The Sign In page enables you to access the Home page, which contains the available HP Insight Management Agents.
The Sign In page components include:
Two fields to input your user name and password from an account that is part of a valid group configured in the SMH users groups configuration article.
NOTE: HP SMH verifies the revocation status of the trusted certificate used for SSO against the root certificate, intermediate certificate, and the Certificate Revocation List (CRL) of the certificate. If the certificate is found to be revoked or if an error is encountered during verification, HP SMH logs a critical error as:
Trusted certificate used for SSO is either revoked or HP SMH failed to verify it against CRL.
HP SMH loads both root and intermediate CA certificates for only Base64 encoded certificates with .cer extension from
and loads CRLs for only files with .crl extension fromPATH_TO_CAFILES
\cacerts\
to verify the status of the trusted certificate.PATH_TO_CAFILES
\cacrls\To modify the
PATH_TO_CAFILES
, a CLI option -W|| –cafiles is available in HP SMH. Run the following command to change thePATH_TO_CAFILES
:smhconfig -W|| --cafiles[=] DIR
where, cafiles is the complete path to the CA files directory.NOTE:
smhconfig -W “”
will disable the CA revocation check.The question mark icon, ?, when clicked, displays or hides the tooltip box that displays information about the authentication mechanism and sign-in process.
The following table provides more information about the tooltip box.
Tooltip box
Name | Description |
---|---|
User Name | User must be part of a user group accepted by HP SMH |
Password | User name and password must match a valid user |
Sign In | Validates user name sign-in to HP SMH |
Clear | Erases user name and password input fields |
? | Show/hide tooltip box |
Checkbox | Automatically imports the management server certificate when selected. This is applicable when using SSO from HP SIM and the trust mode is set to TrustByCert. |
![]() | NOTE: If an error occurs on a sign-in attempt, you are returned to the Sign In page. |
A configuration mechanism enables the administrator to customize the image and the message in the Sign In page. The administrator can use a custom logo and warning message. As the pages load, HP SMH verifies if the personalized content is enabled and available. If the content is not available, HP SMH uses the standard image and warning message.
Single sign-on from HP SIM to HP SMH
When a CA certificate
is used, you might be unable to do an SSO from
HP SIM to HP SMH v7.0.0 onwards. The following error message is displayed
on the SMH login page Trusted certificate used for
SSO is either revoked or SMH failed to verify it against CRL
.
In such a case, you have to manually log in to SMH.
To use a CA Certificate for SSO, follow the prerequisites listed here to:
Get the signed certificate from CA:
![]() | NOTE: You can also set up local certificate services such as Microsoft Certificate Services to get the signed certificate. |
Access http://
hostname
/certsrv, wherehostname
is the name of the machine having certificate services.Select Submit a certificate request by using a base-64-encoded CMC, PKCS #10 file, or Submit a renewal request by using a base-64-encoded PKCS #7 file.
To download a certificate that is pending for approval:
Get the Root Certificate and the CRL from CA:
![]() | NOTE: You can also set up local certificate services such as Microsoft Certificate Services to get the Root Certificate and the CRL. |
Import the signed certificate in SIM:
After SMH is configured to use the CA, SMH accepts SSO requests from SIM.
Starting HP SMH from Internet Explorer
To sign in to HP SMH with Internet Explorer:
Navigate to https://
hostname
:2381/.The first time you browse to this URI, the Security Alert dialog box appears, prompting you to indicate whether to trust the server. If you do not import the certificate, the Security Alert appears every time you browse to HP SMH.
For more information about procedures on changing the configuration variables, see the HP System Management Homepage Installation and Configuration Guide available at the HP SMH web page at http://h18013.www1.hp.com/products/servers/management/agents/documentation.html.
NOTE: To implement your own Public Key Infrastructure (PKI) or install your own generated certificates into each managed system, you can install a certificate authority Root Certificate into each browser to be used for management. If a Root Certificate is implemented, the Security Alert dialog box does not appear. If the alert appears, you might have browsed to the wrong system. For more information about installing the certificate authority Root Certificate, see the online help in your browser.
NOTE: To implement or install your own generated certificates into each managed system, you can install a certificate authority Root Certificate into each browser to be used for management. If a Root Certificate is implemented, the Security Alert dialog box does not appear. If the alert appears, you might have browsed to the wrong system. For more information about installing the certificate authority Root Certificate, see the online help in your browser.
-
The Sign In page appears. If you have enabled Anonymous access during installation, then System Management Homepage appears.
Enter your user name that is recognized by the operating system.
NOTE: HP SMH initially allows access to the root user only.
If the user credentials cannot be authenticated, the user is denied access.
After logging into HP SMH as an initially allowed user, use the Security Settings to grant access to users in other operating system groups.
Administrator on Windows and root on Linux have administrator access on HP SMH.
Enter the password that is recognized by the operating system.
Starting HP SMH from Mozilla or Firefox
To sign in to HP SMH with Mozilla or Firefox:
Navigate to https://
hostname
:2381/.For more information about procedures on changing the configuration variables, see the HP System Management Homepage Installation and Configuration Guide available at the HP SMH web page at http://h18013.www1.hp.com/products/servers/management/agents/documentation.html.
-
The Sign In page appears. If you have enabled Anonymous access during installation, then System Management Homepage appears.
Enter your user name that is recognized by the operating system.
Administrator on Windows and root on Linux have administrator access on HP SMH.
Enter the password that is recognized by the operating system.
Starting HP SMH from HP SIM
To start HP SMH by signing in to HP SIM with a Web browser:
Navigate to https://
hostname
:50000/.The first time you browse to this link, the Security Alert dialog box appears, asking if you want to trust the server. If you do not import the certificate, the Security Alert appears each time you browse to HP Systems Insight Manager (HP SIM).
NOTE: To implement a custom Public Key Infrastructure (PKI) or install your own generated certificates into each managed system, you can install a certificate authority Root Certificate into each browser to be used for management. If a Root Certificate is implemented, the Security Alert dialog box does not appear. If the alert appears, you might have browsed to the wrong system. For more information about installing the certificate authority Root Certificate, see the online help in your browser.
NOTE: To implement or install your own generated certificates into each managed system, you can install a certificate authority Root Certificate into each browser to be used for management. If a Root Certificate is implemented, the Security Alert dialog box does not appear. If the alert appears, you might have browsed to the wrong system. For more information about installing the certificate authority Root Certificate, see the online help in your browser.
Enter your user name that is recognized by the operating system.
Enter the password that is recognized by the operating system.
Select Tools → System Information → System Management Homepage.
Select a check box next to a target system, and then click Apply.
Verify the target system by selecting a check box next to the system, and then click Run Now.
The Security Alert dialog box appears, prompting you to trust the server. If you do not import the certificate, the Security Alert appears each time you browse to HP SMH.
Getting started |
Configuring firewall settings |
Automatically importing certificates |
Signing out |
HP SMH pages |