Abstract: A server rack may include a chassis controller for the server rack and a set of baseboard management controllers (BMCs) corresponding to servers stored in the server rack. Each BMC is communicatively connected to the chassis controller internal to the server rack. Each BMC is also communicatively connected to a network switch located external to the server rack to communicate with the set of BMCs using the network switch. When a first BMC loses communication with the chassis controller internal to the server rack, the first BMC communicates with the chassis controller via a second BMC and the network switch.

Abstract: A system for ensuring update package authenticity includes an update package transaction ledger and a repository. Change managers are configured to maintain the update package transaction ledger, create a transaction block using metadata of an update, and determine a package value based on the transaction ledger and on the update. The change managers also incorporate the package value and the update into a package, and upload the package to the repository. A client obtains the package from the repository, obtains the transaction block from the update package transaction ledger, determines a calculated value based on the transaction block and on the update, and compares the calculated value and the package value. The update is installed when the calculated value and the package value match.

Abstract: Methods and systems for account authentication in a distributed computing node group may involve sending a message to a member, the message having a first timestamp, increasing an authentication failure count, receiving a first key-exchange message from the member, the first key-exchange message having a second timestamp, evaluating the second timestamp, and determining whether to ignore the first key-exchange message based on an evaluation of the second timestamp. The first timestamp may be associated with a message received from the member prior to sending the message with the first timestamp to the member. The first key-exchange message may include a value computed by the member based on a group passcode shared with the member. The evaluation of the second timestamp may be based on at least one of a default value, the authentication failure count, or a timestamp associated with the group passcode.

Abstract: A system for ensuring update package authenticity includes an update package transaction ledger and a repository. Change managers are configured to maintain the update package transaction ledger, create a transaction block using metadata of an update, and determine a package value based on the transaction ledger and on the update. The change managers also incorporate the package value and the update into a package, and upload the package to the repository. A client obtains the package from the repository, obtains the transaction block from the update package transaction ledger, determines a calculated value based on the transaction block and on the update, and compares the calculated value and the package value. The update is installed when the calculated value and the package value match.

Abstract: Methods and systems for secure messaging may involve receiving an encrypted message from a node, decrypting the message using a default key, sending a message, rotating a group key, and distributing a key rotation message. The message received may be to discover a master of a group. The message sent may welcome the node into the group as a member. The welcome message may be encrypted with the default key and may include information to determine the group key. The group key may be rotated based on an expiration of a group key rotation window. The group key may become a prior group key and the rotated group key may be a current group key. The key rotation message may be encrypted with one of the default key or the prior group key and may include information to determine the current group key.

Abstract: Methods and systems for account authentication in a distributed computing node group may involve sending a message to a member, the message having a first timestamp, increasing an authentication failure count, receiving a first key-exchange message from the member, the first key-exchange message having a second timestamp, evaluating the second timestamp, and determining whether to ignore the first key-exchange message based on an evaluation of the second timestamp. The first timestamp may be associated with a message received from the member prior to sending the message with the first timestamp to the member. The first key-exchange message may include a value computed by the member based on a group passcode shared with the member. The evaluation of the second timestamp may be based on at least one of a default value, the authentication failure count, or a timestamp associated with the group passcode.

Abstract: A host device access monitoring and reporting system includes a management system coupled to server devices through a network. Each server device includes a BIOS that generates and transmits pre-boot access event reports for pre-boot access events occurring prior to the completion of a boot process for that server device, and an operating system that generates and transmits post-boot access event reports for post-boot access events occurring subsequent to the completion of the boot process for that server device. A remote access controller in each server device receives pre-boot access event reports from the BIOS in that server device and, in response, publishes pre-boot access event notifications to the management system. The remote access controller in each server device also receives the post-boot access event reports from the operating system in that server device and, in response, publishes post-boot access event notifications to the management system.

Abstract: An information handling system (IHS) includes controller that performs a method of automating acquisition of link local Internet Protocol (IP) network address of servers. Controller acts as Group manager server (GMS) that maintains an inventory of a respective link local Internet Protocol (IP) network address and public key of each server that is addressable over a local area network (LAN). GMS receives an IP network address and credentials associated with a management console that are used to obtain a public key from the management console. GMS transmits to the management console a GMS IP network address and public key associated with the GMS. GMS encrypts the inventory with the public key of the management console to generate an encrypted inventory. GMS transmits the IP network address and the public key of the management console to each server. GMS forwards the encrypted inventory to the management console to enable secure communication.

Abstract: Embodiments of the invention provide for performing a search across business objects of one or more business processes. More specifically, embodiments of the present invention provide for performing a search across business objects of one or more business processes based on an index of business objects and additional information supplementing the index. The additional information can indicate business objects of different types or of different business processes that are related to the indexed business objects. According to various embodiments of the present invention, providing business object and business process searching can include but is not limited to: the ability to more quickly find related documents using search in one step; the ability to do so without using menus; the ability to quickly refine search results with common facets; and/or the ability to do advanced common attributes searches across business objects such as comments for a supplier across numerous business objects.

Abstract: Methods and systems for account authentication in a distributed computing node group may involve sending a message to a member, the message having a first timestamp, increasing an authentication failure count, receiving a first key-exchange message from the member, the first key-exchange message having a second timestamp, evaluating the second timestamp, and determining whether to ignore the first key-exchange message based on an evaluation of the second timestamp. The first timestamp may be associated with a message received from the member prior to sending the message with the first timestamp to the member. The first key-exchange message may include a value computed by the member based on a group passcode shared with the member. The evaluation of the second timestamp may be based on at least one of a default value, the authentication failure count, or a timestamp associated with the group passcode.

Abstract: Methods and systems for providing quality of service to an information handling system may involve generating a new transport encryption key for a management controller group, notifying nodes in the management controller group to negotiate for the new transport encryption key, and encrypting a first message to be sent to a first node in the management controller group using a current transport encryption key. The new transport encryption key for encrypted communications in the management controller group and to replace a current transport encryption key. The first message encrypted after notifying the nodes in the management controller group to negotiate for the new transport encryption key. The nodes of the management controller group including the first node.

Abstract: Methods and systems for refreshing an information handling system may include receiving a request for information, searching a group inventory for the information, and responding to the request with the information. The information may correspond to a configuration. The request may be received from a node in a group with a plurality of nodes. The information requested may correspond to an update to the configuration of the node. The group inventory may be sourced from the group. The information in the response may be based on finding a match in the group inventory.

Abstract: Methods and systems for managing distributed group identity may involve exchanging, at a node in a group, node identifiers with another node in the group, sorting the node identifiers, selecting an identifier from the sorted identifier, proposing the selected identifier as a persistent group name, setting the persistent group name based on the proposed identifier, setting a user administered name based on the proposed identifier, determining that the user administered name is consistent across the group, and updating the user administered name to resolve the inconsistency. The persistent group name is common across the group.

Abstract: Methods and systems for receiving speed dial configuration changes may involve receiving a packet, determining whether the packet is associated with a valid command, determining whether a username in a header of the packet is a valid user, validating a signature using a public key, decrypting encrypted data using a first factor key, and executing the valid command associated with the decrypted data. The packet includes the header, encrypted data, and the signature, and is sent without a one-to-many management console and without prior group configuration. The validation of the signature may be based on the determination that the packet is associated with a valid command and that the username in the header of the packet is a valid user.

Abstract: An information handling system (IHS) includes controller that performs a method of automating acquisition of link local Internet Protocol (IP) network address of servers. Controller acts as Group manager server (GMS) that maintains an inventory of a respective link local Internet Protocol (IP) network address and public key of each server that is addressable over a local area network (LAN). GMS receives an IP network address and credentials associated with a management console that are used to obtain a public key from the management console. GMS transmits to the management console a GMS IP network address and public key associated with the GMS. GMS encrypts the inventory with the public key of the management console to generate an encrypted inventory. GMS transmits the IP network address and the public key of the management console to each server. GMS forwards the encrypted inventory to the management console to enable secure communication.

Abstract: A method and information handling system (IHS) determines a master remote access controller (RAC) in a distributed IHS having multiple communicatively-connected computing nodes with corresponding RACs. The method includes transmitting a first set of RAC parameters from a first RAC to several other RACs. The first set of RAC parameters includes a locality of reference (LOR) value for the first RAC. Several other sets of RAC parameters are received from the other RACs. A first list of all of the RACs is generated including the associated LOR values. The first list is sorted based on the LOR values and the RAC having the highest LOR value in the first list is designated as a first master RAC candidate.

Abstract: A system and method for managing peripheral device failures is disclosed. The method includes detecting, at a processor of a peripheral bus, a failure of a first bus device at a downstream port from the processor. The downstream port is populated by the first bus device and the processor is communicatively coupled at an upstream port to a root complex. The processor is configured to isolate the failure of the first bus device from the root complex. The method also includes, responsive to detecting the failure, suspending communication of data to the first bus device, receiving information regarding a second bus device selected from a cluster of a plurality of bus devices, and assigning the second bus device to the downstream port.

Abstract: A method of managing a server group comprising a plurality of group members in a server group may include receiving, from a group member, health status data and obtaining location data. The health status data may indicate a group member's status with respect to a health parameter. The set of health parameter states may include a compliant, borderline, and non-compliant state defined by one or more thresholds. The location information may indicate locations of the group members relative to one another. A status-location operation may be performed in accordance with the health status and location data to generate a display including, for each of the group members, a data point indicating a status for a particular health parameter and a location of the applicable group member relative to other group members. Historical status change data may be maintained and used to predict a next status change expected.

Abstract: A server rack may include a chassis controller for the server rack and a set of baseboard management controllers (BMCs) corresponding to servers stored in the server rack. Each BMC is communicatively connected to the chassis controller internal to the server rack. Each BMC is also communicatively connected to a network switch located external to the server rack to communicate with the set of BMCs using the network switch. When a first BMC loses communication with the chassis controller internal to the server rack, the first BMC communicates with the chassis controller via a second BMC and the network switch.

Abstract: Methods and systems for secure messaging may involve receiving an encrypted message from a node, decrypting the message using a default key, sending a message, rotating a group key, and distributing a key rotation message. The message received may be to discover a master of a group. The message sent may welcome the node into the group as a member. The welcome message may be encrypted with the default key and may include information to determine the group key. The group key may be rotated based on an expiration of a group key rotation window. The group key may become a prior group key and the rotated group key may be a current group key. The key rotation message may be encrypted with one of the default key or the prior group key and may include information to determine the current group key.