- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- ProLiant Servers (ML,DL,SL)
- >
- Re: Who's testing HPEiLOCmdlets 2.0.0.0 before rel...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-07-2018 07:32 AM
06-07-2018 07:32 AM
Hello,
Sorry for the sarcastic title ... but I have really the impression that nobody tested this module at HPE before releasing it.
We are trying to use this module to configure the iLO of our DL 380 Gen 9, and here are some findings :
Start-HPEiLOCertificateSigningRequest
‘-IncludeiLOIP' parameter gives errors if you specify it, no matter what syntax.
does not use the value of ‘-City', regardless of how you specify it. Should place it into '<CSR_Locality>' inside the XML it sends, but there's no such field in the raw request being sent.
Get-HPEiLOCertificateSigningRequest
resubmits new CSR generation with default parameters. It does not simply retrieve the previously generated CSR (with parameters specified by 'Start-HPEiLOCertificateSigningRequest').
You *can* however see the correct CSR if you retry 'Start-HPEiLOCertificateSigningRequest' with '-OutputType RawResponse'.
Set-HPEiLOSNTPSetting
‘-SNTPServer’ parameter does not work as advertise in the example when it’s a table @(“1.1.1.1”,”2.2.2.2”) WARNING: Number of parameter values greater than number of targets. Ignoring extra parameter values.
The XML it sends only as <SNTP_SERVER1> it should normal process the table and send also <SNTP_SERVER2>
Set-HPEiLOIPv4NetworkingSetting
Again the -DNSServer and -DNSType when these are table are not treated as by the example … didn’t find a way to set multiple value
and I stopped the testing / debugging there.
Am I the only one ? Is somebody able to help ?
Solved! Go to Solution.
- Tags:
- certificate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-10-2018 09:57 PM
06-10-2018 09:57 PM
Re: Who's testing HPEiLOCmdlets 2.0.0.0 before release
Hi,
First of all i apologise that you had to go through this pain while using PS Cmdlets. Please find my observation below :
1. IncludeiLOIP is a new parameter added in this release. This is not supported in Gen9 as there is no RIBCL support for this. Can be set only via GUI for Gen9. Provides error with details in the StatuInfo object.
<refer image1>
2. City parameter is not getting set, RIBCL is adding its default value. This is a bug from our end.
3. Get-HPEiLOCertificateSigningRequest is generating with default values that is given by RIBCL. I think its a bug from our side.
4. Set-HPEiLOSNTPSetting "-SNTPServer" value @(“1.1.1.1”,”2.2.2.2”) is missing a comma in the beginning. This must be ,@(“1.1.1.1”,”2.2.2.2”). This is mentioned in the example as shown below.
<refer image2>
5. Set-HPEiLOIPv4NetworkingSetting
<refer image3>
Working as expected . As in 4th issue, you have missed to add comma at the starting of the array. I just followed the example and was able to set multiple DNS server address.
We are working on the above issues and soon will be releasing a minor version to over come these issues.
Thanks for your patience and using PowerShell cmdlets. We do have pretty good testing coverage but i don't deny the fact that we have few gaps that we will be filling it in the upcoming releases.
Regards,
Gokul
I am a HPE Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-10-2018 10:08 PM
06-10-2018 10:08 PM
Re: Who's testing HPEiLOCmdlets 2.0.0.0 before release
Hi,
As a wokround you can use previous release of iLO cmdlets i.e., 1.5.x version which is available on the HPE web and you need not un-install 2.0 as both can work in parellel without any conflict.
Below is the cmdlet to generate CSR on Gen9 iLO.
PS C:\Windows\system32> $out = Get-HPiLOCertificateSigningRequest -Server 192.168.10.16 -Username admin -Password admin123 -State KA -Country IN -Locality BLR -Organization HPE -OrganizationalUnit HIT -CommonName CN -DisableCertificateAuthentication
PS C:\Windows\system32> $out
IP : 192.168.10.16
HOSTNAME : ilomxq54509m3.powershvpn.com
STATUS_TYPE : OK
STATUS_MESSAGE : OK
CERTIFICATE_SIGNING_REQUEST : -----BEGIN CERTIFICATE REQUEST-----
MIICtjCCAZ4CAQAwUTELMAkGA1UEAwwCQ04xDDAKBgNVBAsMA0hJVDEMMAoGA1UE
CgwDSFBFMQwwCgYDVQQHDANCTFIxCzAJBgNVBAgMAktBMQswCQYDVQQGEwJJTjCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALVF5PpeuRipy4e038bgw/A9
2ovY8KQYnlWjJ2yj72ub2moiuuFAH2wLbFZuh7KwH8+P3rzZZWVdVoem0bbFATmu
dmrDv4ntdrol38rJmMB8OVbmsbwBaT8VzEW+FsDpn/rMpmBhdwfhkWgt9gEMumyF
Sr+SJPtJMpU7e5lMq8EX3gNdZ/cYNFkxKLfRTa+41jNUSAbpVzgwLGEJxJfHY0Hm
cNtNcsnJZuyf9vHAlySpbiHa7JSDcNqejR4fdRDg3JqCDGm8k+6UN8CG9h2MO5vD
WNgxys+df8t2QEZa8xlv/m7TjWI8WUPAuoKpybsZJC/x84Mj9XilbTFusM+tIoEC
AwEAAaAgMB4GCSqGSIb3DQEJDjERMA8wDQYDVR0RBAYwBIICQ04wDQYJKoZIhvcN
AQELBQADggEBAE39YlJnBi4t/XkeQ8EBOB9QoRdLttly2kICHcLJUTiSbvceqOEC
0JLnbMCHAPlYnZbOts+iyeUrfvg2bXKdobvLmtE73cUSBXX1R9JsN+czqd9oNtbW
8qQtkeG9D7Mzhk9GBxZ0r5FUi5R/eq7mfZqei2UVCOTQZHVuyWVR1j4xk3+ytgbN
hH4o5SZVDDmp/a6TCT6kWZpuxOPbbLAemGDIeRy14Vd68GjQ9KUgbfAARgeZdS5c
FbZ8LI6wXoE6b/+586o5dSgng2YOS4i2x0B5RaslYF6KS3UayCg1qIDYL1Y7rTXo
IYh5pvMz56ANwmUA0b3WHTMSxZzS9vYEJlo=
-----END CERTIFICATE REQUEST-----
Thanks,
Gokul
I am a HPE Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-12-2018 10:41 AM
07-12-2018 10:41 AM
SolutionThe iLO 2.0.0.1 cmdlets is available on both HPE Web and PowerShell gallery which has fix for the certificate issues.
Thanks,
Gokul
I am a HPE Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-05-2018 04:03 PM
09-05-2018 04:03 PM
Re: Who's testing HPEiLOCmdlets 2.0.0.0 before release
I am happy to report that indeed with the latest PowerShell Module (2.0.0.1) this issue is fixed.