Integrated Dell™ Remote Access Controller (iDRAC) Firmware Version 1.
Notes and Cautions NOTE: A NOTE indicates important information that helps you make better use of your computer. CAUTION: A CAUTION indicates potential damage to hardware or loss of data if instructions are not followed. ___________________ Information in this document is subject to change without notice. © 2009 Dell Inc. All rights reserved. Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden.
Contents 1 iDRAC Overview . . . . . . . . . . . . . . . . . . . iDRAC Management Features . iDRAC Security Features . . . . . . . . . . . . . 26 . . . . . . . . . . . . . . . . 27 iDRAC Firmware Improvements . Supported Platforms . . . . . . . . . . . . . 28 . . . . . . . . . . . . . . . . . . 28 Supported Operating Systems . Supported Web Browsers . . . . . . . . . . . . . . 28 . . . . . . . . . . . . . . . 28 Supported Remote Access Connections iDRAC Ports . . . . . . . . 29 . . . .
Configure Platform Events . . . . . . . . . . . . . Enabling or Disabling Local Configuration Access . . . . Configure iDRAC Services . . . . . . . . . . . . 38 . . . . . . . . . . . . . 38 . . . . . . 39 . . . . . . . . . . . . . . 39 Configure Secure Sockets Layer (SSL) . Configure Virtual Media. Install the Managed Server Software . . . . . . . Configure the Managed Server for the Last Crash Screen Feature . . . . . . . 39 . . . . . . . . . . .
3 Configuring the Management Station . . . . . . . . . . . . . . . . . . Management Station Set Up Steps . . . . . . . . . 53 . . . . . . . . . . . 53 Management Station Network Requirements . . . . . 53 . . . . . . . . 54 . . . . . . . . . . . . 54 Configuring a Supported Web Browser . Opening Your Web Browser Configuring Your Web Browser to Connect to the Web Interface . . . . . . . . . . . Adding iDRAC to the List of Trusted Domains. . . . . . . . . . . . . . . . . . . . . . . 57 . . .
4 Configuring the Managed Server . . . . . Installing the Software on the Managed Server . . . . 67 . . . . . . . . . . 68 . . . . . . . . . . . 69 Configuring the Managed Server to Capture the Last Crash Screen. . . . Disabling the Windows Automatic Reboot Option . . . . . . . . . . . 5 Configuring the iDRAC Using the Web Interface . . . . . . . . . . . . . . . . . . 71 . . . . . . . . . . . . . . 71 Logging In . . . . . . . . . . . . . . . . . . . . . . 72 Logging Out . . . . . . . .
Securing iDRAC Communications Using SSL and Digital Certificates Secure Sockets Layer (SSL) . . . . . . . . . . . 86 . . . . . . . . . . . . 87 . . . . . . . . . 87 . . . . . . . . . . 88 . . . . . . . . . . . 89 Certificate Signing Request (CSR) Accessing the SSL Main Menu Generating a New Certificate Signing Request . . . . . . . . . . . . . . . . . 91 . . . . . . . . . . . . 91 Uploading a Server Certificate .
6 Using the iDRAC with Microsoft Active Directory . . . . . . . . . . . . . . . . . . Advantages and Disadvantages of Extended Schema and Standard Schema . . . . . . . . . . . . Extended Schema Active Directory Overview 106 . . . . . . 106 . . . . . . . . . . 107 Active Directory Object Overview . . . . . . . . Configuring Extended Schema Active Directory to Access Your iDRAC . . . . . . . . . Extending the Active Directory Schema . . . . .
Enabling SSL on a Domain Controller . . . . . . . . . . 131 Exporting the Domain Controller Root CA Certificate . . . . . . . . . . . . . . . . . 132 Importing the iDRAC Firmware SSL Certificate . . . . . . . . . . . . . . . . . . . 133 . . . . . . . . . . . . . 134 . . . . . . . . . . . . . . 135 Using Active Directory to Log In To the iDRAC . . . . . . . . Frequently Asked Questions . 7 Viewing the Configuration and Health of the Managed Server . . . . . . . . . . . . . . . . .
8 Configuring and Using Serial Over LAN . . . . . . . . . . . . . . . . . . . Enabling Serial Over LAN in the BIOS . . . . . . . . . 145 . . . . . . . . . . . . 146 . . . . . . . . . . . . . 149 Configuring Serial Over LAN in the iDRAC Web GUI . . . . . . Using Serial Over LAN (SOL) . Model for Redirecting SOL Over Telnet or SSH . . . . . . . . . . Model for the SOL Proxy . . . . . . . . . 149 . . . . . . . . . . . . . 150 Model for Redirecting SOL Over IMPItool . . . . . . . . . . . . . .
Opening a Console Redirection Session . Using the Video Viewer . . . . . 172 . . . . . . . . . . . . . . . . . 174 Synchronizing the Mouse Pointers . Frequently Asked Questions . 10 Configuring and Using Virtual Media . . . . . . . Overview . 178 . . . . . . . . Disabling or Enabling Local Console . . . . . . . . 178 . . . . . . . . . . . . . . 179 . . . . . . . . . . . . . 185 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 . . . . . . . . 188 . . . . . . . . . . . . .
11 Using the Local RACADM Command Line Interface . . . . . . . . . . . . 199 . . . . . . . . . . . . 199 . . . . . . . . . . . . . . . 200 Using the RACADM Command . RACADM Subcommands . Using the RACADM Utility to Configure the iDRAC . . . . . . . . . . . . . . . . . . Displaying Current iDRAC Settings . . . . . . . . Managing iDRAC Users with RACADM . Adding an iDRAC User 202 . . . . . . . . . . . . . . 203 . . . 203 . . . . . . . . . . . . 204 . . . . . . . . . . . . . .
Loading the Configuration File Into the iDRAC . . . . . . . . Configuring Multiple iDRACs . . . . . . . . . . . 220 . . . . . . . . . . . . . . 221 12 Using the iDRAC SM-CLP Command Line Interface . . . . . . . . . . . . System Management With SM-CLP . . . . . . . . . . . 223 . . . . . . . . . . . . . . . . . 224 . . . . . . . . . . . . . . . . . . . . 224 iDRAC SM-CLP Support SM-CLP Features Navigating the MAP Address Space Targets 223 . . . . . . . . . . 227 . . . . . . . . . . . . . .
13 Deploying Your Operating System Using iVM-CLI . . . Before You Begin . . . . . . . . . . . . 237 . . . . . . . . . . . . . . . . . . . 237 . . . . . . . . . . 237 . . . . . . . . . . . . . 237 Remote System Requirements Network Requirements . Creating a Bootable Image File . . . . . . . . . . . . 238 Creating an Image File for Linux Systems . . . . . . . . . . . . . . . . . . . 238 Creating an Image File for Windows Systems . . . . . . . . . . . . . . . . 238 . . . . . . . . . . . . .
LAN Parameters Virtual Media . . . . . . . . . . . . . . . . . . 250 . . . . . . . . . . . . . . . . . . . . 252 . . . . . . . . . . . . . . 252 . . . . . . . . . . . . . . . . . . 253 LAN User Configuration Reset to Default . System Event Log Menu Exiting the iDRAC Configuration Utility . 15 Recovering and Troubleshooting the Managed Server . . . . . . . . . . Safety First – For You and Your System Trouble Indicators 253 . . . . . . . . . . . . . . 254 . . . . . . . . . . . 255 . . . . .
A RACADM Subcommand Overview . . . . . . . . . . . . . . help . . . . . . . . . . . . . . 283 . . . . . . . . . . . . . . . . . . . . . . . . . . 283 config . . . . . . . . . . . . . . . . . . . . . . . . . . getconfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288 getsysinfo . . . . . . . . . . . . . . . . . . . . . . . . 290 getractime . . . . . . . . . . . . . . . . . . . . . . . 292 setniccfg . . . . . . . . . . . . . . . . . . . . . .
sslcertview. . . . . . . . . . . . . . . . . . . . . . . . 307 . . . . . . . . . . . . . . . . . . . . . . . . 309 . . . . . . . . . . . . . . . . . . . . . . . . . 311 testemail . testtrap . clearasrscreen . B iDRAC Property Database Group and Object Definitions Displayable Characters idRacInfo . 312 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313 . . . . . . . . . . . . . . . . . 313 . . . . . . . . . . . . . . . . . . . . . . . . 313 idRacProductInfo (Read Only) . .
cfgNicMacAddress (Read Only) . . . . . . . . . 321 cfgNicVLanEnable (Read/Write) . . . . . . . . . 321 . . . . . . . . . . . 321 cfgNicVLanId (Read/Write) . . . . . . . . . 322 . . . . . . . . . . . . . . . . . . . . . 322 cfgNicVLanPriority (Read/Write) . cfgUserAdmin cfgUserAdminIpmiLanPrivilege (Read/Write) . . . . . . . . . . . . . . . . . . . cfgUserAdminPrivilege (Read/Write) . . . . . . . . . . . . 324 324 . . . . . . . . . . . . . . . 325 cfgUserAdminPassword (Write Only) . . .
cfgRacTuning . . . . . . . . . . . . . . . . . . . . . . cfgRacTuneHttpPort (Read/Write) . . . . . . . . . 330 330 . . . . . . . . 331 . . . . . . . . . . . . 331 cfgRacTuneIpRangeAddr . . . . . . . . . . . . . . 331 cfgRacTuneIpRangeMask . . . . . . . . . . . . . 332 . . . . . . . . . . . . . . 332 cfgRacTuneHttpsPort (Read/Write) cfgRacTuneIpRangeEnable . cfgRacTuneIpBlkEnable cfgRacTuneIpBlkFailCount . . . . . . . . . . . . . 332 cfgRacTuneIpBlkFailWindow . . . . . . . . . . . .
cfgSecCsrEmailAddr (Read/Write) . . . . . . . . 340 . . . . . . . . . 340 . . . . . . . . . . . . . . . . . . . . . 340 cfgSecCsrKeySize (Read/Write) cfgRacVirtual . cfgVirMediaAttached (Read/Write) cfgVirAtapiSrvPort (Read/Write) . . . . . . . 340 . . . . . . . . . 341 cfgVirAtapiSrvPortSsl (Read/Write) . . . . . . . 341 cfgVirMediaBootOnce (Read/Write) . . . . . . . 342 . . . . . . . . 342 . . . . . . . . . . . . . . . . . . 342 cfgFloppyEmulation (Read/Write). cfgActiveDirectory .
cfgIpmiSolSendThreshold (Read/Write) . . . . . . . cfgIpmiLan . . . . . . . . . . . . . . 349 . . . . . . . . . . . . . . . . . . . . . . . 349 cfgIpmiLanEnable (Read/Write) cfgIpmiLanPrivLimit (Read/Write) 350 . . . . . . . . . . . . . . . . 350 . . . . . . . . 351 cfgIpmiLanAlertEnable (Read/Write) . cfgIpmiEncryptionKey (Read/Write) . . . . 351 . . . . . . . . . . . . . . . . . . . . . . . . 351 cfgIpmiPetCommunityName (Read/Write) . cfgIpmiPef 349 . . . . . . . . . .
/system1/sp1/enetport1/* . . . . . . . . . . . . . . . . macaddress (Read Only) . . . . . . . . . . . . . . . . . . 359 359 . . . . . . . . . . . . . 360 oemdell_nicenable (Read/Write) . subnetmask (Read/Write) . . . . . . . . . . . . . . . . . . . . . . 360 361 /system1/sp1/enetport1/lanendpt1/ ipendpt1/dnsendpt1 . . . . . . . . . . . . . . . . . . oemdell_domainnamefromdhcp (Read/Write) . . . . . . . . . . . . . . . . . . . 362 362 . . . . . . . 363 . . . . 363 . . . . . 363 . . . . .
/system1/sp1/oemdell_adservice1 enabledstate (Read/Write) . . . . . . . . . . . 366 . . . . . . . . . . . . . 366 oemdell_adracname (Read/Write) . . . . . . . . . 367 oemdell_adracdomain (Read/Write) . . . . . . . . 367 oemdell_adrootdomain (Read/Write) . . . . . . . 367 . . . . . . . . . . . 368 oemdell_timeout (Read/Write) . . . . . . . . 368 . . . . . . . . . . 368 . . . . . . . . . . . 369 . . . . . . . . . . . . .
/system1/sp1/oemdell_vmservice1 enabledstate (Read/Write) . . . . . . . . . . 374 . . . . . . . . . . . . 374 oemdell_singleboot (Read/Write). . . . . . . . . oemdell_floppyemulation (Read/Write). . . . . . /system1/sp1/oemdell_vmservice1/tcpendpt1. . . . . 375 . . . . . . . . . . . . 375 portnumber (Read/Write) . . . . . . . . . . . . . 376 . . . . . . . . . 376 . . . . . . . . . . . . . . 377 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389 . . . . . . . . . . . . . . . .
iDRAC Overview The Integrated Dell™ Remote Access Controller (iDRAC) is a systems management hardware and software solution that provides remote management capabilities, crashed system recovery, and power control functions for Dell PowerEdge™ systems. The iDRAC uses an integrated System-on-Chip microprocessor for the remote monitor/control system. The iDRAC co-exists on the system board with the managed PowerEdge server.
The iDRAC network interface is disabled by default. It must be configured before the iDRAC is accessible. After the iDRAC is enabled and configured on the network, it can be accessed at its assigned IP address with the iDRAC web interface, telnet or SSH, and supported network management protocols, such as Intelligent Platform Management Interface (IPMI). NOTE: Dell recommends that you isolate or separate the chassis management network, used by iDRAC and CMC, from your production network(s).
• iDRAC alert — Alerts you to potential managed node issues through an email message or SNMP trap • Remote power management — Provides remote power management functions, such as shutdown and reset, from a management console • Single Sign-On from CMC Web interface — Once credentials are accepted by CMC, users can access any iDRAC without additional login NOTE: If a warning window appears during the Single Sign-On process, it must be bypassed within 20 seconds or Single Sign-On will fail.
• Secure Shell (SSH), which uses an encrypted transport layer for higher security • Login failure limits per IP address, with login blocking from the IP address when the limit is exceeded • Limited IP address range for clients connecting to the iDRAC iDRAC Firmware Improvements The following improvements have been made to the iDRAC firmware: • Major improvements in Active Directory lookup performance • Improved responsiveness of TCP-IP networking stack • Improved health status interface between i
Supported Remote Access Connections Table 1-1 lists the connection features. Table 1-1.
Table 1-3. iDRAC Client Ports Port Number Function 25 SMTP 53 DNS 68 DHCP-assigned IP address 69 TFTP 162 SNMP trap 636 LDAPS 3269 LDAPS for global catalog (GC) Other Documents You May Need In addition to this guide, the following documents provide additional information about the setup and operation of the iDRAC in your system: 30 • The iDRAC online Help provides information about using the Web interface.
• The Dell OpenManage IT Assistant User’s Guide provides information about using IT Assistant. • The Dell OpenManage Server Administrator User’s Guide provides information about installing and using Server Administrator. • The Dell Update Packages User’s Guide provides information about obtaining and using Dell Update Packages as part of your system update strategy.
iDRAC Overview
Configuring the iDRAC This section provides information about how to establish access to the iDRAC and to configure your management environment to use iDRAC. Before You Begin Gather the following items prior to configuring the iDRAC: • Dell Chassis Management Controller User Guide • Dell Systems Management Tools and Documentation DVD Interfaces for Configuring the iDRAC You can configure the iDRAC using the iDRAC Configuration Utility, the iDRAC Web interface, the local RACADM CLI, or the SM-CLP CLI.
Table 2-1. Configuration Interfaces Interface Description iDRAC Configuration Utility Accessed at boot time, the iDRAC Configuration utility is useful when installing a new PowerEdge server. Use it for setting up the network and basic security features and for enabling other features. iDRAC Web Interface The iDRAC Web interface is a browser-based management application that you can use to interactively manage the iDRAC and monitor the managed server.
Table 2-1. Configuration Interfaces (continued) Interface Description iVM-CLI The iDRAC Virtual Media Command Line Interface (iVM-CLI) provides the managed server access to media on the management station. It is useful for developing scripts to install operating systems on multiple managed servers. NOTE: The iVM–CLI utility is only supported with IPv4 addresses.
Configuration Tasks This section is an overview of the configuration tasks for the management station, the iDRAC, and the managed server. The tasks to be performed include configuring the iDRAC so that it can be used remotely, configuring the iDRAC features you want to use, installing the operating system on the managed server, and installing management software on your management station and the managed server. The configuration tasks that can be used to perform each task are listed beneath the task.
• Chassis LCD Panel — see the Dell Chassis Management Controller Firmware User Guide • iDRAC configuration utility — see "LAN" on page 249 • CMC Web interface — see "Configuring Networking Using the CMC Web Interface" on page 40 • RACADM — see "cfgLanNetworking" on page 316 Configure iDRAC Users Set up local iDRAC users and permissions. The iDRAC holds a table of sixteen local users in firmware. You can set usernames, passwords, and roles for these users.
• iDRAC Web interface — see "Configuring IP Filtering and IP Blocking" on page 77 • RACADM — see "Configuring IP Filtering (IpRange)" on page 211, "Configuring IP Blocking" on page 213 Configure Platform Events Platform events occur when the iDRAC detects a warning or critical condition from one of the managed server’s sensors. Configure Platform Event Filters (PEFs) to choose the events you want to detect, such as rebooting the managed server, when an event is detected.
• RACADM — see "Configuring iDRAC Telnet and SSH Services Using Local RACADM" on page 215 Configure Secure Sockets Layer (SSL) Configure SSL for the iDRAC web server.
Configuring Networking Using the CMC Web Interface NOTE: You must have Chassis Configuration Administrator privilege to set up iDRAC network settings from the CMC. NOTE: The default CMC user is root and the default password is calvin. NOTE: The CMC IP address can be found in the iDRAC Web interface by clicking System→Remote Access→CMC. You can also launch the CMC Web interface from this page.
Configuration of the FlexAddress feature is performed using the CMC Web interface. For more information on the FlexAddress feature and its configuration, see your Dell Chassis Management Controller User Guide and the Chassis Management Controller (CMC) Secure Digital (SD) Card Technical Specification document.
CAUTION: With the FlexAddress enabled, if you switch from the server–assigned MAC address to a chassis–assigned MAC address or vice–versa, the iDRAC IP address also changes. NOTE: You can enable or disable the iDRAC FlexAddress feature only through CMC. iDRAC GUI only reports the status. Any existing vKVM or vMedia session terminates if the FlexAddress setting is changed in the CMC FlexAddress page.
Downloading the iDRAC Firmware or Update Package Download the firmware from support.dell.com. The firmware image is available in several different formats to support the different update methods available. To update the iDRAC firmware using the iDRAC Web interface or SM-CLP, or to recover the iDRAC using the CMC Web interface, download the binary image, packaged as a self-extracting archive.
You must use the CMC Web interface to update the firmware when the CMC detects that the iDRAC firmware is corrupted, as could occur if the iDRAC firmware update progress is interrupted before it completes. See "Recovering iDRAC Firmware Using the CMC" on page 103. The CMC Web interface (CMC 2.0 or later) also provides a one-to-many out-of-band iDRAC firmware update capacity that can be used at any time.
configuration information. You should not use this option unless explicitly told to do so by a Dell Support representative because it deletes all of your existing iDRAC configuration information such as IP addresses, users, and passwords. Verifying the Digital Signature A digital signature is used to authenticate the identity of the signer of a file and to certify that the original content of the file has not been modified since it was signed.
at passports, checking fingerprints from different sources, etc.) 1 2 3 4 5 m = = = = = = I don't know or won't say I do NOT trust I trust marginally I trust fully I trust ultimately back to the main menu Your decision? d Type 5 . The following prompt appears: Do you really want to set this key to ultimate trust? (y/N) e Type y to confirm your choice. f Type quit to exit the GPG key editor. You must import and validate the public key only once.
The following example illustrates the steps that you follow to verify a PowerEdge M600 BIOS Update Package: 1 Download the following two files from support.dell.com: • PEM600_BIOS_LX_2.1.2.BIN.sign • PEM600_BIOS_LX_2.1.2.BIN 2 Import the public key by running the following command line: gpg --import The following output message appears: gpg: key 23B66A9D: "Dell Computer Corporation (Linux Systems Group)
The following output message appears: gpg: Signature made Fri Jul 11 15:03:47 2008 CDT using DSA key ID 23B66A9D gpg: Good signature from "Dell, Inc. (Product Group) " NOTE: If you have not validated the key as shown in step 3, you will receive additional messages: gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner.
Firefox 1 Start Firefox. 2 Click Edit→Preferences. 3 Click the Privacy tab. 4 Click the Clear Cache Now. 5 Click Close. Configuring iDRAC for Use with IT Assistant Dell™ OpenManage™ IT Assistant comes preconfigured to discover managed devices that comply with Simple Network Management Protocol (SNMP) version 1 and version 2c and Intelligent Platform Management Interface (IPMI) version 2.0. The iDRAC complies with IPMI version 2.0.
4 Toggle LAN Alert Enabled to On using the spacebar. 5 Enter the IP address of your Management Station into Alert Destination 1. 6 Enter a name string into iDRAC Name with a consistent naming convention across your data center. The default is iDRAC-{Service Tag}. Exit the iDRAC Configuration Utility by pressing , , and then to save your changes. Your server will now boot into normal operation, and IT Assistant will discover it during the next scheduled Discovery pass.
Dell highly recommends that for security purposes you create a separate user account for IPMI commands with its own user name, IPMI over LAN privileges, and password. 1 Navigate to iDRAC→Network/Security→Users. 2 Click on the number of an undefined User. 3 Enable the User and enter a Name and Password. 4 Make sure Maximum LAN User Privilege Granted is set to Administrator. 5 Click Apply to save your changes.
Configuring the iDRAC
Configuring the Management Station A management station is a computer used to monitor and manage the Dell™ PowerEdge™ servers and other modules in the chassis. This section describes software installation and configuration tasks that set up a management station to work with the iDRAC. Before you begin configuring the iDRAC, follow the procedures in this section to ensure that you have installed and configured the tools you will need.
Using the iDRAC console redirection feature (see "Configuring and Using Serial Over LAN" on page 145), you can access the managed server’s console even if you do not have network access to the server’s ports. You can also perform several management functions on the managed server, such as rebooting the computer and using iDRAC facilities. To access network and application services hosted on the managed server, however, you may need an additional NIC in the management computer.
1 Open a Web browser window. 2 Click Tools, and click Internet Options. The Internet Options window appears. 3 Select Tools→Internet Options→Security→Local Network (Internet Explorer 7) -or- Local Intranet (Internet Explorer 6). 4 Click the Custom Level. 5 Select Medium-Low from the drop-down menu, and click Reset. Click OK to confirm. You will need to re-enter the Custom Level dialog by clicking its button.
• Open files based on content, not file extension: Enable • Software channel permissions: Low safety • Submit nonencrypted form data: Enable • Use Pop-up Blocker: Disable In the Scripting section: • Active scripting: Enable • Allow paste operations via script: Enable • Scripting of Java applets: Enable 7 Select Tools→Internet Options→Advanced.
• Show pictures: checked In the Security section: • Check for publishers' certificate revocation: unchecked • Check for signatures on downloaded programs: checked • Use SSL 2.0: unchecked • Use SSL 3.0: checked • Use TLS 1.
Viewing Localized Versions of the Web Interface The iDRAC Web interface is supported on the following operating system languages: • English (en-us) • French (fr) • German (de) • Spanish (es) • Japanese (ja) • Simplified Chinese (zh-cn) The ISO identifiers in parentheses denote the specific language variants which are supported. Use of the interface with other dialects or languages is not supported and may not function as intended.
LANG=zh_CN.UTF-8 LC_CTYPE="zh_CN.UTF-8" LC_NUMERIC="zh_CN.UTF-8" LC_TIME="zh_CN.UTF-8" LC_COLLATE="zh_CN.UTF-8" LC_MONETARY="zh_CN.UTF-8" LC_MESSAGES="zh_CN.UTF-8" LC_PAPER="zh_CN.UTF-8" LC_NAME="zh_CN.UTF-8" LC_ADDRESS="zh_CN.UTF-8" LC_TELEPHONE="zh_CN.UTF-8" LC_MEASUREMENT="zh_CN.UTF-8" LC_IDENTIFICATION="zh_CN.UTF-8" LC_ALL= 3 If the values include "zh_CN.UTF-8", no changes are required. If the values do not include "zh_CN.UTF-8", go to step 4. 4 Edit the /etc/sysconfig/i18n file with a text editor.
To disable the whitelist feature and avoid unnecessary plugin installations, perform the following steps: 1 Open a Firefox Web browser window. 2 In the address field, type about:config and press . 3 In the Preference Name column, locate and double-click xpinstall.whitelist.required. The values for Preference Name, Status, Type, and Value change to bold text. The Status value changes to user set and the Value value changes to false. 4 In the Preferences Name column, locate xpinstall.enabled.
NOTE: If the .jnlp file type is not associated with Java Web Start after installing JRE or JDK, you can set the association manually. For Windows (javaws.exe) click Start→Control Panel→Appearance and Themes→Folder Options. Under the File Types tab, highlight .jnlp under Registered file types, and then click Change. For Linux (javaws), start Firefox, and click Edit→Preferences→Downloads, and then click View and Edit Actions.
Configuring the Backspace Key For Your Telnet Session Depending on the telnet client, using the key may produce unexpected results. For example, the session may echo ^h. However, most Microsoft and Linux telnet clients can be configured to use the key. To configure Microsoft telnet clients to use the key, perform the following steps: 1 Open a command prompt window (if required).
NOTE: OpenSSH should be run from a VT100 or ANSI terminal emulator on Windows. Running OpenSSH at the Windows command prompt does not result in full functionality (that is, some keys do not respond and no graphics are displayed). Only one telnet or SSH session is supported at any given time. The session timeout is controlled by the cfgSsnMgtSshIdleTimeout property as described in "iDRAC Property Database Group and Object Definitions" on page 313.
Installing a TFTP Server NOTE: If you use only the iDRAC Web interface to transfer SSL certificates and upload new iDRAC firmware, no TFTP server is required. Trivial File Transfer Protocol (TFTP) is a simplified form of the File Transfer Protocol (FTP). It is used with the SM-CLP and RACADM command line interfaces to transfer files to and from the iDRAC. The only times when you need to copy files to or from the iDRAC are when you update the iDRAC firmware or install certificates on the iDRAC.
• Dell Support website and Readme files — Check Readme files and the Dell Support website at support.dell.com for the most recent information about your Dell products. Use the Dell Systems Management Tools and Documentation DVD to install the management console software, including Dell OpenManage IT Assistant, on the management station. For instructions on installing this software, see your Quick Installation Guide.
Configuring the Management Station
Configuring the Managed Server This section describes tasks to set up the managed server to enhance your remote management capabilities. These tasks include installing the Dell™ OpenManage™ Server Administrator software and configuring the managed server to capture the last crash screen. Installing the Software on the Managed Server The Dell management software includes the following features: • Local RACADM CLI — allows you to configure and administer the iDRAC from the managed system.
Configuring the Managed Server to Capture the Last Crash Screen The iDRAC can capture the last crash screen so that you can view it in the Web interface to help troubleshoot the cause of the managed system crash. Follow these steps to enable the last crash screen feature. 1 Install Dell OpenManage Server Administrator. For more information about installing Server Administrator, see the Dell OpenManage Server Administrator User’s Guide.
Disabling the Windows Automatic Reboot Option To ensure that the iDRAC can capture the last crash screen, disable the Automatic Reboot option on managed servers running Microsoft Windows Server® or Windows Vista®. 1 Open the Windows Control Panel and double-click the System icon. 2 Click the Advanced tab. 3 Under Startup and Recovery, click Settings. 4 Deselect the Automatically restart check box. 5 Click OK twice.
Configuring the Managed Server
Configuring the iDRAC Using the Web Interface The iDRAC provides a Web interface that enables you to configure the iDRAC properties and users, perform remote management tasks, and troubleshoot a remote (managed) system for problems. For everyday systems management, use the iDRAC Web interface. This chapter provides information about how to perform common systems management tasks with the iDRAC Web interface and provides links to related information.
where iDRAC-IP-address is the IP address for the iDRAC and port-number is the HTTPS port number. The iDRAC Login window appears. Logging In You can log in as either an iDRAC user or as a Microsoft® Active Directory® user. The default user name and password are root and calvin, respectively. You must have been granted Login to iDRAC privilege by the administrator to log in to the iDRAC. To log in, perform the following steps: 1 In the Username field, type one of the following: • Your iDRAC user name.
NOTE: Closing the iDRAC Web interface within Microsoft Internet Explorer® using the close button ("x") at the top right corner of the window may generate an application error. To fix this issue, download the latest Cumulative Security Update for Internet Explorer from the Microsoft Support website, located at support.microsoft.com.
Configuring the iDRAC NIC This section assumes that the iDRAC has already been configured and is accessible on the network. See "Configure iDRAC Networking" on page 36 for help with the initial iDRAC network configuration. Configuring the Network and IPMI LAN Settings NOTE: You must have Configure iDRAC privilege to perform the following steps. NOTE: Most DHCP servers require a server to store a client identifier token in its reservations table.
Table 5-2. Network Settings (continued) Setting Description Static IP Address Allows you to enter or edit a static IP address for the iDRAC NIC. To change this setting, deselect the Use DHCP (For NIC IP Address) checkbox. Static Subnet Mask Allows you to enter or edit a subnet mask for the iDRAC NIC. To change this setting, first deselect the Use DHCP (For NIC IP Address) checkbox. Static Gateway Allows you to enter or edit a static gateway for the iDRAC NIC.
Table 5-2. Network Settings (continued) Setting Description Use DHCP for DNS Domain Name Uses the default DNS domain name. When the box is not selected and the Register iDRAC on DNS option is selected, modify the DNS domain name in the DNS Domain Name field. NOTE: To select the Use DHCP for DNS Domain Name checkbox, also select the Use DHCP (For NIC IP Address) check box. DNS Domain Name The default DNS Domain Name is blank.
Table 5-4. VLAN Settings Setting Description Enable VLAN ID Yes—Enabled. No—Disabled. If enabled, only matched Virtual LAN (VLAN) ID traffic is accepted. NOTE: The VLAN settings can only be configured through the CMC Web Interface. iDRAC displays only the current enablement status and you cannot modify the settings in this screen. See the Dell Chassis Management Controller User Guide for more information. VLAN ID VLAN ID field of 802.1g fields. Displays a value from 1 to 4094 except 4001 to 4020.
Table 5-6 describes the Network Security page settings. 3 When you have finished configuring the settings, click Apply. 4 Click the appropriate button to continue. See Table 5-7. Table 5-6. Network Security Page Settings Settings Description IP Range Enabled Enables the IP Range checking feature, which defines a range of IP addresses that can access the iDRAC. IP Range Address Determines the acceptable IP subnet address. The default is 192.168.1.0.
Table 5-7. Network Security Page Buttons (continued) Button Description Go Back to Network Page Returns to the Network page. Configuring Platform Events Platform event configuration provides a mechanism for configuring the iDRAC to perform selected actions on certain event messages. The actions include no action, reboot system, power cycle system, power off system, and generate an alert (Platform Event Trap [PET] and/or e-mail). The filterable platform events are listed in Table 5-8. Table 5-8.
Configuring Platform Event Filters (PEF) NOTE: Configure platform event filters before you configure the platform event traps or e-mail alert settings. 1 Log in to the iDRAC Web interface. See "Accessing the Web Interface" on page 71. 2 Click System and then the Alert Management tab. 3 On the Platform Events page, enable Alert Generation for an event by clicking the corresponding Generate Alert checkbox for that event.
NOTE: To successfully send a trap, configure the Community String value on the Network Configuration page. The Community String value indicates the community string to use in a Simple Network Management Protocol (SNMP) alert trap sent from the iDRAC. SNMP alert traps are transmitted by the iDRAC when a platform event occurs. The default setting for the Community String is Public. d Click Send to test the configured alert (if desired). e Repeat step a through step d for any remaining destination numbers.
b In the Network Configuration page under IPMI LAN Settings, select Enable IPMI Over LAN. c Update the IPMI LAN channel privileges, if required: NOTE: This setting determines the IPMI commands that can be executed from the IPMI over LAN interface. For more information, see the IPMI 2.0 specifications. Under IPMI LAN Settings, click the Channel Privilege Level Limit drop-down menu, select Administrator, Operator, or User and click Apply. d Set the IPMI LAN channel encryption key, if required.
Adding and Configuring iDRAC Users To manage your system with the iDRAC and maintain system security, create unique users with specific administrative permissions (or role-based authority). To add and configure iDRAC users, perform the following steps: NOTE: You must have Configure iDRAC permission to perform the following steps. 1 Click System→Remote Access→iDRAC and then click the Network/Security tab. 2 Open the Users page to configure users.
Table 5-9. General Properties Property Description User ID Contains one of 16 preset User ID numbers. This field cannot be edited. Enable User When checked, indicates that the user’s access to the iDRAC is enabled. When unchecked, user access is disabled. Username Specifies an iDRAC user name with up to 16 characters. Each user must have a unique user name. NOTE: User names on the iDRAC cannot include the / (forward slash) or . (period) characters.
Table 5-11. iDRAC User Privileges Property Description iDRAC Group Specifies the user’s maximum iDRAC user privilege as one of the following: Administrator, Power User, Guest User, Custom, or None. See Table 5-12 for iDRAC Group permissions. Login to iDRAC Enables the user to log in to the iDRAC. Configure iDRAC Enables the user to configure the iDRAC. Configure Users Enables the user to allow specific users to access the system. Clear Logs Enables the user to clear the iDRAC logs.
Table 5-12. iDRAC Group Permissions (continued) User Group Permissions Granted Custom Selects any combination of the following permissions: Login to iDRAC, Configure iDRAC, Configure Users, Clear Logs, Execute Server Action Commands, Access Console Redirection, Access Virtual Media, Test Alerts, Execute Diagnostic Commands None No assigned permissions Table 5-13. User Configuration Page Buttons Button Action Print Prints the User Configuration values that appear on the screen.
Secure Sockets Layer (SSL) The iDRAC includes a Web server that is configured to use the industrystandard SSL security protocol to transfer encrypted data over a network. Built upon public-key and private-key encryption technology, SSL is a widely accepted technology for providing authenticated and encrypted communication between clients and servers to prevent eavesdropping across a network.
After the CA approves the CSR and sends the certificate, upload the certificate to the iDRAC firmware. The CSR information stored on the iDRAC firmware must match the information contained in the certificate. Accessing the SSL Main Menu 1 Click System→Remote Access→iDRAC, then click the Network/Security tab. 2 Click SSL to open the SSL Main Menu page. Use the SSL Main Menu page to generate a CSR to send to a CA. The CSR information is stored on the iDRAC firmware.
Table 5-15. SSL Main Menu Buttons Button Description Print Prints the SSL Main Menu values that appear on the screen. Refresh Reloads the SSL Main Menu page. Next Processes the information on the SSL Main Menu page and continues to the next step. Generating a New Certificate Signing Request NOTE: Each new CSR overwrites any previous CSR data stored in the firmware. The CSR in the firmware must match the certificate returned from the CA. Otherwise, the iDRAC will not accept the certificate.
Table 5-16. Generate Certificate Signing Request (CSR) Page Options (continued) Field Description Organization Unit The name associated with an organizational unit, such as a department (for example, Information Technology). Only alphanumeric characters, hyphens, underscores, periods, and spaces are valid. Locality The city or other location of the entity being certified (for example, Round Rock). Only alphanumeric characters and spaces are valid.
Uploading a Server Certificate 1 In the SSL Main Menu page, select Upload Server Certificate and click Next. The Certificate Upload page appears. 2 In the File Path field, type the path to the certificate or click Browse to navigate to the certificate file. NOTE: The File Path value displays the relative file path of the certificate you are uploading. You must type the absolute file path, which includes the full path and the complete file name and file extension. 3 Click Apply.
Table 5-19. Certificate Information (continued) Field Description Issuer Information Certificate attributes returned by the issuer Valid From Issue date of the certificate Valid To Expiration date of the certificate Table 5-20. View Server Certificate Page Buttons Button Description Print Prints the View Server Certificate values that appear on the screen. Refresh Reloads the View Server Certificate page. Go Back to SSL Main Return to the SSL Main Menu page.
Click the appropriate button to continue. See Table 5-22. Table 5-21. Active Directory Main Menu Page Options Field Description Configure Active Directory Configures the Active Directory ROOT Domain Name, Active Directory Authentication Timeout, Active Directory Schema Selection, iDRAC Name, iDRAC Domain Name, Role Groups, Group Name, and Group Domain settings. Upload Active Directory CA Certificate Uploads an Active Directory certificate to the iDRAC.
5 To configure the Role Groups for Active Directory Standard Schema, click on the individual Role Group (1-5). See Table 5-25 and Table 5-26. NOTE: To save the settings on the Active Directory Configuration page, click Apply before proceeding to the Custom Role Group page. Table 5-23. Active Directory Configuration Page Settings Setting Description Enable Active Directory When checked, enables Active Directory. The default is disabled. ROOT Domain Name The Active Directory ROOT domain name.
Table 5-23. Active Directory Configuration Page Settings (continued) Setting Description Group Domain The domain type where the Role Group resides. Group Privilege Displays the level of privileges assigned to the Role Group. The privileges are: None, Administrator, Power User, Guest User, or Custom. Table 5-24. Active Directory Configuration Page Buttons Button Description Print Prints the Active Directory Configuration values that appear on the screen.
Table 5-25. Role Group Privileges (continued) Setting Description Access Console Redirection Allows the group access to Console Redirection. Access Virtual Media Allows the group access to Virtual Media. Test Alerts Allows the group to send test alerts (e-mail and PET) to a specific user. Execute Diagnostic Commands Allows the group permission to execute diagnostic commands. Table 5-26.
NOTE: The File Path value displays the relative file path of the certificate you are uploading. You must type the absolute file path, which includes the full path and the complete file name and file extension. Ensure that the domain controller’s SSL certificates have been signed by the same Certificate Authority and that this Certificate is available on the management station accessing the iDRAC. 3 Click Apply. 4 Click the appropriate button to continue. See Table 5-27. Table 5-27.
Table 5-28. Active Directory CA Certificate Information Field Description Serial Number Certificate serial number. Subject Information Certificate attributes entered by the subject. Issuer Information Certificate attributes returned by the issuer. Valid From Certificate issue date. Valid To Certificate expiration date. Table 5-29. View Active Directory CA Certificate Page Buttons Button Description Print Prints the Active Directory CA Certificate values that appear on the screen.
3 Click Apply. 4 Click the appropriate button to continue. Configuring iDRAC Services NOTE: To modify these settings, you must have Configure iDRAC permission. NOTE: When you apply changes to services, the changes take effect immediately. Existing connections may be terminated without warning. NOTE: There is a known issue with the Telnet client supplied with Microsoft Windows communicating with a BMU. Use another Telnet client such as HyperTerminal or PuTTY.
Table 5-30. Web Server Settings (continued) Setting Description Timeout The time, in seconds, that a connection is allowed to remain idle. The session is cancelled when the timeout is reached. Changes to the timeout setting take affect immediately and will reset the web server. Timeout range is 60 to 10,800 seconds. The default is 1,800 seconds. HTTP Port Number The port on which the iDRAC listens for a browser connection. The default is 80.
Table 5-32. Telnet Settings (continued) Setting Description Timeout The telnet idle timeout, in seconds. Timeout range is 60 to 10,800 seconds. Enter 0 seconds to disable the Timeout feature. The default is 1,800. Port Number The port on which the iDRAC listens for a telnet connection. The default is 23. Table 5-33. Automated System Recovery Agent Setting Setting Description Enabled Enables the Automated System Recovery Agent. Table 5-34.
Updating the iDRAC Firmware NOTE: If the iDRAC firmware becomes corrupted, as could occur if the iDRAC firmware update progress is interrupted before it completes, you can recover the iDRAC using the CMC. See your Dell Chassis Management Controller User Guide for instructions. The CMC Web interface (CMC 2.0 or later) also provides a One-to-Many Out-of-Band iDRAC firmware update capacity that can be used at any time. NOTE: The firmware update, by default, retains the current iDRAC settings.
6 In the Firmware Update - Validation (page 2 of 4) window, you will see the results of the validation performed on the image file you uploaded. • If the image file uploaded successfully and passed all verification checks, a message will appear indicating that the firmware image has been verified. OR • If the image did not upload successfully, or it did not pass the verification checks, the firmware update will return to the Firmware Update - Upload (page 1 of 4) window.
If the iDRAC firmware becomes corrupted, as could occur if the iDRAC firmware update progress is interrupted before it completes, you can use the CMC Web interface to update its firmware. If the CMC detects the corrupted iDRAC firmware, the iDRAC is listed on the Updatable Components page in the CMC Web interface. NOTE: See the Dell Chassis Management Controller User Guide for instructions for using the CMC Web interface.
Using the iDRAC with Microsoft Active Directory A directory service maintains a common database of all information needed for controlling users, computers, printers, and other devices on a network. If your company uses the Microsoft® Active Directory® service software, you can configure the software to provide access to the iDRAC, allowing you to add and control iDRAC user privileges to your existing users in your Active Directory software.
Extended Schema Active Directory Overview There are three ways to enable Active Directory with the extended schema: • With the iDRAC Web interface (see "Configuring the iDRAC With Extended Schema Active Directory Using the Web Interface" on page 121). • With the RACADM CLI tool (see "Configuring the iDRAC With Extended Schema Active Directory Using RACADM" on page 122). • With the SM-CLP command line (see "Configuring the iDRAC With Extended Schema Active Directory and SM-CLP" on page 123).
Overview of the RAC Schema Extensions To provide the greatest flexibility in the multitude of customer environments, Dell provides a group of properties that can be configured by the user depending on the desired results. Dell has extended the schema to include an Association, Device, and Privilege property. The Association property is used to link together the users or groups with a specific set of privileges to one or more RAC devices.
Figure 6-1. Typical Setup for Active Directory Objects Association Object User(s) Group(s) Privilege Object RAC Device Object(s) RAC Privilege Object NOTE: The RAC privilege object applies to both DRAC 4 and iDRAC. You can create as many or as few association objects as required.
When adding Universal Groups from separate domains, create an Association Object with Universal Scope. The Default Association objects created by the Dell Schema Extender Utility are Domain Local Groups and will not work with Universal Groups from other domains. Figure 6-2.
See "Adding iDRAC Users and Privileges to Active Directory" on page 118 for detailed instructions. Figure 6-3 provides an example of Active Directory objects in multiple domains. In this scenario, you have two iDRACs (RAC1 and RAC2) and three existing Active Directory users (user1, user2, and user3). User1 is in Domain1, and user2 and user 3 are in Domain2. In this scenario, configure user1 and user2 with Administrator privileges to both iDRACs and configure user3 with login privileges to the RAC2.
3 Create two RAC Device Objects, RAC1 and RAC2, to represent the two iDRACs. 4 Create two Privilege Objects, Priv1 and Priv2, in which Priv1 has all privileges (Administrator) and Priv2 has login privileges. 5 Group user1 and user2 into Group1. The group scope of Group1 must be Universal. 6 Add Group1 as Members in Association Object 1 (AO1), Priv1 as Privilege Objects in AO1, and RAC1, RAC2 as RAC Devices in AO1.
You can extend your schema using one of the following: • Dell Schema Extender utility • LDIF script file If you use the LDIF script file, the Dell organizational unit will not be added to the schema.
Table 6-2. Class Definitions for Classes Added to the Active Directory Schema Class Name Assigned Object Identification Number (OID) dellRacDevice 1.2.840.113556.1.8000.1280.1.1.1.1 dellAssociationObject 1.2.840.113556.1.8000.1280.1.1.1.2 dellRACPrivileges 1.2.840.113556.1.8000.1280.1.1.1.3 dellPrivileges 1.2.840.113556.1.8000.1280.1.1.1.4 dellProduct 1.2.840.113556.1.8000.1280.1.1.1.5 Table 6-3. dellRacDevice Class OID 1.2.840.113556.1.8000.1280.1.1.1.
Table 6-5. dellRAC4Privileges Class OID 1.2.840.113556.1.8000.1280.1.1.1.3 Description Used to define the privileges (Authorization Rights) for the iDRAC device. Class Type Auxiliary Class SuperClasses None Attributes dellIsLoginUser dellIsCardConfigAdmin dellIsUserConfigAdmin dellIsLogClearAdmin dellIsServerResetUser dellIsConsoleRedirectUser dellIsVirtualMediaUser dellIsTestAlertUser dellIsDebugCommandAdmin Table 6-6. dellPrivileges Class OID 1.2.840.113556.1.8000.1280.1.1.1.
Table 6-7. dellProduct Class (continued) OID 1.2.840.113556.1.8000.1280.1.1.1.5 SuperClasses Computer Attributes dellAssociationMembers Table 6-8. List of Attributes Added to the Active Directory Schema Attribute Name/Description Assigned OID/Syntax Object Identifier Single Valued dellPrivilegeMember 1.2.840.113556.1.8000.1280.1.1.2.1 FALSE List of dellPrivilege Objects that belong to this Attribute. Distinguished Name (LDAPTYPE_DN 1.3.6.1.4.1.1466.115.121.1.12) dellProductMembers 1.2.840.
Table 6-8. List of Attributes Added to the Active Directory Schema (continued) Attribute Name/Description Assigned OID/Syntax Object Identifier Single Valued dellIsServerResetUser 1.2.840.113556.1.8000.1280.1.1.2.7 TRUE TRUE if the user has Server Reset rights on the device. Boolean (LDAPTYPE_BOOLEAN 1.3.6.1.4.1.1466.115.121.1.7) dellIsConsoleRedirectUser 1.2.840.113556.1.8000.1280.1.1.2.8 TRUE if the user has Console Redirection rights on the device. Boolean (LDAPTYPE_BOOLEAN 1.3.6.1.4.1.1466.
Table 6-8. List of Attributes Added to the Active Directory Schema (continued) Attribute Name/Description Assigned OID/Syntax Object Identifier Single Valued dellAssociationMembers 1.2.840.113556.1.8000.1280.1.1.2.14 FALSE List of Distinguished Name dellAssociationObjectMembers (LDAPTYPE_DN that belong to this Product. 1.3.6.1.4.1.1466.115.121.1.12) This attribute is the backward link to the dellProductMembers Linked attribute.
Opening the Active Directory Users and Computers Snap-In To open the Active Directory Users and Computers snap-in, perform the following steps: 1 If you are logged into the domain controller, click Start→Admin Tools→ Active Directory Users and Computers. If you are not logged into the domain controller, you must have the appropriate Microsoft Administrator Pack installed on your local system. To install this Administrator Pack, click Start→Run, type MMC, and press Enter.
4 Select RAC Device Object. 5 Click OK. Creating a Privilege Object NOTE: A Privilege Object must be created in the same domain as the related Association Object. 1 In the Console Root (MMC) window, right-click a container. 2 Select New→Dell RAC Object. The New Object window appears. 3 Type a name for the new object. 4 Select Privilege Object. 5 Click OK. 6 Right-click the privilege object that you created, and select Properties.
Adding Objects to an Association Object Using the Association Object Properties window, you can associate users or user groups, privilege objects, and RAC devices or RAC device groups. If your system is running Windows 2000 mode or higher, use Universal Groups to span domains with your user or RAC objects. You can add groups of Users and RAC devices. The procedure for creating Dell-related groups and non-Dell-related groups is identical.
Configuring the iDRAC With Extended Schema Active Directory Using the Web Interface 1 Open a supported Web browser window. 2 Log in to the iDRAC Web interface. 3 Click System→Remote Access. 4 Click the Configuration tab and select Active Directory. 5 On the Active Directory Main Menu page, select Configure Active Directory and click Next. 6 In the Common Settings section: a Select the Enable Active Directory check box. b Type the Root Domain Name.
NOTE: The File Path value displays the relative file path of the certificate you are uploading. You must type the absolute file path, which includes the full path and the complete file name and file extension. The domain controllers’ SSL certificates should have been signed by the root CA. Have the root CA certificate available on your management station accessing the iDRAC (see "Exporting the Domain Controller Root CA Certificate" on page 132). c Click Apply.
racadm config -g cfgActiveDirectory -o cfgADRootDomain racadm config -g cfgActiveDirectory -o cfgADRacName racadm sslcertupload -t 0x2 -f racadm sslcertdownload -t 0x1 -f 2 If DHCP is enabled on the iDRAC and you want to use the DNS provided by the DHCP server, type the following RACADM command: racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 1 3 If DHCP is disabled on the iDRAC or you want to manually input your DNS
set oemdell_schematype=1 set oemdell_adracdomain= set oemdell_adrootdomain= set oemdell_adracname= set /system1/sp1/oemdell_ssl1 oemdell_certtype=AD load -source /system1/sp1/oemdell_ssl1 set /system1/sp1/oemdell_ssl1 oemdell_certtype=SSL dump -destination /system1/sp1/oemdell_ssl1 2 If DHCP is enabled on the iDRAC and you want to use the DNS provided by the DHCP server, type the following SM-CLP co
Active Directory Standard Schema Overview As shown in Figure 6-4, using standard schema for Active Directory integration requires configuration on both Active Directory and the iDRAC. On the Active Directory side, a standard group object is used as a role group. A user who has iDRAC access will be a member of the role group. To give this user access to a specific iDRAC, the role group name and its domain name need to be configured on the specific iDRAC.
Table 6-9.
3 Add the Active Directory user as a member of the Active Directory group to access the iDRAC. Configuring the iDRAC With Standard Schema Active Directory and the Web Interface 1 Open a supported Web browser window. 2 Log in to the iDRAC Web interface. 3 Click System→Remote Access→iDRAC→Network/Security→Active Directory tab. 4 On the Active Directory Main Menu page, select Configure Active Directory and click Next. 5 In the Common Settings section: a Select the Enable Active Directory check box.
Custom group or the appropriate Role Group Privilege based on the permissions modified. 12 Click Apply to save the Role Group settings. 13 Click Go Back To Active Directory Configuration. 14 Click Go Back To Active Directory Main Menu. 15 Upload your domain forest Root CA certificate into the iDRAC. a Select the Upload Active Directory CA Certificate radio button and then click Next. b In the Certificate Upload page, type the file path of the certificate or browse to the certificate file.
Configuring the iDRAC With Standard Schema Active Directory and RACADM Using the following commands to configure the iDRAC Active Directory feature with the standard schema using the RACADM CLI instead of the Web interface.
racadm config -g cfgLanNetworking -o cfgDNSServer2 Configuring the iDRAC With Standard Schema Active Directory and SM-CLP NOTE: You cannot upload certificates using SM-CLP. Instead, use the iDRAC Web interface or local RACADM commands. Use the following commands to configure the iDRAC Active Directory Feature with the standard schema using SM-CLP.
dump -destination /system1/sp1/oemdell_ssl1 4 If DHCP is enabled on the iDRAC and you want to use the DNS provided by the DHCP server, type the following SM-CLP command: set /system1/sp1/enetport1/lanendpt1/\ ipendpt1/dnsendpt1 oemdell_serversfromdhcp=1 5 If DHCP is disabled on the iDRAC or you want to manually enter your DNS IP addresses, type the following SM-CLP commands: set /system1/sp1/enetport1/lanendpt1/\ ipendpt1/dnsendpt1 oemdell_serversfromdhcp=0 set /system1/sp
b Expand the Public Key Policies folder, right-click Automatic Certificate Request Settings and click Automatic Certificate Request. c In the Automatic Certificate Request Setup Wizard, click Next and select Domain Controller. d Click Next and click Finish. Exporting the Domain Controller Root CA Certificate NOTE: If your system is running Windows 2000, the following steps may vary. 1 Locate the domain controller that is running the Microsoft Enterprise CA service. 2 Click Start→Run.
To upload the certificate using the Web interface, perform the following procedure: a Open a supported Web browser window. b Log in to the iDRAC Web interface. c Click System→Remote Access→iDRAC→Network/Security→SSL. d In the SSL Main Menu page, select Upload Server Certificate and click Next. e In the Certificate Upload screen, perform one of the following procedures: f • Click Browse and select the certificate. • In the File Path field, type the path to the certificate. Click Apply.
Authority is not in the list, you must install it on all your Domain Controllers. 5 Click Next and select whether you would like Windows to automatically select the certificate store based on the type of certificate, or browse to a store of your choice. 6 Click Finish and click OK. Using Active Directory to Log In To the iDRAC You can use Active Directory to log in to the iDRAC using the Web interface.
Frequently Asked Questions Table 6-10 lists frequently asked questions and answers. Table 6-10. Using iDRAC With Active Directory: FAQs Question Answer Can I log into the iDRAC using Active Directory across multiple trees? Yes. The iDRAC's Active Directory querying algorithm supports multiple trees in a single forest. Does the log in to the iDRAC using Active Directory work in mixed mode (that is, the domain controllers in the forest run different operating systems, such as Microsoft Windows NT® 4.
Table 6-10. Using iDRAC With Active Directory: FAQs (continued) Question Answer I created and uploaded a new RAC certificate and now the Web interface does not launch. If you use Microsoft Certificate Services to generate the RAC certificate, one possible cause of this is you inadvertently chose User Certificate instead of Web Certificate when creating the certificate.
Table 6-10. Using iDRAC With Active Directory: FAQs (continued) Question Answer What can I do if I cannot log into the iDRAC using Active Directory authentication? How do I troubleshoot the issue? 1 Ensure that you use the correct user domain name during a login and not the NetBIOS name. 2 If you have a local iDRAC user account, log into the iDRAC using your local credentials.
Using the iDRAC with Microsoft Active Directory
Viewing the Configuration and Health of the Managed Server System Summary Click System→Properties tab→Summary to obtain information about the Main System Enclosure and the Integrated Dell™ Remote Access Controller. Main System Enclosure System Information This section of the iDRAC Web interface provides the following basic information about the managed server: • Description — The model number or name of the managed server. • BIOS Version — The version number of the managed server's BIOS.
• Card Type — The physical type of the installed Mezzanine card/connection. • Model Name — The model number, type, or description of the installed Mezzanine card(s). Integrated Storage Card This section of the iDRAC Web Interface provides information about the integrated Storage Controller Card installed on the Managed Server: • Card Type — shows the model name of the installed storage card.
• Hardware Version — The version number of the primary planar (circuit board) of the managed server. • IP Address — The IP address associated with the iDRAC (not the managed server). • Gateway — The IP address of the network gateway configured for the iDRAC. • Subnet Mask — The TCP/IP Subnet Mask configured for iDRAC. • MAC Address — The MAC address associated with the LOM (LAN on Motherboard) Network Interface Controller of the iDRAC.
iDRAC The iDRAC Information page lists a number of important details about the iDRAC, such as health status, name, firmware revision, and network parameters. Additional details are available by clicking the appropriate tab at the top of the page. CMC The CMC page displays the health status, firmware revision, and IP address of the Chassis Management Controller. You can also launch the CMC Web Interface by clicking the Launch the CMC Web Interface button.
• Power Tracking Statistics — Displays information about the amount of power used by the system since the Measurement Start Time was last reset. • Peak Statistics — Displays information about the peak amount of power used by the system since the Measurement Start Time was last reset. NOTE: iDRAC power management logic utilizes a Complex Programmable Logic Device (CPLD) present in the blade server. Updates to CPLD devices are available at the Dell Support website at support.dell.
Viewing the Configuration and Health of the Managed Server
Configuring and Using Serial Over LAN Serial Over LAN (SOL) is an IPMI feature that allows a managed server’s text-based console data that would traditionally be sent to the serial I/O port to be redirected over the iDRAC’s dedicated Out-of-Band Ethernet management network. The SOL out-of-band console enables system administrators to remotely manage the blade server’s text-based console from any location with network access. With SOL, you can: • Remotely access operating systems with no timeout.
Serial communication is off by default in BIOS. To redirect the host text console data to Serial over LAN, you must enable console redirection via COM1. To change the BIOS setting, perform the following steps: 1 Boot the managed server. 2 Press to enter the BIOS setup utility during POST. 3 Scroll down to Serial Communication and press .
3 Update the IPMI SOL Baud Rate by selecting a data speed from the Baud Rate drop-down menu. The options are 19.2 kbps, 57.6 kbps, and 115.2 kbps. The default value is 115.2 kbps. NOTE: Ensure that the SOL baud rate is identical to the Failsafe Baud Rate that was set in BIOS. 4 Click Apply to save the changes. Table 8-1. Serial Over LAN Configuration Page Settings Setting Description Enable Serial Over LAN When selected, the check box indicates that Serial Over LAN is enabled.
Table 8-3. Serial Over LAN Configuration Advanced Settings Page Settings Setting Description Character Accumulate Interval The typical amount of time the iDRAC waits before sending a partial SOL data packet. This parameter is specified in milliseconds and increments by 10 milliseconds. Character Send Threshold Specifies the number of characters per SOL data packet.
NOTE: Each blade server only supports one active SOL session through SSH or Telnet protocol. NOTE: SSH protocol is enabled by default. Telnet protocol is disabled by default. 7 Click Services to open the Services page. NOTE: SSH and Telnet programs both provide access on a remote system. 8 Click Enabled on either SSH or Telnet as required. SSH is on by default. 9 Click Apply. NOTE: SSH is recommended due to better security and encryption mechanisms.
VT100- terminal. The serial console is automatically redirected to your SSH or Telnet console. The SOL redirection can then be started from the /system/startsol target. See "Installing Telnet or SSH Clients" on page 61 for more information about using Telnet and SSH clients with iDRAC. Model for the SOL Proxy Telnet Client (port 623)←→WAN connection←→SOL Proxy←→iDRAC server When the SOL Proxy communicates with the Telnet client on a management station, it uses the TCP/IP protocol.
Disconnecting an SOL Session in SM-CLP When using SSH or Telnet protocols to access Serial Over LAN functionality, you will first connect to the iDRAC’s SM-CLP service, from which you will launch the SOL session with an SM-CLP command (start /system1/sol1). Thus, users wanting to disconnect an SOL session must first terminate the SOL session from SM-CLP. Commands to disconnect a SOL session are utility oriented.
Using SOL Over Telnet With Linux To start SOL from Telnet on a Linux management station, follow these steps: NOTE: If required, you can change the default Telnet timeout at System→Remote Access→iDRAC→Network/Security →Services. 1 Start a shell. 2 Connect to the iDRAC with the following command: telnet NOTE: If you have changed the port number for the Telnet service from the default (port 23), add the port number to the end of the telnet command.
Using SOL Over IPMItool The Dell Systems Management Tolls and Documentation DVD provides IPMItool, which can be installed on various operating systems. To start SOL with IPMItool on a management station, follow these steps: NOTE: If required, you can change the default SOL timeout at System→Remote Access→iDRAC→Network/Security→Services. 1 Locate the IPMItool.exe under the proper directory. The default path for Windows is C:\Program Files\Dell\SysMgt\bmc.
redirection allows administrators to remotely view and change a managed system's BIOS settings over a LAN. The Linux serial console and Microsoft's EMS/SAC interfaces can also be accessed over a LAN using SOL. NOTE: All versions of the Windows operating system include HyperTerminal terminal emulation software. However, the included version does not provide many functions required during console redirection. Instead, you can use any terminal emulation software that supports VT100 or ANSI emulation mode.
Initiating the SOL Proxy Session To connect and use SOL Proxy: • For Windows 2003: To start the SOL Proxy service on a Windows system after installation, you can reboot the system (SOL Proxy automatically starts on a reboot). Or, you can start the SOL Proxy service manually by completing the following steps: 1 Right-click My Computer and click Manage. The Computer Management window appears. 2 Click Services and Applications, and then click Services. Available services are displayed to the right.
Using Telnet With SOL Proxy NOTE: This assumes that the SOL Proxy service is already up and running on the management station. For Windows 2003: 1 Open the command prompt on your management station. 2 Enter the telnet command in the command line, and provide localhost as the IP address if the SOL Proxy server is running on the same system and the port number that you specified in the SOL Proxy installation (the default value is 623).
3. Activate Console Redirection 4. Reboot and Activate Console Redirection 5. Help 6. Exit NOTE: While multiple SOL sessions can be active at the same time, only one console redirection session can be active at any given time for a managed system. NOTE: To exit an active SOL session, press the <~><.> keys. This sequence terminates SOL and returns you to the top-level menu. 1 Select option 1 in the main menu. 2 Enter the iDRAC IP Address of the remote managed system.
3. Cancel • If SOL is enabled, ensure that the SOL baud rate is consistent with the iDRAC's baud rate. A minimum iDRAC user privilege level of Administrator is required for activating console redirection. • If SOL is currently disabled, type Y to enable SOL or N to keep SOL disabled. 6 Select option 3 in the main menu. The remote managed system's text console is redirected to your management station. 7 Select option 4 in the main menu (optional).
Operating System Configuration Complete the steps below to configure generic UNIX®-like operating systems. This configuration is based on default installations of Red Hat Enterprise Linux 5.0, SUSE Linux Enterprise Server 10 SP1, and Windows 2003 Enterprise. Linux Enterprise Operating System 1 Edit the /etc/inittab file to enable hardware flow control and allow users to log in through the SOL console. Add the line below to the end of the #Run gettys in standard runlevels section.
# # inittab This file describes how the INIT process should set up # the system in a certain run-level.
______________________________________________________________ Console ttyS0 vc/1 vc/2 vc/3 vc/4 SKIP the rest of file ______________________________________________________________ 3 Edit the /boot/grub/grub.conf or /boot/grub/menu.list file to add boot options for SOL: a b Comment out the graphical display lines in the various UNIX-like operating systems: • splashimage=(had0,0)/grub/splash.xpm.
# file # NOTICE: You have a /boot partition. This means that # eg. all kernel and initrd paths are relative to /boot/, # root (hd0,0) # kernel /vmlinux-version ro root= /dev/VolGroup00/LogVol00 # initrd /initrd-version.img #boot=/dev/sda default=0 timeout=5 splashimage=(hd0,0)/grub/splash.xpm/gz hiddenmenu title Red Hat Enterprise Linux 5 root (hd0,0) kernel /vmlinuz-2.6.18-8.el5 ro root= /dev/VolGroup00/LogVol00 rhgb quiet initrd /initrd-2.6.18-8.el5.
default=0 timeout=5 #splashimage=(hd0,0)/grub/splash.xpm/gz hiddenmenu # Redirect the OS boot via SOL title Red Hat Enterprise Linux 5 SOL redirection root (hd0,0) kernel /vmlinuz-2.6.18-8.el5 ro root= /dev/VolGroup00/LogVol00 rhgb quiet console=tty1 console= ttyS0,115200 initrd /initrd-2.6.18-8.el5.img ______________________________________________________________ Example of original /boot/grub/menu.
Default 0 Timeout 8 #gfxmenu (hd0.5)/boot/message ###Don't change this comment - YaST2 identifier: Original name: linux### title SUSE Linux Enterprise Server 10 SP1 SOL redirection root (hd0,5) kernel /boot/vmlinux-2.6.16-46-0.12-bigsmp root= /dev/disk/by-id/scsi-35000c5000155c resume=/dev/sda5 splash=silent showopts console=tty1 console=ttyS0,115200 initrd /boot/initrd-2.6.16.46-0.
OS Friendly Name: Winodws Server 2003, Enterprise Path: multi(0)disk(0)rdisk(0)partition(1)\WINDOWS OS Load Options: /redirect /nonexecute=optout /fastdetect /usepmtimer ______________________________________________________________ Example of modified bootcfg setting: ______________________________________________________________ Boot Loader Settings -------------------timeout: 30 default: multi(0)disk(0)rdisk(0)partition(1)\WINDOWS redirect: COM1 redirectbaudrate:115200 Boot Entries -----------B
Configuring and Using Serial Over LAN
Using GUI Console Redirection This section provides information about using the iDRAC console redirection feature. Overview The iDRAC console redirection feature enables you to access the local console remotely in either graphic or text mode. Using console redirection, you can control one or more iDRAC-enabled systems from one location. You do not have to sit in front of each server to perform all the routine maintenance.
If a second user requests a console redirection session, the first user is notified and is given the option to refuse access, allow only video, or allow full shared access. The second user is notified that another user has control. The first user must respond within thirty seconds or full access is automatically granted to the second user.
2 If you are using Firefox or want to use the Java Viewer with Internet Explorer, install a Java Runtime Environment (JRE). See "Installing a Java Runtime Environment (JRE)" on page 60. 3 It is recommended that you configure your monitor display resolution to 1280x1024 pixels or higher. NOTE: If you have an active console redirection session and a lower resolution monitor is connected to the iKVM, the server console resolution may reset if the server is selected on the local console.
Table 9-2. Console Redirection Configuration Properties (continued) Property Description Active Sessions Displays the number of Active Console sessions. This field is read-only. Keyboard and Mouse Port The network port number used for connecting to the Number Console Redirection Keyboard/Mouse option. This traffic is always encrypted. You may need to change this number if another program is using the default port. The default is 5900.
Table 9-2. Console Redirection Configuration Properties (continued) Property Description Console Plug-In Type for IE When using Internet Explorer on a Windows operating system, you can choose from the following viewers: ActiveX - The ActiveX Console Redirection viewer Java - Java Console Redirection viewer NOTE: vKVM may not launch for the first time for Internet Explorer 8, if Java is selected as the plug-in type.
Opening a Console Redirection Session When you open a console redirection session, the Dell Virtual KVM Viewer Application (iDRACView) starts and the remote system’s desktop appears in the viewer. Using the iDRACView, you can control the remote system’s mouse and keyboard functions from your local management station. NOTE: vKVM launch from a Windows Vista® management station may lead to vKVM restart messages.
Table 9-4. Console Redirection Page Information (continued) Property Description Console Plug-in Type Displays the plug-in type currently configured. ActiveX — An Active-X viewer will be launched. ActiveX viewer will only work on Internet Explorer while running on a Windows Operating System. Java — A Java viewer will be launched. The Java viewer can be used on any browser including Internet Explorer. If your client runs on an operating system other than Windows, then you must use the Java Viewer.
The management station connects to the iDRAC and the remote system’s desktop appears in the Dell Digital KVM Viewer Application (iDRACView). 4 Two mouse pointers appear in the viewer window: one for the remote system and one for your local system. You must synchronize the two mouse pointers so that the remote mouse pointer follows your local mouse pointer. See "Synchronizing the Mouse Pointers" on page 178.
Table 9-6. Viewer Menu Bar Selections Menu Item Item Description Video Pause Temporarily pauses console redirection. Resume Resumes console redirection. Refresh Redraws the viewer screen image. Capture Captures the current remote system screen to a .bmp Current Screen file on Windows or a .png file on Linux. A dialog box is displayed that allows you to save the file to a specified location.
Table 9-6. Viewer Menu Bar Selections (continued) Menu Item Item Description Keyboard Hold Right Alt Select this item before typing keys you want to Key combine with the right key. Hold Left Alt Key Select this item before typing keys you want to combine with the left key. Left Windows Key Select Hold Down before typing characters you want to combine with the left Windows key. Select Press and Release to send a left Windows key keystroke.
Table 9-6. Menu Item Viewer Menu Bar Selections (continued) Item Description NOTE: Special keys such as the Windows key, , and key combinations in the keyboard pass–through mode may be problematic, as some combinations are sent to the viewer itself and might produce undesirable behavior. Special provisions are made in the Java and ActiveX viewers for macros under the Keyboard menu, which allow you to send such combinations and special keys directly to the managed server.
Table 9-6. Viewer Menu Bar Selections (continued) Menu Item Item Description Help About iDRACView Displays the iDRACView version. Synchronizing the Mouse Pointers When you connect to a remote PowerEdge system using Console Redirection, the mouse acceleration speed on the remote system may not synchronize with the mouse pointer on your management station, causing two mouse pointers to appear in the Video Viewer window.
To disable or enable the local console, perform the following procedure: 1 On your management station, open a supported Web browser and log into the iDRAC. See "Accessing the Web Interface" on page 71 for more information. 2 Click System, click the Console tab, and then click Configuration. 3 If you want to disable (turn off) local video on the server, in the Console Redirection Configuration page, clear the Local Server Video Enabled check box and then click Apply.
Table 9-7. Using Console Redirection: Frequently Asked Questions (continued) Question Answer Is there a time delay when turning on the local video? No, once a local video turn ON request is received by iDRAC the video is turned on instantly. Can the local user also Yes, a local user can use the local RACADM CLI to turn off turn off the video? the video. Can the local user also No.
Table 9-7. Using Console Redirection: Frequently Asked Questions (continued) Question Answer The console window is The console viewer on Linux requires a UTF-8 character set. garbled. Check your locale and reset the character set if needed. See "Setting the Locale in Linux" on page 58 for more information. Why do I get a blank screen on the managed server when loading the Windows 2000 operating system? The managed server does not have the correct ATI video driver.
Table 9-7. Using Console Redirection: Frequently Asked Questions (continued) Question Answer Why can't I use a keyboard or mouse while installing Windows remotely by using iDRAC Console Redirection? When you remotely install a supported Microsoft operating system on a system with Console Redirection enabled in the BIOS, you receive an EMS Connection Message that requires that you select OK before you can continue. You cannot use the mouse to select OK remotely.
Table 9-7. Using Console Redirection: Frequently Asked Questions (continued) Question Answer What are the minimum system requirements for my management station to run console redirection? The management station requires an Intel® Pentium III 500 MHz processor with at least 256 MB of RAM.
Using GUI Console Redirection
Configuring and Using Virtual Media Overview The Virtual Media feature, accessed through the console redirection viewer, provides the managed server access to media connected to a remote system on the network. Figure 10-1 shows the overall architecture of Virtual Media. Figure 10-1.
Using Virtual Media, administrators can remotely boot their managed servers, install applications, update drivers, or even install new operating systems remotely from the virtual CD/DVD and diskette drives. NOTE: Virtual media requires a minimum available network bandwidth of 128 Kbps. Virtual media defines two devices for the managed server’s operating system and BIOS: a floppy disk device and an optical disk device. The management station provides the physical media or image file across the network.
Windows-Based Management Station To run the Virtual Media feature on a management station running the Microsoft® Windows® operating system, install a supported version of Internet Explorer with the ActiveX Control plug-in (see "Supported Web Browsers" on page 28). Set the browser security to Medium or a lower setting to enable Internet Explorer to download and install signed ActiveX controls.
Linux-Based Management Station To run the virtual media feature on a management station running the Linux operating system, install a supported version of Firefox. See "Supported Web Browsers" on page 28 for more information. A Java Runtime Environment (JRE) is required is required to run the console redirection plugin. You can download a JRE from java.sun.com. JRE version 1.6 or above is recommended. Configuring Virtual Media 1 Log in to the iDRAC Web interface.
Table 10-2. Virtual Media Configuration Values (continued) Attribute Value Virtual Media Encryption Enabled Click the checkbox to enable or disable encryption on Virtual Media connections. Checked enables encryption; unchecked disables encryption. Virtual Media Port Number The network port number used for connecting to the Virtual Media service without encryption. Two consecutive ports starting from the port number specified are used to connect to the Virtual Media service.
Table 10-3. Virtual Media Configuration Page Buttons Button Description Print Prints the Console Configuration values that appear on the screen. Refresh Reloads the Console Configuration page. Apply Saves any new settings made to the Console Configuration page. Running Virtual Media NOTE: Do not issue a racreset command when running a Virtual Media session. Otherwise, undesirable results may occur, including loss of data.
The iDRACView application launches in a separate window. 5 Click Media→Virtual Media Wizard…. The Media Redirection wizard appears. 6 View the Status window. If media is connected, you must disconnect it before connecting a different media source. Click the Disconnect button to the right of the media you wish to disconnect. 7 Select the radio button next to the media types you wish to connect. You can select one radio button in the Floppy/USB Drive section and one in the CD/DVD Drive section.
Disconnecting Virtual Media 1 Click Media→Virtual Media Wizard…. 2 Click Disconnect next to the media you wish to disconnect. The media is disconnected and the Status window is updated. 3 Click Close. Booting From Virtual Media The system BIOS enables you to boot from virtual optical drives or virtual floppy drives. During POST, enter the BIOS setup window and verify that the virtual drives are enabled and listed in the correct order.
1 Verify the following: • The operating system installation CD is inserted in the management station’s CD drive. • The local CD drive is selected. • You are connected to the virtual drives. 2 Follow the steps for booting from the virtual media in the "Booting From Virtual Media" section to ensure that the BIOS is set to boot from the CD drive that you are installing from. 3 Follow the on-screen instructions to complete the installation.
Frequently Asked Questions Table 10-4 lists frequently asked questions and answers. Table 10-4. Using Virtual Media: Frequently Asked Questions Question Answer Sometimes, I notice my Virtual Media client connection drop. Why? When a network time-out occurs, the iDRAC firmware drops the connection, disconnecting the link between the server and the Virtual Drive.
Table 10-4. Using Virtual Media: Frequently Asked Questions (continued) Question Answer An installation of the Windows operating system seems to take too long. Why? If you are installing the Windows operating system using the Dell Systems Management Tools and Documentation DVD and a slow network connection, the installation procedure may require an extended amount of time to access the iDRAC Web interface due to network latency.
Table 10-4. Using Virtual Media: Frequently Asked Questions (continued) Question Answer How can I make my USB key bootable? Search support.dell.com for the Dell Boot Utility, a Windows program you can use to make your Dell USB key bootable. You can also boot with a Windows 98 startup disk and copy system files from the startup disk to your USB key. For example, from the DOS prompt, type the following command: sys a: x: /s where x: is the USB key you want to make bootable.
Table 10-4. Using Virtual Media: Frequently Asked Questions (continued) Question Answer I cannot locate my Virtual Floppy device on a system running Red Hat® Enterprise Linux® or the SUSE® Linux operating system. My Virtual Media is attached and I am connected to my remote floppy. What should I do? Some Linux versions do not automount the Virtual Floppy Drive and the Virtual CD drive in a similar manner.
Table 10-4. Using Virtual Media: Frequently Asked Questions (continued) Question Answer What file system types are supported on my Virtual Floppy Drive? Your Virtual Floppy Drive supports FAT16 or FAT32 file systems. When I performed a firmware update remotely using the iDRAC Web interface, my virtual drives at the server were removed. Why? Firmware updates cause the iDRAC to reset, drop the remote connection, and unmount the virtual drives. The drives will reappear when the iDRAC reset is complete.
Using the Local RACADM Command Line Interface The local RACADM command line interface (CLI) provides access to the iDRAC management features from the managed server. RACADM provides access to the same features as the iDRAC Web interface. However, RACADM can be used in scripts to ease configuration of multiple servers and iDRACs, where the Web interface is more useful for interactive management. Local RACADM commands do not use network connections to access the iDRAC from the managed server.
The subcommand list includes all commands that are supported by the iDRAC. To get help for a subcommand, type: racadm help The command displays the syntax and command-line options for the subcommand. RACADM Subcommands Table 11-1 provides a description of each RACADM subcommand that you can run in RACADM. For a detailed listing of RACADM subcommands including syntax and valid entries, see "RACADM Subcommand Overview" on page 283.
Table 11-1. RACADM Subcommands (continued) Command Description gettracelog Displays the iDRAC trace log. If used with -i, the command displays the number of entries in the iDRAC trace log. help Lists iDRAC subcommands. help Lists usage statement for the specified subcommand. racreset Resets the iDRAC. racresetcfg Resets the iDRAC to the default configuration. serveraction Performs power management operations on the managed server.
To display the objects and values for a particular group, enter this command: racadm getconfig -g For example, to display a list of all cfgLanNetworking group object settings, type the following command: racadm getconfig -g cfgLanNetworking Managing iDRAC Users with RACADM NOTE: Use caution when using the racresetcfg command, as all configuration parameters are reset to the original defaults. Any previous changes are lost.
NOTE: Users and groups created for Active Directory environments must conform to the Active Directory naming convention in your environment. Adding an iDRAC User To add a new user to the iDRAC, perform the following steps: 1 Set the user name. 2 Set the password. 3 Set the Login to iDRAC user privilege. 4 Enable the user.
Table 11-2.
Testing E-mail Alerting The iDRAC e-mail alert feature allows users to receive e-mail alerts when a critical event occurs on the managed server. The following example shows how to test the e-mail alert feature to ensure that the iDRAC can properly send e-mail alerts across the network. racadm testemail -i 2 NOTE: Ensure that the SMTP and E-mail Alert settings are configured before testing the e-mail alert feature. See "Configuring E-Mail Alerts" on page 81 for more information.
racadm config -g cfgLanNetworking -o cfgNicIpAddress 192.168.0.120 racadm config -g cfgLanNetworking -o cfgNicNetmask 255.255.255.0 racadm config -g cfgLanNetworking -o cfgNicGateway 192.168.0.120 racadm config -g cfgLanNetworking -o cfgNicUseDHCP 0 racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 0 racadm config -g cfgLanNetworking -o cfgDNSServer1 192.168.0.5 racadm config -g cfgLanNetworking -o cfgDNSServer2 192.168.0.
a Update the IPMI channel privileges by entering the following command: racadm config -g cfgIpmiLan -o cfgIpmiLanPrivilegeLimit where is one of the following: • 2 (User) • 3 (Operator) • 4 (Administrator) For example, to set the IPMI LAN channel privilege to 2 (User), type the following command: racadm config -g cfgIpmiLan -o cfgIpmiLanPrivilegeLimit 2 b Set the IPMI LAN channel encryption key, if required, using a command such as the following: NOTE: The iDRAC IPMI supports the RMCP
• 3 (Operator) • 4 (Administrator) For example, to configure the IPMI privileges to 2 (User), enter the following command: racadm config -g cfgIpmiSol -o cfgIpmiSolMinPrivilege 2 NOTE: To redirect the serial console over LAN, ensure that the SOL baud rate is identical to your managed server’s baud rate. b Update the IPMI SOL baud rate using the following command: racadm config -g cfgIpmiSol -o cfgIpmiSolBaudRate where is 19200, 57600, or 115200 bps.
Table 11-3. Platform Event Action (continued) Action Value Reboot 2 Power Cycle 3 Configure PEF actions using the following command: racadm config -g cfgIpmiPef -o cfgIpmiPefAction -i where is the PEF index (see Table 5-8 on page 79), and is a value from Table 11-3.
4 Configure the Community Name string. At the command prompt, type: racadm config -g cfgIpmiLan -o cfgIpmiPetCommunityName where is the PET Community Name.
5 Test the configured e-mail alert, if desired, by entering the following command: racadm testemail -i where is the e-mail destination index to test. Configuring IP Filtering (IpRange) IP address filtering (or IP Range Checking) allows iDRAC access only from clients or management workstations whose IP addresses are within a userspecified range. All other login requests are denied.
Table 11-4. IP Address Filtering (IpRange) Properties Property Description cfgRacTuneIpRangeEnable Enables the IP range checking feature. cfgRacTuneIpRangeAddr Determines the acceptable IP address bit pattern, depending on the 1’s in the subnet mask. This property is bitwise anded with cfgRacTuneIpRangeMask to determine the upper portion of the allowed IP address. Any IP address that contains this bit pattern in its upper bits is allowed to log in.
racadm config -g cfgRacTuning -o cfgRacTuneIpRangeAddr 192.168.0.57 racadm config -g cfgRacTuning -o cfgRacTuneIpRangeMask 255.255.255.255 2 To restrict logins to a small set of four adjacent IP addresses (for example, 192.168.0.212 through 192.168.0.215), select all but the lowest two bits in the mask, as shown below: racadm config -g cfgRacTuning -o cfgRacTuneIpRangeEnable 1 racadm config -g cfgRacTuning -o cfgRacTuneIpRangeAddr 192.168.0.212 racadm config -g cfgRacTuning -o cfgRacTuneIpRangeMask 255.255.
• The amount of time in seconds that the blocked IP address is prevented from establishing a session after the allowed number of failures is exceeded (cfgRacTuneIpBlkPenaltyTime) As login failures accumulate from a specific IP address, they are registered by an internal counter. When the user logs in successfully, the failure history is cleared and the internal counter is reset.
Enabling IP Blocking The following example prevents a client IP address from establishing a session for five minutes if that client has failed five login attempts in a one-minute period of time.
racadm config -g cfgSerial -o cfgSerialSshEnable 1 To disable the telnet or SSH service, change the value from 1 to 0: racadm config -g cfgSerial -o cfgSerialTelnetEnable 0 racadm config -g cfgSerial -o cfgSerialSshEnable 0 Type the following command to change the telnet port number on the iDRAC: racadm config -g cfgRacTuning -o cfgRacTuneTelnetPort For example, to change the telnet port from the default 23 to 8022, type this command: racadm config -g cfgRacTuning -o cfgRacTuneTelnetPort 8
To obtain a configuration file, with the RACADM getconfig command, enter the following command at a command prompt on the managed server: racadm getconfig -f myconfig.cfg This command creates the file myconfig.cfg in the current directory. Configuration File Syntax NOTE: Edit the configuration file with a plain text editor, such as Notepad on Windows or vi on Linux. The racadm utility parses ASCII text only. Any formatting confuses the parser and may corrupt the iDRAC database.
• Parameters are specified as object=value pairs with no white space between the object, =, and value. White space that is included after the value is ignored. White space inside a value string remains unmodified. Any character to the right of the = is taken as is (for example, a second =, or a #, [, ], and so forth). • The parser ignores an index object entry. You cannot specify which index is used.
configured. If a modified object represents a new index, the index is created on the iDRAC during configuration. • You cannot specify a desired index in a configuration file. Indexes may be created and deleted, so over time the group may become fragmented with used and unused indexes. If an index is present, it is modified. If an index is not present, the first available index is used.
# comment, the rest of this line is ignored cfgNicGateway=10.35.9.1 Loading the Configuration File Into the iDRAC The command racadm config -f parses the configuration file to verify that valid group and object names are present and that syntax rules are followed. If the file is error-free the command then updates the iDRAC database with the contents of the file. NOTE: To verify the syntax only and not update the iDRAC database, add the -c option to the config subcommand.
Configuring Multiple iDRACs Using a configuration file, you can configure other iDRACs with identical properties. Follow these steps to configure multiple iDRACS: 1 Create the configuration file from the iDRAC whose settings you want to replicate to the others. At a command prompt on the managed server, enter the following command: racadm getconfig -f where is the name of a file to save the iDRAC properties, such a myconfig.cfg.
Using the Local RACADM Command Line Interface
Using the iDRAC SM-CLP Command Line Interface This section provides information about the Distributed Management Task Force (DMTF) Server Management-Command Line Protocol (SM-CLP) that is incorporated in the iDRAC. NOTE: This section assumes that you are familiar with the Systems Management Architecture for Server Hardware (SMASH) Initiative and the SM-CLP specifications. For more information on these specifications, see the Distributed Management Task Force (DMTF) website at www.dmtf.org.
• Active Directory configuration • iDRAC LAN configuration • SSL Certificate Signature Request (CSR) generation • Virtual media configuration • Serial over LAN (SOL) redirection over Telnet or SSH iDRAC SM-CLP Support SM-CLP is hosted from the iDRAC firmware and supports telnet and SSH connections. The iDRAC SM-CLP interface is based on the SM-CLP Specification Version 1.0 provided by the DMTF organization.
Table 12-1. Supported SM-CLP CLI Verbs (continued) Verb Description Options delete Deletes an object instance. –examine, –help, –output, –version Syntax: delete [options] target dump Moves a binary image from the MAP to a URI. –destination, –examine, dump -destination [options] –help, –output, –version [target] exit Exits from the SM-CLP shell session. Syntax: –help, –output, –version exit [options] help Displays help for SM-CLP commands.
Table 12-1. Supported SM-CLP CLI Verbs (continued) Verb Description Options start Starts a target. –examine, –force, –help, –output, –version Syntax: start [options] [target] stop Shuts down a target. Syntax: stop [options] [target] version Displays the version attributes of a target. Syntax: –examine, –force, –help, –output, –version, –wait –examine, –help, –output, –version version [options] Table 12-2 describes the SM-CLP options. Some options have abbreviated forms, as shown in the table.
Table 12-2. Supported SM-CLP Options (continued) SM-CLP Option Description –level, -l Instructs the verb to operate on targets at additional levels beneath the specified target. Syntax: -level –output, –o Specifies the format for the output. Syntax: -output -source Specifies the location of an image in a load command. Syntax: -source –version, –v Displays the SMASH-CLP version number.
Targets Table 12-3 provides a list of targets available through the SM-CLP. Table 12-3. SM-CLP Targets Target Definition /system1/ The managed system target. /system1/sp1 The service processor. /system1/sol1 Serial over LAN target. /system1/sp1/account1 through /system1/sp1/account16 The sixteen local iDRAC user accounts. account1 is the root account. /system1/sp1/enetport1 The iDRAC NIC MAC address. /system1/sp1/enetport1/lanendpt1/ ipendpt1 The iDRAC IP, gateway, and netmask settings.
Using the -display Option The show –display option allows you to limit the output of the command to one or more of properties, targets, and verbs. For example, to display just the properties and targets at the current location, use the following command: show -d properties,targets /system1/sp1/account1 To list only certain properties, qualify them, as in the following command: show -d properties=(userid,username) /system1/sp1/account1 If you only want to show one property, you can omit the parentheses.
iDRAC SM-CLP Examples The following subsections provide examples for using the SM-CLP to perform the following operations: • Server power management • SEL management • MAP target navigation • Display system properties • Setting the iDRAC IP address, subnet mask, and gateway address For information on the use of the iDRAC SM-CLP interface, see "iDRAC SMCLP Property Database" on page 355.
SEL Management Table 12-5 provides examples of using the SM-CLP to perform SEL-related operations on the managed system. Table 12-5.
Table 12-5.
Table 12-6. Map Target Navigation Operations (continued) Operation Syntax Navigate to the SEL ->cd system1 target and display the ->cd sp1 log records ->cd logs1 ->show ->cd system1/sp1/logs1 ->show Display current target ->cd . Move up one level ->cd ..
When you commit the changes, the new network settings take effect, which causes your telnet or ssh session to be terminated. By introducing the commit step, you can delay the termination of your session until you have completed all of your SM-CLP commands. Table 12-7 provides examples of setting the iDRAC properties using SM-CLP. Table 12-7.
3 Enter the following command: load -source tftp:/// /system1/sp1 where is the DNS name or IP address of your TFTP server and is the path to the update package on the TFTP server. Your telnet or SSH session will be terminated. You may need to wait several minutes for the firmware update to complete. 4 To verify that the new firmware was written, start a new telnet or SSH session and re-enter the version command again.
Using the iDRAC SM-CLP Command Line Interface
Deploying Your Operating System Using iVM-CLI The Virtual Media Command Line Interface (iVM-CLI) utility is a command-line interface that provides virtual media features from the management station to the iDRAC in the remote system. Using iVM-CLI and scripted methods, you can deploy your operating system on multiple remote systems in your network. This section provides information on integrating the iVM-CLI utility into your corporate network.
Creating a Bootable Image File Before you deploy your image file to the remote systems, ensure that a supported system can boot from the file. To test the image file, transfer the image file to a test system using the iDRAC Web user interface and then reboot the system. The following sections provide specific information for creating image files for Linux and Windows systems. Creating an Image File for Linux Systems Use the Data Duplicator (dd) utility to create a bootable image file for your Linux system.
When you create the image file, do the following: • Follow standard network-based installation procedures • Mark the deployment image as "read only" to ensure that each target system boots and executes the same deployment procedure 4 Perform one of the following procedures: • Integrate ipmitool and the Virtual Media command line interface (iVM-CLI) into your existing operating system deployment application. Use the sample ivmdeploy script as a guide to using the utility.
• is the password for the iDRAC user, for example calvin • is the path to an ISO9660 image of the operating system installation CD or DVD • is the path to the device containing the operating system installation CD or DVD The ivmdeploy script passes its command line options to the iVMCLI utility. See "Command Line Options" on page 242 for details about these options. The script processes the -r option slightly differently than the iVMCLI -r option.
If your operating system supports Administrator privileges or an operating system-specific privilege or group membership, Administrator privileges are also required to run the iVM-CLI command. The client system’s administrator controls user groups and privileges, thereby controlling the users who can run the utility. For Windows systems, you must have Power User privileges to run the iVMCLI utility.
Command Line Options The iVM-CLI interface is identical on both Windows and Linux systems. The utility uses options that are consistent with the RACADM utility options. For example, an option to specify the iDRAC IP address requires the same syntax for both RACADM and iVM-CLI utilities. The iVM-CLI command format is as follows: iVMCLI [parameter] [operating_system_shell_options] Command-line syntax is case sensitive. See "iVM-CLI Parameters" for more information.
iDRAC User Name -u This parameter provides the iDRAC user name that will run Virtual Media. The must have the following attributes: • Valid user name • iDRAC Virtual Media User permission If iDRAC authentication fails, an error message appears and the command is terminated. iDRAC User Password -p This parameter provides the password for the specified iDRAC user.
-f /dev/sdb4 # 4th partition on device /dev/sdb (Linux system) If the device provides a write-protection capability, use this capability to ensure that Virtual Media will not write to the media. Omit this parameter from the command line if you are not virtualizing floppy media. If an invalid value is detected, an error message displays and the command terminates.
Help Display -h This parameter displays a summary of the iVM-CLI utility parameters. If no other non-switch options are provided, the command terminates without error. Manual Display -m This parameter displays a detailed “man page” for the iVM-CLI utility, including descriptions of all of the possible options. Encrypted Data -e When this parameter is included in the command line, iVM-CLI will use an SSL-encrypted channel to transfer data between the management station and the iDRAC in the remote system.
multiple iVM-CLI instances are started in this way, and one or more of the command instances must be manually terminated, use the operating systemspecific facilities for listing and terminating processes. iVM-CLI Return Codes 0 = No error 1 = Unable to connect 2 = iVM-CLI command line error 3 = RAC firmware connection dropped English-only text messages are also issued to standard error output whenever errors are encountered.
Using the iDRAC Configuration Utility Overview The iDRAC Configuration Utility is a pre-boot configuration environment that allows you to view and set parameters for the iDRAC and for the managed server.
Starting the iDRAC Configuration Utility You must use an iKVM-connected console to access the iDRAC Configuration Utility initially or after a resetting the iDRAC to the default settings. 1 At the keyboard connected to the iKVM console, press to display the iKVM On Screen Configuration and Reporting (OSCAR) menu. Use and to highlight the slot containing your server, then press .
• The bottom line of the screen displays instructions for the current item. You can press to display help for the current item. • When you have finished using the iDRAC Configuration Utility, press to view the exit menu, where you can choose to save or discard your changes or return to the utility. The following sections describe the iDRAC Configuration Utility menu items. LAN Use , , and the spacebar to select between Enabled and Disabled.
Press any key to clear the message and continue. See "LAN" on page 249 for an explanation of the message. LAN Parameters Press to display the LAN Parameters submenu. When you have finished configuring the LAN parameters, press to return to the previous menu. Table 14-1. LAN Parameters Item Description RMCP+ Encryption Key Press to edit the value, when finished. The RMCP+ Encryption key is a 40-character hexadecimal string (characters 0-9, a-f, and A-F).
Table 14-1. LAN Parameters (continued) Item Description Default Gateway If the IP Address Source is set to DHCP, this field displays the IP address of the default gateway obtained from DHCP. If the IP Address Source is set to Static, enter the IP address of the default gateway. The default is 192.168.0.1. LAN Alert Enabled Select On to enable the Platform Event Trap (PET) LAN alert. Alert Policy Entry 1 Select Enable or Disable to activate the first alert destination.
Virtual Media Use and to select Attached or Detached. When you select Attached, the virtual media devices are attached to the USB bus, making them available for use during Console Redirection sessions. If you select Detached, users cannot access virtual media devices during Console Redirection sessions. NOTE: To use a USB Flash Drive with the Virtual Media feature, the USB Flash Drive Emulation Type must be set to Hard disk in the BIOS Setup Utility.
Reset to Default Use the Reset to Default menu item to reset all of the iDRAC configuration items to the factory defaults. This may be required, for example, if you have forgotten the administrative user password or if you want to reconfigure the iDRAC from the default settings. NOTE: In the default configuration, the iDRAC networking is disabled. You cannot reconfigure the iDRAC over the network until you have enabled the iDRAC network in the iDRAC Configuration Utility. Press to select the item.
Exiting the iDRAC Configuration Utility When you have finished making changes to the iDRAC configuration, press the key to display the Exit menu. Select Save Changes and Exit and press to retain your changes. Select Discard Changes and Exit and press to ignore any changes you made. Select Return to Setup and press to return to the iDRAC Configuration Utility.
Recovering and Troubleshooting the Managed Server This section explains how to perform tasks related to diagnosing and troubleshooting a remote managed server using the iDRAC facilities.
Trouble Indicators This section describes indications that there may be a problem with your system. LED Indicators The initial indication of system trouble may be the LEDs on the chassis or components installed in the chassis. The following components and modules have status LEDs: • Chassis LCD display • Servers • Fans • CMCs • I/O modules • Power supplies The single LED on the chassis LCD summarizes the status of all of the components in the system.
Hardware Trouble Indicators Indications that a module has a hardware problem include the following: • Failure to power up • Noisy fans • Loss of network connectivity • Battery, temperature, voltage, or power monitoring sensor alerts • Hard drive failures • USB media failure • Physical damage caused by dropping, water, or other external stress When these kinds of problems occur, you can try to correct the problem using these strategies: • Reseat the module and restart it • Try inserting the
Table 15-2. Trouble Indicators (continued) Look for: Action: Messages in the iDRAC Log See "Viewing the iDRAC Log" on page 270. Problem Solving Tools This section describes iDRAC facilities you can use to diagnose problems with your system, especially when you are trying to solve problems remotely.
Click any component on the Health page to see information about the component. Sensor readings are displayed for batteries, temperatures, voltages, and power monitoring, helping to diagnose some types of problems. The iDRAC and CMC information pages provide useful current status and configuration information. Checking the System Event Log (SEL) The SEL Log page displays messages for events that occur on the managed server.
Checking the Post Codes The Post Codes page displays the last system post code prior to booting the operating system. Post codes are progress indicators from the system BIOS, indicating various stages of the boot sequence from Power on Reset, and allow you to diagnose any faults related to system boot-up. NOTE: View the text for POST code message numbers in the LCD display or in the Hardware Owner’s Manual. To view the Post Codes, perform the following steps: 1 Click System→Logs→Post Code.
Table 15-6. Last Crash Screen Page Buttons Button Action Print Prints the Last Crash Screen page. Save Opens a pop-up window that enables you to save the Last Crash Screen page to a directory of your choice. Delete Deletes the Last Crash Screen page. Refresh Reloads the Last Crash Screen page. NOTE: Due to fluctuations in the Auto Recovery timer, the Last Crash Screen may not be captured when the System Reset Timer is configured with a value that is too high. The default setting is 480 seconds.
Table 15-7. Boot Capture Options (continued) Button/Option Description Previous Screen Takes you to previous screen, if any, in the replay console. Play Starts the screenplay from current screen in the replay console. Pause Pauses the screenplay on the current screen being displayed in the replay console. Stop Stops the screenplay and loads the first screen of that boot sequence. Next Screen Takes you to next screen, if any, in the replay console.
Table 15-8.
Table 15-8.
Table 15-8. Server Status Screen (continued) Severity Message Cause Critical System Board OS Watchdog: The iDRAC watchdog Watchdog sensor for System detected that the system Board, power cycle was asserted has crashed (timer expired because no response was received from Host) and the action is set to power cycle. Critical System Board SEL: Event Log The SEL device detects sensor for System Board, log full that only one entry can was asserted be added to the SEL before it is full.
Table 15-8. Server Status Screen (continued) Severity Message Cause Non-Recoverable CPU Bus PERR: Processor sensor, transition to nonrecoverable was asserted The processor bus PERR entered a nonrecoverable state. Non-Recoverable CPU Init Err: Processor sensor, transition to non-recoverable was asserted The processor initialization entered a non-recoverable state.
Table 15-8. Server Status Screen (continued) Severity Message Cause Critical Chipset Err: Critical Event sensor, PCI PERR was asserted Chip error is detected. Warning Mem ECC Warning: Memory Correctable ECC errors sensor, transition to non-critical have increased from a from OK ( ) was asserted Critical Mem ECC Warning: Memory Correctable ECC errors sensor, transition to critical from have reached a critical less severe (
Table 15-8.
Table 15-8.
Table 15-8. Server Status Screen (continued) Severity Message Cause Critical LinkT/FlexAddr: Link Tuning sensor, failed to program the virtual MAC address () was asserted This event is generated when the BIOS fails to program the virtual MAC address on the given NIC device. Critical I/O Fatal Err: Fatal IO Group sensor, fatal IO error () This event is generated in association with a CPU IERR and indicates which device caused the CPU IERR.
Table 15-9. Field iDRAC Log Page Information (continued) Description Description A brief description of the event and the user name that logged into the iDRAC. Using the iDRAC Log Page Buttons The iDRAC Log page provides the following buttons (see Table 15-10). Table 15-10. iDRAC Log Buttons Button Action Print Prints the iDRAC Log page. Clear Log Clears the iDRAC Log entries. NOTE: The Clear Log button only appears if you have Clear Logs permission.
Main System enclosure Table 15-11 and Table 15-12 describe the main system enclosure properties. Table 15-11. System Information Fields Field Description Description Provides a system description. BIOS Version Lists the system BIOS version. Service Tag Lists the system Service Tag number. Host Name Provides the host system’s name. OS Name Lists the operating system running on the system. Table 15-12.
Table 15-13. iDRAC Information Fields (continued) Field Description Hardware Version The version number of the primary planar (circuit board) of the managed server. IP Address The 32-bit address that identifies the network interface. The value is displayed in a dot separated format, such as 192.168.154.127. Gateway The IP Address of the gateway that acts as a bridge to other networks. This value is in a dot separated format, such as 192.168.150.5.
3 In the Identify Server Timeout field, enter the number of seconds that you want the LED to blink. Enter 0 if you want the LED to remain flashing until you disable it. 4 Click Apply. A blue LED on the server will flash for the number of seconds you specified. If you entered 0 leave the LED flashing, follow these steps to disable it: 1 Click System→Remote Access→iDRAC→Troubleshooting. 2 On the Identify page, clear the value box next to Identify Server. 3 Click Apply.
Table 15-14. Diagnostic Commands (continued) Command Description ping Verifies that the destination IP address is reachable from the iDRAC with the current routing-table contents. A destination IP address must be entered in the field to the right of this option. An Internet control message protocol (ICMP) echo packet is sent to the destination IP address based on the current routing-table contents. gettracelog Displays the iDRAC trace log.
4 Click the appropriate button to continue. See Table 15-15. Table 15-15. Power Control Actions Power On System Turns on the system power (equivalent to pressing the power button when the system power is off). Power Off System Turns off the system power (equivalent to pressing the power button when the system power is on).
Troubleshooting and Frequently Asked Questions Table 15-17 contains frequently asked questions about troubleshooting issues. Table 15-17. Frequently Asked Questions/Troubleshooting Question Answer The LED on the server is blinking amber. Check the SEL for messages and then clear the SEL to stop the blinking LED.
Table 15-17. Frequently Asked Questions/Troubleshooting (continued) Question Answer How can I find the IP address of the iDRAC? From the CMC Web interface: 1 Click Chassis→Servers, then click the Setup tab. 2 Click Deploy. 3 Read the IP address for your server from the table that is displayed. From the iKVM: • Reboot the server and enter the iDRAC Configuration Utility by pressing OR • Watch for the IP address to display during BIOS POST.
Table 15-17. Frequently Asked Questions/Troubleshooting (continued) Question Answer How can I find the IP address of the CMC? From the iDRAC Web interface: • Click System→Remote Access→CMC. The CMC IP address is displayed on the CMC page. OR • Select the "Dell CMC" console in the OSCAR to log into the CMC through a local serial connection. CMC RACADM commands can be issued from this connection.
Table 15-17. Frequently Asked Questions/Troubleshooting (continued) Question Answer I have forgotten the You must restore the iDRAC to its default settings. iDRAC administrative user 1 Reboot the server and press when name and password. prompted to enter the iDRAC Configuration Utility. 2 On the configuration utility menu, highlight Reset to Default and press . For more information, see "Reset to Default" on page 253.
Table 15-17. Frequently Asked Questions/Troubleshooting (continued) Question Answer When attempting to boot the managed server, the power indicator is green, but there is no POST or no video at all. This can happen if any of the following conditions is true: • Memory is not installed or is inaccessible. • The CPU is not installed or is inaccessible. • The video riser card is missing or improperly connected. Also, look for error messages in the iDRAC log from the iDRAC Web interface or from the LCD.
Recovering and Troubleshooting the Managed Server
RACADM Subcommand Overview This section provides descriptions of the subcommands that are available in the RACADM command line interface. CAUTION: The latest iDRAC firmware supports only the latest RACADM version. You may encounter errors if you use an older version of RACADM to query an iDRAC with the latest firmware. Install the RACADM version shipped with your latest Dell™ OpenManage™ DVD media. help Table A-1 describes the help command. Table A-1.
The racadm help command displays information for the specified subcommand only. Supported Interfaces Local RACADM config Table A-2 describes the config and getconfig subcommands. Table A-2. config/getconfig Subcommand Definition config Configures the iDRAC. getconfig Gets the iDRAC configuration data.
Table A-3. config Subcommand Options and Descriptions Option Description -f The -f option causes config to read the contents of the file specified by and configure the iDRAC. The file must contain data in the format specified in "Configuration File Syntax" on page 217. -p The -p, or password, option directs config to delete the password entries contained in the config file -f after the configuration is complete.
Sets the cfgNicIpAddress configuration parameter (object) to the value 10.35.10.110. This IP address object is contained in the group cfgLanNetworking. • racadm config -f myrac.cfg Configures or reconfigures the iDRAC. The myrac.cfg file may be created with the getconfig command. The myrac.cfg file may also be edited manually as long as the parsing rules are followed. NOTE: The myrac.cfg file does not contain passwords. To include passwords in the file, you must enter them manually.
Table A-4. getconfig Subcommand Options (continued) Option Description -h The -h, or help, option displays a list of all available configuration groups that you can use. This option is useful when you do not remember exact group names. -i The -i , or index, option is valid only for indexed groups and can be used to specify a unique group. If -i is not specified, a value of 1 is assumed for groups, which are tables that have multiple entries.
Displays a list of the available configuration groups on the iDRAC. • racadm getconfig -u root Displays the configuration properties for the user named root. • racadm getconfig -g cfgUserAdmin -i 2 -v Displays the user group instance at index 2 with extensive information for the property values.
• IP address (if applicable) • Session type (for example, SSH or telnet) • Consoles in use (for example, Virtual Media or Virtual KVM) Supported Interfaces Local RACADM Input Table A-6 describes the getssninfo subcommand options. Table A-6. getssninfo Subcommand Options Option Description -A The -A option eliminates the printing of data headers. -u The -u user name option limits the printed output to only the detail session records for the given user name.
getsysinfo Table A-8 describes the racadm getsysinfo subcommand. Table A-8. getsysinfo Command Definition getsysinfo Displays iDRAC information, system information, and watchdog status information. Synopsis racadm getsysinfo [-d] [-s] [-w] [-A] Description The getsysinfo subcommand displays information related to the iDRAC, managed server, and watchdog configuration. Supported Interfaces Local RACADM Input Table A-9 describes the getsysinfo subcommand options. Table A-9.
Sample Output RAC Information: RAC Date/Time Firmware Version Firmware Build Last Firmware Update = = = = Wed Aug 22 20:01:33 2007 0.32 13661 Mon Aug 20 08:09:36 2007 Hardware Version Current IP Address Current IP Gateway Current IP Netmask DHCP Enabled MAC Address Current DNS Server 1 Current DNS Server 2 DNS Servers from DHCP Register DNS RAC Name DNS RAC Name Current DNS Domain = = = = = = = = = = = = NA 192.168.0.120 192.168.0.1 255.255.255.0 1 00:14:22:18:cd:f9 10.32.60.4 10.32.60.
Examples • racadm getsysinfo -A -s "System Information:" "PowerEdge M600" "0.2.1" "0.32" "48192" "dell-x92i38xc2n" "" "ON" • racadm getsysinfo -w -s System Information: System Model System BIOS Version BMC Firmware Version Service Tag Host Name OS Name Power Status = PowerEdge M600 = 0.2.1 = 0.
Synopsis racadm getractime [-d] Description With no options, the getractime subcommand displays the time in a common readable format. With the -d option, getractime displays the time in the format, yyyymmddhhmmss.mmmmmms, which is the same format returned by the UNIX date command. Output The getractime subcommand displays the output on one line. Sample Output racadm getractime Thu Dec 8 20:15:26 2005 racadm getractime -d 20071208201542.
Synopsis racadm setniccfg -d racadm setniccfg -s [ ] racadm setniccfg -o [ ] Description The setniccfg subcommand sets the iDRAC IP address. • The -d option enables DHCP for the NIC (default is DHCP enabled). • The -s option enables static IP settings. The IP address, netmask, and gateway can be specified. Otherwise, the existing static settings are used. , , and must be typed as dotseparated strings.
getniccfg Table A-12 describes the getniccfg subcommand. Table A-12. getniccfg Subcommand Definition getniccfg Displays the current IP configuration for the iDRAC. Synopsis racadm getniccfg Description The getniccfg subcommand displays the current NIC settings. Sample Output The getniccfg subcommand will display an appropriate error message if the operation is not successful.
getsvctag Table A-13 describes the getsvctag subcommand. Table A-13. getsvctag Subcommand Definition getsvctag Displays a service tag. Synopsis racadm getsvctag Description The getsvctag subcommand displays the service tag of the host system. Example Type getsvctag at the command prompt. The output is displayed as follows: Y76TP0G The command returns 0 on success and nonzero on errors. Supported Interfaces Local RACADM racreset Table A-14 describes the racreset subcommand. Table A-14.
Synopsis racadm racreset Description The racreset subcommand issues a reset to the iDRAC. The reset event is written into the iDRAC log. Examples • racadm racreset Start the iDRAC soft reset sequence. Supported Interfaces Local RACADM racresetcfg Table A-15 describes the racresetcfg subcommand. Table A-15. racresetcfg Subcommand Definition racresetcfg Resets the entire RAC configuration to factory default values.
NOTE: This command deletes your current iDRAC configuration and resets the iDRAC configuration to the default settings. After reset, the default name and password are root and calvin, respectively, and the IP address is 192.168.0.120 plus the number of the slot the server inhabits in the chassis. serveraction Table A-16 describes the serveraction subcommand. Table A-16. serveraction Subcommand Definition serveraction Executes a managed server reset or power-on/off/cycle.
Output The serveraction subcommand displays an error message if the requested operation could not be performed, or a success message if the operation completed successfully. Supported Interfaces Local RACADM getraclog Table A-18 describes the racadm getraclog command. Table A-18. getraclog Command Definition getraclog -i Displays the number of entries in the iDRAC log. getraclog Displays the iDRAC log entries.
Table A-19. getraclog Subcommand Options (continued) Option Description -o Displays the output in a single line. -s Specifies the starting record used for the display. Output The default output display shows the record number, time stamp, source, and description. The timestamp begins at midnight, January 1 and increases until the managed server boots. After the managed server boots, the managed server’s system time is used for the timestamp.
getsel Table A-20 describes the getsel command. Table A-20. getsel Command Definition getsel -i Displays the number of entries in the System Event Log. getsel Displays SEL entries. Synopsis racadm getsel -i racadm getsel [-E] [-R] [-A] [-o] [-c count] [-s count] [-m] Description The getsel -i command displays the number of entries in the SEL. The following getsel options (without the -i option) are used to read entries. NOTE: If no arguments are specified, the entire log is displayed. Table A-21.
Output The default output display shows the record number, timestamp, severity, and description. For example: Record: 1 Date/Time: 11/16/2005 22:40:43 Severity: Ok Description: System Board SEL: event log sensor for System Board, log cleared was asserted Supported Interfaces Local RACADM clrsel Synopsis racadm clrsel Description The clrsel command removes all existing records from the System Event Log (SEL). Supported Interfaces Local RACADM gettracelog Table A-22 describes the gettracelog subcommand.
Synopsis racadm gettracelog -i racadm gettracelog [-A] [-o] [-c count] [-s startrecord] [-m] Description The gettracelog (without the -i option) command reads entries. The following gettracelog entries are used to read entries: Table A-23. gettracelog Subcommand options Option Description -i Displays the number of entries in the iDRAC trace log. -m Displays one screen at a time and prompts the user to continue (similar to the UNIX more command). -o Displays the output in a single line.
Supported Interfaces Local RACADM sslcsrgen Table A-24 describes the sslcsrgen subcommand. Table A-24. sslcsrgen Subcommand Description sslcsrgen Generates and downloads an SSL certificate signing request (CSR) from the RAC. Synopsis racadm sslcsrgen [-g] [-f ] racadm sslcsrgen -s Description The sslcsrgen subcommand can be used to generate a CSR and download the file to the client’s local file system.
If no options are specified, a CSR is generated and downloaded to the local file system as sslcsr by default. The -g option cannot be used with the -s option, and the -f option can only be used with the -g option. The sslcsrgen -s subcommand returns one of the following status codes: • CSR was generated successfully. • CSR does not exist. • CSR generation in progress. NOTE: Before a CSR can be generated, the CSR fields must be configured in the RACADM cfgRacSecurity group.
Options Table A-27 describes the sslcertupload subcommand options. Table A-27. sslcertupload Subcommand Options Option Description -t Specifies the type of certificate to upload, either the CA certificate or server certificate. 1 = server certificate 2 = CA certificate -f Specifies the file name of the certificate to be uploaded. If the file is not specified, the sslcert file in the current directory is selected.
Options Table A-29 describes the sslcertdownload subcommand options. Table A-29. sslcertdownload Subcommand Options Option Description -t Specifies the type of certificate to download, either the Microsoft® Active Directory® certificate or server certificate. 1 = server certificate 2 = Microsoft Active Directory certificate -f Specifies the file name of the certificate to be downloaded. If the -f option or the filename is not specified, the sslcert file in the current directory is selected.
Options Table A-31 describes the sslcertview subcommand options. Table A-31. sslcertview Subcommand Options Option Description -t Specifies the type of certificate to view, either the Microsoft Active Directory certificate or server certificate. 1 = server certificate 2 = Microsoft Active Directory certificate -A Prevents printing headers/labels.
Valid From Valid To : Jul : Jul 8 16:21:56 2005 GMT 7 16:21:56 2010 GMT racadm sslcertview -t 1 -A 00 US Texas Round Rock Dell Inc. Remote Access Group iDRAC default certificate US Texas Round Rock Dell Inc. Remote Access Group iDRAC default certificate Jul 8 16:21:56 2005 GMT Jul 7 16:21:56 2010 GMT Supported Interfaces Local RACADM testemail Table A-32 describes the testemail subcommand. Table A-32.
Description Sends a test e-mail from the iDRAC to a specified destination. Prior to executing the testemail command, ensure that the SMTP server is configured and the specified index in the RACADM cfgEmailAlert group is enabled and configured properly. Table A-33 provides an example of commands for the cfgEmailAlert group. Table A-33.
Output None. Supported Interfaces Local RACADM testtrap Table A-35 describes the testtrap subcommand. Table A-35. testtrap Subcommand Description testtrap Tests the iDRAC’s SNMP trap alerting feature. Synopsis racadm testtrap -i Description The testtrap subcommand tests the iDRAC’s SNMP trap alerting feature by sending a test trap from the iDRAC to a specified destination trap listener on the network.
Table A-36. cfg e-mail Alert Commands Action Command View the current test trap racadm getconfig -g cfgIpmiPet -i settings where is a number from 1 to 4 Input Table A-37 describes the testtrap subcommand options. Table A-37. testtrap Subcommand Options Option Description -i Specifies the index of the trap configuration to use for the test Valid values are from 1 to 4.
iDRAC Property Database Group and Object Definitions The iDRAC property database contains the configuration information for the iDRAC. Data is organized by associated object, and objects are organized by object group. The IDs for the groups and objects that the property database supports are listed in this section. Use the group and object IDs with the RACADM utility to configure the iDRAC. The following sections describe each object and indicate whether the object is readable, writable, or both.
idRacProductInfo (Read Only) Legal Values String of up to 63 ASCII characters. Default Integrated Dell Remote Access Controller Description A text string that identifies the product. idRacDescriptionInfo (Read Only) Legal Values String of up to 255 ASCII characters. Default This system component provides a complete set of remote management functions for Dell PowerEdge servers. Description A text description of the RAC type.
idRacBuildInfo (Read Only) Legal Values String of up to 16 ASCII characters. Default The current RAC firmware build version. For example, "05.12.06". Description A string containing the current product build version. idRacName (Read Only) Legal Values String of up to 15 ASCII characters. Default iDRAC Description A user assigned name to identify this controller. idRacType (Read Only) Default 8 Description Identifies the remote access controller type as the iDRAC.
cfgLanNetworking This group contains parameters to configure the iDRAC NIC. One instance of the group is allowed. All objects in this group will require the iDRAC NIC to be reset, which may cause a brief loss in connectivity. Objects that change the iDRAC NIC IP address settings will close all active user sessions and require users to reconnect using the updated IP address settings.
cfgDNSRacName (Read/Write) Legal Values String of up to 63 ASCII characters. At least one character must be alphabetic. NOTE: Some DNS servers only register names of 31 characters or fewer. Default rac-service tag Description Displays the RAC name, which is rac-service tag by default. This parameter is only valid if cfgDNSRegisterRac is set to 1 (TRUE). cfgDNSRegisterRac (Read/Write) Legal Values 1 (TRUE) 0 (FALSE) Default 0 Description Registers the iDRAC name on the DNS server.
Description Specifies that the DNS server IP addresses should be assigned from the DHCP server on the network. cfgDNSServer1 (Read/Write) Legal Values A string representing a valid IP address. For example: 192.168.0.20. Description Specifies the IP address for DNS server 1. This property is only valid if cfgDNSServersFromDHCP is set to 0 (FALSE). NOTE: cfgDNSServer1 and cfgDNSServer2 may be set to identical values while swapping addresses.
Default 0 Description Enables or disables the iDRAC network interface controller. If the NIC is disabled, the remote network interfaces to the iDRAC will no longer be accessible, and the iDRAC will only be available through the local RACADM interface. cfgNicIpAddress (Read/Write) NOTE: This parameter is only configurable if the cfgNicUseDhcp parameter is set to 0 (FALSE). Legal Values A string representing a valid IP address. For example: 192.168.0.20. Default 192.168.0.
Description The subnet mask used for static assignment of the iDRAC IP address. This property is only valid if cfgNicUseDhcp is set to 0 (FALSE). cfgNicGateway (Read/Write) NOTE: This parameter is only configurable if the cfgNicUseDhcp parameter is set to 0 (FALSE). Legal Values A string representing a valid gateway IP address. For example: 192.168.0.1. Default 192.168.0.1 Description The gateway IP address used for static assignment of the RAC IP address.
cfgNicMacAddress (Read Only) Legal Values A string representing the RAC NIC MAC address. Default The current MAC address of the iDRAC NIC. For example, 00:12:67:52:51:A3. Description The iDRAC NIC MAC address. cfgNicVLanEnable (Read/Write) NOTE: The VLAN settings can be configured through the CMC Web Interface. iDRAC displays only the current enablement status and you cannot modify the settings from iDRAC.
Description Specifies the VLAN ID for the network VLAN configuration in the CMC. This property is valid only if cfgNicVLanEnable is set to 1 (enabled). cfgNicVLanPriority (Read/Write) Legal Values 0–7 Default 0 Description Specifies the VLAN priority for the network VLAN configuration in the CMC. This property is valid only if cfgNicVLanEnable is set to 1 (enabled).
Description The maximum privilege on the IPMI LAN channel. cfgUserAdminPrivilege (Read/Write) Legal Values 0x00000000 to 0x000001ff Default 0x00000000 Description This property specifies the role-based authority privileges allowed for the user. The value is represented as a bit mask that allows for any combination of privilege values. Table B-1 describes the user privilege bit values that can be combined to create bit masks. Table B-1.
Table B-2. Sample Bit Masks for User Privileges User Privilege(s) Privilege Bit Mask The user is not allowed to access the iDRAC. 0x00000000 The user may only login to the 0x00000001 iDRAC and view iDRAC and server configuration information. The user may login to the iDRAC 0x00000001 + 0x00000002 = 0x00000003 and change configuration. The user may login to RAC, access virtual media, and access console redirection.
Default "" Description The password for this user. User passwords are encrypted and cannot be seen or displayed after the property is written. cfgUserAdminEnable Legal Values 1 (TRUE) 0 (FALSE) Default 0 Description Enables or disables an individual user. cfgUserAdminSolEnable Legal Values 1 (TRUE) 0 (FALSE) Default 0 Description Enables or disables Serial Over LAN (SOL) user access.
cfgEmailAlert This group contains parameters to configure the RAC e-mail alerting capabilities. The following subsections describe the objects in this group. Up to four instances of this group are allowed. cfgEmailAlertIndex (Read Only) Legal Values 1–4 Default This parameter is populated based on the existing instances. Description The unique index of an alert instance.
Default "" Description The e-mail address of the alert source. cfgEmailAlertCustomMsg Legal Values String. Maximum Length = 32. Default "" Description Specifies a custom message that is sent with the alert. cfgSessionManagement This group contains parameters to configure the number of sessions that can connect to the iDRAC. One instance of the group is allowed. The following subsections describe the objects in this group.
cfgSsnMgtWebserverTimeout (Read/Write) Legal Values 60 – 1920 Default 300 Description Defines the web server time-out. This property sets the amount of time in seconds that a connection is allowed to remain idle (there is no user input). The session is cancelled if the time limit set by this property is reached. Changes to this setting do not affect the current session; you must log out and log in again to make the new settings effective. An expired web server session logs out the current session.
After the message appears, the system returns you to the shell that generated the Secure Shell session. cfgSsnMgtTelnetIdleTimeout (Read/Write) Legal Values 0 (No timeout) 60 – 1920 Default 300 Description Defines the telnet idle time-out. This property sets the amount of time in seconds that a connection is allowed to remain idle (there is no user input). The session is cancelled if the time limit set by this property is reached.
Default 1 Description Enables or disables the secure shell (SSH) interface on the iDRAC. cfgSerialTelnetEnable (Read/Write) Legal Values 1 (TRUE) 0 (FALSE) Default 0 Description Enables or disables the telnet console interface on the iDRAC. cfgRacTuning This group is used to configure various iDRAC configuration properties, such as valid ports and security port restrictions.
cfgRacTuneHttpsPort (Read/Write) Legal Values 10 – 65535 Default 443 Description Specifies the port number to use for HTTPS network communication with the iDRAC. cfgRacTuneIpRangeEnable Legal Values 1 (TRUE) 0 (FALSE) Default 0 Description Enables or disables the IP Address Range validation feature of the iDRAC. cfgRacTuneIpRangeAddr Legal Values String, IP address formatted. For example, 192.168.0.44. Default 192.168.1.
cfgRacTuneIpRangeMask Legal Values Standard IP mask values with left-justified bits Default 255.255.255.0 Description String, IP-address formatted. For example, 255.255.255.0. cfgRacTuneIpBlkEnable Legal Values 1 (TRUE) 0 (FALSE) Default 0 Description Enables or disables the IP address blocking feature of the RAC.
cfgRacTuneIpBlkFailWindow Legal Values 10 – 65535 Default 60 Description Defines the time span in seconds that the failed attempts are counted. When failure attempts age beyond this limit, they are dropped from the count. cfgRacTuneIpBlkPenaltyTime Legal Values 10 – 65535 Default 300 Description Defines the time span in seconds that session requests from an IP address with excessive failures are rejected.
cfgRacTuneTelnetPort (Read/Write) Legal Values 1 – 65535 Default 23 Description Specifies the port number used for the iDRAC telnet interface. cfgRacTuneConRedirEncryptEnable (Read/Write) Legal Values 1 (TRUE) 0 (FALSE) Default 1 Description Encrypts the video in a console redirection session.
Description Specifies the port to be used for keyboard and mouse traffic during console redirection activity with the iDRAC. cfgRacTuneConRedirVideoPort (Read/Write) Legal Values 1 – 65535 Default 5901 Description Specifies the port to be used for video traffic during console redirection activity with the iDRAC. NOTE: This object requires an iDRAC reset before it becomes active.
Default 1 Description Enables and disables the iDRAC web server. If this property is disabled, the iDRAC will not be accessible using client web browsers. This property has no effect on the telnet/SSH or local RACADM interfaces. cfgRacTuneLocalServerVideo (Read/Write) Legal Values 1 (Enables) 0 (Disables) Default 1 Description Enables (switches ON) or disables (switches OFF) the local server video.
ifcRacManagedNodeOs This group contains properties that describe the Managed Server operating system. One instance of the group is allowed. The following subsections describe the objects in this group. ifcRacMnOsHostname (Read/Write) Legal Values String. Maximum Length = 255. Default "" Description The host name of the managed server. ifcRacMnOsOsName (Read/Write) Legal Values String. Maximum Length = 255. Default "" Description The operating system name of the managed server.
cfgSecCsrCommonName (Read/Write) Legal Values String. Maximum Length = 254. Default "" Description Specifies the CSR Common Name (CN). cfgSecCsrOrganizationName (Read/Write) Legal Values String. Maximum Length = 254. Default "" Description Specifies the CSR Organization Name (O). cfgSecCsrOrganizationUnit (Read/Write) Legal Values String. Maximum Length = 254. Default "" Description Specifies the CSR Organization Unit (OU).
cfgSecCsrLocalityName (Read/Write) Legal Values String. Maximum Length = 254. Default "" Description Specifies the CSR Locality (L). cfgSecCsrStateName (Read/Write) Legal Values String. Maximum Length = 254. Default "" Description Specifies the CSR State Name (S). cfgSecCsrCountryCode (Read/Write) Legal Values String. Maximum Length = 2.
cfgSecCsrEmailAddr (Read/Write) Legal Values String. Maximum Length = 254. Default "" Description Specifies the CSR Email Address. cfgSecCsrKeySize (Read/Write) Legal Values 1024 2048 4096 Default 1024 Description Specifies the SSL asymmetric key size for the CSR. cfgRacVirtual This group contains parameters to configure the iDRAC virtual media feature. One instance of the group is allowed. The following subsections describe the objects in this group.
Default 1 Description This object is used to attach virtual devices to the system via the USB bus. When the devices are attached the server will recognize valid USB mass storage devices attached to the system. This is equivalent to attaching a local USB CDROM/floppy drive to a USB port on the system. When the devices are attached you then can connect to the virtual devices remotely using the iDRAC Web interface or the CLI. Setting this object to 0 will cause the devices to detach from the USB bus.
cfgVirMediaBootOnce (Read/Write) Legal Values 1 (Enabled) 0 (Disabled) Default 0 Description Enables or disables the virtual media boot-once feature of the iDRAC. If this property is enabled when the host server is rebooted, this feature will attempt to boot from the virtual media devices—if the appropriate media is installed in the device.
cfgADRacDomain (Read/Write) Legal Values Any printable text string with no white space. Length is limited to 254 characters. Default "" Description Active Directory Domain in which the DRAC resides. cfgADRacName (Read/Write) Legal Values Any printable text string with no white space. Length is limited to 254 characters. Default "" Description Name of iDRAC as recorded in the Active Directory forest.
Description Enables or disables Active Directory user authentication on the iDRAC. If this property is disabled, local iDRAC authentication is used for user logins instead. cfgADAuthTimeout (Read/Write) NOTE: To modify this property, you must have Configure iDRAC permission. Legal Values 15 – 300 Default 120 Description Specifies the number of seconds to wait for Active Directory authentication requests to complete before timing out.
Default 0 Description 1 (True) enables you to specify an LDAP or a Global Catalog server. 0 (False) disables this option. cfgADDomainController (Read/Write) Valid IP address or a fully qualified domain name (FQDN) Default No default value Description The iDRAC uses the value you specify to search the LDAP server for user names.
Default 1 = Extended schema Description Determines the schema type to use with Active Directory. cfgStandardSchema This group contains parameters to configure the Active Directory standard schema settings. cfgSSADRoleGroupIndex (Read Only) Legal Values Integer from 1 to 5. Description Index of the Role Group as recorded in the Active Directory. cfgSSADRoleGroupName (Read/Write) Legal Values Any printable text string with no white space. Length is limited to 254 characters.
Default (blank) Description Active Directory Domain in which the Role Group resides. cfgSSADRoleGroupPrivilege (Read/Write) Legal Values 0x00000000 to 0x000001ff Default (blank) Description Use the bit mask numbers in Table B-3 to set role-based authority privileges for a Role Group. Table B-3.
cfgIpmiSolEnable (Read/Write) Legal Values 0 (FALSE) 1 (TRUE) Default 1 Description Enables or disables SOL. cfgIpmiSolBaudRate (Read/Write) Legal Values 19200, 57600, 115200 Default 115200 Description The baud rate for serial communication over LAN. cfgIpmiSolMinPrivilege (Read/Write) Legal Values 2 (User) 3 (Operator) 4 (Administrator) Default 4 Description Specifies the minimum privilege level required for SOL access.
cfgIpmiSolAccumulateInterval (Read/Write) Legal Values 1 – 255. Default 10 Description Specifies the typical amount of time that the iDRAC waits before transmitting a partial SOL character data packet. This value is 1-based 5ms increments. cfgIpmiSolSendThreshold (Read/Write) Legal Values 1 – 255 Default 255 Description The SOL threshold limit value. Specifies the maximum number of bytes to buffer before sending an SOL data packet.
Default 0 Description Enables or disables the IPMI over LAN interface. cfgIpmiLanPrivLimit (Read/Write) Legal Values 2 (User) 3 (Operator) 4 (Administrator) Default 4 Description Specifies the maximum privilege level allowed for IPMI over LAN access. cfgIpmiLanAlertEnable (Read/Write) Legal Values 0 (FALSE) 1 (TRUE) Default 0 Description Enables or disables global e-mail alerting. This property overrides all individual e-mail alerting enable/disable properties.
cfgIpmiEncryptionKey (Read/Write) Legal Values A string of hexadecimal digits from 0 to 20 characters with no spaces. Default 00000000000000000000 Description The IPMI encryption key. cfgIpmiPetCommunityName (Read/Write) Legal Values A string up to 18 characters. Default public Description The SNMP community name for traps. cfgIpmiPef This group is used to configure the platform event filters available on the managed server.
Description Specifies the name of the platform event filter. cfgIpmiPefIndex (Read Only) Legal Values 1 – 17 Default The index value of a platform event filter object. Description Specifies the index of a specific platform event filter. cfgIpmiPefAction (Read/Write) Legal Values 0 (None) 1 (Power Down) 2 (Reset) 3 (Power Cycle) Default 0 Description Specifies the action that is performed on the managed server when the alert is triggered.
Default 1 Description Enables or disables a specific platform event filter. cfgIpmiPet This group is used to configure platform event traps on the managed server. cfgIpmiPetIndex (Read/Write) Legal Values 1–4 Default The appropriate index value. Description Unique identifier for the index corresponding to the trap. cfgIpmiPetAlertDestIpAddr (Read/Write) Legal Values String representing a valid IP address. For example, 192.168.0.67. Default 0.0.0.
cfgIpmiPetAlertEnable (Read/Write) Legal Values 0 (FALSE) 1 (TRUE) Default 1 Description Enables or disables a specific trap.
iDRAC SMCLP Property Database /system1/sp1/account<1-16> This target provides configuration information about the local users who are allowed to access the RAC through available remote interfaces. Up to 16 instances of the user group are allowed. Each instance <1-16> represents the configuration for an individual local user. userid (Read Only) Legal values 1-16 Default Depends on the account instance being accessed. Description Specifies the instance ID or the local user ID.
Description A text string that contains the name of the local user for this account. The string must not contain a forward slash (/), period (.), at symbol (@), or quotation marks ("). Deleting the user is done by deleting the account. (delete account<1-16>). NOTE: This property value must be unique among usernames.
enabledstate (Read/Write) Legal Values 0 (Disabled) 1 (Enabled) Default 0 Description Helps enable or disable an individual user. solenabled (Read/Write) Legal Values 0 (Disabled) 1 (Enabled) Default 0 Description Enables or disables Serial Over LAN (SOL) user access.
Description Specifies the role-based authority privileges allowed for the user. The value is represented as a bit mask that allows for any combination of privilege values. Table C-1 describes the user privilege bit values that can be combined to create bit masks. Table C-1.
Table C-2. Sample Bit Masks for User Privileges (continued) User Privilege(s) Privilege Bit Mask The user may login to RAC, access 0x00000001 + 0x00000040 + virtual media, and access console 0x00000080 = 0x000000C1 redirection. /system1/sp1/enetport1/* This group contains parameters to configure the iDRAC NIC. One instance of the group is allowed. All objects in this group require the iDRAC NIC to be reset, which may cause a brief loss in connectivity.
Default 0 Description Enables or disables the iDRAC network interface controller. If the NIC is disabled, the remote network interfaces to the iDRAC become inaccessible, rendering the iDRAC available only through the local RACADM interface. ipaddress (Read/Write) Legal Values A string representing a valid IP address. For example: 192.168.0.20. Default 192.168.0.n (where n is 120 plus the server slot number) Description Specifies the static IP address to assign to the RAC.
1 (Enabled) Default 0 Description Specifies whether DHCP is used to assign the iDRAC IP address. If this property is set to 1 (Enabled), the iDRAC IP address, subnet mask, and gateway are assigned from the DHCP server on the network. If this property is set to 0 (Disabled), the static IP address, subnet mask, and gateway gain values inserted manually by the user.
1 (Enabled) Default 0 Description Specifies that the iDRAC DNS domain name should be assigned from the network DHCP server. oemdell_dnsdomainname (Read/Write) Legal Values A string of up to 254 ASCII characters. At least one of the characters must be alphabetic. Default “” Description Holds the DNS domain name. This parameter is only valid if oemdell_domainnamefromdhcp is set to 0 (Disabled).
oemdell_dnsracname (Read/Write) Legal Values A string of up to 63 ASCII characters. At least one character must be alphabetic. NOTE: Some DNS servers only register names of up to 31 characters. Default rac-service tag Description Displays the RAC name, which is the RAC service tag by default. This parameter is only valid if oemdell_dnsregisterrac is set to 1 (Registered).
Default 0.0.0.0 Description Specifies the IP address for DNS Server 1. This property is only valid if oemdell_serversfromdhcp is set to 0 (Disabled). /system1/sp1/enetport1/lanendpt1/ipendpt1/dnse ndpt1/remotesap2 dnsserveraddress (Read/Write) Legal Values A string representing a valid IP address. For example: 192.168.0.20. Default 0.0.0.0 Description Specifies the IP address for DNS Server 2. This property is only valid if oemdell_serversfromdhcp is set to 0 (Disabled).
Description The gateway IP address used for static assignment of the RAC IP address. This property is only valid if oemdell_usedhcp is set to 0 (Disabled). /system1/sp1/group<1-5> These groups contain parameters to configure the Active Directory standard schema settings. oemdell_groupname (Read/Write) Legal Values Any printable text string up to 254 characters with no blank spaces. Default “” Description Holds the name of the Role Group as recorded in the Active Directory forest.
Default “” Description Use the bit mask numbers in Table B-3 to set role-based authority privileges for a Role Group. Table C-3.
Description Enables or disables Active Directory user authentication on the iDRAC. If this property is disabled, only local iDRAC authentication is used for user logins. oemdell_adracname (Read/Write) Legal Values Any printable text string up to 254 characters with no blank spaces. Default "" Description Name of iDRAC as recorded in the Active Directory forest. oemdell_adracdomain (Read/Write) Legal Values Any printable text string up to 254 characters with no blank spaces.
Description The root domain of the Domain Forest. oemdell_timeout (Read/Write) Legal Values 15 – 300 Default 120 Description Specifies the number of seconds to wait for Active Directory authentication requests to complete before timing out. oemdell_schematype (Read/Write) Legal Values 1 (Extended schema) 2 (Standard schema) Default 1 Description Determines the schema type to use with Active Directory.
Description Enables the user to specify an LDAP or a Global Catalog server. oemdell_addomaincontroller (Read/Write) Legal Values A valid IP address or a fully qualified domain name (FQDN). Default “” Description Value specified by the user that the iDRAC uses to search the LDAP server for usernames. oemdell_adglobalcatalog (Read/Write) Legal Values A valid IP address or an FQDN.
commonname (Read/Write) Legal Values A string of up to 254 characters. Default "" Description Specifies the CSR Common Name. organizationname (Read/Write) Legal Values A string of up to 254 characters. Default "" Description Specifies the CSR Organization Name. oemdell_organizationunit (Read/Write) Legal Values A string of up to 254 characters. Default "" Description Specifies the CSR Organization Unit.
oemdell_localityname (Read/Write) Legal Values A string of up to 254 characters. Default "" Description Specifies the CSR Locality. oemdell_statename (Read/Write) Legal Values A string of up to 254 characters. Default "" Description Specifies the CSR State Name. oemdell_countrycode (Read/Write) Legal Values A string of up to 2 characters. Default "" Description Specifies the CSR Country Code.
oemdell_emailaddress (Read/Write) Legal Values A string of up to 254 characters. Default "" Description Specifies the CSR Email Address. oemdell_keysize (Read/Write) Legal Values 1024 2048 4096 Default 1024 Description Specifies the SSL asymmetric key size for the CSR. /system1/sp1/oemdell_ssl1 Contains parameters necessary to generate Certificate Signing Requests (CSRs) and view certificates.
Default 0 Description Generates a CSR when set to 1. Set the properties in the oemdell_racsecurity1 target before generating a CSR. oemdell_status (Read Only) Legal values CSR not found CSR generated Default CSR not found Description Shows the status of the previous generate command issued, if any, during the current session.
/system1/sp1/oemdell_vmservice1 This group contains parameters to configure the iDRAC virtual media feature. enabledstate (Read/Write) Legal Values VMEDIA_DETACH VMEDIA_ATTACH VMEDIA_AUTO_ATTACH Default VMEDIA_ATTACH Description Used to attach virtual devices to the system via the USB bus, allowing the server to recognize valid USB mass storage devices attached to the system. This is equivalent to attaching a local USB CDROM/floppy drive to a USB port on the system.
oemdell_floppyemulation (Read/Write) Legal Values 0 (Disabled) 1 (Enabled) Default 0 Description When set to 0, the virtual floppy drive is recognized as a removable disk by Windows operating systems. Windows operating systems will assign a drive letter that is C: or higher during enumeration. When set to 1, the Virtual Floppy drive will be seen as a floppy drive by Windows operating systems.
Default FALSE Description Indicates that the port has SSL disabled. portnumber (Read/Write) Legal Values 1 – 65535 Default 3670 Description Specifies the port number used for encrypted virtual media connections to the iDRAC. oemdell_sslenabled (Read Only) Legal Value TRUE Default TRUE Description Indicates that the port has SSL enabled.
RACADM and SM-CLP Equivalencies Table D-1 lists the RACADM groups and objects and, where they exist, SMSLP equivalent locations in the SM-CLP MAP. Table D-1. RACADM Groups/Objects and SM-CLP Equivalencies RACADM Groups/Objects SM-CLP Description idRacInfo idRacName String of up to 15 ASCII characters. Default: iDRAC. idRacProductInfo String of up to 63 ASCII characters. Default: Integrated Dell Remote Access Controller. idRacDescriptionInfo String of up to 255 ASCII characters.
Table D-1. RACADM Groups/Objects and SM-CLP Equivalencies (continued) RACADM Groups/Objects SM-CLP Description cfgADEnable enablestate 0 to disable, 1 to enable. Default: 0 cfgADRacName oemdell_adracname String of up to 254 characters. cfgADRacDomain oemdell_adracdomain String of up to 254 characters. cfgADRootDomain oemdell_adrootdomain String of up to 254 characters. cfgADAuthTimeout oemdell_timeout 15 to 300 seconds.
Table D-1. RACADM Groups/Objects and SM-CLP Equivalencies (continued) RACADM Groups/Objects SM-CLP Description cfgSSADRoleGroupPrivilege oemdell_groupprivilege Bit mask with values between 0x00000000 and 0x000001ff. cfgLanNetworking /system1/sp1/enetport1 cfgNicMacAddress macaddress The MAC address of the interface. Not editable. /system1/sp1/enetport1/ lanendpt1/ipendpt1 cfgNicEnable oemdell_nicenable 0 to disable NIC, 1 to enable NIC.
Table D-1. RACADM Groups/Objects and SM-CLP Equivalencies (continued) RACADM Groups/Objects SM-CLP Description cfgDNSRacName oemdell_dnsracname String of up to 63 ASCII characters. At least one character must be alphabetic. Default: iDRAC- plus the Dell service tag. cfgDNSRegisterRac oemdell_dnsregisterrac Set to 1 to register iDRAC name in DNS. Default: 0 cfgDNSServersFromDHCP oemdell_dnsserversfromdhcp Set to 1 to get DNS server addresses from DHCP.
Table D-1. RACADM Groups/Objects and SM-CLP Equivalencies (continued) RACADM Groups/Objects SM-CLP Description cfgVirMediaAttached enabledstate Set to 1 (RACADM)/ VMEDIA_ATTACH (SM-CLP) to attach media. Default: 1 (RACADM)/ VMEDIA_ATTACH (SM-CLP) cfgVirMediaBootOnce oemdell_singleboot Set to 1 to perform next boot from selected media. Default 0. /system1/sp1/oemdell_vmservice1/ tcpendpt1 cfgVirAtapiSvrPort oemdell_sslenabled Set to 1 if SSL is enabled for first virtual media device, 0 if not.
Table D-1. RACADM Groups/Objects and SM-CLP Equivalencies (continued) RACADM Groups/Objects SM-CLP Description cfgUserAdminPassword password A string of up to 20 ASCII characters. cfgUserAdminPrivilege oemdell_extendedprivileges Bit mask value between 0x00000000 and 0x000001ff. Default: 0x00000000 cfgUserAdminSolEnable solenabled Set to 1 to allow user to use Serial over LAN. Default: 0 cfgUserAdminUserName username String of up to 16 characters.
Table D-1. RACADM Groups/Objects and SM-CLP Equivalencies (continued) RACADM Groups/Objects SM-CLP Description cfgSsnMgtTelnetIdleTimeout Number of seconds idle before a telnet session times out. 0 to disable timeout or 60-1920 seconds. Default: 300 cfgSsnMgtWebserverTimeout Number of seconds idle before a Web interface session times out. 60-1920 seconds. Default: 300 cfgRacTuning cfgRacTuneConRedirEnable Set to 1 to enable console redirection, 0 to disable.
Table D-1. RACADM Groups/Objects and SM-CLP Equivalencies (continued) RACADM Groups/Objects SM-CLP Description cfgRacTuneIpBlkFailWindow Time span in seconds during which to count failed login attempts (10 to 65535). Default: 60 cfgRacTuneIpBlkPenaltyTime Time span in seconds that a blocked IP remains blocked (10 to 65535). Default: 300 cfgRacTuneIpRangeAddr Base IP address for IP range filter. Default: 192.168.0.1 cfgRacTuneIpRangeEnable Set to 1 to allow IP range filtering.
Table D-1. RACADM Groups/Objects and SM-CLP Equivalencies (continued) RACADM Groups/Objects SM-CLP Description cfgRacSecCsrCommonName commonname Active Directory common name. String of up to 254 characters. cfgRacSecCsrCountryCode oemdell_countrycode Active Directory country code. 2 characters. cfgRacSecCsrEmailAddr oemdell_emailaddress E-mail address to use for Certificate Signing Request. String of up to 254 characters.
Table D-1. RACADM Groups/Objects and SM-CLP Equivalencies (continued) RACADM Groups/Objects SM-CLP Description cfgIpmiSolEnable Set to 1 to enable Serial over LAN feature. Default: 0 cfgIpmiSolSendThreshold Maximum number of characters to collect before sending SOL data (1 to 255). Default: 255 cfgIpmiSolMinPrivilege Minimum privilege required to use SOL. 2 (user), 3 (operator), or 4 (administrator). Default: 4 cfgIpmiLan cfgIpmiEncryptionKey A string of 0 to 40 hexadecimal digits.
Table D-1. RACADM Groups/Objects and SM-CLP Equivalencies (continued) RACADM Groups/Objects SM-CLP Description cfgIpmiPefIndex The index number of the platform event filter. (1 - 17) cfgIpmiPefName The name of the platform event, a string of up to 254 characters. Not editable. cfgIpmiPet cfgIpmiPetAlertDestIpAddr IP address of the platform event trap receiver. Default: 0.0.0.0 cfgIpmiPetAlertEnable Set to 1 to enable the platform event trap.
Table D-2. RACADM Subcommands and SM-CLP Equivalencies (continued) RACADM Subcommand SM-CLP sslcertupload -t 2 set /system1/sp1/oemdell_ssl1 oemdell_certtype=AD sslcertdownload -t 1 set /system1/sp1/oemdell_ssl1 oemdell_certtype=SSL Uploads the Active Directory Certificate load -source
Glossary Active Directory Active Directory is a centralized and standardized system that automates network management of user data, security, and distributed resources, and enables interoperation with other directories. Active Directory is designed especially for distributed networking environments. AGP Abbreviation for accelerated graphics port, which is a bus specification that allows graphics cards faster access to main system memory.
CA A certificate authority is a business entity that is recognized in the IT industry for meeting high standards of reliable screening, identification, and other important security criteria. Examples of CAs include Thawte and VeriSign. After the CA receives your CSR, they review and verify the information the CSR contains.
DLL Abbreviation for Dynamic Link Library, which is a library of small programs, any of which can be called when needed by a larger program that is running in the system. The small program that lets the larger program communicate with a specific device such as a printer or scanner is often packaged as a DLL program (or file). DDNS Abbreviation for Dynamic Domain Name System. DMTF Abbreviation for Distributed Management Task Force. DNS Abbreviation for Domain Name System.
GPIO Abbreviation for general purpose input/output. GRUB Acronym for GRand Unified Bootloader, a new and commonly-used Linux loader. GUI Abbreviation for graphical user interface, which refers to a computer display interface that uses elements such as windows, dialog boxes, and buttons as opposed to a command prompt interface, in which all user interaction is displayed and typed in text. hardware log Records events generated by the iDRAC and the CMC.
IPMI Abbreviation for Intelligent Platform Management Interface, which is a part of systems management technology. IPMItool A utility for managing and configuring devices that support IPMI version 1.5 and version 2.0. Kbps Abbreviation for kilobits per second, which is a data transfer rate. LAN Abbreviation for local area network. LDAP Abbreviation for Lightweight Directory Access Protocol. LED Abbreviation for light-emitting diode. LOM Abbreviation for Local area network On Motherboard.
Mbps Abbreviation for megabits per second, which is a data transfer rate. MIB Abbreviation for management information base. MII Abbreviation for Media Independent Interface. NAS Abbreviation for network attached storage. NIC Abbreviation for network interface card. An adapter circuit board installed in a computer to provide a physical connection to a network. OID Abbreviation for Object Identifiers. OpenSSH An open source utility for using the SSH protocol.
PuTTY A terminal emulator application that acts as a client for the SSH, Telnet, rlogin, and raw TCP computing protocols. RAM Acronym for random-access memory. RAM is general-purpose readable and writable memory on systems and the iDRAC. RAM disk A memory-resident program which emulates a hard drive. The iDRAC maintains a RAM disk in its memory. RAC Abbreviation for remote access controller.
SMTP Abbreviation for Simple Mail Transfer Protocol, which is a protocol used to transfer electronic mail between systems, usually over an Ethernet. SMWG Abbreviation for Systems Management Working Group. SNMP trap A notification (event) generated by the iDRAC or the CMC that contains information about state changes on the managed server or about potential hardware problems.
Telnet A network protocol use on Internet or local area network connections. TFTP Abbreviation for Trivial File Transfer Protocol, which is a simple file transfer protocol used for downloading boot code to diskless devices or systems. UPS Abbreviation for uninterrupted power supply. USB Abbreviation for Universal Serial Bus. UTC Abbreviation for Universal Coordinated Time. See GMT. VLAN Abbreviation for Virtual Local Area Network. VNC Abbreviation for virtual network computing.
Glossary
Index A Active Directory about the extended schema, 106-120 about the standard schema, 125 accessing the iDRAC with, 111 adding iDRAC users to, 118 configuring extended schema with RACADM, 122 configuring extended schema with SM-CLP, 123 configuring extended schema with the web interface, 121 configuring standard schema with RACADM, 129 configuring standard schema with SM-CLP, 130 configuring standard schema with the web interface, 127 extended schema classes and attributes, 113 logging in to the iDRAC with
configuring iDRAC during initialization, 36 IP address, locating, 40 web Interface, 34 directory service. See Active Directory Distributed Management Task Force (DMTF), 223 CMC Web interface locating the iDRAC IP address, 278 documents you may need, 30 CMC web interface configuring iDRAC network properties, 40 E community string, SNMP, 76, 351 e-mail alerts configuring with RACADM, 210 configuring with the web interface, 81 configuration file creating, 216 extended schema.
G gettracelog command, diagnostics console, 275 group permissions table of, 85 I iDRAC creating a configuration file, 216 log, viewing, 270 recovering firmware, 103 resetting to factory defaults, 253 securing communications, 86 system information, 272 updating the firmware, 42 iDRAC configuration utility about, 247 configuring IPMI, 249 configuring LAN user, 252 configuring network properties, 249-250 configuring virtual media, 252 starting, 248 iDRAC service ports, 29 ifconfig command, diagnostics console
operating system shell options, 245 parameters, 242 return codes, 246 syntax, 242 using, 240 ivmdeploy script, 239 J Java console redirection plug-in, 60, 173 K key, verify, 46, 48 L last crash screen capturing on the managed server, 68 viewing, 260 Lightweight Directory Access Protocol (LDAP). See Active Directory local RACADM, 34 server, 67 lost administrative password, 253 M Manageability Access Point.
configuring with the web interface, 79-80, 209 filterable platform events table, 79 network properties configuring manually, 205 configuring with RACADM, 205 configuring with the CMC web interface, 40 configuring with the iDRAC configuration utility, 249-250 configuring with the Web interface, 74 ping command, diagnostics console, 275 O ports table of, 29 On Screen Configuration and Reporting.
proxy server, web browser configuration, 57 getsel, 301 getssninfo, 200, 288 getsvctag, 200, 296 getsysinfo, 200, 290 gettracelog, 201, 302 help, 283 racreset, 201, 296 racresetcfg, 201, 297 serveraction, 201, 298 setniccfg, 201, 293 sslcertdownload, 201, 306 sslcertupload, 201, 305 sslcertview, 201, 307 sslcsrgen, 201, 304 testemail, 201, 309 testtrap, 201, 311 public key, verify, 46, 48 PuTTY, Windows SSH client, 62 R RACADM configuring Active Directory extended schema, 122 configuring Active Directory
LDIF (Active Directory schema extender), 112 secure shell. See SSH secure sockets layer.
navigating the MAP output formats, 229 power management, 230 syntax, 224 targets, 228 updating iDRAC firmware, 231 using the show verb, 228 SNMP community string, 76, 351 testing trap alert, 205 SOL Proxy connecting to the BMC, 156 initiating session, 155 model for, 150 opening SOL with, 153 using HyperTerminal with, 156 using Telnet with, 156 SOL.
configuring LAN user with the iDRAC configuration utility, 252 utilities Active Directory users and computers MMC snap-in, 118 dd, 238 iDRAC configuration utility, 247 iVM-CLI, 237 schema extender, 112 video viewer, 174 V verify digital signature, 45-48 public key, 46, 48 video viewer using, 174 virtual media about, 185 booting, 192 command line, 240 configuring with the iDRAC configuration utility, 252 configuring with the web interface, 188 installing the operating system, 192 running, 190 W web browser
Index