HPE Community
BladeSystem - General
1753773 Members
5539 Online
108799 Solutions
New Discussion юеВ

Unable to authenticate to VirtualConnect

 
ChristianWickham
Frequent Advisor

тАО06-17-2010 10:07 PM

тАО06-17-2010 10:07 PM

Unable to authenticate to VirtualConnect

We have a c7000 BladeChassis with Flex-10 (firmware 2.3) and OA 2.6 and we use LDAP authentication.

We recently restructured AD and moved user accounts around into different OUs. After this change, we made sure that LDAP authentication worked in the blade chassis and changed all RDNs and paths so that they were all correct.
We noticed that in Virtual Connect, that all authentication fields are greyed-out as it takes config from the OA.
We are able to authenticate to the Onboard Administrator with AD usernames.
But, we now cannot authenticate to the Virtual Connect - no matter what we enter, it states that the username and password are incorrect. Even the local Administrator password does not work.

How can I get into Virtual Connect now?
0 Kudos
Reply
7 REPLIES 7
Johan Guldmyr
Honored Contributor

тАО06-18-2010 04:31 AM

тАО06-18-2010 04:31 AM

Re: Unable to authenticate to VirtualConnect

haven't worked with this much but maybe you can use the CLI? Get to the OA first, then connect interconnect x - where x is the bay where you have the vc-module.
0 Kudos
Reply
The Brit
Honored Contributor

тАО06-18-2010 08:49 AM

тАО06-18-2010 08:49 AM

Re: Unable to authenticate to VirtualConnect

If you know the IP address for the VC Module running the VCManager, you can connect directly to the cli using SSH (or maybe Telnet is it is still enabled).

I dont know if this would bypass the ldap authentication. If it does, you should be able to login using your regular User Id and password.

I am just curious (not being a Windows type). Are the perceived advantages of LDAP so great that they justify screwing up a working setup?? (You know what they say "If it aint broke, dont fix it!)

Dave.
0 Kudos
Reply
ChristianWickham
Frequent Advisor

тАО06-20-2010 04:12 PM

тАО06-20-2010 04:12 PM

Re: Unable to authenticate to VirtualConnect

Why do people bother to reply if you don't have a clue? Posting a reply with no help just stops other people from responding with help because they think that a posting to a question means that it is being dealt with.

The CLI still needs authentication, and Authentication is the bit that is not working. I cannot connect with any username or any authentication method or any protocol.
This includes the web console (both OA and VC), SSH and Telnet to all components.

The Onboard Administrator is running and authenticating correctly. The Onboard Administrator is where authentication is configured for everything in the system.

@The Brit / Dave - it appears that being "not a Windows type" has closed your mind. LDAP is not Windows, it is an industry standard. Yes, it was "broke" and so we did need to fix it - the LDAP structure we were using had administrators in different sites and they were unable to be configured as the HP Onboard Administrator only allows six search contexts and we have more administrators than that and needed to move them all to a correct structure so we can have them all log in.
As I stated in my original post, logging in with my "regular UserId and password" does not work.


I have just tried to reboot both Flex-10 modules (as they run the Virtual Connect domain) one by one, and it has not reloaded the config or fixed the problem.
I also tried the original "Default Network Settings" from the iLO style ticket that was attached to the Flex-10 when they first arrived.

Can anyone actually help? I have 128 servers running on this blade chassis and need to add another blade.
0 Kudos
Reply
ChristianWickham
Frequent Advisor

тАО06-20-2010 09:31 PM

тАО06-20-2010 09:31 PM

Re: Unable to authenticate to VirtualConnect

I contacted HP support, and they recommended;

1.Remove on-board administrator modules one after the other.
2.Remove the OA tray assembly and reseat it.
3.Reinstall the OA modules.
NOTE: Reseating of OA tray will not disturb the Server's functionality.
4.SOLUTION:

OA modules are no longer in VCMODE. This will result in VCM not being able to communicate with the active OA. If you get the VCM GUI login screen, we suggest that you log into the VCM with the factory password (may require to reset password from the jumper within VC). Then VCM will prompt you to import the enclosure (or import from a saved configuration file).
Try the enclosure import (because you if do not have the saved configuration file).
VCM should be able to put the active OA back into VCMODE. This will not interrupt server production traffic.
Now you will be able to save that enclosure VC configuration.
or
Try the following:
Save the OA settings.
Reset the OA to factory default (this will clear the OA VCMODE).
Restore the OA settings (including EBIPA settings for the VC modules).
Find the factory password on the VC module in bay 1.
Log into the VC module in bay 1 using the factory password.
The VC wizard will ask if you want to restore a previous configuration - answer yes The VC wizard will ask for the OA Administrator password - enter that password The VC wizard should import that enclosure and restore the previous configuration Now change the VC Administrator account password

5.Also check the VC user guide and refer to page no# 87 onwards :

http://h20000.www2.hp.com/bc/docs/support/SupportManual/c02048561/c02048561.pdf
0 Kudos
Reply
ChristianWickham
Frequent Advisor

тАО06-20-2010 09:44 PM

тАО06-20-2010 09:44 PM

Re: Unable to authenticate to VirtualConnect

This is what I found;

After rebooting the Onboard Administrator with the above steps 1-3 (I skipped steps 4 and 5), I was eventually able to log in to one of the Flex-10 Virtual Connect modules with the local administrator password that was supplied with the Virtual Connect unit (the factory default), then I could access the Virtual Connect domain.

I found that if you log on to VC with an LDAP username, you cannot edit the directory server settings - they are greyed out. This is the issue that got me into this mess - I assumed that with the settings greyed out, that they took the settings from the OA.
Once I was able to log in to the VC as a local user, the settings for Directory Server became available, then I was able to change them, test it and then log in with my LDAP username.
0 Kudos
Reply
Shadders
Advisor

тАО06-21-2010 01:22 AM

тАО06-21-2010 01:22 AM

Re: Unable to authenticate to VirtualConnect

Christian,

The support forum (in my opinion) is a guide - not paid support - its free. Slamming people for offering suggestions is not really such a smart move.

The Brit has assisted me on a few glitches with my C7000 in the past & has not 100% provided a guarenteed fix, but has put me on the righ track.

Glad you got it resolved though... I had an issue with Flex-10 modules that would not allow me to log in & the answer came from this site - not HP support.
0 Kudos
Reply
The Brit
Honored Contributor

тАО06-21-2010 02:55 AM

тАО06-21-2010 02:55 AM

Re: Unable to authenticate to VirtualConnect

Christian,
Just to clarify. I did not suggest that authentication could be avoided by logging in to the CLI, I simply wondered if this would get around the LDAP authentication (and allow the simple VCM login using UserID and Password to work).

In any case I'm glad to hear you got your problem solved.

Assuming that you backup your VC/OA configurations regularly, you could of course have reverted back to a pre-LDAP configuration, i.e. re-boot your VC modules as described above, import the domain (only), then restore "good" config.

Dave.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.