Server Management - Remote Server Management
cancel
Showing results for 
Search instead for 
Did you mean: 

Invoke-RIBCL.ps1 -- issue adding AD DIR integration via iLO XML elements (same XML works on server)

 
Highlighted
Occasional Contributor

Invoke-RIBCL.ps1 -- issue adding AD DIR integration via iLO XML elements (same XML works on server)

Hello HPE iLO POSH experts,

I'm using the latest HPE iLO POSH and examples, specifically 1.4.0 of the Invoke-RIBCL.xml sample as it these few Examples seem to have significant error-handling and cmd-line parsing options, a good jumping off point.

I do see there's another Cmdlet specifically for Directory integration (ConfigureAndTestDirectorySettings.ps1) however as I already have the XML working, and I am having some difficulties mapping the parameters needed to the elements in the XML file, and as well a generic Cmdlet to R/W iLO4/5 configuration settings is more useful for us in the long run (i.e. to help us recover from the situation where older iLO4 server's lose our custom settings due to firmware corruption).

I have manually configured an iLO4 server (all our servers are DL*) with AD DIR integration so my group can use our management domain Windows AD domain credentials when authenticating with iLO.

I'm able to export the iLO4 configuration after I've tested my manual changes and reset iLO, leaving only these XML elements with our specific settings (for brevity, I have not included other required elements below):

<MOD_NETWORK_SETTINGS/>
<DIR_INFO>
<MOD_DIR_CONFIG/>
<DIR_INFO/>

Using this XML, locally on a DL380 Gen9 server, I can run "hponcfg -f filename.xml -w" logged into Windows as domain admin, this works beautifully, after hponcfg reboots iLO, I can login just fine using my domain admin credentials.

However, using the same exact XML as input to Invoke-RIBCL.ps1, as the code comments indicate I don't see any output (nor errors), however for some reason this is failing.

As we have nearly 400 DL* iLO4/5 servers to integrate with AD, I would really like to get the POSH iLO working to invoke this and other XML, as the other option (hpqlocfg.exe from my Desktop for example) should also work, but we are trying to move away from cmd shell batch/cmd files, moving to PowerShell so we can leverage job control and as our organization is a PowerShell shop.

Any advice on how to troubleshoot the Invoke-RIBCL.ps1 with arbitrary XML (for write operations) is greatly appreciated.

Thank you,

Ronan

1 REPLY 1
Highlighted
HPE Pro

Re: Invoke-RIBCL.ps1 -- issue adding AD DIR integration via iLO XML elements (same XML works on serv

Hi Ronan,

First thanks for using our PowerShell scripts.

HPiLOCmdlets 1.4 is not latest release you need to download 1.5.0.1 which is the latest release on web.

If i understand your problem currently you are unable to use our sample scripts as it is in case of invoke-RIBCL.ps1 script file. 

I strongly suspect that the xml file you are feeding to the script is wrong. Because we have tested it and it works.

$xml1 = ([string](get-content " C:\Program Files\Hewlett-Packard\RIBCL_XML\Get_Boot_Mode.xml"))
Invoke-HPiLORIBCLCommand –server $server –Username $username –Password $password –RIBCLCommand $xml1

If you see the above example i loading $xml1 with xml content using get-content which i am not sure if you are using it or not. ( Above piece of code i got it from cmdlet help file )

Simiilarly you can feed the xml data for sample script also.

Alternatively for the AD user integarion with iLO you can refer below cmdlet help instead of going via invoke ribcl script. Because we have cmdlet for the same and it does the same job as that of invoke ribicl with all those xml's.

help Set-HPiLODirectory -Examples

PS C:\> $uname = @("asmith","jcook")
PS C:\> $pword = @("P@ssw0rd1","P@ssw0rd2")
PS C:\> $LDAPDirectoryAuthentication = @("Disable","Use_HP_Extended_Schema")
PS C:\> $localUserAccount = @("Y","N")
PS C:\> $serverAddress = @("123.56.89.123","ldap.company.net")
PS C:\> $serverPort = @("636","636")
PS C:\> $objectDN = @("value="CN=server1_rib,OU=RIB, DC=mycomp1,DC=com","value="CN=server2_rib,OU=RIB, DC=mycomp2,DC=com")
PS C:\> $objectPassword = @("password1","password2")
PS C:\> $uContext1 = @("CN=Users11,DC=mycompu, DC=com","CN=Users12,DC=mycomp1, DC=com")
PS C:\> $uContext2 = @("CN=Users21,DC=mycompu, DC=com","CN=Users22,DC=mycomp2, DC=com")
PS C:\> $uContext3 = @("CN=Users31,DC=mycompu, DC=com","CN=Users32,DC=mycomp3, DC=com")
PS C:\> Set-HPiLODirectory -Server @("1.4.29.195","1.4.27.103") -Username $uname -Password $pword -LDAPDirectoryAuthentication $LDAPDirectoryAuthentication -LocalUserAccount $localUserAccount
-ServerAddress $serverAddress -ServerPort $serverPort -ObjectDN $objectDN -ObjectPassword $objectPassword -UserContext1 $uContext1 -UserContext2 $uContext2 -UserContext3 $uContext3

(Sample script - ConfigureAndTestDirectorySettings.ps1 uses the above cmdlet to integrate AD users in ilo)

Let me know if you have any issues stil.

I would like to take one minute of your time for feedback on the sample scripts.

>> Do you think the current version of sample scripts is helpful compared to older version ( where lot of validation and error handling was not there just cmdlet usuage ) ?

Because current script has lot of code and do you think you are getting confused with the lot of code which has more non core business logic code and less actual cmdlet usuage code.

Thanks,

Gokul


I am a HPE Employee

Accept or Kudo