for security purposes, the service processor counts the number of attempts to enter passwords. the results of not recognizing a password within this error threshold are different, depending on whether the attempts are being made locally (at the server) or remotely (through a modem). the error threshold is three attempts.
if the error threshold is reached by someone entering passwords at the server, the service processor commands the server to resume the initial program load (ipl). this action is taken based on the assumption that the server is in an adequately secure location with only authorized users having access.
such users must still successfully enter a login password to access the operating system.
if the error threshold is reached by someone entering passwords remotely, the service processor commands the server to power off to prevent potential security attacks on the server by unauthorized remote users. the following table lists what you can access with the privileged-access password and the general-access password.
1 change privileged-access password
set or change the privileged-access password. it provides the user with the capability to access all service processor functions. this password is usually used by the system administrator or root user.
2 change general-access password
set or change the general-access password. it provides limited access to service processor menus, and is usually available to all users who are allowed to power on the server, especially remotely.
the general-access password can only be set or changed after the privileged access password is set.
3 enable/disable console mirroring
this function is not available on this system.
4 start talk mode
this function is not available on this system.
5 os surveillance setup menu
this option is disabled in partitioned systems.
this menu can be used to set up operating system (os) surveillance.
1 surveillance
can be set to enabled or disabled.
2 surveillance time interval
can be set to any number from 2 through 255.
3 surveillance delay
can be set to any number from 0 through 255.
refer to “service processor system monitoring - surveillance” on page 39 for more information about surveillance.
6 reset service processor
if this option is selected, entering y causes the service processor to reboot.
7 reprogram flash eprom menu
this function is not available on this system.
8 serial port snoop setup menu
this function is not available on this system.
9 scan log dump policy
a scan dump is the collection of chip data that the service processor gathers after a system malfunction, such as a checkstop or hang. the scan dump data may contain chip scan rings, chip trace arrays, and scom contents.
the scan dump data are stored in the system control store. the size of the scan dump area is approximately 4 mb.
during the scan log dump, a8xx (in the range a810 to a8ff) displays in the operator panel value on the hmc. the xx characters will change as the scan log dump progresses. if the xx characters do not change after five minutes, the service processor is hung and must be reset.
when the scan log dump is complete, depending on how the reboot policy is set, the system will either:
1 go to the standby state (and the service processor menus will be available), indicated by ok or stby in the virtual operator panel on the hmc.
or
2 attempt to reboot.
the scan log dump policy can be set to the following:
2 = as needed
the processor run-time diagnostics record the dump data based on the error type. this is the default value.
3 = always
selecting this option allows the service processor to record a scan log dump for all error types.
the scan log dump policy can also be set from the tasks menu in the aix service aids.
option 2 displays the following screens:
the scan log dump content can be set to the following:
1 = as requested
the processor run-time diagnostics will select the contents of the dump file based on the type of error that occurs. this is the default.
2 = optimum
the dump will include the smallest amount of information to diagnose a hardware error.
3 = complete
the dump will include as much information as possible to allow the complete analysis of hardware and software errors.
4 = minimum
the dump will include the smallest amount of information possible (a minimum number of hardware scan log rings).
the complete dump will take the longest time to finish; it may take as long as 1.5 hours on a fully configured system.
the scan log dump content can also be set from the tasks menu in the aix diagnostic service aids.
if a valid dump file already exists, the dump control code will stop because the contents of the prior dump must be protected.
option 3, immediate dump, can only be used when the system is in the standby state with power on. it is used to dump the system data after a checkstop or machine check occurs when the system firmware is running, or when the operating system is booting or running.