By default, an iLO has only one user account: Administrator. But via the API you can create more users and manipulate them. It’s also possible to import SSH keys, configure kerberos settings and configure single-sign on. Some methods accept a lot of arguments, for details on what these arguments mean, I will refer to the ilo scripting guide.
hpilo.Iloget_all_users()¶Get a list of all loginnames
>>> ilo.get_all_users()
['Administrator']
get_all_user_info()¶Get basic and authorization info of all users
>>> ilo.get_all_user_info()
{'Administrator': {'admin_priv': True,
'config_ilo_priv': True,
'remote_cons_priv': True,
'reset_server_priv': True,
'user_login': 'Administrator',
'user_name': 'Administrator',
'virtual_media_priv': True}}
get_user(user_login)¶Get user info about a specific user
>>> ilo.get_user(user_login='Administrator')
{'admin_priv': True,
'config_ilo_priv': True,
'remote_cons_priv': True,
'reset_server_priv': True,
'user_login': 'Administrator',
'user_name': 'Administrator',
'virtual_media_priv': True}
add_user(user_login, user_name, password, admin_priv=False, remote_cons_priv=True, reset_server_priv=False, virtual_media_priv=False, config_ilo_priv=True)¶Add a new user to the iLO interface with the specified name, password and permissions. Permission attributes should be boolean values.
mod_user(user_login, user_name=None, password=None, admin_priv=None, remote_cons_priv=None, reset_server_priv=None, virtual_media_priv=None, config_ilo_priv=None)¶Set attributes for a user, only specified arguments will be changed. All arguments except user_name and password should be boolean
delete_user(user_login)¶Delete the specified user from the ilo
import_ssh_key(user_login, ssh_key)¶Imports an SSH key for the specified user. The value of ssh_key should be the content of an id_dsa.pub or id_rsa.pub file
delete_ssh_key(user_login)¶Delete a users SSH key
get_dir_config()¶Get directory authentication configuration
>>> ilo.get_dir_config()
{'dir_authentication_enabled': False,
'dir_enable_grp_acct': False,
'dir_grpacct1_name': 'Administrators',
'dir_grpacct1_priv': '1,2,3,4,5,6',
'dir_grpacct1_sid': '',
'dir_grpacct2_name': 'Authenticated Users',
'dir_grpacct2_priv': 6,
'dir_grpacct2_sid': 'S-1-5-11',
'dir_kerberos_enabled': False,
'dir_kerberos_kdc_address': '',
'dir_kerberos_kdc_port': 88,
'dir_kerberos_realm': '',
'dir_local_user_acct': True,
'dir_object_dn': '',
'dir_server_address': '',
'dir_server_port': 636,
'dir_user_context_1': '',
'dir_user_context_10': '',
'dir_user_context_11': '',
'dir_user_context_12': '',
'dir_user_context_13': '',
'dir_user_context_14': '',
'dir_user_context_15': '',
'dir_user_context_2': '',
'dir_user_context_3': '',
'dir_user_context_4': '',
'dir_user_context_5': '',
'dir_user_context_6': '',
'dir_user_context_7': '',
'dir_user_context_8': '',
'dir_user_context_9': ''}
mod_dir_config(dir_authentication_enabled=None, dir_local_user_acct=None, dir_server_address=None, dir_server_port=None, dir_object_dn=None, dir_object_password=None, dir_user_context_1=None, dir_user_context_2=None, dir_user_context_3=None, dir_user_context_4=None, dir_user_context_5=None, dir_user_context_6=None, dir_user_context_7=None, dir_user_context_8=None, dir_user_context_9=None, dir_user_context_10=None, dir_user_context_11=None, dir_user_context_12=None, dir_user_context_13=None, dir_user_context_14=None, dir_user_context_15=None, dir_enable_grp_acct=None, dir_kerberos_enabled=None, dir_kerberos_realm=None, dir_kerberos_kdc_address=None, dir_kerberos_kdc_port=None, dir_kerberos_keytab=None, dir_generic_ldap_enabled=None, dir_grpacct1_name=None, dir_grpacct1_sid=None, dir_grpacct1_priv=None, dir_grpacct2_name=None, dir_grpacct2_sid=None, dir_grpacct2_priv=None, dir_grpacct3_name=None, dir_grpacct3_sid=None, dir_grpacct3_priv=None, dir_grpacct4_name=None, dir_grpacct4_sid=None, dir_grpacct4_priv=None, dir_grpacct5_name=None, dir_grpacct5_sid=None, dir_grpacct5_priv=None, dir_grpacct6_name=None, dir_grpacct6_sid=None, dir_grpacct6_priv=None)¶Modify iLO directory configuration, only values that are specified will be changed.
start_dir_test(dir_admin_distinguished_name, dir_admin_password, test_user_name, test_user_password)¶Test directory authentication with the specified credentials
get_dir_test_results()¶Get the results of the authentication directory test
>>> ilo.get_dir_test_results()
{'bind_to_directory_server': {'description': 'LDAP Server Error (2) Server Error Message: unsupported or invalid version',
'status': 'Failed'},
'connect_to_directory_server': {'description': '', 'status': 'Success'},
'connect_using_ssl': {'description': 'Certificate subject Mismatch, verify OK, error code 20 (unable to get local issuer certificate), Subject /CN="ldap-server" Issued By /CN="provisioning',
'status': 'Warning'},
'directory_administrator_login': {'description': 'LDAP Server Error (2) Server Error Message: unsupported or invalid version',
'status': 'Failed'},
'directory_server_dns_name': {'description': 'Directory Server address ldap.example.com resolved to: 10.1.2.3',
'status': 'Success'},
'directory_user_contexts': {'description': 'LDAP Server Error (2) Server Error Message: unsupported or invalid version',
'status': 'Failed'},
'lom_object_exists': {'description': 'LDAP Server Error (2) Server Error Message: unsupported or invalid version',
'status': 'Failed'},
'ping_directory_server': {'description': 'Response received from: 10.1.2.3',
'status': 'Success'},
'user_authentication': {'description': 'Unable to authenticate test user foo [Invalid credentials]',
'status': 'Failed'},
'user_authorization': {'description': 'LDAP Server Error (2) Server Error Message: unsupported or invalid version',
'status': 'Failed'}}
abort_dir_test()¶Abort authentication directory test
get_sso_settings()¶Get the HP SIM Single Sign-On settings
>>> ilo.get_sso_settings()
{'administrator_role': {'admin_priv': True,
'cfg_ilo_priv': True,
'login_priv': True,
'remote_cons_priv': True,
'reset_server_priv': True,
'virtual_media_priv': True},
'operator_role': {'admin_priv': False,
'cfg_ilo_priv': False,
'login_priv': True,
'remote_cons_priv': True,
'reset_server_priv': True,
'virtual_media_priv': True},
'trust_mode': 'DISABLED',
'user_role': {'admin_priv': False,
'cfg_ilo_priv': False,
'login_priv': True,
'remote_cons_priv': False,
'reset_server_priv': False,
'virtual_media_priv': False}}
mod_sso_settings(trust_mode=None, user_remote_cons_priv=None, user_reset_server_priv=None, user_virtual_media_priv=None, user_config_ilo_priv=None, user_admin_priv=None, operator_login_priv=None, operator_remote_cons_priv=None, operator_reset_server_priv=None, operator_virtual_media_priv=None, operator_config_ilo_priv=None, operator_admin_priv=None, administrator_login_priv=None, administrator_remote_cons_priv=None, administrator_reset_server_priv=None, administrator_virtual_media_priv=None, administrator_config_ilo_priv=None, administrator_admin_priv=None)¶add_sso_server(server=None, import_from=None, certificate=None)¶Add an SSO server by name (only if SSO trust level is lowered) or by importing a certificate from a server or directly
delete_sso_server(index)¶Delete an SSO server by index
get_twofactor_settings()¶Get two-factor authentication settings
>>> ilo.get_twofactor_settings()
{'auth_twofactor_enable': False,
'cert_owner_subject': None,
'cert_revocation_check': False}
mod_twofactor_settings(auth_twofactor_enable=None, cert_revocation_check=None, cert_owner_san=None, cert_owner_subject=None)¶Modify the twofactor authentication settings