 B Break signal suppression enabling or disabling 2 180 Cc Changing a Clock Address of Local Clock 2 97 Changing the initial hardware diagnostic level 2 179 Changing the Stratum Value for XSCF 2 97 Clock address changing 2 97 Collect XSCF Logs 8 22 Command shell XSCF 5 1 Commands XSCF 5 2 Configuration domain 2 142 2 156 Index 1 domain mode 2 173 network 2 16 system board 2 170 Configuring an NTP server 2 95 Configuring IP Packet Filtering Rules for XSCF Network 2 31 Configuring XSCF routing 2 28 Connecting to XSCF through the serial port S Connecting to XSCF using ssh 3 8 Connecting to XSCF using telnet 3 9 CPU operation
425. rforms initial diagnostics for the XSCF itself checks for abnormalities displays any detected abnormality and reports it to the user While the system is operating the error detection facility of the XSCF continues to monitor itself and if any errors are detected it will report them Chapter 1 XSCF Overview 1 9 Initial System Configuration Function XSCF configures the initial hardware settings of the XSCF Unit and initializes hardware as required to start the Oracle Solaris Operating System Oracle Solaris OS XSCF also controls the initial system configuration information XSCF User Account Control XSCF controls the user accounts for XSCF operations The basic types of user account privileges controlled by XSCF are listed below The server provides the XSCF Shell and XSCF Web but their privileges depend on the user privilege type m System administrator m Domain administrator m Operator m Field engineer For details on the user privileges see the Administration Guide Security XSCF provides an encryption function using Secure Shell SSH or Secure Sockets Layer SSL and an audit function Any operation error or unauthorized attempt to access XSCF functionality is recorded in a log The system administrator can use this information for troubleshooting system errors and unauthorized login attempts Power Control for the Server System and Domains XSCF has power on and power off control of the server The user can pr
426. ribute information XSCF gt setldapssl usermap attributeInfo amp objectclass person uid lt Example2 gt Configures the bind distinguished name XSCF gt setldapssl usermap binddn CN SuperAdmin DC aCompany DC com lt Example3 gt Configures the bind password XSCF gt setldapssl usermap bindpw b e9s n lt Example4 gt Configures the search base XSCF gt setldapssl usermap searchbase OU yoshi DC aCompany DC com 3 Use the showldapss1 8 command to confirm the usermap XSCF gt showldapssl usermap attributeInfo amp objectclass person uid binddn CN SuperAdmin DC aCompany DC com bindpw Set searchbase OU yoshi DC aCompany DC com SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 4 Use the set 1ldapss1 8 command to clear the usermap lt Examplel gt Clears the attribute information XSCF gt setldapssl usermap attributeInfo lt Example2 gt Clears the bind distinguished name XSCF gt setldapssl usermap binddn lt Example3 gt Clears the bind password XSCF gt setldapssl usermap bindpw lt Example4 gt Clears the search base XSCF gt setldapssl usermap searchbase 5 Use the showldapss1 8 command to confirm that the usermap is cleared XSCF gt showldapssl usermap attributeInfo none binddn none bindpw none searchbase none The usermapmode must be enabled for using usermap Enabling or Disabling the Strictcert M
427. ributors may be used to THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULARPURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE FOI OIC ICI IRIE ICICI IO ICI ICICI III ICI IOI ICICI II IC IG I ae RE E 14 Copyright c David L Mills 1992 2003 Permission to use copy modify and distribute this software and its documentation for any purpose and without fee is hereby granted provided that the above copyright notice appears in all copies and that both the copyright notice and this permission notice appear in supporting documentation and that the name University of Delaware not be used in advertising or publicity pertaining to distribution of the software without specific written prior permission The University of Delaware makes no representati
428. rk address If you set a netmask using the m option this netmask value shows the mask value in the XSCF network A netmask value when you display the DSCP network on the domain is not the netmask value in the XSCF network The netmask value for the domain DSCP address which is displayed on the domain by using ifconfig 1M is a value set according to the setting of the network on the domain side Chapter 2 Setting Up XSCF 2 27 2 28 This is because the DSCP communication protocol PPP Point to Point Protocol does not notify the netmask value specified by the m option to the domain side and also because the ifconfig 1M displays the netmask value corresponding to the class of IP address in the DSCP interface Note All DSCP addresses must be in the same network subnet Specifying a Host Name for XSCF a Command operation 1 Use the showhostname 8 command to display host names XSCF gt showhostname a xscf 0 scf hostname0 company com xscf 1 scf hostnamel company com 2 Use the sethostname 8 command to specify a host name lt Example 1 gt Specify the host name scf0 hostname for XSCFU 0 XSCF gt sethostname xscf 0 scf0 hostname lt Example 2 gt Specify the domain name com for XSCFU 0 XSCF gt sethostname d company com SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Configuring XSCF Routing In a redundant XSCF unit configuration the following are examples o
429. rming the restoreconfig 8 command then input the specified key when saving m The head of the saved configuration file contains the following identification data The identification data can be referred to in the text a User comments a Data version a Presence of encryption a Saved time a System name a Serial number a XCP version m In the network configuration restore the data by specifying an option m Power off all domains when you restore the configuration information Moreover after completing the command turn the input power supply of the server off then on For details of configuration file and encryption see the man page or the XSCF Reference Manual The following is the procedure for saving configuration information Saving the Configuration Information by Connecting the USB Device for Exclusive Use to the Panel of the XSCF Unit Command operation 1 Connect a USB device to the USB connector mounted on the XSCF Unit panel 2 Perform the dumpconfig 8 command and specify the local USB device on the XSCF Unit for the output file see Note XSCF gt dumpconfig file media usb_msd backup file txt 3 When the data transfer is complete disconnect a USB device from the USB connector 4 Confirm the identification data in the head of the saved configuration file Note For details on using the dumpconfig 8 command including how to enable encryption see the man page or the XSCF Reference Man
430. rnia Permission is granted to anyone to use this software for any purpose on any computer system and to alter it and redistribute it freely subject to the following restrictions 1 The author is not responsible for the consequences of use of this software no matter how awful even if they arise from flaws in it 2 The origin of this software must not be misrepresented either by explicit claim or by omission Since few users ever read sources appear in the documentation 3 Altered versions must be plainly marked as such misrepresented as being the original software Since few users ever read credits must and must not be sources credits must appear in the documentation 4 This notice may not be removed or altered macmartinized code 1992 Eric Haines erich eye com polygon copyright by OIF BE BE AEE E DE HEIE AE BEKE E AE AE AE TOSI IORI TOR AE DE AEAEE GIGI OI IORI ISI IOI IO III Ik NCSA HTTPd Server Software Development Group National Center for Supercomputing Applications University of Illinois at Urbana Champaign 605 E Springfield Champaign IL 61820 httpd ncsa uiuc edu Copyright C 1995 Board of Trustees of the University of Illinois o FOI ICICI ICICI ICICI ICI III III ICICI ICICI II a a ee md5 c NCSA HTTPd code which uses the md5c c RSA Code Original Code Copyright C Inc Portions of Content MD5 code Copyright Mellon Un
431. rovement In the example above the following items are displayed B 4 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 B 2 Time at which the problem was registered in the log TIME Universal Unique Identifier that can be used to uniquely identify the problem in an optional system set UUID Message ID MSG ID that can be used to access the corresponding description of information at the specified site Use the message ID for accessing the specified URL to acquire detailed information corresponding to this problem For the specified URL see the web site information about the messages described in the Product Notes for your server The information that can be referenced for the message ID is the same as that described in the item of showlogs 8 error After confirming the problem repair the fault according to the recommended processing For details of the mdump 8 command see the XSCF Reference Manual or the main page Power Log When a power operation or resetting is performed in the server or domain the XSCF firmware collects a power log This section explains how to reference the power log See TABLE 8 3 for the size and generation number of a power log Using the showlogs 8 Command to Reference Power Logs Specify the power option on the XSCF Shell and perform the showlogs 8 command to reference power logs Appendix B XSCF Log Information B 5 lt Example 1 gt Dat
432. rror log In this event identify the cause of the error correct it and start from step 1 again Once the test is completed normally the mail report function is enabled Use the showemailreport 8 command to check whether the test is completed For details on making settings for the SMTP server and name server see Chapter 2 6 4 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 6 3 Contents of Parts Fault Notification This section explains the contents of the email messages sent for parts faults that occur FIGURE 6 3 shows the contents of mail sent for a parts fault that occurred FIGURE 6 3 Mail Sent for an XSCF Parts Fault That Occurred Date Mon 02 Jun 2003 14 03 16 0900 From XSCF lt root host name example com gt To mail address smtp example com 2 Subject Defect XXXXXXXXXXX 3 MSG ID FMD 8000 4M TYPE Defect VER 1 0 SERVERITY Minor EVENT TIME 04 07 2006 10 34 07 PST PLATFORM i386 CSN DOMAIN ID SERVER ID opleval1 EVENT ID b57a9e55 f024 4ce7 9c39 ec7edd2548e4 DESC The Solaris Fault Manager received an event from a component to which no automated diagnosis software is currently subscribed Refer to http lt Message Site gt FMD 8000 4M for more information AUTO RESPONSE Error reports from the component will be logged for examination IMPACT Automated diagnosis and response for these events will not occur REQ ACTION Run pkgchk n fmd to ensure that faul
433. rs FIGURE 2 9 CPUs on CPU Memory Board Unit CMU and Domain Configuration Example CMU 0 CMU 1 CMU 2 CMU 3 CMU mounted with CMU of mixed CPU CMU of mixed CPU SPARC64 VI only configuration configuration CMU mounted with SPARC64 VII only Domain 1 Q a a Domain 2 ef SPARC64 VII processor SPARC64 VI processor Different types of processors can be mounted on a single CMU as shown in CMU 2 and CMU 3 in FIGURE 2 9 And a single domain can be configured with different types of processors as shown in Domain 2 in FIGURE 2 9 A domain runs in one of the following CPU operational modes SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 m SPARC64 VI Compatible Mode for M4000 M5000 M8000 M9000 servers only All processors in the domain behave like and are treated by the Oracle Solaris OS as SPARC64 VI processors The extended capabilities of SPARC64 VII and SPARC64 VII processors are not available in this mode Domains 1 and 2 in FIGURE 2 9 correspond to this mode a SPARC64 VII Enhanced Mode for M3000 M4000 M5000 M8000 M9000 servers All boards in the domain must contain only SPARC64 VII or SPARC64 VII processors In this mode the server utilizes the extended capabilities of these processors Domain 0 in FIGURE 2 9 corresponds to this mode To check the CPU operational mode execute the prtdiag 1M command on the Oracle Solaris OS If the domain is in SPARC64 VII Enhanced Mode the
434. rs do not indicate power consumption by showenvironment command For a power consumption value of the M4000 M5000 M8000 M9000 servers see the SPARC Enterprise M4000 M5000 Servers Site Planning Guide or the SPARC Enterprise M8000 M9000 Servers Site Planning Guide For details of the showenvironment 8 command see the XSCF Reference Manual and man page For the installation of server see the Site Planning Guide for your server Note To obtain the data of exhaust air using the SNMP agent function install the latest XSCF extension MIB definition file to the SNMP manager For details on obtaining the XSCF extension MIB definition file see the Product Notes for your server or download site for firmware Note The amount of power consumption and exhaust air may not be indicated correctly in the MIB information in the showenvironment power showenvironment air commands output and on the XSCF Web in the following cases and you should wait for one minute and check the value again During the server powering on or powering off or for a while after the power on or power off complete During the active replacement of power supply unit or for a while after the active replacement complete Display Server Configuration Status Information a Command operation Use the showhardconf 8 command to check the status of a device XSCF gt showhardconf SPARC Enterprise xxxx Serial PP20605005 Operator_Panel_Switch Locked
435. rs the network configuration If an error is detected an error message is generated and displayed m XSCF monitors the status of the power supply FAN voltage system board memory CPU and other components If an error is detected in a component an error message is generated and displayed Based on the error message the system administrator can easily identify the component that needs to be replaced m XSCF monitors the temperatures of the cabinet and CPU If an abnormal temperature is detected an error message is generated and displayed The error messages make it possible to prevent the system from rising to a higher temperature and to prevent system instability Chapter 1 XSCF Overview 1 13 12 1 1 14 Firmware Update Function The web browser and commands can be used to download new firmware image XSCF firmware and OpenBoot PROM firmware without stopping the domain and to update firmware without stopping other domains To complete updating the OpenBoot PROM firmware in the target domain the domain must be rebooted For details on updating firmware see Chapter 8 Major Differences Among the Server Models TABLE 1 1 shows the major differences related to XSCF among the models of the M3000 M4000 M5000 M8000 M9000 servers TABLE 1 1 Major Differences Between the Models M3000 server M4000 M5000 servers M8000 M9000 servers Item Model Entry level Midrange High end XSCF Unit Fixed on MBU Replaceable Replaceable
436. rt of one entire domain_n Power supply operations and reference of the status of only one domain_n Control of only one domain_n Reference of the status of any part of the entire system Control of the entire system User account control Reference of the Audit status Can refer to the status of any hardware mounted in a domain_n Can refer to the status of any part of a domain_n Can refer to the information of all system boards mounted Can power on power off and reboot a domain_n Can refer to the status of any hardware mounted in a domain_n Can refer to the status of any part of a domain_n Can refer to the information of all system boards mounted Can operate all hardware mounted in a domain_n Can refer to the status of any hardware mounted in a domain_n Can operate all of a domain Can refer to the status of any part of a domain_n Can refer to the information of all system boards mounted Can refer to the status of any part of the entire server but cannot change it Can operate all hardware in the system Can configure all XSCF settings except the useradm and auditadm privilege settings Can add and delete hardware in a domain Can do the power operation of a domain Can refer to the status of any part of the entire server Can create delete invalidate and validate user accounts Can change user passwords and password profiles Can change user privileges Can refer to the
437. rules that are set in the XSCF network Specifies the time zone Displays the time zone setting Sets the XSCF time Displays the XSCF time Configures the NTP server Displays the NTP server setting Resets the time subtraction between the XSCF and the domain Displays the time subtraction between the XSCF and the domain Configures SSH Generates RSA and DSA keys for SSH2 host authentication Displays the SSH settings and fingerprint Configures telnet Displays the telnet settings Sets the session timeout time of the XSCF Shell Displays the session timeout time of the XSCF Shell Configures the SMTP server Displays the SMTP server settings Configures mail notification Displays the mail notification settings Enables or disables the use of an LDAP server for authentication and user privilege lookup Displays information about whether an LDAP server is used for authentication and user privilege lookup Configures LDAP client settings Displays LDAP client settings Configures Active Directory client settings Displays Active Directory client settings Configures LDAP SSL client settings Chapter 5 Overview of the XSCF Shell 5 3 TABLE 5 1 XSCF Commands Continued Command Description showldapss1 Displays LDAP SSL client settings sethttps Configures the https settings showhttps Displays the https settings setupplatform e Sets up platform specific settings Note In the platform specific settings
438. s A PCI and LAN driver are prevented from being incorporated into the domain of an LSB System board XSB configuration that prevents a specific domain from logically using memory on a system board A floating board is designated to be moved easily to another domain In operation with a kernel and important I O on the system board in a domain and to facilitate the DR operation of the system board it is necessary to define the system board so that can be deleted or moved easily This definition is called a floating board option A system board that lowered priority of the kernel memory loading by enabling the floating board option is called a floating board 2 148 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 2 23 Domain Configuration Terms Continued Term Description XSB status Fault code The power status and the diagnostic assignment and integration conditions of a system board belonging to a domain are displayed for each XSB The progress of changes in conditions can be found by switching the domain configuration The XSB status information can be referred to with showdc1 8 and showboards 8 For details on the XSB status see TABLE 2 27 Indicating that an error occurred in an XSB For details on the fault codes see TABLE 2 27 System board pool The state of system board that does not belong to any domain A system board that is the SP system board pool state can be added
439. s m User Account Administration required a Network Configuration required a Time Administration required a SSH telnet Administration optional a Mail Administration optional a LDAP Administration optional a Active Directory Administration optional a LDAP SSL Administration optional Https Administration optional a Log Archiving Administration optional a Audit Administration optional a SNMP Administration optional m Remote Maintenance Service Setting optional see the following Note 1 Domain Configuration required see the following Note 2 m System Board Configuration required see the following Note 3 Domain Mode Configuration optional Locale Administration optional 2 1 a Altitude Administration required a DVD Drive Tape Drive Unit Administration optional a COD Administration optional see the following Note 4 Note 1 This document does not provide details on the remote maintenance service functions For the information of the remote maintenance service see the Product Notes for your server Note 2 Domain configuration is not required in the M3000 server Some of the options can be configured For details see Section 2 2 13 Domain Configuration on page 2 146 Note 3 In the M3000 server system board cannot be configured System board has been configured by default and you cannot change the setting However you can refer to the s
440. s loaded XSCF gt showldapssl cert Primary Server certstatus certificate present issuer DC local DC xscf CN apl serial number 55 1f ff c4 73 7 5a b9 4e 16 3c fc e5 66 5e 5a subject DC local DC xscf CN apl valid from Mar 9 11 46 21 2010 GMT valid until Mar 9 11 46 21 2015 GMT version 3 0x02 XSCF gt showldapssl cert i 1 Alternate Server 1 certstatus certificate present issuer DC local DC aplle CN aplle local serial number 0b 1d 43 39 ee 4b 38 ab 46 47 de 0a b4 a9 ea 04 subject DC local DC aplle CN aplle local valid from Aug 25 02 38 15 2009 GMT valid until Aug 25 02 44 48 2014 GMT version 3 0x02 4 Use the set1ldapss1 8 command to delete the server certificate XSCF gt setldapssl rmcert Warning About to delete certificate for Primary Server Continue y n y 5 Use the showldapss1 8 command to confirm that the server certificate is deleted XSCF gt showldapssl cert Primary Server certstatus certificate not present issuer none serial number none subject none valid from none valid until none version none The strictcertmode must be in the disabled state for a certificate to be removed Chapter 2 Setting Up XSCF 2 83 Setting a user domain a Command operation 1 Use the showldapss1 8 command to display user domains XSCF gt showldapssl userdomain doma
441. s setldapssl Userdomain can take the form of Distinguished Name DN Display Displays the defaultrole setting showldapss1l defaultrole Defaultrole All users authenticated via LDAP SSL are setldapssl assigned privileges set in this parameter Display group Displays configuration of administrator group setldapss1l operator group or custom group Administrator Assigns group name for up to five specified setldapssl group administrator groups The administrator group has platadm useradm and auditadm privileges and you cannot change that Operator Assigns group name for up to five specified setldapssl group operator groups The operator group has platop and auditop privileges and you cannot change that Custom group Assigns group name and privileges for up to setldapss1 five groups Timeout Configures transaction timeout in seconds setldapssl The default is 4 If the Seconds can be 1 to 20 specified timeout is too brief for the configuration the login process or retrieval of user privilege settings could fail Enable Disabl Enables or Disables logging of LDAP SSL setldapssl This log is cleared on XSCF e log authentication and authorization diagnostic reset messages Display log Displays LDAP SSL authentication and showldapss1l authorization diagnostic messages Clear log Clears log file of LDAP SSL authentication and setldapssl authorization diagnostic messages Default Resets LDAP SSL settings to factory default setldapssl 2 74 SPARC E
442. s and sets the NTP server used on the XSCF network the preferred server the stratum value and the XSCF s own local clock These function are equivalent to the showntp 8 and setntp 8 commands Reset XSCF to complete the settings TABLE 9 12 lists the functions for setting the SSH telnet Select Settings SSH Telnet in the Menu tree TABLE 9 12 SSH telnet Settings Function Remarks SSH Enabling and disabling Access control from domain to the SSH telnet Enabling and disabling Displays and sets the enabling disabling the SSH These function are equivalent to the showssh 8 and setssh 8 commands After enabling SSH the XSCF reset is required Specifies whether or not to permit access from domain to the SSH via the DSCP These function are equivalent to the showssh 8 and setssh 8 commands After setting the SSH access control the XSCF reset is required Displays and sets the enabling disabling of telnet These function are equivalent to the showtelnet 8 and settelnet 8 commands After disabling telnet XSCF reset is required Note The host key generation the user public key registration deletion and the timeout period setting for XSCF Shell are not supported by XSCF Web Set these functions by using XSCF Shell Chapter 9 Howto Use the XSCF Web 9 19 TABLE 9 13 lists the functions for configuring LDAP Select Settings LDAP in the Menu tree TABLE 9 13 LDAP Configura
443. see Chapter 1 or the Administration Guide domainop The user can refer to all status information in a domain m domainmegr The user can perform domain power operations m domainadm The user has domain administrator privilege and can perform every type of domain operation m platop The user can refer to all status information in the entire system m platadm The user has system administrator privilege and can use almost all XSCF Shell commands m useradm The user can manage user accounts 5 1 m auditop The user can refer to the audit method of the XSCF and the audit records m auditadm The user can control the audit to the XSCF m fieldeng The user can perform the commands for FEs TABLE 5 1 outlines the XSCF Shell commands For details on each command and user privileges see the man page or the XSCF Reference Manual TABLE 5 1 XSCF Commands Command Description adduser Creates an XSCF user account deleteuser Deletes an XSCF user account disableuser Disables an XSCF user account enableuser Enables an XSCF user account showuser Displays XSCF user account information Alternatively it displays the user s own user account information password Changes an XSCF user account password Alternatively it changes the user s own setpasswordpolicy showpasswordpolicy setprivileges setloginlockout showloginlockout setnetwork shownetwork setroute showroute sethostname showhostname setnameserver
444. servers the disabled state for a certificate to be removed Display Displays the userdomain showad userdomain Userdomain Configures up to five userdomains setad If a user domain is specified Userdomain can take the form of UPN like directory by UPN form at the lt USERNAME gt domainname login Prompt such as login or the form of Distinguished Name DN like iia Cote para ae uid lt USERNAME gt ou OrganizationUnit miy SAE Ser domain 15 use de DomainName for this login attempt Display Displays the defaultrole setting showad defaultrole Defaultrole All users authenticated via LDAP SSL are setad assigned privileges set in this parameter Display group Displays configuration of administrator group setad operator group or custom group Administrator Assigns group name for up to five specified setad group administrator groups The administrator group has platadm useradm and auditadm privileges and you cannot change that Chapter 2 Setting Up XSCF 2 51 TABLE 2 8 Active Directory Administration Continued Item Description Shell command Remarks Operator Assigns group name for up to five specified setad group operator groups The operator group has platop and auditop privileges and you cannot change that Custom group Assigns group name and privileges for up to setad five groups Timeout Configures transaction timeout in seconds setad The default is 4 If the seconds can be 1 to 20 specified timeout is too brief
445. set up the XSCF by the XSCF LAN connection please change the cable from the serial port to the XSCF LAN port Change the serial cable to the LAN cable When you use the controller that converts the RS 232C interface and LAN interface you do not need to change the cable Reconnect to the XSCF using the new user account and the new IP address and login to the XSCF again For details on connecting the SSH telnet and serial port and login to the XSCF see Chapter 3 Moreover the telnet connection is not a secure connection protocol We recommend that you use SSH During login using SSH on XSCF Shell Ethernet connection you are prompted to confirm the authenticity of the fingerprint of the host public key The reply is yes if the fingerprint is the same as the memo in Step 6 If the reply is not the same please confirm that the IP address is correct and not duplicated There is a possibility that IP address spoofing has occurred Chapter 2 Setting Up XSCF 2 7 2 8 RSA key fingerprint is Xxxxxxx Connecting yes no yes Type the passphrase you have already set in the case that you would be using SSH with user key authentication Enter passphrase for key home nana ssh id_rsa XXXXXXXX Warning No xauth data using fake authentication data for X11 forwarding Last login Fri Sep 1 10 19 37 2006 from client 9 Configure the mail settings e Display mail notification settings and show
446. showhostname showroute shownameserver showdscp The shownetwork 8 command displays the IP addresses masks and network connection information for the XSCF LAN and ISN installed in the XSCF Unit Also the shownetwork 8 command displays the XSCF network connection status By finding out the amount of data sent or received through a particular interface the system administrator can check the LAN connection status and the management network load The showhostname 8 command displays the current host name for the XSCF unit The showroute 8 command displays routing environment such as destination IP addresses The shownameserver 8 displays the DNS server The system administrator can view the interface information required for the XSCF network The showdscp 8 command displays the IP addresses assigned for DSCP usage The showpacket filters 8 command displays the IP packet filtering rules that are set in the XSCF network Chapter 5 Overview of the XSCF Shell 5 13 showntp showdate The showntp 8 command displays the NTP server configured with the server and the XSCF s own local clock informations The showdate 8 command displays the system standard time XSCF time The system administrator can use the showdate 8 command to determine the reference time used in the server showstatus The system administrator can use the showstatus 8 command to list degraded components 5 9 5 14 Domain Control and Maintenance Commands
447. shownameserver applynetwork setdscp showdscp nslookup XSCF user account password Configures the XSCF password policy Displays the XSCF password policy Assigns user privileges Configures the lockout of user accounts Displays the lockout setting of user accounts Configures the XSCF network Displays the XSCF network settings and XSCF LAN network status Configures the XSCF LAN route Displays XSCF LAN route settings Specifies the XSCF LAN host name and domain name Displays the XSCF LAN host name and domain name Sets the XSCF name servers DNS servers and the search paths Displays the XSCF name servers and the search paths Applies the network settings Configures DSCP Displays the DSCP settings Checks for the name resolution of a host name 5 2 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 5 1 XSCF Commands Continued Command Description ping Checks the response for a host traceroute Displays the network path to the host by list setpacketfilters showpacketfilters settimezone showtimezone setdate showdate setntp showntp resetdateoffset showdateoffset setssh showssh settelnet showtelnet setautologout showautologout setsmtp showsmtp setemailreport showemailreport setlookup showlookup setldap showldap setad showad setldapssl Sets the IP packet filtering rules to be used in the XSCF network Displays the IP packet filtering
448. smtp 8 setsmtp 8 configure and test mail notification showemailreport 8 setemailreport 8 See Section 2 2 12 Mail Administration on page 2 143 After this configure the user accounts To manage user accounts you can either configure the XSCF local accounts or you can configure the user accounts to authenticate against a remote user database such as Lightweight Directory Access Protocol LDAP Active Directory or LDAP SSL Note Lightweight Directory Access Protocol LDAP Protocol used to access directories and databases in TCP IP networks Active Directory Active Directory is a distributed directory service from Microsoft Corporation LDAP SSL LDAP SSL is a distributed directory service like Active Directory LDAP SSL offers enhanced security to LDAP users by way of Secure Socket Layer SSL technology Before using an LDAP an Active Directory or an LDAP SSL server download a certificate create a public key and perform user registration in the applicable directory in the user environment If you are an Active Directory user you cannot upload a user public key When you set the user public key to XSCF before XCP1100 delete the user public key The Active Directory users can access to XSCF via SSH by using the password authentication and can login to XSCF SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 This manual does not provide details on LDAP Active Directory and LDAP S
449. splays the locations of devices such as system boards mounted in the server and resource partition information and the setupfru 8 command specifies these locations and this information The system administrator can use the commands for effective use of resources addfru deletefru replacefru The addfru 8 command is used to select a device such as a CPU Memory Board unit I O unit fan unit or PSU to add it to the server and the deletefru 8 and replacefru 8 commands are used to select and remove or replace respectively such a device mounted in the server Each type of operation can be performed interactively with menus showboards addboard deleteboard moveboard The showboards 8 command displays status information about a system board XSB The system administrator can use the command to find out whether a system board has been configured to a domain or unconfigured from it and to find out whether this operation was successful The addboard 8 command adds a system board to the domain the deleteboard 8 command removes a system board and the moveboard 8 command moves a system board Note In the M3000 server the domain configuration cannot be changed Chapter 5 Overview of the XSCF Shell 5 15 showdomainmode setdomainmode In a certain domain the user may want to suppress the break signal or panic with host watchdog or disable the automatic boot function The system administrator can use the showdomain
450. stall the user public key to XSCF e Generate the SSH user key Set in client showssh 8 setssh 8 e Display Install and Delete the SSH user public See Section 2 2 7 SSH Telnet key Administration on page 2 104 2 6 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Configure the network Display and set the DSCP Display XSCF network settings enable disable IP address netmask and configure remove an XSCF network Display and set XSCF host name Display XSCF route settings destination IP address gateway netmask interface and configure an XSCF route Display and make the DNS settings name servers search paths add delete Display and set the IP packet filtering rules Apply network settings showdscp 8 setdscp 8 shownetwork 8 setnetwork 8 showhostname 8 sethostname 8 showroute 8 setroute 8 shownameserver 8 setnameserver 8 showpacketfilters 8 setpacketfilters 8 applynetwork 8 See Section 2 2 1 Network Configuration on page 2 16 Perform the applynetwork 8 command to apply the network settings To complete the network settings the XSCF reset is required Go to the next step when you reset it later When you want to reset it now perform the rebootxsc 8 command to apply the settings Then the XSCF reset is done and the XSCF session is disconnected Please connect the XSCF and log in to the XSCF again Here when you
451. stribution Modifications to this software may be distributed either by distributing the modified software or by distributing patches to the original software under the following additional terms provided that the above copyright notice extant in files in this 1 The version number will be modified as follows a The first 3 components of the version number i e lt number gt lt number gt lt number gt will remain unchanged b A new component will be appended to the version number to indicate the modification level The form of this component is up to the author of the modifications 2 The author of the modifications will include his her name by appending it along with the new version number to this file and will be responsible for any wrong behavior of the modified software The author makes no representations about the suitability of this software for any purpose It is provided as is without any express or implied warranty Modifications Version 2 1 8 7 current Copyright 1998 2001 by Rob Braun Sensor Addition Version 2 1 8 9prel4a E 18 Copyright 2001 by Steve Grubb This is an exerpt from an email I recieved from the original author allowing xinetd as maintained by me to use the higher version numbers I appreciate your maintaining the version string guidelines as specified in the copyright But I did not mean them to last as long as they did So if you want you may use any 2 N N gt 3 version
452. string for future xinetd versions that you release Note that I am excluding the 2 2 line using that would only create confusion Naming the next release 2 3 0 would put to rest the confusion about 2 2 1 and 2 1 8 zlib h interface of the zlib version 1 2 1 November 17th 2003 general purpose compression library Copyright C 1995 2003 Jean loup Gailly and Mark Adler This software is provided as is without any express or implied warranty In no event will the authors be held liable for any damages arising from the use of this software Permission is granted to anyone to use this software for any purpose including commercial applications and to alter it and redistribute it freely subject to the following restrictions 1 The origin of this software must not be misrepresented you must not claim that you wrote the original software If you use this software in a product an acknowledgment in the product documentation would be appreciated but is not required 2 Altered source versions must be plainly marked as such and must not be misrepresented as being the original software 3 This notice may not be removed or altered from any source distribution Jean loup Gailly Mark Adler jloup gzip org madler alumni caltech edu The data format used by the zlib library is described by RFCs Request for Comments 1950 to 1952 in the files http www ietf org rfc rfc1950 txt zlib format rfc1951 txt deflate format and
453. sure that you have the freedom to distribute copies of free software and charge for this service if you wish that you receive source code or can get it if you want it that you can change the software and use pieces of it in new free programs and that you are informed that you can do these things To protect your rights we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it For example if you distribute copies of the library whether gratis or for a fee you must give the recipients all the rights that we gave you You must make sure that they too receive or can get the source code If you link other code with the library you must provide complete object files to the recipients so that they can relink them with the library after making changes to the library and recompiling it And you must show them these terms so they know their rights We protect your rights with a two step method 1 we copyright the library and 2 we offer you this license which gives you legal permission to copy distribute and or modify the library To protect each distributor we want to make it very clear that there is no warranty for the free library Also if the library is modified by someone else and passed on the recipients should know that what they have is not t
454. t have become the opposite of original state For instance if the firmware update is executed on XSCFU 0 when completing the command XSCFU 1 would become the active side To switch the XSCF execute the switchscf 8 command To confirm the switching between XSCFs execute the showhardconf 8 command and check the Status of the XSCF Unit 0 1 which is Active or Standby lt Example gt XSCF gt switchscf t Standby The XSCF unit switch between the Active and Standby states Continue y n y d To confirm that the XSCF firmware update has finished use the showlogs 8 command with the monitor option Confirm no abnormality is found during the update If the XCP update has been completed message is displayed in each XSCF Unit the firmware update has completed XSCF gt showlogs monitor Jun 20 07 25 48 FF1 1 0 monitor_msg SCF XCP update has been completed XCP version 1082 4 To complete the update of the OpenBoot PROM firmware restart the domain Chapter 8 Upgrade of XSCF Firmware and Maintenance 8 17 5 Confirm that the version of the system firmware that is running is that of the firmware applied at the XSCF Shell command line by using the version 8 command m Web browser operation For information about using the XSCF Web see Chapter 9 1 Start the XSCF Web https manual host Specify the host name or IP address of XSCF 2 The login window of the XSCF Web console is displayed Please e
455. t management software is installed properly Contact FE for support DIAGCODE 20010000 0108000112345678 Msg CPU internal fatal error CMU n CPUM n CHIP n degraded 1 Reply address set with Mail Administration 2 Recipient address set with Mail Administration 3 Mail title Note The contents may be changed as a result of a function improvement without notice For details on the settings see Chapter 2 The following items are displayed in the mail example of FIGURE 6 3 No 1 to 3 in the figure are excluded Chapter 6 XSCF Mail Function 6 5 a MSG ID Message ID Use the message ID for accessing the specified URL to acquire detailed information on this problem For the specified URL see the Web site information about messages described in the Product Notes for your server For the message ID the following information can be confirmed at the Web site a Message type Type a Fault level Severity a Outline of fault Description a Machine operation after failure Automated Response a Influence Impact a Action to be taken Action a Detailed information Details m TYPE SEVERITY DESC AUTO RESPONSE IMPACT and REQ ACTION these are the same items that the web site information in MSG ID corresponds m VER Version m EVENT TIME Time of fault occurrence indicated in local time m FLATFORM Target architecture m CSN Chassis serial number a DOMAIN ID Domain ID a SERVER ID ID of this system a EVENT
456. t to any claim by Licensee or any third party arising from use of the software Copyright C 1991 2 RSA Data Security Inc Created 1991 All rights reserved License to copy and use this software is granted provided that it is identified as the RSA Data Security Inc MD5 Message Digest Algorithm in all material mentioning or referencing this software or this function License is also granted to make and use derivative works provided that such works are identified as derived from the RSA Data Security Inc MD5 Message Digest Algorithm in all material mentioning or referencing the derived work RSA Data Security Inc makes no representations concerning either the merchantability of this software or the suitability of this software for any particular purpose It is provided as is without express or implied warranty of any kind These notices must be retained in any copies of any part of this documentation and or software POS SSSI IOS GEIS GSI KEE EK EAE AEE AE AEE EAE AE EEKE EK EA AEEA IG AAAA ITO IGG IIS I ioe Copyright 1995 by Wietse Venema All rights reserved Some individual files may be covered by other copyrights This material was originally written and compiled by Wietse Venema at Eindhoven University of Technology The Netherlands in 1990 1991 1992 1993 1994 and 1995 Redistribution and use in source and binary forms are permitted provided that this entire copyright notice is duplicated in all such copies
457. ter 2 Setting Up XSCF 2 119 2 2 9 Audit Administration Audit administration is used to specify logging of access details such as which users logged in to XSCF their login times and the operations that they executed In the server the default access audit setting is enabled The main audit settings include the access audit enable disable setting see TABLE 2 16 and audit trail management method see TABLE 2 16 Collecting Audit Data The server controls the audit module of XSCF firmware to provide an audit trail When related event information is obtained the XSCF firmware collects audit information as follows 1 Audit event data is logged in the form of audit records see TABLE 2 16 2 The audit records are stored in order by date in the local audit files of the XSCF firmware see TABLE 2 16 3 The audit files are linked and become an audit trail see TABLE 2 16 4 Audit records are thus kept as an audit trail so that the user can refer to the Audit trail see viewaudit 8 TABLE 2 16 lists terms used in audit administration TABLE 2 16 Audit Administration Terms Term Description Audit Audit event Audit class Audit record Audit file Function for auditing system access It is also called auditing Security related system action that can be audited Multiple audit events can be specified with values or names Example AEV_LOGIN_SSH LOGIN_SSH 0 all Group of audit events related t
458. ter west home joe logs x 2 When the data transfer is complete please contact authorized service personnel Note For detail of snapshot 8 command including how to enable encryption see the man page or the XSCF Reference Manual Caution IMPORTANT When the XSCF Unit is the redundant configuration log in to the standby side and collect the log in the same way The form of the collected log file is as follows File name The file name is generated automatically at XSCF IP address and the log taking out time So the log file cannot be generated in the file name of the user specification File format zip 8 30 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 CHAPTER 9 How to Use the XSCF Web This chapter describes how to use the XSCF Web 9 1 Overview of the XSCF Web The XSCF Web uses https and the SSL TLS protocols for connection to the server connected to a user network and for web based support of server status display server operation control and configuration information display When a configured user establishes a connection with a web browser to the XSCF Web from a client terminal and logs in with an XSCF user account either a tree index of available pages or another such page is displayed Select the target page such as the device status page For details on creating the user account see Chapter 2 9 1 TABLE 9 1 outlines each page TAB
459. the SNMP agent information for Sun MC is also cleared To set the SNMP agent information for Sun MC again execute the setsunmc 8 command with the s option For details about the command see the XSCF Reference Manual or the man page Specifying a User Authentication Algorithm Creating or Changing an Authentication Encryption Password Copy a User or Delete a User All of Which is USM Management Information Command operation 1 Use the showsnmpusm 8 command to display USM management information XSCF gt showsnmpusm Username Auth Protocol YYYYY MD5 user2 MD5 2 Use the setsnmpusm 8 command to set USM management information lt Example 1 gt Create an authentication algorithm authentication password and encryption password for a new user XSCF gt setsnmpusm create a SHA yyyyy Authentication Password XXXXXXXX Encryption Password XXXXXXXX lt Example 2 gt Change only an authentication password If no password is entered entry of a password is requested XSCF gt setsnmpusm passwd c auth o Nn XXXXXXXX YYYYY lt Example 3 gt Copy an existing user to add a new user XSCF gt setsnmpusm clone u yyyyy newuser lt Example 4 gt Delete a user XSCF gt setsnmpusm delete yyyyy Chapter 2 Setting Up XSCF 2 141 3 Use the showsnmpusm 8 command to display USM management information XSCF gt showsnmpusm Username Auth Protocol YYYYY SHA user2 MD5 Creat
460. the UPS The UPC port is used only when a UPS is connected For details on the connectors see the Service Manual for your server XSCF Unit Panel Front on the Midrange Servers FIGURE 1 2 is an outline drawing of the XSCF Unit front panel on the M4000 M5000 servers The XSCF Unit of the M4000 M5000 servers is a removable unit In the M4000 M5000 servers for details on mounting the XSCF Unit see the SPARC Enterprise M4000 M5000 Servers Service Manual SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 FIGURE 1 2 Outline Drawing of the XSCF Unit Front Panel In the Midrange Servers XSCF Unit Front 7 11 ii LILI eCe o_o byd Aaeedeaceeesesacesaeeas et 1 2 3 4 5 8 9 10 Number Description Number Description 1 RCI port 7 ACT LED 2 Serial port 8 UPC 1 port 3 USB port 9 UPC 0 port 4 ETHERNET 1 port 10 CHECK LED XSCF LAN 1 port 5 ETHERNET 0 port 11 READY LED XSCF LAN O port 6 Link Speed LED The RCI port serial port USB port XSCF LAN ports Link Speed LED ACT LED UPC ports CHECK LED and READY LED shown in FIGURE 1 2 have the same functions as those of the M3000 server For descriptions of their functions see the explanation of FIGURE 1 1 XSCF Unit Front Pane
461. the XSCF Web over an XSCF LAN connection Here you can specify the enabling disabling of https and configure https settings In this system https is disabled by default You can use the XSCF Web console securely TABLE 2 14 lists a term used in https administration TABLE 2 14 https Administration Term Term Description XSCF Web The web browser window of the XSCF Web with an XSCF LAN connection console To use https please set as follows Select Certificate Authority CA and Procedures Please select one of the following in consideration of your system and the environment of a web browser m External CA m CA in intranet m Self CA Caution IMPORTANT The self CA is constructed in XSCF You cannot use the XSCF s self CA as an external CA for another system If no external CA and CA in intranet exists in your system environment use the self CA See Step b CA and Procedures The following are the settings procedures for each type of CA a Using the External CA or CA in Intranet 1 Create a web server private key for the XSCF 2 Make the Certificate Signing Request CSR by the XSCF 3 Request the issue of the certificate for the CSR to the CA 4 Import a web server certificate signed by CA to the XSCF Chapter 2 Setting Up XSCF 2 113 5 Enable https For Step 1 Step 5 above specify each option using the sethttps 8 command Also when using the XSCF Web select the appropriate items for eac
462. the configuration XSCF LAN Takeover IP address and netmask Display host Displays a host name and the host name showhostname name informations A Fully Qualified Domain Name FQDN can be displayed Chapter 2 Setting Up XSCF TABLE 2 2 Network Configuration Continued Item Description Shell Command Remarks Host Sets a host name and a domain name for the sethostname No default setting name domain XSCF Unit has been specified name FQDN cannot be specified for the host name A host name can be specified up to 64 characters A domain name can be specified up to 254 characters with the host name included with label elements delimited by a period A label element can contain alphanumeric characters a to z A to Z 0 to 9 hyphen and period Each label element must always begin with an alphabetic character and end with an alphanumeric character However you cannot use a period in a host name Display route Displays the XSCF routing environment as showroute follows Network interface see TABLE 2 1 Destination IP address Gateway netmask Flags The meanings of the Flags are as follows U route is up H target is a host G use gateway R reinstate route for dynamic routing C cache entry reject route Add delete Adds a route to or deletes a route from an setroute The setting of route XSCF network interface routing information Specify the following in each inte
463. the connection between a PC and workstation see the Installation Guide for your server The following is the procedure for connecting to a terminal using telnet via the XSCF LAN port 1 Confirm that the LAN cable is inserted into the XSCF LAN port connector on the front of the XSCF Unit or confirm that the PC and workstation to be used are correctly connected 2 On the PC or workstation to be used use one of the following procedures a Connecting the XSCF Shell terminal Chapter 3 Connecting to the XSCF and the Server 3 9 31 7 3 10 FIGURE 3 3 Example of Starting the Terminal Emulator connect host name 192 168 0 2 port 23 id terminal type vt100 connect cancel a To establish a telnet connection activate the terminal emulator and specify the IP address of XSCF and port number 23 In the systems with redundant XSCF Units specify the IP address of active XSCF b Enter a user account and password to login to the XSCF Shell c Confirm that the XSCF Shell prompt XSCF gt is displayed d The XSCF Shell can now be used a Connecting the domain console OS console a If the domain is powered off use the poweron 8 command for the domain on the XSCF Shell terminal and turn it on to start the Oracle Solaris OS b Follow Step a to Step c in the above Connecting the XSCF Shell terminal c Perform the console 8 command d Confirm the change into the specified domain console Switching Betwee
464. the corresponding group name from the Active Directory server Each group has privileges associated with it which are configured on the XSCF A user s group membership is used to determine the user s privileges once authenticated TABLE 2 8 lists setting items and the corresponding shell commands Active Directory Administration Item Description Shell command Remarks Display the status of Active Directory Enable disable the use of Active Directory Display Active Directory server Active Directory server port Enable disable DNS locator mode Display DNS locator query DNS locator query Displays the current setting of Active Directory such as enabled disabled DNS locator mode and so on Enables or disables the use of an Active Directory server for managing authentication and privilege Display the primary and up to five alternate Active Directory servers Sets an IP address or a port number of the primary and up to five alternate Active Directory servers Specify IP addresses or host names for the addresses If you specify a host name for an Active Directory server the server name must be resolvable by DNS server Enables or disables the DNS locator mode Display up to five DNS locator query Configures the DNS locator query The DNS locator query is used to query DNS server to determine the Active Directory server to use for user authentication showad setad
465. the domain is powered off Caution IMPORTANT See the following paragraphs for important information about the domain power off procedure m When Oracle Solaris OS of the domain is being booted the power cannot be turned off After Oracle Solaris OS booting is completed execute the powerof 8 command again a When Oracle Solaris OS of the domain is running in single user mode the power cannot be turned off using the poweroff 8 command Execute the shutdown 1M command on the domain Note that when Oracle Solaris OS of the domain is running domain power off shutdown i5 or equivalent is required Also even if a system abnormality like a fan or temperature abnormality is detected while the Oracle Solaris OS is being booted or the system is running in single user mode there may be cases where the power cannot be turned off An Oracle Solaris OS shutdown is not executed In such cases immediately perform the procedure above Sending a Domain Panic Request Command operation 1 Use the showdomainstatus 8 command to check the power status of the domain to which a panic instruction is to be issued XSCF gt showdomainstatus a DID Domain Status 00 Running 01 Running 02 Running 03 Running 2 Use the reset 8 command to issue a panic instruction to the specified domain Chapter 4 Operation of the Server 4 17 lt Example gt Issue a panic instruction to the specified domain XSCF
466. the separate memory units improves data security TABLE 2 30 lists the settings and the corresponding shell commands TABLE 2 30 System Board Configuration Item Description Shell Command Remarks Display XSB Displays information on dividing a PSB into XSBs and showfru division memory mirror mode information memory mirror mode information XSB division Sets one of the following PSB type setupfru e Divide as one unit not divided Uni XSB e Divide as four units Quad XSB Memory Enables or disables the memory mirroring Mirroring is mirror mode e Enable mirroring disabled by e Disable mirroring default Note 1 Add device The device such as a system board is added addfru Note 2 Chapter 2 Setting Up XSCF 2 175 TABLE 2 30 System Board Configuration Continued Item Description Shell Command Remarks Delete device The device such as a system board is deleted deletefru Note 2 Replace device The device such as a system board is replaced replacefru Note 2 Diagnosis Diagnose the system board testsb The specified system board must be unconfigured from the domain or the domain in which the system board is configured must be powered off Note 1 Memory mirroring requires twice the amount of memory domain used for operation If the PSB is a Quad XSB type in M8000 M9000 servers memory mirroring cannot be used In M4000 M5000 servers memory mirroring can be used regardless of whether the s
467. the showdomainmode 8 command to specify the CPU operational mode XSCF gt showdomainmode d 0 Host ID 0 010f10 Diagnostic Level max Secure Mode on Autoboot on CPU Mode sauto 2 188 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 3 Use the setdomainmode 8 command to set the CPU operational mode lt Example gt Specify SPARC64 VI compatible mode for CPU operational mode of domain ID 0 XSCF gt setdomainmode d 0 m cpumode compatible Diagnostic Level max gt Secure Mode on gt Autoboot on gt CPU Mode auto gt compatible The specified modes will be changed Continue y nl y configured Diagnostic Level max Secure Mode on host watchdog available Break signal non receive Autoboot on autoboot on CPU Mode compatible 4 Use the showdomainmode 8 command to confirm that the CPU Mode is compatible Note Restart the domain to apply the settings to the domain You may set the initial diagnostic level enable or disable the host watchdog function break signal automatic boot and CPU operational mode Chapter 2 Setting Up XSCF 2 189 2 2 16 Locale Administration Locale administration is used to set the XSCF Shell default locale TABLE 2 35 lists setting items and the corresponding shell commands TABLE 2 35 Locale Administration Item Description Shell Command Remarks Display locale Displays the locale of XSCF Shell showloc
468. the system is initially set up the user must specify the IP address for internal LAN routes In the M8000 M9000 servers up to 33 IP addresses are usually specified four for XSCF LAN ports two for the ISN two for the Takeover IP addresses and up to 25 for DSCP on both the XSCF and domain sides In the M4000 M5000 servers up to seven IP addresses are usually specified two for XSCF LAN ports and up to five for DSCP on both the XSCF and domain sides In the M3000 server up to four IP addresses are usually specified two for XSCF LAN ports and two for DSCP on both the XSCF and domain sides Caution IMPORTANT If the XSCF Unit is redundant issue the commands to setup all XSCF on only the Active XSCF Unit The command need not be executed on both Active and Standby XSCF Units The XSCF setting cannot be performed on the standby side Chapter 2 Setting Up XSCF 2 19 XSCF network interface configuration The XSCF network interface includes the following m LAN XSCF LAN for users to access to XSCF m LAN ISN for the communication between XSCF Units M8000 M9000 servers only m LAN DSCP for the communication between XSCF and each domain FIGURE 2 1 shows the network interface which is required for the XSCF and domain network configuration 2 20 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 FIGURE 2 1 Network Interface Required for XSCF Network Configuration In the High End Servers Server Do
469. ther XSCF automatically sets firmware versions to match each other as follows a When power to a domain is turned on the versions on the system boards in the domain are automatically set to match each other m When a system board is moved to a domain by the DR function the version on the board is automatically matched to the version in the destination domain m When a maintenance component is replaced or added the version is automatically matched to the version of the firmware currently running 8 1 10 Firmware Update Procedure TABLE 8 2 outlines the firmware update tasks Detailed descriptions are provided at the link destinations of each task item Note Depending on the XCP version and system configuration firmware update procedures and requirements might be slightly different For information about specific firmware update procedures and requirements refer to the Product Note about your server Chapter 8 Upgrade of XSCF Firmware and Maintenance 8 11 TABLE 8 2 Firmware Update Tasks Firmware Update Task Item Outline Task time Updating XCP From the Network Updating XCP From External Media When the XCP file is copied onto external media such as a CD ROM Confirming That the OpenBoot PROM Firmware is Updated When a CMU MBU Is Added or Replaced Obtain the XCP files from the appropriate web site and use XSCF to import XCP Use XSCF Web or the XSCF Shell for the firmware update Rebo
470. thout specific prior permission and notice be given in supporting documentation that copying and distribution is by permission of Roaring Penguin Software Inc representations It is provided the as is Roaring Penguin Software Inc makes no about suitability of this software for any purpose without express or implied warranty Copyright C 1995 1996 1997 1998 Lars Fenneberg lt 1 elemental net gt Permission to use copy modify and distribute this software for any purpose and without fee is hereby granted provided that this copyright and permission notice appear on all copies and supporting documentation the name of Lars Fenneberg not be used in advertising or publicity pertaining to distribution of the program without specific prior permission and notice be given in supporting documentation that copying and distribution is by permission of Lars Fenneberg Lars Fenneberg makes no representations about the suitability of this software for any purpose It is provided as is without express or implied warranty Copyright 1992 Livingston Enterprises Inc Livingston Enterprises Inc 6920 Koll Center Parkway Pleasanton CA 94566 Permission to use copy modify and distribute this software for any purpose and without fee is hereby granted provided that this copyright and permission notice appear on all copies and supporting documentation the name of Livingston Enterprises Inc not be used in advertising or publi
471. through the XSCF in a console log A console log is collected as one entry for each line feed code In some cases console logs may be called console message logs Specify the console option on the XSCF Shell and perform the showlogs 8 command to reference console logs The following items are displayed m Domain ID DomainID m Time at which each console log was collected Date This is indicated in local time m Console message Message Appendix B XSCF Log Information B 9 B 4 4 B 4 5 Panic Log Using the showlogs 8 Command to Reference Panic Logs In case of panic a console message is output to the domain console This console message is collected by the XSCF firmware in a panic log In some cases panic logs may be called panic message logs Specify the panic option on the XSCF Shell and perform the showlogs 8 command to reference panic logs The following items are displayed m Domain ID DomainID m Time at which each panic log was collected Date This is indicated in local time m Panic message Message IPL Log Using the showlogs 8 Command to Reference IPL Logs After the domain power supply is turned on console messages are output to the domain console until the running status is set These console messages are collected by the XSCF firmware in an IPL log In some cases IPL logs may be called IPL message logs Specify the ipl option on the XSCF Shell and perform the showlogs 8 command to reference IPL lo
472. through the serial port to log in to the XSCF Shell and check the XSCF LAN settings using the shownetwork 8 command The Console of the XSCF Shell or the Domain Console was Suddenly Disconnected Someone may perform the applynetwork 8 and rebootxscf 8 commands after the setnetwork 8 setroute 8 sethostname 8 and setnameserver 8 commands were executed or the flashupdate 8 command may have been executed To use the XSCF establish another connection and log in to the system again Someone may have used the setdate 8 command or the switchscf 8 command To use the XSCF establish another connection and log in to the system again If the XSCF Shell is not used during the specified length of time after login it automatically terminates itself This forced termination occurs when the specified period has elapsed only if the time monitoring function is enabled and a length of time is specified for this function in the XSCF settings n When the escape character Example set by client and period keys are entered the Oracle Solaris Secure Shell or SSH client of OpenSSH is disconnected If the setting of escape character is the same in the Oracle Solaris Secure Shell SSH client and console 8 command the terminal is disconnected So please change the value of either setting For more information see the manual for SSH Client Could Not Power On or Off the Server In operation with a user privilege other than the
473. tion Function Remarks LDAP server display and registration Certificate display and importation Displays and configures the LDAP server when XSCF is as an LDAP client This function is equivalent to the showldap 8 and setldap 8 commands Displays and import an LDAP server certificate This function is equivalent to the showldap 8 and setldap 8 commands Note In the setting of the LDAP server on XSCF Web you can enter up to 128 characters To set 129 characters or more use XSCF Shell 9 20 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 9 14 lists the functions for configuring LDAP SSL Select Settings LDAP SSL in the Menu tree TABLE 9 14 LDAP SSL Configuration Function Remarks LDAP SSL server display and configuration When XSCF is as an LDAP SSL client enable and disable the LDAP SSL Displays and configures an LDAP SSL server modes timeout piriod log default settings and so on This function is equivalent to the showldapss1 8 and setldapss1 8 commands User map display and configuration Displays and configures a user map This function is equivalent to the showldapss1 8 and setldapss1 8 commands Certificate display and configuration Displays loads and removes an LDAP SSL server certificate This function is equivalent to the showldapss1 8 and setldapss1 8 commands Defaultrole display and configuration Displays and configures pri
474. tions and to alter it and redistribute it freely subject to the following restrictions 1 The origin of this software must not be misrepresented you must not claim that you wrote the original software If you use this software ina product an acknowledgment in the product documentation would be appreciated but is not required 2 Altered source versions must be plainly marked as such and must not misrepresented as being the original software 3 This notice may not be removed or altered from any source distribution 4 This is derived from material copyright RSA Data Security Inc Their notice is reproduced below in its entirety Copyright C 1991 2 RSA Data Security Inc Created 1991 All rights reserved License to copy and use this software is granted provided that it is identified as the RSA Data Security MD4 Message Digest Algorithm in all material mentioning or referencing this software or this function Inc License is also granted to make and use derivative works provided that such works are identified as derived from the RSA Data Security Inc MD4 Message Digest Algorithm in all material mentioning or referencing the derived work RSA Data Security Inc makes no representations concerning either the merchantability of this software or the suitability of this software for any particular purpose It is provided
475. titute patent litigation against any entity including a cross claim or counterclaim in a lawsuit alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed 4 Redistribution You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium with or without modifications and in Source or Object form provided that You meet the following conditions a You must give any other recipients of the Work or Derivative Works a copy of this License and b You must cause any modified files to carry prominent notices stating that You changed the files and c You must retain in the Source form of any Derivative Works that You distribute all copyright patent trademark and attribution notices from the Source form of the Work excluding those notices that do not pertain to any part of the Derivative Works and d distribution If the Work includes a NOTICE text file as part of its then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file excluding those notices that do not pertain to any part of the Derivative Works in at least one of the following places within a NOTICE text file distributed as part of the Derivative Works within t
476. to the domain places it in the pool state These are the DR functions e If the XSB is placed in the assign state a reboot or the addboard 8 command with configure specified at the domain of the move destination would add the XSB e If the XSB is placed in the reserve reserve movement state turning off power to the domain places it in the pool state Turning on power to the move destination adds the XSB These are the DR functions see Note Note For details on using DR functions see the Dynamic Reconfiguration User s Guide Chapter 2 Setting Up XSCF 2 163 Displaying the XSB Status By referring to the XSB status of a domain the user obtains information about an XSB such as whether its has been assigned and whether it has been recognized by the Oracle Solaris OS Such information also includes the current process and state of the XSB and whether it was added or deleted successfully The procedure for displaying status information is shown below To display the domain partitioning status see Section 2 2 14 System Board Configuration on page 2 175 In the M3000 server only the following number is displayed domain ID is 00 XSB is 00 0 and LSB is 00 Command operation Use the showboards 8 command to display XSB status information lt Example 1 gt Display all XSB status information XSCF gt showboards va XSB R DID LSB Assignment Pwr Conn Conf Test Fa
477. to notify the server fault or status The monitoring message is output by using the showmonitorlog 8 command and retained as log information in a monitor message log or XSCF error log in the XSCF The showlogs 8 command of the XSCF Shell can be used to display the monitoring message and XSCF error log for more detailed investigation Authorized service personnel use the DIAGCODE output in the message to acquire detailed information Note Monitoring messages are overwritten beginning with the oldest message When the XSCF Unit is redundant monitoring messages output by the XSCF Unit on the active side are also managed on the standby side Even after the XSCF Unit is switched the monitoring messages on the previously active side can be referenced m Other notice message In addition to the messages above there is a notification message displayed on the domain console when power off or reset processing is performed normally or an event occurs A 2 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 A 2 Messages in Each Function This section explains each Oracle Solaris OS and XSCF function by which the user can recognize status notification or fault information in the server including messages Recognizing Status Notification or Fault Information by a Message on the Domain Console 1 The user recognizes status notification or fault information in a console message such as a syslog message and FMA message
478. trap when a part fault has occurred in the system Chapter 7 XSCF SNMP Agent Function 7 5 TRAP agent 10 123 223 18 community generic 6 enterprise enterprises 42 2 195 1 7 specific 1 timestamp 754201501 varbind enterprises 42 2 195 1 1 1 2 36 51 101 49 52 53 52 53 50 45 54 53 52 57 45 52 97 55 101 45 57 97 99 52 45 49 100 55 52 98 101 49 57 53 98 56 52 2 36 0 3e145452 6549 4a7e 9Yac4 1d74be195b84 enterprises 42 2 195 1 1 1 3 36 51 101 49 52 53 52 53 50 45 54 5 3 52 57 45 52 97 55 101 45 57 97 99 52 45 49 100 55 52 98 101 49 57 53 98 56 5 2 2 11 0 FMD 8000 11 enterprises 42 2 195 1 1 1 4 36 51 101 49 52 53 52 53 50 45 54 53 52 57 45 52 97 55 101 45 57 97 99 52 45 49 100 55 52 98 101 49 57 53 98 56 52 2 54 0 http xxxx com sparcenterprise msg FMD 8000 11 In the example above the following items are displayed m agent address The IP address of the XSCF which sent trap TRAP agent a community Community string community m generic trap type Standard Trap number generic m enterprise ID The object ID which identifies equipment classification enterprise m specific trap type Extension Trap number specific m time stamp Time of sending trap on the basis of a XSCF SNMP agent starting The unit is 10ms timestamp m variable bindings Provides additional information about the trap The UUID MSG ID and message site might be included For details about the UUID MSG ID and message site see A
479. tsnmp addtraphost t v1 s public host1 3 Confirm the SNMPv1 and SNMPv2c trap settings XSCF gt showsnmp Chapter 2 Setting Up XSCF 2 139 Disabling Traps to the Target Host of SNMPv1 SNMPov2c Command operation 1 Use the showsnmp 8 command to display SNMP settings XSCF gt showsnmp 2 Use the set snmp 8 command to disable the trap destination host of the SNMPv1 or SNMPv2c target lt Example gt Disables trap host for SNMPv2c type XSCF gt setsnmp remtraphost t v2 host2 3 Use the showsnmp 8 command to confirm the disabling of the target the trap destination host XSCF gt showsnmp Initializing the SNMP Setting to the Default Value Command operation 1 Use the showsnmp 8 command to display SNMP settings XSCF gt showsnmp 2 Use the setsnmp 8 command to change the SNMP settings back to the default At this time the SNMP agent becomes disabled XSCF gt setsnmp default 3 Use the showsnmp 8 command to confirm that the SNMP setting returned to the default XSCF gt showsnmp 4 Set the SNMP again and enable the SNMP agent XSCF gt setsnmp enable 2 140 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 5 Confirm the SNMP settings XSCF gt showsnmp Note When you changed the SNMP settings back to the default if the Sun Management Center Sun MC is being used
480. ttings from the Reserve menu Route display and configuration Displays the current routing and configures the routing This function is equivalent to the showroute 8 and setroute 8 commands You can confirm the settings from the Reserve menu DNS display and configuration Displays the current name server and search path and configures the name server and the search path This function is equivalent to the shownameserver 8 and setnameserver 8 commands You can confirm the settings from the Reserve menu 9 16 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 TABLE 9 10 Network Configuration 2 of 2 Menu Function Remarks Reserve XSCF network configuration information display and configuration Route configuration information display and configuration DNS configuration information display and configuration Apply network settings Displays the XSCF network configuration information This function is equivalent to the applynetwork 8 command Also this function sets each host name domain name IP address netmask and enabling disabling of the XSCF network interface This function is equivalent to the setnetwork 8 and sethostname 8 commands Displays the route configuration information This function is equivalent to the applynetwork 8 command Also this function configures the routing This function is equivalent to the setroute 8 command Displays the nam
481. turned off The XIR was reset The domain was reset Factor by which the power event was instructed Cause The causes and their meanings are as follows Cause Self Reset Power On System Reset Meaning Self resetting of the XSCF reset the XSCF Turning on the input power supply reset the XSCF The detection of an error reset the XSCF SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Panel Operating a switch on the operator panel caused a power event Scheduled Setting the TOD timer caused a power event RCI The I O device connected to the RCI caused a power event Pow Fail Recov Power recovery turned on the power supply Operator An operator s instruction caused a power event Pow Fail Recov A power interruption cut off the power supply SW Request An Oracle Solaris OS instruction caused a power event Alarm The server environment or a hardware fault caused a power event Fatal Fatal caused a power event Panic Panic caused a power event Domain ID for power event DID Mode switch status on the operator panel Switch The following lists the switches and their meanings Switch status Meaning Locked The mode switch is locked Service The mode switch is in service B 3 Event Log When an event occurs in the server such as when the system status changes the configuration is changed the operator panel operated or an event was sent to the Oracle Solaris OS in
482. u wish to incorporate parts of the Program into other free programs whose distribution conditions are different write to the author to ask for permission For software which is copyrighted by the Free Software Foundation write to the Free Software Foundation we sometimes make exceptions for this Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally NO WARRANTY 11 BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE THERE IS NO WARRANTY FOR THE PROGRAM TO THE EXTENT PERMITTED BY APPLICABLE LAW EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND OR OTHER PARTIES PROVIDE THE PROGRAM AS IS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESSED OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU SHOULD THE PROGRAM PROVE DEFECTIVE YOU ASSUME THE COST OF ALL NECESSARY SERVICING REPAIR OR CORRECTION 12 IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER OR ANY OTHER PARTY WHO MAY MODIFY AND OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE BE LIABLE TO YOU FOR DAMAGES INCLUDING ANY GENERAL SPECIAL INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM INCLUDING BUT NOT LIMITED TO LOSS OF DATA O
483. ual SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Saving the Configuration Information to a Specified Target Directory Over a Network Command operation 1 Perform the dumpconfig 8 command specifying the target directory XSCF gt dumpconfig ftp server backup backup sca ff2 16 txt 2 When the data transfer is complete confirm the identification data in the head of the saved configuration file Note For detail of dumpconfig 8 command including how to enable encryption see the man page or the XSCF Reference Manual The form of the saved configuration file is as follows File name User specification File format Text encoded in base64 encoding The following is the procedure for restoring configuration information Restoring the Configuration Information by Connecting the USB Device for Exclusive Use to the Panel of the XSCF Unit Note To view XSCF messages in the following procedure connect a serial connection terminal to the XSCF Unit Command operation 1 Power off all domains 2 Connect a USB device containing the saved configuration file to the USB connector mounted on the XSCF Unit panel Chapter 2 Setting Up XSCF 2 197 2 198 3 Perform the restoreconfig 8 command and specify the local USB device on the XSCF Unit for the input file XSCF gt restoreconfig file media usb_msd backup file txt Configuration backup created on Tue Jul 19
484. uary 2012 Creating a Web Server Certificate by Constructing the Self CA Command operation 1 Use the sethttps 8 command to create a self signed web server certificate by specifying the DN lt Example gt Specify the DN JP Kanagawa Kawasaki Example Development scf host abc example com XSCF gt sethttps c selfsign JP Kanagawa Kawasaki Example Development scf host abc example com CA key and CA cert already exist Do you still wish to update y n Y Enter passphrase XXXXXXXX Verifying Enter passphrase Xxxxxxxxx 2 Use the showhttps 8 command to confirm the generated web server certificate XSCF gt showhttps HTTPS status disabled Server key installed in Jul 11 06 33 25 UTC 2006 CA key installed in Jul 11 06 33 21 UTC 2006 CA cert installed in Jul 11 06 33 21 UTC 2006 CSR BEGIN CERTIFICATE REQUEST MIIByzCCATQCAQAwgYoxC zAJUBgNVBAYTAkpQMREWDWYDVQQIEWhLYW5hZ2F3YTER MA8GA1UEBxMIS2F3 YXNha2kxEDAOBgNVBAOTBO0ZVSk1UU1LUxDDAKBgNVBASTAO0VQ uni n3g2 F5Ftnjg M4Ht zT6VwEhGO1FGP41ImqkKg soe END CERTIFICATE REQUEST 3 Use the sethttps 8 command to enable https XSCF gt sethttps c enable 4 Use the rebootxsc 8 command to reset the XSCE XSCF gt rebootxscf The XSCF will be reset Continue y n y m After the XSCF reset the XSCF session is disconnected Please log in again to the XSCF Chap
485. ult COD 00 0 00 00 Assigned y y y Passed Normal n 00 1 00 01 Assigned y y y Passed Normal n 00 2 02 02 Assigned y y n Passed Normal n 00 3 03 03 Assigned y y n Passed Normal n 01 0 01 01 Assigned y y y Passed Normal n 01 1 01 02 Assigned y y y Passed Normal n 01 2 02 06 Assigned y y n Passed Normal n 01 3 03 07 Assigned y y n Passed Normal n lt Example 2 gt Display detailed information about XSB 00 0 XSCF gt showboards v 00 0 XSB R DID LSB Assignment Pwr Conn Conf Test Fault COD 00 0 00 00 Assigned y y y Passed Normal n lt Example 3 gt Display XSB information about pooled XSBs and domain ID 0 XSCF gt showboards c sp d 0 XSB DID LSB Assignment Pwr Conn Conf Test Fault 00 0 SP Assigned n n n Passed Normal 2 164 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Displaying or Specifying DCL Information Command operation 1 Use the showdc1 8 command to display DCL information lt Example gt Display DCL information on domain ID 2 XSCF gt showdcl v d 2 DID LSB XSB Status No Mem No IO Float Cfg policy 02 Powered Off System 00 00 0 False False False 01 15 2 Use the setdc1 8 command to specify DCL information lt Example 1 gt In domain ID 2 specify XSB 01 0 for an LSB 07 system for the configuration policy false for Omit memory option false for Omit I O option XSCF gt setdcl d 2 a XSCF gt setdcl d XSCF gt setdcl d XSCF gt s
486. um length of account deleteuser a user account is 31 characters Password Sets a user account password password e Specify whether to use a specific number of days or specific date for the account validity period Or specify no expiration Specify the following for the password Note e Maximum number of days in the password validity period up to 999999999 days e Minimum number of days in the password validity period minimum 0 days e Password expiration warning date seven days in advance by default e Number of days in which the account remains unlocked after expiration of the password minimum 0 days or no limit Change user Assigns a user privilege to a user setprivileges Multiple user privileges privilege can be assigned to one user Enable Enables or disables a user account enableuser disable user disableuser account Display Displays a password policy showpassword po password policy licy Chapter 2 Setting Up XSCF 2 37 TABLE 2 4 User Account Administration Continued Item Description Shell Command Remarks Password policy Sets a password policy as described below e Minimum number of days that must elapse before the password can be changed Mindays e Maximum number of days that the password is valid Maxdays e Number of days preceding password expiration for the first warning Warn e Number of days in which the account remains unlocked after password expiration Inactive
487. up Summary by the XSCF Shell on page 2 3 6 Confirm the XSCF host public key Same as Step 6 in Section 2 1 1 Setup Summary by the XSCF Shell on page 2 3 7 Install the user public key Same as Step 7 in Section 2 1 1 Setup Summary by the XSCF Shell on page 2 3 8 Configure the network Same as Step 8 in Section 2 1 1 Setup Summary by the XSCF Shell on page 2 3 9 Make the https settings e Enable or disable the https sethttps 8 e Import the web certificate See Section 2 2 8 Https Administration on page 2 113 To enable https the XSCF reset is required Reset the XSCF by using the rebootxsc 8 command After the XSCF reset the XSCF session is disconnected Log in again to the XSCF m Change to the XSCF LAN connection when you connect the serial cable Chapter 2 Setting Up XSCF 2 13 10 Establish a connection to XSCF and log in from a web browser m Specify the host name or the IP address of the XSCF during the network configuration in a web browser running on a PC with an XSCF LAN port used to establish a connection to the XSCF lt Web browser screen image gt URL https 192 168 111 111 The IP address of XSCF is input by number Alternatively https XSCF host name Not the host name of a domain This screen image is an example and differs from the actual screen display Note The web browser window for the XSCF Web is called the XSCF Web conso
488. user authentication Active Directory provides both authentication of user credentials and authorization of the user access level to networked resources Active Directory uses authentication to verify the identity of users before they can access system resources and to grant specific access privileges to users in order to control their rights to access networked resources User privileges are either configured on XSCF or learned from a server based on each user s group membership in a network domain A user can belong to more than one group User domain is the authentication domain used to authenticate a user Active Directory authenticates users in the order in which the users domains are configured Once authenticated user privileges can be determined in the following ways m In the simplest case user s privileges are determined directly through the Active Directory configuration on the XSCF There is a defaultrole parameter for Active Directory If this parameter is configured or set all users authenticated via Active Directory are assigned privileges set in this parameter Setting up users in an Active Directory server requires only a password with no regard to group membership Chapter 2 Setting Up XSCF 2 49 TABLE 2 8 m If the defaultrole parameter is not configured or set user privileges are learned from the Active Directory server based on the user s group membership On XSCF the group parameter must be configured with
489. uses on the external interface which has relevance to XSCF Unit For details about the other units or interfaces of the rear panel and the mounting location of XSCF Unit see the SPARC Enterprise M3000 Server Overview Guide and the SPARC Enterprise M3000 Server Service Manual Chapter 1 XSCF Overview 1 3 FIGURE 1 1 Outline Drawing of the Rear Panel In the Entry level Server OF yo OF 3 Yao 4 6 Rear panel 11 Number Description Number Description 1 RCI port 7 ACT LED 2 USB port 8 LAN 1 port XSCF LAN 1 port 3 READY LED 9 LAN 0 port XSCF LAN O0 port 4 CHECK LED 10 UPC 1 port 5 Serial port 11 UPC 0 port 6 Link Speed LED RCI Port When connecting a peripheral device with an RCI connector to the server the RCI port is used for interlocking with a power supply and error monitoring 1 4 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Note To use the RCI function peripheral devices with the RCI connector and the server on which the RCI function is supported are required For the information whether the RCI function is supported on your server see the SPARC Enterprise M3000 M4000 M5000 M8000 M9000 Servers Product Notes USB Port The USB port type A is used to connect a USB device The port is compatible with USB 1 1 The port can be used by a system
490. uses the XSCF default user account Before an appropriate user account for the user environment is created log in with the following default user account and password a Default user account default The user privileges are useradm platadm m Default password The default password is not input directly on the keyboard Instead after the default user account is input the mode switch of the operator panel is operated as follows a If Locked change to Service Or if Service change to Locked b Press return Keep the status for more than 5 seconds c Change to Locked Or change to Service d Press return This mode switch operation is done within one minute When one minute is passed the authentication timeout occurs a To begin the configuration connect the XSCF Shell over a serial connection using any terminal software The shell can be used immediately following connection to the serial port lt Terminal screen image gt login a Log in with the default user account Follow the instructions to change the mode switch of the operator panel and operate the mode switch within one minute Chapter 2 Setting Up XSCF 2 3 2 4 login default Change the panel mode switch to Service and press return Operation Locked state gt Service gt Return Leave it in that position for at least 5 seconds Change the panel mode switch to Locked and press return Operation Wait more than 5 secon
491. ve tape information for an IOUA port drive unit setting information DVD Sets the target IOUA port for connecting or cfgdevice In the system with drive tape disconnecting DVD drive and tape drive units expansion cabinet drive unit Note the IOUA port Specify the following number is specified one per e Connect disconnect e IOUA port number I O unit number IOUA number I O unit number 0 7 basic cabinet 8 15 expansion cabinet cabinet Note After the drive units are used for a domain even if domain configuration is changed and CPU Memory Board unit or the I O unit is replaced the settings of the IOUA port number are valid Chapter 2 Setting Up XSCF 2 193 Changing the DVD Drive Tape Drive Unit Settings Command operation 1 Use the cfgdevice 8 command to display DVD drive tape drive unit settings lt Example gt Display DVD drive tape drive unit setting information XSCF gt cfgdevice 1 Current connection for DVD DAT Main chassis port 0 2 Expansion chassis port 8 0 Expander status Port No IOU SAS status SAS status 0 0 enable up enable up 0 2 disable down enable up 0 4 disable down enable up 0 6 disable down enable up 1 0 disable down enable up 1 2 disable down enable up 1 4 disable down enable up 1 6 disable down enable up 2 0 disable down enable up 2 Use the cf gdevice 8 command to change the DVD drive tape drive unit settings lt Example 1 gt Specif
492. vers Getting Started Guide SPARC Enterprise M8000 M9000 Servers Getting Started Guide SPARC Enterprise M3000 Server Overview Guide SPARC Enterprise M4000 M5000 Servers Overview Guide SPARC Enterprise M8000 M9000 Servers Overview Guide SPARC Enterprise M3000 M4000 M5000 M8000 M9000 Servers Important Legal and Safety Information xiv SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Related SPARC Enterprise M3000 M4000 M5000 M8000 M9000 Servers Documents SPARC Enterprise M3000 Server Safety and Compliance Guide SPARC Enterprise M4000 M5000 Servers Safety and Compliance Guide SPARC Enterprise M8000 M9000 Servers Safety and Compliance Guide External I O Expansion Unit Safety and Compliance Guide SPARC Enterprise M4000 Server Unpacking Guide SPARC Enterprise M5000 Server Unpacking Guide SPARC Enterprise M8000 M9000 Servers Unpacking Guide SPARC Enterprise M3000 Server Installation Guide SPARC Enterprise M4000 M5000 Servers Installation Guide SPARC Enterprise M8000 M9000 Servers Installation Guide SPARC Enterprise M3000 Server Service Manual SPARC Enterprise M4000 M5000 Servers Service Manual SPARC Enterprise M8000 M9000 Servers Service Manual External I O Expansion Unit Installation and Service Manual SPARC Enterprise M3000 M4000 M5000 M8000 M9000 Servers Administration Guide SPARC Enterprise M3000 M4000 M5000 M8000 M9000 Servers XSCF User s Guide SPARC Enterprise M3000 M4000 M5000 M8000 M9000 Servers
493. vileges for all users authenticated via LDAP SSL This function is equivalent to the showldapss1 8 and setldapss1 8 commands Alternative servers display and configuration Displays and configures up to five alternate LDAP SSL servers This function is equivalent to the showldapss1 8 and setldapss1 8 commands Groups display and configuration Displays and configures administrator groups operator groups and custom groups This function is equivalent to the showldapss1 8 and setldapss1 8 commands Userdomain display and configuration Displays and configures up to five user domains This function is equivalent to the showldapss1 8 and setldapss1 8 commands Chapter9 Howto Use the XSCF Web 9 21 TABLE 9 15 lists the functions for configuring Active Directory Select Settings Active Directory in the Menu tree TABLE 9 15 Active Directory Configuration Function Remarks Active Directory server display and configuration Certificate display and configuration Defaultrole display and configuration Alternative servers display and configuration Groups display and configuration Userdomain display and configuration DNS locator query display and configuration When XSCF is as an Active Directory client enable and disable the Active Directory Displays and configures an Active Directory server modes timeout piriod log default settings and so on This function is equivalent to the showad 8 and
494. wldapss1l usermapmode enabled state enabled strictcertmode enabled timeout 10 logdetail trace Display the Diagnostic Messages and Clear the Log File a Command operation 1 Use the showldapss1 8 command to display the log detail level XSCF gt showldapss1l usermapmode enabled state enabled strictcertmode enabled timeout 10 logdetail trace 2 Use the showldapss1 8 command to display the diagnostic messages lt Example gt Displays diagnostic messages in real time XSCF gt showldapssl log f Mon Nov 16 14 47 53 2009 LdapSSL module loaded OPL Mon Nov 16 14 47 53 2009 LdapSSL error authentication status auth ERROR Mon Nov 16 14 48 18 2009 LdapSSL module loaded OPL 3 Use the set 1dapss1 8 command to clear the log file of diagnostic messages XSCF gt setldapssl1 log clear Warning About to clear log file Continue y n y SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Change the LDAP SSL Settings Back to the Default Command operation 1 Use the showldapss1 8 command to display the LDAP SSL settings XSCF gt showldapss1l usermapmode enabled state enabled strictcertmode enabled timeout 10 logdetail trace 2 Use the setldapss1 8 command to change the LDAP SSL setting back to the default XSCF gt setldapssl default y Warning About to reset settings to default C
495. wlogs 8 to display the message ID MSG ID The information can be confirmed by accessing the specified URL according to the displayed message ID MSG ID Authorized service personnel use the DIAGCODE Code output in the message to acquire more detailed information 5 Repair the fault according to the processing recommended by the information provided on the specified URL Appendix A Warning and Information Messages A 5 A 6 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 APPENDIX B XSCEF Log Information This appendix explains the following XSCF log information that can be referenced using the XSCF Shell showlogs 8 command on the XSCF console The log types that can be referenced by the showlogs 8 command are shown below See TABLE 8 3 for an outline of each log its size and generation number m XSCF Error Log m Power Log m Event Log m Monitor Message Log m Temperature and Humidity History Log Console Log m Panic Log IPL Log The logs that can be referenced by the showaudit 8 showad 8 showldapss1 8 and showcodactivationhistory 8 commands are shown below m Audit Log a Active Directory Log a LDAP SSL Log a COD Activation Log B 1 XSCF Error Log To reference the log related to a status notification or a fault information that occurred in the server use these two commands m showlogs 8 error option B 1 m fmdump 8 The showlogs 8 error option displays fault
496. x000 Servers XSCF User s Guide January 2012 Syntax of the Command Line Interface CLI The command syntax is as follows m A variable that requires input of a value must be put in Italics a An optional element must be enclosed in A group of options for an optional keyword must be enclosed in and delimited by Documentation Feedback If you have any comments or requests regarding this document go to the following websites m For Oracle users http www oracle com goto docfeedback Include the title and part number of your document with your feedback SPARC Enterprise M3000 M4000 M5000 M8000 M9000 Servers XSCF User s Guide part number E25381 01 m For Fujitsu users http www fujitsu com global contact computing sparce_index html Preface xvii xviii SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 CHAPTER 1 XSCF Overview This chapter provides an overview of the system monitoring and control facility eXtended System Control Facility or XSCF 1 1 XSCE Features The XSCF firmware is a system monitoring and control facility consisting of a dedicated processor Note 1 that is independent from the system processor While input power is supplied to the server the XSCF constantly monitors the server even if no domain is active The XSCF provides an interface between the user and the server The XSCF is the firmware running on the Service Processor in the server
497. y and you may at your option offer warranty protection in exchange for a fee 2 You may modify your copy or copies of the Program or any portion of it thus forming a work based on the Program and copy and distribute such modifications or work under the terms of Section 1 above provided that you also meet all of these conditions E a You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change b You must cause any work that you distribute or publish that in whole or in part contains or is derived from the Program or any part thereof to be licensed as a whole at no charge to all third parties under the terms of this License c If the modified program normally reads commands interactively when run you must cause it when started running for such interactive use in the most ordinary way to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty or else saying that you provide a warranty and that users may redistribute the program under these conditions and telling the user how to view a copy of this License Exception if the Program itself is interactive but does not normally print such an announcement your work based on the Program is not required to print an announcement These requirements apply to the modified work as a whole If identifiable sections of that work are not derived from the Program a
498. y must get an administrator to disable the account lockout to allow them to login and then re enable the lockout by setting a lockout time For more information see the setloginlockout 8 and showloginlockout 8 man pages Note The ability to specify and view the lockout period is supported in XCP1080 and later Chapter2 Setting Up XSCF 2 39 2 40 Adding or Deleting a User Account and Specifying a Password Command operation 1 Use the showuser 8 command to display all of the user account information See the description of the password policy in TABLE 2 4 XSCF gt showuser 1 User Name UID Status Minimum Maximum Warning Inactive Last Change Password Expires Password Inactive Account Expires Privileges user001 101 Enabled 0 99999 7 1 Jul 11 2006 Never Never Never platadm 2 Use the adduser 8 command to add a user account lt Example 1 gt Specify a user account name XSCF gt adduser jsmith lt Example 2 gt Specify a UID for a user account XSCF gt adduser u 359 jsmith If the XSCF is configured to use LDAP Active Directory or LDAP SSL for user account data the user name and UID if specified must not already be in use locally or in LDAP Active Directory or LDAP SSL Note You cannot use the following user account names as they are reserved for system use root bin daemon adm operator nobody sshd rpc rpcuser ldap
499. y the IOUA port number 0 0 for connecting XSCF gt cfgdevice c attach p 0 0 Are you sure you want to attach the device y n y Completed Reservation lt Example 2 gt Specify the IOUA port number 0 0 for disconnection XSCF gt cfgdevice c detach p 0 0 Are you sure you want to detach the device y n y Completed 3 Use the cfgdevice 8 command to display DVD drive tape drive unit settings Confirm the enabling disabling the specified IOUA number 2 194 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 23 Save and Restore XSCF Configuration Information To save restore the XSCF configuration information execute the dumpconfig 8 and the restoreconfig 8 command in the XSCF Shell When the command is executed with some options all XSCF configuration information is saved at the specified location and is restored from the specified location Note The saving and restoring functions of the XSCF configuration by XSCF Shell command are supported only on M3000 M4000 M5000 M8000 M9000 servers that run certain versions of XCP firmware beginning with XCP 1080 For specific information about these minimum firmware requirements see the latest version of the Product Notes no earlier than the XCP 1080 edition for your server The XSCF configuration information can be saved in the device and can be restored using one of the following two methods The configuration information can be saved
500. you configure the board into a domain the board is automatically matched to the version of target domain After rebooting the target domain the board is updated to new firmware version If the board is assigned into a domain after rebooting the target domain and the board is configured into the Oracle Solaris OS then the board is updated to new firmware version Chapter 8 Upgrade of XSCF Firmware and Maintenance 8 7 8 1 6 Features of XSCF Firmware Update The firmware update that is managed by XSCF has the following features a New firmware for a domain can be updated without stopping the domain To update the OpenBoot PROM firmware however the target domain must be rebooted so that the firmware can be applied m When a component is replaced the firmware is automatically updated However when a component is replaced in the state of input power off The cold replacement the firmware is not updated automatically m Even ina system consisting of multiple domains firmware in a domain can be updated to the latest firmware without affecting the other domains m Even if an error occurs during the update operation the firmware generation management mechanism which retains spare firmware can prevent firmware data destruction 8 1 7 Firmware Update Types and Timing The firmware update includes two types operator s update and automatic update automatic matching of versions In the M3000 server automatic update is not ava
501. ys configuration for administrator group XSCF gt showldapssl group administrator Administra name Administra name Administra name Administra name Administra name lt Example2 gt tor Group 1 none tor Group 2 none tor Group 3 none tor Group 4 none tor Group 5 none Displays configuration for operator group XSCF gt showldapssl group operator Operator Group 1 name none Operator Group 2 name none Operator Group 3 name none Operator Group 4 name none Operator Group 5 name lt Example3 gt none Displays configuration for custom group XSCF gt showldapssl group operator Custom Group 1 name roles Custom Group 2 name roles Custom Group 3 name roles Custom Group 4 name roles Custom Group 5 name roles none none none none none none none none none none SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 2 Use the setldapss1 8 command to set group name and privileges lt Examplel gt Sets administrator group 1 XSCF gt setldapssl group administrator i 1 name CN SpSuperAdmin OU Groups DC davidc DC example2 DC aCompany DC com lt Example2 gt Sets operator group 1 XSCF gt setldapssl group operator i 1 name CN OpGroup1 OU SCFTEST DC aplle2 DC local lt Example3 gt Sets custom group 1 XSCF gt setldapssl group custom i
502. ystem board information Note 4 In the M3000 server COD is not available After the XSCF is set up the settings are automatically saved in XSCF internally and in the operator panel Once you have configured the XSCF it requires no day to day management However you can save or restore the XSCF setup configuration information For details of saving or restoring XSCF configuration information see Section 2 3 Save and Restore XSCF Configuration Information on page 2 195 About Setup Flow The XSCF Shell or XSCF Web can be used to set up XSCF Each setting items and the step summary are explained in Section 2 1 1 Setup Summary by the XSCF Shell on page 2 3 and Section 2 1 2 Setup Summary Using the XSCF Web on page 2 12 Details on each step are provided in Section 2 2 Specifying the XSCF Settings on page 2 15 2 2 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 Zola l Setup Summary by the XSCF Shell This section describes the step summary of setup using the XSCF Shell This procedure contains examples of command usage and setting items For details on settings see the corresponding parts of Section 2 2 Specifying the XSCF Settings on page 2 15 Note Establish one to one communication between the PC and XSCF during the initial setup 1 Connect to XSCF by serial connection and log in To configure XSCF the system administrator or a field engineer first
503. ystem board is a Uni XSB or Quad XSB Note 2 The add delete replace operations are done by field engineers FEs If a command is performed the maintenance guidance is displayed FEs will use the device check select add and delete operations in the guidance window For information about how to handle and operate these devices see the Service Manual for your server and any manual written for FEs Dividing a PSB Into XSBs Command operation 1 Use the showfru 8 command to display information on dividing a PSB into XSBs XSCF gt showfru a sb Device Location XSB Mode Memory Mirror Mode sb 00 Uni No sb 01 Uni No sb 02 Uni No 2 Use the setupfru 8 command to divide a PSB into XSBs lt Example gt Specify PSB 00 for a Quad XSB XSCF gt setupfru x 4 sb 00 2 176 SPARC Enterprise Mx000 Servers XSCF User s Guide January 2012 3 Use the showfru 8 command to display information on dividing a PSB into XSBs XSCF gt showfru a sb Device Location XSB Mode sb 00 Quad sb 01 Uni sb 02 Uni Memory Mirror Mode No No No Setting the Memory Mirror Mode for a PSB Command operation 1 Use the showfru 8 command to display PSB memory mirror mode information XSCF gt showfru a sb Device Location XSB Mode sb 00 Quad sb 01 Uni sb 02 Uni Memory Mirror Mode No No No 2 Use the setupfru 8 command to enable memory mirror mode on a PSB
Download Pdf Manuals
Related Search