IBM Remote Supervisor Adapter
- 1 Adapter versions
- 2 Peculiarities
- 2.1 Maximum password length
- 2.2 Java 1.6 incompatibility bug
- 2.3 Invisible to traceroute
- 2.4 Reliability problems
- 2.5 Requires UDP
- 2.6 No video through NAT
- 2.7 No video when using a Cisco router or switch with Network Address Translation (NAT)
- 2.8 Network port may not be set to the Default of DHCP IP Address then (Static IP - Fallback Configuration)
- 2.9 Difficult to reset
- 2.10 LDAP authentication generally unusable
- 2.11 Host OS tools
- 3 Related
- 4 Default password
- 5 See also
- 6 References
Advanced Systems Management Adapter (ASMA)
This is a full-length ISA or PCI adapter. The ISA version is very rare, and was only ever supported in one or two servers. This adapter can be accessed either in-band through a device driver, or out-band over serial or 10Mbit Ethernet.
In addition, this adapter supports chaining of IBM Servers with Advanced Systems Management Processors (ASMP) using RJ45 patch cables (RS-485 signal), to reduce the number of adapters required. A total of 12 systems can be controlled this way using a single adapter.
The PCI version is supported under Linux through the ibmasm driver.
- ooo Netfinity 4500R
- IBM Netfinity 5000, 5100, 5500, 5500 M10, 5500 M20, 5600
- IBM Netfinity 6000R
- IBM Netfinity 7000 M10, 7100, 7600
- IBM Netfinity 8500R
- IBM eServer xSeries 230, 240, 250
- IBM eServer xSeries 330 (8654), 340, 350, 370
Remote Supervisor Adapter II (RSA-II) 73P9265
This is a half-length full-height PCI adapter, which can be accessed either in-band through a device driver, or out-band over serial or Ethernet.
In addition, this adapter supports chaining of IBM Servers with Integrated Systems Management Processors (ISMP) using RJ45 patch cables (RS-485 signal), to reduce the number of adapters required.
This adapter (when properly cabled) can be accessed for in-band management through a USB driver.
This adapter has its own ATI video chip, and will cause the onboard video chip to get disabled. The reason for this was to resolve some of the problems with capturing the video for the remote KVM function that the original RSA experienced. Just like the original RSA, in the event of chaining the remote KVM function is only supported on the server with the adapter installed.
- IBM eServer 326, 326m
- IBM eServer xSeries 206, 225 (8649), 226, 235, 255
- IBM eServer xSeries 305, 306, 306m, 335, 345, 365
- IBM eServer xSeries 445
The RSA-II requires a 20-pin cable to attach to the motherboard of the server. Without this cable the remote video facilities will still work, and if the external USB cable is connected, the remote keyboard and mouse will work—but nothing else (including power control) will function properly. Moreover, some servers will pause for 30–120 seconds after power-on if the RSA-II is installed but the cable is missing.
Different cables are required for different servers, and as of April 2008 it appears that the cards themselves are far more plentiful on the used market than certain cables—often the cables sell for more than the cards themselves!
Here is a table of known server/cablenumber combinations:
- eServer 326 uses cable 73P9312
- x345 uses cable 02R1661
Older servers use what is known as the "planar cable". Newer servers use the cable shown in the adjacent image:
Remote Supervisor Adapter II Slimline (RSA-II Slimline)
This is a special version of the RSA-II that does not need a PCI slot. Instead it is plugged into a dedicated slot on the systemboard, like a mini-pci adapter. This version also does not have a video controller anymore like the RSA-II.
Out-band management is provided by a dedicated Ethernet port on the server, which is not connected if the RSA-II Slimline is not installed. In-Band management is provided by the same USB driver as the RSA-II.
- IBM eServer xSeries 236, 260
- IBM eServer xSeries 336, 346, 366
- IBM eServer xSeries 460, MXE-460
- IBM System x 3200, 3250, 3350, 3400, 3500, 3550, 3650, 3655, 3755, 3800, 3850, 3950
This section needs additional citations for verification. (February 2014) (Learn how and when to remove this template message)
Maximum password length
A password can only be up to 15 characters long. If more characters are typed at the changing password form, there will be no error message but they won't be memorized.
Java 1.6 incompatibility bug
The RSA remote control is now broken IBM has issued a fix that only works some of the time. Most users are advised to use Java JRE 1.60 U07 or earlier, which is impossible if the user does not have administrative access to the client machine. IBM has been unresponsive. jre-1_5_0_21-windows-i586-p.exe generally gives good results on windows clients.
Invisible to traceroute
The network stack used by the RSAII does not respond to UDP packets sent to a closed port; therefore, it appears to be "invisible" to traceroutes based on UDP (the default for non-Windows systems).
A defect in the design of the RSA can cause it to go into a state in which the remote video capabilities are disabled. Unfortunately, once in this state the only way to correct the situation is to physically remove power from the RSA and the server; no amount of remote restarting will correct the problem. Because the point of the RSA is to eliminate the need for this sort of physical intervention to clear errors, this flaw calls into question the usefulness of the device.
This flaw is documented on IBM's website at 
The video forwarding also takes an initial reboot to take effect after the RSA was re-configured. At this point the operator would be in the BIOS menu but without the video functionality active. A reboot of the RSA will not suffice, the whole server has to be rebooted.
The card can also crash during some operations certificate generation.
The remote control feature of the service processor requires that it be possible to exchange packets on UDP port 2000 between the adapter and the client.
No video through NAT
The adapter does not cope well with NAT. The symptoms generally experienced are a lack of video when attempting to access remote control. If in doubt, ensure that the client (web browser) has its own public internet IP and is not behind any sort of NAT.
No video when using a Cisco router or switch with Network Address Translation (NAT)
When using a Cisco router or switch with Network Address Translation (NAT) enabled, connection to the Remote Supervisor Adapter (RSA) II web UI is operational. When starting the remote control session, the user receives a blank screen.
The remote console port should be changed from 2000 to 5090 or any other value.
Log into the RSA II web UI pages. In the RSA II web UI, go to Port Assignments in the left panel. Go to remote console and change the value to 5090. Save and restart the ASM. Port 2000 is being used by Cisco Skinny Client Control Protocol (SCCP). Since the default value for RSA II console port (remote video) is 2000, it needs be changed to another value such as 5090. 
Network port may not be set to the Default of DHCP IP Address then (Static IP - Fallback Configuration)
The RSA II adapter's network port, by Default, is set to "Try DHCP Server. If it Fails, Use Static IP Config", where "Static IP Config" is the fallback IP address configuration; however, this behavior may vary depending upon the Firmware version installed or configuration changes made by a prior user. If the RSA II is reset to Defaults, the associated NIC should also automatically reset to DHCP IP address then Static IP if a DHCP address cannot be obtained.
- RSA II - Static IP Address Default is: 192.168.70.125
If the RSA II NIC is not responding to network communication or an expected IP address, the associated network settings (including currently assigned IP address and configuration) can be viewed, modified and/or reset through the server's Advanced - BIOS settings under the RSA II or Remote Supervisor Adapter II (or similar title) Advanced feature setting.
Be sure to Save the Network settings before exiting the RSA II configuration screen and Save any other changes to BIOS settings before exiting the BIOS Setup Configuration.
Difficult to reset
Procedures for resetting the RSAII to factory defaults may be challenging for some users. The IBM forums list a procedure  for resetting an RSAII to factory defaults which appears to be simpler; it involves removing the card from the server and operating it from a non-PCI power supply. Most of the problems resolve around correct loading of the USB library. Ensuring this is properly loaded raises chances of success.
LDAP authentication generally unusable
LDAP authentication fails if a user is a member of more than one posixGroup, which is usually the case in non-trivial directories. IBM privately acknowledged the problem has existed for over four years, but still has not published a fix. The problem is that it considers only first posixGroup in resultset, so if you manage to reorganize directory to return your matching group first, you can succeed on the auth (with openldap ldif dump, delete and restore tends to keep results ordered).
Host OS tools
Like almost all IBM-provided management tools, software tools do not respect long established OS conventions for packaging, file paths and naming.
Firmware updates are incompatible with a non-executable /tmp directory, a commonly employed security setting.
Command line tools have many undocumented behaviors. "asu," the executable used to query or set parameters on the board, writes logs to the current directory with a hardcoded name, without warning and without basic sanity checks. It will thus silently overwrite the target of a symbolic link with that name.
BladeCenter Management Module (BCMM)
This is the first management module of the IBM BladeCenter.
Its function is very similar to that of the RSA-II
The BCMM provides an external 10/100Mbit Ethernet connection (used for out-of-band management) and shared VGA, PS/2 Keyboard and PS/2 Mouse ports. Internally the VGA and PS/2 ports are switchable between blades. The PS/2 ports are internally seen to the blades as USB.
This has since been phased out and replaced by the BCAMM. It is no longer supported by IBM.
BladeCenter Advanced Management Module (BCAMM)
This is a hardware refresh of the management module for the IBM BladeCenter. The PS/2 ports for keyboard and mouse were replaced with two USB ports. The BCAMM is currently under active development and its firmware offers more capabilities than the original BCMM.
Advanced Systems Management Processor (ASMP)
This is an integrated Service Processor on select IBM Intel-based servers. It was succeeded by the ISMP. Out-of-band management is possible using a serial port (shared with the OS), or by adding the Advanced Systems Management Adapter (ASMA).
These servers have ASMP functionality:
- IBM Netfinity 4500R
- IBM Netfinity 5000, 5100, 5500, 5600
- IBM Netfinity 6000R
- IBM Netfinity 7100, 7600
- IBM xSeries 130 (8654), 135 (8654), 150
- IBM xSeries 230, 240, 250
- IBM xSeries 330, 340, 350
Integrated Systems Management Processor (ISMP)
This is an integrated Service Processor on select IBM Intel-based servers. It was succeeded by the BMC (Baseboard Management Controller). Out-of-band management is possible by adding the RSA or RSA II.
These servers have ISMP functionality:
- IBM xSeries 232, 235, 236, 255
- IBM xSeries 335, 342, 345
Baseboard Management Controller (BMC)
On many legacy IBM Intel-based servers the BMC is standard with the RSA II or RSA II Slimline as an Option device.
Integrated Management Module (IMM)
The IBM Integrated Management Module (IMM) is the next generation of System Management devices for UEFI based servers and comprises features and functionality of the legacy Baseboard Management Controller (BMC), Remote Supervisor Adapter II (RSA II) while incorporating the Super I/O controller and Video controller.
The IMM interfaces with the server's UEFI System firmware (Unified Extensible Firmware Interface) to provide system management monitoring and functionality.
Although some issues known to both the RSA II and BMC may have been migrated to the early IMM generations (in addition to the IMM's own unique issues), most of these issues have been resolved while adding some of greatly improved features and Administrator / User experience over the BMC and RSA II predecessors.
- Advanced Predictive Failure Analysis (PFA)
- Configurable IMM Dedicated or Shared Ethernet connection
- Virtual Light Path Diagnostic
- Email alerts
- Remote Firmware updating
- Remote Power control, Remote Console / control of both hardware and Operating System
- OS failure screen shot capture
- Remote Mounting of Virtual Devices such as CD/DVD drive, USB Flash Drives, ISO / Disk images and Diskette drive
The default login is "USERID" and the default password is "PASSW0RD" (note the zero rather than an "O").
- Remote graphics session shows blank screen - IBM Remote Supervisor Adapter II
- IBM Remote supervisor adapter User's Guide
- IBM RSA-II and RSA-II Slimline User's Guide
- IBM RSA-II - Overview
- IBM Service Processors support matrix
- How to use the IBM RSA keyboard/video remote control without a browser