Integrated Dell Remote Access Controller 8 (iDRAC8) and iDRAC7 v2.10.10.
Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your computer. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. Copyright © 2015 Dell Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws.
Contents 1 Overview...............................................................................................................16 Benefits of using iDRAC with Lifecycle Controller.............................................................................16 Key features..........................................................................................................................................17 New in this release..............................................................................
Enabling or disabling default password warning message using web interface........................ 42 Enabling or disabling warning message to change default login password using RACADM.... 42 Invalid password credentials...............................................................................................................43 3 Setting up managed system and management station...............................44 Setting up iDRAC IP address.................................................................
Backing up server profile.................................................................................................................... 80 Backing up server profile using iDRAC web interface................................................................. 80 Backing up server profile using RACADM.....................................................................................81 Scheduling automatic backup server profile...............................................................................
Enabling or disabling OS to iDRAC Pass-through using RACADM............................................101 Enabling or disabling OS to iDRAC Pass-through using iDRAC settings utility........................ 101 Obtaining certificates........................................................................................................................102 SSL server certificates..................................................................................................................
Switching between RAC serial and serial console while using DB9 cable......................................127 Switching from serial console to RAC serial...............................................................................127 Switching from RAC serial to serial console...............................................................................127 Communicating with iDRAC using IPMI SOL...................................................................................
Creating Active Directory objects and providing privileges....................................................... 171 Configuring the browser to enable Active Directory SSO..........................................................171 Configuring iDRAC SSO login for Active Directory users................................................................ 172 Configuring iDRAC SSO login for Active Directory users using web interface.........................
Viewing System Event Log using web interface........................................................................ 189 Viewing System Event Log using RACADM................................................................................189 Viewing System Event Log using iDRAC settings utility............................................................ 190 Viewing Lifecycle log .......................................................................................................................
Supported NIC firmware versions for I/O Identity Optimization..............................................203 Virtual/Flex Address and Persistence Policy behavior when iDRAC is set to Flex Address mode or Console mode............................................................................................................. 204 System behavior for FlexAddress and I/O Identity.................................................................... 205 Enabling or disabling I/O Identity Optimization............
12 Gbps SAS HBA adapter operations........................................................................................ 244 Monitoring predictive failure analysis on drives.........................................................................245 Controller operations in non-RAID (HBA) mode.......................................................................245 Running RAID configuration jobs on multiple storage controllers...........................................245 Managing PCIe SSDs.............
Disabling warning messages while launching virtual console or virtual media using Java or ActiveX plug-in....................................................................................................................... 267 Using virtual console viewer.............................................................................................................267 Synchronizing mouse pointers..................................................................................................
Modifying a partition................................................................................................................... 291 Attaching or detaching partitions...............................................................................................292 Deleting existing partitions......................................................................................................... 293 Downloading partition contents.......................................................................
Configuring iDRAC Quick Sync settings using iDRAC settings utility....................................... 318 Using mobile device to view iDRAC information.............................................................................318 22 Deploying operating systems...................................................................... 319 Deploying operating system using VMCLI.......................................................................................
Network security...............................................................................................................................338 Active Directory................................................................................................................................ 338 Single Sign-On.................................................................................................................................. 341 Smart card login...................................................
Overview 1 The Integrated Dell Remote Access Controller (iDRAC) is designed to make server administrators more productive and improve the overall availability of Dell servers. iDRAC alerts administrators to server issues, helps them perform remote server management, and reduces the need for physical access to the server. iDRAC with Lifecycle Controller technology is part of a larger data center solution that helps keep business critical applications and workloads available always.
• Secure Environment — By providing secure access to remote servers, administrators can perform critical management functions while maintaining server and network security. • Enhanced Embedded Management through Lifecycle Controller – Lifecycle Controller provides deployment and simplified serviceability through Lifecycle Controller GUI for local deployment and Remote Services (WS-Management) interfaces for remote deployment integrated with Dell OpenManage Essentials and partner consoles.
• Perform the following operations for storage devices: – Physical disks: Assign or unassign physical disk as a global hot spare. – Virtual disks: * Create virtual disks. * Edit virtual disks cache policies. * Check virtual disk consistency. * Initialize virtual disks. * Encrypt virtual disks. * Assign or unassign dedicated hot spare. * Delete virtual disks. – Controllers: * Configure controller properties. * Import or auto-import foreign configuration. * Clear foreign configuration.
• View boot and crash capture videos. • Out-of-band monitor and alert the performance index of CPU, memory, and I/O modules. • Configure warning threshold for inlet temperature and power consumption. • Use iDRAC Service Module to: – View operating system information. – Replicate Lifecycle Controller logs to operating system logs. – Automatic system recovery options. – Populate Windows Management Instrumentation (WMI) information. – Integrate with Technical Support Report.
New in this release • Support for using a common iDRAC firmware across Dell’s 12th and 13th generation of PowerEdge servers. You can apply the same (2.10.10.10) version on the 13th generation of PowerEdge servers with iDRAC8 and the 12th generation of PowerEdge servers with iDRAC7. – Enables direct upgrade to version 2.10.10.10 from 2.xx.xx.xx or 1.xx.xx. NOTE: You cannot downgrade to version 1.xx.xx on a Dell 13th generation PowerEdge server.
• Safari For the list of versions, see the iDRAC8 Release Notes available at dell.com/support/manuals. Managing licenses iDRAC features are available based on the purchased license (Basic Management, iDRAC Express, or iDRAC Enterprise). Only licensed features are available in the interfaces that allow you to configure or use iDRAC. For example, iDRAC Web interface, RACADM, WS-MAN, OpenManage Server Administrator, and so on. Some features, such as dedicated NIC or vFlash requires iDRAC ports card.
• Export — Export the installed license into an external storage device for backup or to reinstall it again after a part or motherboard replacement. The file name and format of the exported license is .xml. • Delete — Delete the license that is assigned to a component if the component is missing. After the license is deleted, it is not stored in iDRAC and the base product functions are enabled.
NOTE: In the iDRAC Web interface, on the Licenses page, expand the device to view the Replace option in the drop-down menu. Managing licenses using iDRAC web interface To manage the licenses using the iDRAC web interface, go to Overview → Server → Licenses. The Licensing page displays the licenses that are associated to devices, or the licenses that are installed but the device is not present in the system.
Feature Basic Mana geme nt (iDRA C7) iDRAC iDRAC 8 Basic 7 Expres s iDRAC 8 Expres s iDRAC iDRAC8 7 Express Expre for Blades ss for Blades iDRAC7 Enterprise iDRAC8 Enterprise Shared NIC (LOM) Yes Yes Yes Yes N/A N/A Yes Yes Dedicated NIC2 No Yes No Yes Yes Yes Yes Yes1 VLAN tagging Yes Yes Yes Yes Yes Yes Yes Yes IPv4 Yes Yes Yes Yes Yes Yes Yes Yes IPv6 No Yes Yes Yes Yes Yes Yes Yes DHCP No Yes No Yes No Yes No Yes Dynamic DNS No Yes Yes Yes
Feature Basic Mana geme nt (iDRA C7) iDRAC iDRAC 8 Basic 7 Expres s iDRAC 8 Expres s iDRAC iDRAC8 7 Express Expre for Blades ss for Blades iDRAC7 Enterprise iDRAC8 Enterprise Boot control No Yes No Yes No Yes No Yes Serial-over-LAN Yes Yes Yes Yes Yes Yes Yes Yes Virtual Media No No No No Yes Yes Yes Yes Virtual Folders No No No No No No Yes Yes Remote File Share No No No No No No Yes Yes Virtual Console No No No No Single user Single user Yes 6 use
Feature Basic Mana geme nt (iDRA C7) iDRAC iDRAC 8 Basic 7 Expres s iDRAC 8 Expres s iDRAC iDRAC8 7 Express Expre for Blades ss for Blades iDRAC7 Enterprise iDRAC8 Enterprise Historical power counters Yes No Yes Yes Yes Yes Yes Yes Power capping No No No No No No Yes Yes Power Center integration No No No No No No No Yes Temperature monitoring No Yes No Yes No Yes No Yes Temperature graphing No No No Yes No Yes No Yes Full agent-free monitoring No Yes No
Feature Basic Mana geme nt (iDRA C7) iDRAC iDRAC 8 Basic 7 Expres s iDRAC 8 Expres s iDRAC iDRAC8 7 Express Expre for Blades ss for Blades iDRAC7 Enterprise iDRAC8 Enterprise Out of Band Performance Monitoring No No No No No No No Yes Remote agentfree update Yes3 Yes Yes Yes Yes Yes Yes Yes Embedded update tools No Yes No Yes No Yes No Yes Sync with repository (scheduled updates) No No No No No No Yes Yes Auto-update No No No No No No No Yes Update Deploy
Feature Basic Mana geme nt (iDRA C7) iDRAC iDRAC 8 Basic 7 Expres s iDRAC 8 Expres s iDRAC iDRAC8 7 Express Expre for Blades ss for Blades iDRAC7 Enterprise iDRAC8 Enterprise Remote configuration No Yes Yes Yes Yes Yes Yes Yes Zero-touch configuration No No No No No No No Yes System Retire/ Repurpose No Yes No Yes No Yes No Yes Diagnostics, Service, and Logging Embedded diagnostic tools Yes Yes Yes Yes Yes Yes Yes Yes Part Replacement No Yes Yes Yes Yes Yes
Feature Basic Mana geme nt (iDRA C7) iDRAC iDRAC 8 Basic 7 Expres s iDRAC 8 Expres s iDRAC iDRAC8 7 Express Expre for Blades ss for Blades iDRAC7 Enterprise iDRAC8 Enterprise Crash video capture5 No No No No No No Yes Yes Boot capture No No No No No No Yes Yes Manual reset for iDRAC No Yes No Yes No Yes No Yes Virtual NMI No Yes No Yes No Yes No Yes OS watchdog No Yes No Yes No Yes No Yes Embedded Health Report No Yes No Yes No Yes No Yes System E
Table 2. Interfaces and protocols to access idrac Interface or Protocol Description iDRAC Settings Utility Use the iDRAC Settings utility to perform pre-OS operations. It has a subset of the features that are available in iDRAC web interface along with other features. To access iDRAC Settings utility, press during boot and then click iDRAC Settings on the System Setup Main Menu page. iDRAC web Interface Use the iDRAC web interface to manage iDRAC and monitor the managed system.
Interface or Protocol Description • Update BIOS, PERC, and supported network adapters Lifecycle Controller Use Lifecycle Controller to perform iDRAC configurations. To access Lifecycle Controller, press during boot and go to System Setup → Advanced Hardware Configuration → iDRAC Settings. For more information, see Lifecycle Controller User’s Guide available at dell.com/support/manuals. Telnet Use Telnet to access iDRAC where you can run RACADM and SMCLP commands.
Interface or Protocol Description • • • • • • Lifecycle Controller-Remote Services User’s Guide available at dell.com/ support/manuals. Lifecycle Controller Integration Best Practices Guide available at dell.com/ support/manuals. Lifecycle Controller page on Dell TechCenter — delltechcenter.com/page/ Lifecycle+Controller Lifecycle Controller WS-Management Script Center — delltechcenter.com/ page/Scripting+the+Dell+Lifecycle+Controller MOFs and Profiles — delltechcenter.com/page/DCIM.
Table 4. Ports idrac uses as client Port Number Function 25* SMTP 53 DNS 68 DHCP-assigned IP address 69 TFTP 162* SNMP trap 445 Common Internet File System (CIFS) 636 LDAP Over SSL (LDAPS) 2049 Network File System (NFS) 123 Network Time Protocol (NTP) 3269 LDAPS for global catalog (GC) * Configurable port Other documents you may need In addition to this guide, the following documents available on the Dell Support website at dell.
• The iDRAC Service Module Installation Guide provides information to install the iDRAC Service Module. • The Dell OpenManage Server Administrator Installation Guide contains instructions to help you install Dell OpenManage Server Administrator. • The Dell OpenManage Management Station Software Installation Guide contains instructions to help you install Dell OpenManage management station software that includes Baseboard Management Utility, DRAC Tools, and Active Directory Snap-In.
Accessing documents from Dell Support Site You can access the required documents in one of the following ways: • Using the following links: – For all Enterprise Systems Management documents — dell.com/softwaresecuritymanuals – For OpenManage documents — dell.com/openmanagemanuals – For Remote Enterprise Systems Management documents — dell.com/esmmanuals – For OpenManage Connections Enterprise Systems Management documents — dell.
Logging in to iDRAC 2 You can log in to iDRAC as an iDRAC user, as a Microsoft Active Directory user, or as a Lightweight Directory Access Protocol (LDAP) user. The default user name and password is root and calvin, respectively. You can also log in using Single Sign-On or Smart Card. NOTE: You must have Login to iDRAC privilege to log in to iDRAC.
If the domain is not specified in the user name, select the Active Directory domain from the Domain drop-down menu. 5. For an LDAP user, in the Username and Password fields, enter your LDAP user name and password. Domain name is not required for LDAP login. By default, This iDRAC is selected in the drop-down menu. 6. Click Submit. You are logged in to iDRAC with the required user privileges.
3. Enter the Smart Card PIN for local Smart Card users. You are logged in to the iDRAC. NOTE: If you are a local user for whom Enable CRL check for Smart Card Logon is enabled, iDRAC attempts to download the CRL and checks the CRL for the user's certificate. The login fails if the certificate is listed as revoked in the CRL or if the CRL cannot be downloaded for some reason.
• You have logged in to your system using a valid Active Directory user account. • Single Sign-On option is enabled during Active Directory configuration. To log in to iDRAC using web interface: 1. Log in to your management station using a valid Active Directory account. 2. In a web browser, type https://[FQDN address] NOTE: If the default HTTPS port number (port 443) has been changed, type: https://[FQDN address]:[port number] where, [FQDN address] is the iDRAC FQDN (iDRACdnsname.domain.
To validate the certificate for using remote RACADM: 1. Convert the certificate in DER format to PEM format (using openssl command-line tool): openssl x509 -inform pem -in [yourdownloadedderformatcert.crt] –outform pem -out [outcertfileinpemformat.pem] –text 2. Find the location of the default CA certificate bundle on the management station. For example, for RHEL5 64 bit, it is /etc/pki/tls/cert.pem. 3. Append the PEM formatted CA certificate to the management station CA certificate.
Multiple iDRAC sessions The following table provides the list of multiple iDRAC sessions that are possible using the various interfaces. Table 5. Multiple idrac sessions Interface Number of Sessions iDRAC Web Interface 6 Remote RACADM 4 Firmware RACADM / SMCLP SSH - 2 Telnet - 2 Serial - 1 Changing default login password The warning message that allows you to change the default password is displayed if: • You log in to iDRAC with Configure User privilege.
NOTE: Continue is enabled only if the passwords entered in the New Password and Confirm Password fields match. For information about the other fields, see the iDRAC Online Help. Changing default login password using RACADM To change the password, run the following RACADM command: racadm set iDRAC.Users..Password where, is a value from 1 to 16 (indicates the user account) and is the new user— defined password.
Invalid password credentials To provide security against unauthorized users and denial of service (DoS) attack, iDRAC provides the following before blocking the IP and SNMP traps (if enabled): • Series of sign-in errors and alerts • Increased time intervals with each sequential incorrect login attempt • Log entries NOTE: The sign-errors and alerts, increased time interval for each incorrect login, and log entries are available using any of the iDRAC interfaces such as web interface, Telnet, SSH, Remote
Setting up managed system and management station 3 To perform out-of-band systems management using iDRAC, you must configure iDRAC for remote accessibility, set up the management station and managed system, and configure the supported web browsers. NOTE: In case of blade servers, install CMC and I/O modules in the chassis and physically install the system in the chassis before performing the configurations. Both iDRAC Express and iDRAC Enterprise ship from the factory with a default static IP address.
NOTE: In case of blade servers, you can configure the network setting using the Chassis LCD panel only during initial configuration of CMC. After the chassis is deployed, you cannot reconfigure iDRAC using the Chassis LCD panel. • CMC Web interface (see Dell Chassis Management Controller Firmware User’s Guide) In case of rack and tower servers, you can set up the IP address or use the default iDRAC IP address 192.168.0.
IPv4 settings IPv6 settings IPMI settings VLAN settings Network settings To configure the Network Settings: NOTE: For information about the options, see the iDRAC Settings Utility Online Help. 1. Under Enable NIC, select the Enabled option. 2. From the NIC Selection drop-down menu, select one of the following ports based on the network requirement: • Dedicated — Enables the remote access device to use the dedicated network interface available on the Remote Access Controller (RAC).
NOTE: Shared LOM is not supported for the following Emulex rNDCs and bNDCs if Failover Network is set to All LOMs: • Emulex OCM14104-UX-D rNDC 10 Gbx • Emulex OCM14104-U1-D rNDC 10 Gb • Emulex OCM14104-N1-D rNDC 10 Gb • Emulex OCM14102-U2-D bNDC 10 Gb • Emulex OCM14102-U4-D bNDC 10 Gb • Emulex OCM14102-N6-D bNDC 10 Gb NOTE: On PowerEdge FM120x4 servers, Failover Network is not supported for the chassis sled configurations.
To configure the IPv6 settings: 1. Select Enabled option under Enable IPv6. 2. For the DHCPv6 server to automatically assign the IP address, gateway, and subnet mask to iDRAC, select Enabled option under Enable Auto-configuration. If enabled, the static values are disabled. Else, proceed to the next step to configure using the static IP address. 3. In the Static IP Address 1 box, enter the static IPv6 address. 4. In the Static Prefix Length box, enter a value between 0 and 128. 5.
The Server Status page is displayed. 5. Click Launch iDRAC and go to Overview → iDRAC Settings → Network. 6. In the Network page, specify the following settings: • Network Settings • Common Settings • IPV4 Settings • IPV6 Settings • IPMI Settings • VLAN Settings NOTE: For more information, see iDRAC Online Help. 7. To save the network information, click Apply. For more information, see the Chassis Management Controller User’s Guide available at dell.com/ support/manuals.
NOTE: IPv6 is not supported for auto-discovery. 7. Enable DHCP and get the domain name, DNS server address, and DNS domain name from DHCP. NOTE: Step 7 is optional if the provisioning server IP address (step 3) is provided. Configuring servers and server components using Auto Config The Auto Config feature allows you to configure and provision all the components in a server (example, iDRAC, PERC, and RAID) in a single operation by automatically importing an XML configuration file.
Auto Config sequence 1. Create or modify the XML file that configures the attributes of Dell servers. 2. Place the XML file in a share location that is accessible by the DHCP server and all the Dell servers that are assigned IP address from the DHCP server. 3. Specify the XML file location in vendor-option 43 field of DHCP server. 4. The iDRAC as part of acquiring IP address advertises vendor class identifier iDRAC. (Option 60) 5.
The value appears as you type it under the ASCII, but it also appears in binary to the left. 6. Click OK to save the configuration. Configuring option 60 on Windows To configure option 60 on Windows: 1. On the DHCP server, go to Start → Administration Tools → DHCP to open the DHCP server administration tool. 2. Find the server and expand the items under it. 3. Right-click on IPv4 and choose Define Vendor Classes. 4.
Configuring option 43 and option 60 on Linux Update the /etc/dhcpd.conf file. Similar to Windows, the steps are : 1. Set aside a block or pool of addresses that this DHCP server can allocate. 2. Set the option 43 and use the name vendor class identifier for option 60. For example, option myname code 43 = text; subnet 192.168.0.0 netmask 255.255.0.0 { #default gateway option routers 192.168.0.1; option subnet-mask 255.255.255.0; option nis-domain "domain.org"; option domain-name "domain.
Using hash passwords for improved security On PowerEdge servers with version 2.xx.xx.xx, you can set user passwords and BIOS passwords using a one-way hash format. The user authentication mechanism is not affected (except for SNMPv3 and IPMI) and you can provide the password in plain text format. With the new password hash feature: • You can generate your own SHA256 hashes to set iDRAC user passwords and BIOS passwords.
Generating hash password without SNMPv3 and IPMI authentication To generate hash password without SNMPv3 and IPMI authentication: 1. For iDRAC user accounts, you must salt the password using SHA256. When you salt the password, a 16 byte binary string is appended. The Salt is required to be 16 bytes long, if provided. 2. Provide hash value and salt in the imported server configuration profile, RACADM commands, or WSMAN. 3.
Network settings Setting up managed system If you need to run local RACADM or enable Last Crash Screen capture, install the following from the Dell Systems Management Tools and Documentation DVD: • Local RACADM • Server Administrator For more information about Server Administrator, see Dell OpenManage Server Administrator User’s Guide available at dell.com/support/manuals.
Setting up managed system location using iDRAC settings utility To specify the system location details: 1. In the iDRAC Settings utility, go to System Location. The iDRAC Settings System Location page is displayed. 2. Enter the location details of the managed system in the data center. For information about the options, see the iDRAC Settings Utility Online Help. 3. Click Back, click Finish, and then click Yes. The details are saved.
* Optimized for lowest system power consumption based on optimum fan power state. * Generally, lower fan speeds at idle and stress loads. NOTE: Selecting Maximum Performance or Minimum Power, overrides thermal settings associated to System Profile setting under System BIOS → System BIOS Settings.System Profile Settings page. • Maximum Exhaust Temperature Limit — From the drop-down menu, select the maximum exhaust air temperature. The values are displayed based on the system.
System fans can run higher than this speed as per thermal requirements of the system but not lower than the defined minimum speed. For example, setting Minimum Fan Speed at 35% limits the fan speed to never go lower than 35% PWM. NOTE: 0% PWM does not indicate fan is off. It is the lowest fan speed that the fan can achieve.
Object Description Usage Example limit, then when you run the following command: racadm set system.thermalsettings.AirE xhaustTemp 0 The following error message is displayed: ERROR: RAC947: Invalid object value specified. Make sure to specify the value depending on the type of object. For more information, see RACADM help. To set the limit to the default value: racadm set system.thermalsettings.
Object FanSpeedMed iumOffsetVa l Description Use FanSpeedOffset to set this value using index value 3 speed offset of Max (meaning full speed, 100% PWM). In most cases, this offset results in fan speeds increasing to full speed. racadm set system.thermalsettings FanSpeedOffset 3 • Getting this variable reads Values from 0-100 the fan speed offset value in %PWM for Medium Fan Speed Offset setting. This value depends on the system.
Object Description Usage MFSMinimumL imit Read Minimum limit for MFS Values from 0 to To display the lowest value that can MFSMaximumLimi be set using MinimumFanSpeed t option. MinimumFanS peed • • • ThermalProf ile • • Example Default is 255 (means None) racadm get system.thermalsettings.MFSM inimumLimit Allows configuring the Minimum Fan speed that is required for the system to operate.
The thermal settings are configured. Configuring supported web browsers iDRAC is supported on Internet Explorer, Mozilla Firefox, Google Chrome, and Safari Web browsers. For information about the versions, see the Readme available at dell.com/support/manuals. If you are connecting to iDRAC Web interface from a management station that connects to the Internet through a proxy server, you must configure the Web browser to access the Internet from through this server.
• Scripting of Java applets: Enable 5. Go to Tools → Internet Options → Advanced. 6.
NOTE: When you log in to iDRAC Web interface using Internet Explorer 9.x, sometimes contents in few pages are not shown properly. To resolve this, press . In the Internet Explorer 9 Debug window, select Document Mode as Internet Explorer 7. The browser refreshes and the iDRAC Login page is displayed.
• Spanish (es) • Japanese (ja) • Simplified Chinese (zh-cn) The ISO identifiers in parentheses denote the supported language variants. For some supported languages, resizing the browser window to 1024 pixels wide is required to view all features. iDRAC Web interface is designed to work with localized keyboards for the supported language variants. Some features of iDRAC Web interface, such as Virtual Console, may require additional steps to access certain functions or letters.
You can perform firmware updates using the following methods: • Using a firmware image file on a local system or on a network share. • Connecting to the FTP, TFTP, or HTTP site or a network repository that contains a catalog of available updates. You can create custom repositories using the Dell Repository Manager. For more information, see Dell Repository Manager Data Center User's Guide.
Updating firmware using repository Updating firmware using FTP Updating device firmware using TFTP Updating device firmware using HTTP Updating device firmware using RACADM Scheduling automatic firmware updates Updating firmware using CMC web interface Updating firmware using DUP Updating firmware using remote RACADM Updating firmware using Lifecycle Controller Remote Services Downloading device firmware The image file format that you download depends on the method of update: • iDRAC Web interface — Downl
• For firmware images that require a host system reboot, click Install and Reboot or Install Next Reboot. • To cancel the firmware update, click Cancel. NOTE: If you have uploaded the same firmware image file more than once, only the latest firmware file is available for selection. The check box for the earlier firmware image files is disabled. When you click Install, Install and Reboot or Install Next Reboot, the message Updating Job Queue is displayed. 6.
• • • For firmware images that do not require a host system reboot, click Install. For example, .d7 firmware file. For firmware images that require a host system reboot, click Install and Reboot or Install Next Reboot. To cancel the firmware update, click Cancel. When you click Install, Install and Reboot or Install Next Reboot, the message Updating Job Queue is displayed. 6.
Updating device firmware Viewing and managing staged updates Downloading device firmware Scheduling automatic firmware updates Updating device firmware using TFTP You can directly connect to the TFTP site from iDRAC to perform the firmware updates. You can use the Windows-based update packages (DUPs) and a catalog file available on the TFTP site instead of creating custom repositories. Before performing an update, make sure that: • Lifecycle Controller is enabled.
Before performing an update using the repository, make sure that: • Lifecycle Controller is enabled. • You have Server Control privilege to update firmware for devices other than iDRAC. To update device firmware using HTTP: 1. In the iDRAC web interface, go to Overview → iDRAC Settings → Update and Rollback. The Firmware Update page is displayed. 2. On the Update tab, select HTTP as the File Location. 3. In the HTTP Server Settings section, enter the HTTP details. 4. Click Check for Update. 5.
• To perform all applicable updates from an FTP update repository using Catalog.xml as a catalog file: racadm update –f “Catalog.xml” –t FTP –e 192.168.1.20/Repository/Catalog Scheduling automatic firmware updates You can create a periodic recurring schedule for iDRAC to check for new firmware updates. At the scheduled day and time, iDRAC connects to the specified network share (CIFS or NFS) or the FTP, checks for new updates and applies or stages all applicable updates.
Scheduling automatic firmware update using RACADM To schedule automatic firmware update, use the following commands: • To enable automatic firmware update: racadm set lifecycleController.lcattributes.AutoUpdate.Enable 1 • To view the status of automatic firmware update: racadm get lifecycleController.lcattributes.
NOTE: While updating the iDRAC firmware using the DUP utility in Linux, if you see error messages such as usb 5-2: device descriptor read/64, error -71 displayed on the console, ignore them. • If the system has ESX hypervisor installed, then for the DUP file to run, make sure that the "usbarbitrator" service is stopped using command: service usbarbitrator stop To update iDRAC using DUP: 1. Download the DUP based on the installed operating system and run it on the managed system. 2. Run the DUP.
• During the update, chassis action power commands are disabled. The updates for components such as Programmable System-on-Chip (PSoC) of IOM that requires all the servers to be idle, the update is applied on the next chassis power-up cycle. CMC settings to update CMC firmware from iDRAC In the PowerEdge FX2/FX2s chassis, before performing the firmware update from iDRAC for CMC and its shared components, do the following: 1. Launch the CMC Web interface 2.
Rolling back device firmware You can roll back the firmware for iDRAC or any device that is supported by Lifecycle Controller even if the upgrade was previously performed using another interface. For example, if the firmware was upgraded using the Lifecycle Controller GUI, you can roll back the firmware using the iDRAC web interface. You can perform firmware rollback for multiple devices with one system reboot.
Rollback firmware using Lifecycle Controller-Remote Services Rollback firmware using iDRAC web interface To roll back device firmware: 1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Update and Rollback → Rollback. The Rollback page displays the devices for which you can rollback the firmware. You can view the device name, associated devices, currently installed firmware version, and the available firmware rollback version. 2.
Rollback firmware using RACADM To rollback device firmware using racadm: 1. Check the rollback status and the FQDD using the swinventory command: racadm swinventory For the device for which you want to rollback the firmware, the Rollback Version must be Available. Also, make a note of the FQDD. 2. Rollback the device firmware using: racadm rollback For more information, see iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals.
• Install a TFTP server on the operating system. Backing up server profile You can back up the system configuration, including the installed firmware images on various components such as BIOS, RAID, NIC, iDRAC, Lifecycle Controller, and Network Daughter Cards (NDCs) and the configuration settings of those components. The backup operation also includes the hard disk configuration data, motherboard, and replaced parts.
5. Click Backup Now. The backup operation is initiated and you can view the status on the Job Queue page. After a successful operation, the backup file is created in the specified location. Backing up server profile using RACADM To back up the server profile using RACADM, use systemconfig backup subcommand. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/ support/manuals.
time period is created. The backup server profile operation is performed at the scheduled date and time. Scheduling automatic backup server profile using RACADM To enable automatic backup use the command: racadm set lifecyclecontroller.lcattributes.
Import events are recorded in the Lifecycle Log. Related Links Restore operation sequence Importing server profile using iDRAC web interface To import the server profile using iDRAC web interface: 1. Go to Overview → iDRAC Settings → Server Profile → Import. The Import Server Profile page is displayed. 2. Select one of the following to specify the location of the backup file: • Network 3. • vFlash Enter the backup file name and decryption passphrase (optional). 4.
Monitoring iDRAC using other Systems Management tools You can discover and monitor iDRAC using Dell Management Console or Dell OpenManage Essentials. You can also use Dell Remote Access Configuration Tool (DRACT) to discover iDRACs, update firmware, and set up Active Directory. For more information, see the respective user’s guides.
Configuring iDRAC 4 iDRAC enables you to configure iDRAC properties, set up users, and set up alerts to perform remote management tasks. Before you configure iDRAC, make sure that the iDRAC network settings and a supported browser is configured, and the required licenses are updated. For more information about the licensable feature in iDRAC, see Managing licenses.
Modifying network settings Configuring services Configuring front panel display Setting up managed system location Configuring time zone and NTP Setting up iDRAC communication Configuring user accounts and privileges Monitoring and managing power Enabling last crash screen Configuring and using virtual console Managing virtual media Managing vFlash SD card Setting first boot device Enabling or disabling OS to iDRAC Pass-through Configuring iDRAC to send alerts Viewing iDRAC information You can view the bas
NOTE: Changing the network settings may terminate the current network connections to iDRAC. Modifying network settings using web interface To modify the iDRAC network settings: 1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network. 2. Specify the network settings, common settings, IPv4, IPv6, IPMI, and/or VLAN settings as per your requirement and click Apply. The Network page is displayed.
racadm racadm racadm racadm racadm racadm racadm racadm racadm racadm set set set set set set set set set set iDRAC.IPv4.Netmask 255.255.255.0 iDRAC.IPv4.Gateway 192.168.0.120 iDRAC.IPv4.DHCPEnable 0 iDRAC.IPv4.DNSFromDHCP 0 iDRAC.IPv4.DNS1 192.168.0.5 iDRAC.IPv4.DNS2 192.168.0.6 iDRAC.Nic.DNSRegister 1 iDRAC.Nic.DNSRacName RAC-EK00002 iDRAC.Nic.DNSDomainFromDHCP 0 iDRAC.Nic.DNSDomainName MYDOMAIN NOTE: If cfgNicEnable or iDRAC.Nic.Enable is set to 0, the iDRAC LAN is disabled even if DHCP is enabled.
– cfgRacTuneIpRangeEnable – cfgRacTuneIpRangeAddr – cfgRacTuneIpRangeMask • With set command, use the objects in the iDRAC.IPBlocking group: – RangeEnable – RangeAddr – RangeMask The cfgRacTuneIpRangeMask or the RangeMask property is applied to both the incoming IP address and to the cfgRacTuneIpRangeAddr or RangeAddr property. If the results are identical, the incoming login request is allowed to access iDRAC. Logging in from IP addresses outside this range results in an error.
• SSH — Access iDRAC through firmware RACADM. • Telnet — Access iDRAC through firmware RACADM • Remote RACADM — Remotely access iDRAC. • SNMP Agent — Enables support for SNMP queries (GET, GETNEXT, and GETBULK operations) in iDRAC. • Automated System Recovery Agent — Enable Last System Crash Screen. • VNC Server — Enable VNC server with or without SSL encryption. Configuring services using web interface To configure the services using iDRAC Web interface: 1.
– iDRAC.Racadm – iDRAC.SNMP For more information about these objects, see iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Enabling or disabling HTTPs redirection If you do not want automatic redirection from HTTP to HTTPs due to certificate warning issue with default iDRAC certificate or as a temporary setting for debugging purpose, you can configure iDRAC such that redirection from http port (default is 80) to https port (default is 443) is disabled.
VNC server disables Virtual Console and allows only Virtual Media. After termination of the VNC session, VNC server restores the original state of Virtual Console (enabled or disabled). NOTE: • When iDRAC NIC is in shared mode and the host system is power cycled, the network connection is lost for a few seconds. During this time, if you perform any action in the active VNC client, the VNC session may close.
disabled when configuring the VNC server settings in iDRAC, then to connect to the VNC Viewer do the following: In the VNC Viewer dialog box, enter the iDRAC IP address and the VNC port number in the VNC Server field. The format is For example, if the iDRAC IP address is 192.168.0.120 and VNC port number is 5901, then enter 192.168.0.120:5901. Configuring front panel display You can configure the front panel LCD and LED display for the managed system.
If you select None, home message is not displayed on the server LCD front panel. 3. Enable Virtual Console indication (optional). If enabled, the Live Front Panel Feed section and the LCD panel on the server displays the Virtual console session active message when there is an active Virtual Console session. 4. Click Apply. The server LCD front panel displays the configured home message. Configuring LCD setting using RACADM To configure the server LCD front panel display, use the objects in the System.
Configuring system ID LED setting using RACADM To configure system ID LED, use the setled command. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Configuring time zone and NTP You can configure the time zone on iDRAC and synchronize the iDRAC time using Network Time Protocol (NTP) instead of BIOS or host system times. You must have Configure privilege to configure time zone or NTP settings.
• BIOS Boot Manager NOTE: • BIOS Setup (F2), Lifecycle Controller (F10), BIOS Boot Manager (F11) only support boot once enabled. • Virtual Console does not support permanent boot configuration. It is always boot once. • The first boot device setting in iDRAC Web Interface overrides the System BIOS boot settings. Setting first boot device using web interface To set the first boot device using iDRAC Web interface: 1. Go to Overview → Server → Setup → First Boot Device.
For more information, see Windows documentation. 3. Use Server Administrator to enable the Auto Recovery timer, set the Auto Recovery action to Reset, Power Off, or Power Cycle, and set the timer in seconds (a value between 60 - 480). For more information, see the Dell OpenManage Server Administrator Installation Guide at dell.com/ support/manuals. 4.
• In shared mode, the host operating system's IP address is used. • In dedicated mode, you must provide a valid IP address of the host operating system. If more than one LOM is active, enter the first LOM’s IP address. After enabling OS to iDRAC Pass-through feature, if it is not working: • Check whether the iDRAC's dedicated NIC cable is connected properly. • Make sure that at least one LOM is active.
• Windows Server 2012 SP1 • SUSE Linux Enterprise Server 10 SP4 (64-bit) • SUSE Linux Enterprise Server 11 SP2 (64-bit) • SUSE Linux Enterprise Server 12 • RHEL 5.9 (32-bit and 64-bit) • RHEL 6.4 • vSphere v5.0 U2 ESXi • vSphere v5.1 U1 ESXi • vSphere v5.5 ESXi • vSphere 6.0 • CentOS 6.5 • CentOS 7.0 • Ubuntu 14.04.1 LTS • Ubuntu 12.04.04 LTS • Debian 7.6 (Wheezy) • Debian 8.
USB NIC device is not active automatically. You can do any of the following to make the USB NIC device active: • Configure the USB NIC interface using Network Manager tool. Navigate to System → Administrator → Network → Devices → New → Ethernet Connection and select Dell computer corp.iDRAC Virtual NIC USB Device. Click the Activate icon to activate the device. For more information, see the RHEL 5.9 documentation.
• USB NIC — The OS to iDRAC pass-through link between the iDRAC and the host operating system is established through the internal USB bus. To disable this feature, select Disabled. 3. If you select LOM as the pass-through configuration, and if the server is connected using dedicated mode, enter the IPv4 address of the operating system. NOTE: If the server is connected in shared LOM mode, then the OS IP Address field is disabled. 4.
Obtaining certificates The following table lists the types of certificates based on the login type. Table 9. Types of certificate based on login type Login Type Certificate Type How to Obtain Single Sign-on using Active Directory Trusted CA certificate Generate a CSR and get it signed from a Certificate Authority SHA-2 certificates are also supported.
• Authenticate itself to an SSL-enabled client • Allow the two systems to establish an encrypted connection The encryption process provides a high level of data protection. iDRAC employs the 128-bit SSL encryption standard, the most secure form of encryption generally available for Internet browsers in North America. iDRAC Web server has a Dell self-signed unique SSL digital certificate by default.
Generating a new certificate signing request A CSR is a digital request to a Certificate Authority (CA) for a SSL server certificate. SSL server certificates allow clients of the server to trust the identity of the server and to negotiate an encrypted session with the server. After the CA receives a CSR, they review and verify the information the CSR contains.
Uploading server certificate using web interface To upload the SSL server certificate: 1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network → SSL, select Upload Server Certificate and click Next. The Certificate Upload page is displayed. 2. Under File Path, click Browse and select the certificate on the management station. 3. Click Apply. The SSL server certificate is uploaded to iDRAC. 4. A pop-up message is displayed asking you to reset iDRAC immediately or at a later time.
Uploading custom signing certificate You can upload a custom signing certificate to sign the SSL certificate. SHA-2 certificates are also supported. Uploading custom signing certificate using web interface To upload the custom signing certificate using iDRAC web interface: 1. Go to Overview → iDRAC Settings → Network → SSL. The SSL page is displayed. 2. Under Custom SSL Certificate Signing Certificate, select Upload Custom SSL Certificate Signing Certificate and click Next.
Downloading custom SSL certificate signing certificate using RACADM To download the custom SSL certificate signing certificate, use the sslcertdownload subcommand. For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Deleting custom SSL certificate signing certificate You can also delete an existing custom signing certificate using iDRAC Web interface or RACADM.
The command requests the iDRAC configuration and generates the myfile.cfg file. If required, you can configure the file with another name. NOTE: Redirecting the iDRAC configuration to a file using getconfig -f is only supported with the local and remote RACADM interfaces. NOTE: The generated .cfg file does not contain user passwords. The getconfig command displays all configuration properties in a group (specified by group name and index) and all configuration properties for a user by user name. 2.
cfgUserAdminUserName= # cfgUserAdminPassword=******** (Write-Only) cfgUserAdminEnable=0 cfgUserAdminPrivilege=0x00000000 cfgUserAdminIpmiLanPrivilege=15 cfgUserAdminIpmiSerialPrivilege=15 cfgUserAdminSolEnable=0 – If you have used the get command: [idrac.users.
White spaces that are included after the value are ignored. A white space inside a value string remains unmodified. Any character to the right of the '=' is taken as is (for example, a second '=', or a '#', '[', ']', and so forth). These characters are valid modem chat script characters. See the example in the previous bullet. The racadm getconfig -f .cfg command places a comment in front of index objects, allowing the user to see the included comments.
# comment, the rest of this line is ignored cfgNicGateway=10.35.9.1 The command racadm config -f myfile.cfg parses the file and identifies any errors by line number. A correct file updates the proper entries. Additionally, you can use the same getconfig command from the previous example to confirm the update. Use this file to download company-wide changes or to configure new systems over the network. NOTE: "Anchor" is an internal term and do not use it in the file.
Viewing iDRAC and managed system information 5 You can view iDRAC and managed system’s health and properties, hardware and firmware inventory, sensor health, storage devices, network devices, and view and terminate user sessions. For blade servers, you can also view the flex address information.
• • • • • • • • • • • • • RAID controller Batteries CPUs DIMMs HDDs Backplanes Network Interface Cards (integrated and embedded) Video card SD card Power Supply Units (PSUs) Fans Fibre Channel HBAs USB The Firmware Inventory section displays the firmware version for the following components: • • • • • • • • • • • • • • • BIOS Lifecycle Controller iDRAC OS driver pack 32-bit diagnostics System CPLD PERC controllers Batteries Physical disks Power supply NIC Fibre Channel Backplane Enclosure PCIe SSDs NOTE:
• Batteries — Provides information about the batteries on the system board CMOS and storage RAID On Motherboard (ROMB). NOTE: The Storage ROMB battery settings are available only if the system has a ROMB with a battery. • Fan (available only for rack and tower servers) — Provides information about the system fans — fan redundancy and fans list that display fan speed and threshold values. • CPU — Indicates the health and state of the CPUs in the managed system.
Table 10. Sensor information using web interface and RACADM View Sensor Information For Using Web Interface Using RACADM Batteries Overview → Hardware → Batteries Use the getsensorinfo command. For power supplies, you can also use the System.Power.Supply command with the get subcommand. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/ manuals.
each of these system resources that is read from the iDRAC using existing inter-communication mechanisms to provide these vital data through out-of-band management interfaces. Since Intel sensor representation of performance parameters and index values are for complete physical system, performance data representation on the interfaces is for the complete physical system, even if the system is virtualized and hosting multiple virtual hosts.
Monitoring performance index for of CPU, memory, and I/O modules using web interface To monitor the performance index of CPU, memory, and I/O modules, in the iDRAC web interface, go to Overview → Hardware. The Hardware Overview page displays the following: • Hardware section — Click the required link to view the health of the component.
NOTE: You can track the temperature history even for systems that are not fresh air compliant. However, the threshold limits and fresh air related warnings generated are based on fresh air supported limits. The limits are 42ºC for warning and 47ºC for critical. These values correspond to 40ºC and 45ºC fresh air limits with 2ºC margin for accuracy.
Configuring warning threshold for inlet temperature You can modify the minimum and maximum warning threshold values for the system board inlet temperature sensor. If reset to default action is performed, the temperature thresholds are set to the default values. You must have Configure user privilege to set the warning threshold values for the inlet temperature sensor. Configuring warning threshold for inlet temperature using web interface To configure warning threshold for inlet temperature: 1.
The Network Interfaces page displays all the network interfaces that are available on the host operating system. 2. To view the list of network interfaces associated with a network device, from the Network Device FQDD drop-down menu, select a network device and click Apply. The OS IP details are displayed in the Host OS Network Interfaces section. 3. From the Device FQDD column, click on the network device link.
• Overview → iDRAC Settings → Network Network → Network Settings. CAUTION: With FlexAddress enabled, if you switch from a server–assigned MAC address to a chassis–assigned MAC address and vice–versa, iDRAC IP address also changes. Viewing or terminating iDRAC sessions You can view the number of users currently logged in to iDRAC and terminate the user sessions.
Setting up iDRAC communication 6 You can communicate with iDRAC using any of the following modes: • iDRAC Web Interface • Serial connection using DB9 cable (RAC serial or IPMI serial) - For rack and tower servers only • IPMI Serial Over LAN • IPMI Over LAN • Remote RACADM • Local RACADM • Remote Services For an overview of the supported protocols, supported commands, and pre-requisites, see the following table. Table 11.
Mode of Communication Supported Protocol Supported Commands Prerequisite Firmware RACADM SSH Firmware RACADM Firmware RACADM is installed and enabled Telnet Local RACADM IPMI Local RACADM Local RACADM is installed. Remote Services [1] WS-MAN WinRM (Windows) WinRM is installed (Windows) or OpenWSMAN is installed (Linux). OpenWSMAN (Linux) [1] For more information, see the Lifecycle Controller Remote Services User’s Guide available at dell.com/support/manuals.
• Hilgraeve’s HyperTerminal Private Edition (version 6.3) Based on where the managed system is in its boot process, you can see either the POST screen or the operating system screen. This is based on the configuration: SAC for Windows and Linux text mode screens for Linux. 4. Enable RAC serial or IPMI serial connections in iDRAC.
NOTE: This is applicable only for iDRAC on rack and tower servers. • IPMI basic mode — Supports a binary interface for program access, such as the IPMI shell (ipmish) that is included with the Baseboard Management Utility (BMU). For example, to print the System Event Log using ipmish via IPMI Basic mode, run the following command: ipmish -com 1 -baud 57600 -flow cts -u root -p calvin sel get • IPMI terminal mode — Supports ASCII commands that are sent from a serial terminal.
• Using set command: racadm set iDRAC.IPMISerial.BaudRate where is 9600, 19200, 57600, or 115200 bps. 3. 4. Enable the IPMI serial hardware flow control: • Using config command: racadm config -g cfgIpmiSerial -o cfgIpmiSerialFlowControl 1 • Using set command: racadm set iDRAC.IPMISerial.
Switching between RAC serial and serial console while using DB9 cable iDRAC supports Escape key sequences that allow switching between RAC Serial Interface communication and Serial Console on rack and tower servers.
Enabling supported protocol Configuring BIOS for serial connection To configure BIOS for Serial Connection: NOTE: This is applicable only for iDRAC on rack and tower servers. 1. Turn on or restart the system. 2. Press . 3. Go to System BIOS Settings → Serial Communication. 4. Specify the following values: • Serial Communication — On With Console Redirection • Serial Port Address — COM2.
Configuring iDRAC to use SOL using RACADM To configure IPMI Serial over LAN (SOL): 1. 2. Enable IPMI Serial over LAN: • Using config command: racadm config -g cfgIpmiSol -o cfgIpmiSolEnable 1 • Using set command: racadm set iDRAC.IPMISol.Enable 1 Update the IPMI SOL minimum privilege level: • Using config command: racadm config -g cfgIpmiSol o cfgIpmiSolMinPrivilege • Using set command: racadm set iDRAC.IPMISol.MinPrivilege 1 where is 2 (User), 3 (Operator), 4 (Administrator).
– Using config command: racadm config -g cfgSerial -o cfgSerialTelnetEnable 1 – Using set command: racadm set iDRAC.Telnet.Enable 1 • SSH: – Using config command:racadm config -g cfgSerial -o cfgSerialSshEnable 1 – Using set command: racadm set iDRAC.SSH.Enable 1 To change the SSH port: – Using config command:racadm config -g cfgRacTuning -o cfgRacTuneSshPort – Using set command:racadm set iDRAC.SSH.
SOL using SSH or Telnet protocol Secure Shell (SSH) and Telnet are network protocols used to perform command line communications to iDRAC. You can parse remote RACADM and SMCLP commands through either of these interfaces. SSH has improved security over Telnet. iDRAC only supports SSH version 2 with password authentication, and is enabled by default. iDRAC supports up to two SSH sessions and two Telnet sessions at a time. It is recommended to use SSH as Telnet is not a secure protocol.
– ESC[n~ — F12 passes, but F2 cannot pass. • In Windows, if the Emergency Management System (EMS) console is opened immediately after a host reboot, the Special Admin Console (SAC) terminal may get corrupted. Quit the SOL session, close the terminal, open another terminal, and start the SOL session using the same command.
When you configure the client VT100 emulation window, set the window or application that is displaying the redirected Virtual Console to 25 rows x 80 columns to make sure correct text display. Else, some text screens may be garbled. To use Telnet virtual console: 1. Enable Telnet in Windows Component Services. 2.
For information about the options, see the iDRAC Online Help. The IPMI over LAN settings are configured. Configuring IPMI over LAN using iDRAC settings utility To configure IPMI over LAN: 1. In the iDRAC Settings Utility, go to Network. The iDRAC Settings Network page is displayed. 2. For IPMI Settings, specify the values. For information about the options, see the iDRAC Settings Utility Online Help. 3. Click Back, click Finish, and then click Yes. The IPMI over LAN settings are configured.
The Services page is displayed. 2. Under Remote RACADM, select Enabled. Else, select Disabled. 3. Click Apply. The remote RACADM is enabled or disabled based on the selection. Enabling or disabling remote RACADM using RACADM The RACADM remote capability is enabled by default. If disabled, type one of the following command: • Using config command: racadm config -g cfgRacTuning -o cfgRacTuneRemoteRacadmEnable 1 • Using set command: racadm set iDRAC.Racadm.
The following example provides a sample /etc/grub.conf file that shows the changes described in this procedure. # grub.conf generated by anaconda # Note that you do not have to rerun grub after making changes to this file # NOTICE: You do not have a /boot partition. This means that all # kernel and initrd paths are relative to /, e.g. # root (hd0,0) # kernel /boot/vmlinuz-version ro root=/dev/sdal # initrd /boot/initrd-version.img #boot=/dev/sda default=0 timeout=10 #splashimage=(hd0,2)/grub/splash.xpm.
l5:5:wait:/etc/rc.d/rc 5 l6:6:wait:/etc/rc.d/rc 6 #Things to run in every runlevel. ud::once:/sbin/update ud::once:/sbin/update #Trap CTRL-ALT-DELETE ca::ctrlaltdel:/sbin/shutdown -t3 -r now #When our UPS tells us power has failed, assume we have a few #minutes of power left. Schedule a shutdown for 2 minutes from now. #This does, of course, assume you have power installed and your #UPS is connected and working correctly.
Supported SSH cryptography schemes To communicate with iDRAC using SSH protocol, it supports multiple cryptography schemes listed in the following table. Table 12.
CAUTION: This privilege is normally reserved for users who are members of the Administrator user group on iDRAC. However, users in the ‘Custom’ user group can be assigned this privilege. A user with this privilege can modify any user’s configuration. This includes creation or deletion of any user, SSH Key management for users, and so on. For these reasons, assign this privilege carefully. CAUTION: The capability to upload, view, and/ or delete SSH keys is based on the ’Configure Users’ user privilege.
Uploading SSH keys using web interface To upload the SSH keys: 1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network → User Authentication → Local Users. The Users page is displayed. 2. In the User ID column, click a user ID number. The Users Main Menu page is displayed. 3. Under SSH Key Configurations, select Upload SSH Key(s) and click Next. The Upload SSH Key(s) page is displayed. 4. Upload the SSH keys in one of the following ways: • Upload the key file.
• Specific key — racadm sshpkauth -i <2 to 16> -v -k <1 to 4> • All keys — racadm sshpkauth -i <2 to 16> -v -k all Deleting SSH keys Before deleting the public keys, make sure that you view the keys if they are set up, so that a key is not accidentally deleted. Deleting SSH keys using web interface To delete the SSH key(s): 1. In Web interface, go to Overview → iDRAC Settings → Network → User Authentication → Local Users. The Users page is displayed. 2. In the User ID column, click a user ID number.
7 Configuring user accounts and privileges You can setup user accounts with specific privileges (role-based authority) to manage your system using iDRAC and maintain system security. By default iDRAC is configured with a local administrator account. This default user name is root and the password is calvin. As an administrator, you can setup user accounts to allow other users to access iDRAC.
4. Enable the user ID and specify the user name, password, and access privileges for the user. You can also enable SNMPv3 authentication for the user. For more information about the options, see the iDRAC Online Help. 5. Click Apply. The user is created with the required privileges. Configuring local users using RACADM NOTE: You must be logged in as user root to execute RACADM commands on a remote Linux system. You can configure single or multiple iDRAC users using RACADM.
When you manually enable or disable a user with the racadm config subcommand, you must specify the index with the -i option. Observe that the cfgUserAdminIndex object displayed in the previous example contains a '#' character. It indicates that it is a read-only object. Also, if you use the racadm config -f racadm.cfg command to specify any number of groups/objects to write, the index cannot be specified. This behavior allows more flexibility in configuring multiple iDRAC with the same settings.
NOTE: You can use the getconfig and config commands or get and set commands. 1. 2. Locate an available user index using the command syntax: • Using getconfig command: racadm getconfig -g cfgUserAdmin -i • Using get command: racadm get iDRAC.Users Type the following commands with the new user name and password. • Using config command: racadm config -g cfgUserAdmin -o cfgUserAdminPrivilege -i • Using set command: racadm set iDRAC.Users..
Table 14. iDRAC user privileges Current Generation Prior Generation Description Login Login to iDRAC Enables the user to log in to iDRAC. Configure Configure iDRAC Enables the user to configure iDRAC. Configure Users Configure Users Enables the user to allow specific users to access the system. Logs Clear Logs Enables the user to clear the System Event Log (SEL). System Control Execute Server Control Allows power cycling the host system.
Certificate Authority (CA)—the root certificate of which is also uploaded into iDRAC. For iDRAC to authenticate to any domain controller—whether it is the root or the child domain controller—that domain controller must have an SSL-enabled certificate signed by the domain’s CA. If you are using Microsoft Enterprise Root CA to automatically assign all your domain controllers to an SSL certificate, you must: 1. Install the SSL certificate on each domain controller. 2.
Importing iDRAC firmware SSL certificate iDRAC SSL certificate is the identical certificate used for iDRAC Web server. All iDRAC controllers are shipped with a default self-signed certificate. If the Active Directory Server is set to authenticate the client during an SSL session initialization phase, you need to upload iDRAC Server certificate to the Active Directory Domain controller.
Figure 1. Configuration of idrac with active directory standard schema In Active Directory, a standard group object is used as a role group. A user who has iDRAC access is a member of the role group. To give this user access to a specific iDRAC, the role group name and its domain name need to be configured on the specific iDRAC. The role and the privilege level are defined on each iDRAC and not in the Active Directory. You can configure up to five role groups in each iDRAC.
NOTE: The Bit Mask values are used only when setting Standard Schema with the RACADM. Single domain versus multiple domain scenarios If all the login users and role groups, including the nested groups, are in the same domain, then only the domain controllers’ addresses must be configured on iDRAC. In this single domain scenario, any group type is supported.
7. Click Next. The Active Directory Configuration and Management Step 3 of 4 page is displayed. 8. Select Standard Schema and click Next. The Active Directory Configuration and Management Step 4a of 4 page is displayed. 9. Enter the location of Active Directory global catalog server(s) and specify privilege groups used to authorize users. 10. Click a Role Group to configure the control authorization policy for users under the standard schema mode.
racadm set name or IP racadm set name or IP iDRAC.ActiveDirectory.GlobalCatalog2 iDRAC.ActiveDirectory.GlobalCatalog3 For Bit Mask values for specific Role Group permissions, see Default role group privileges. Enter the FQDN of the domain controller, not the FQDN of the domain. For example, enter servername.dell.com instead of dell.com.
• • 4. Using config command: racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 0 racadm config -g cfgLanNetworking -o cfgDNSServer1 racadm config -g cfgLanNetworking -o cfgDNSServer2 Using set command: racadm set iDRAC.IPv4.DNSFromDHCP 0 racadm set iDRAC.IPv4.DNSFromDHCP.DNS1 racadm set iDRAC.IPv4.DNSFromDHCP.
You can create multiple association objects, and each association object can be linked to as many users, groups of users, or iDRAC device objects as required. The users and iDRAC user groups can be members of any domain in the enterprise. However, each association object can be linked (or, may link users, groups of users, or iDRAC device objects) to only one privilege object. This example allows an administrator to control each user’s privileges on specific iDRAC devices.
Accumulating privileges using Extended Schema The Extended Schema Authentication mechanism supports Privilege Accumulation from different privilege objects associated with the same user through different Association Objects. In other words, Extended Schema Authentication accumulates privileges to allow the user the super set of all assigned privileges corresponding to the different privilege objects associated with the same user.
Configuring Active Directory with Extended schema using RACADM Extending Active Directory schema Extending your Active Directory schema adds a Dell organizational unit, schema classes and attributes, and example privileges and association objects to the Active Directory schema. Before you extend the schema, make sure that you have Schema Admin privileges on the Schema Master Flexible Single Master Operation (FSMO) Role Owner of the domain forest.
Classes and attributes Table 16. Class definitions for classes added to the active directory schema Class Name Assigned Object Identification Number (OID) delliDRACDevice 1.2.840.113556.1.8000.1280.1.7.1.1 delliDRACAssociation 1.2.840.113556.1.8000.1280.1.7.1.2 dellRAC4Privileges 1.2.840.113556.1.8000.1280.1.1.1.3 dellPrivileges 1.2.840.113556.1.8000.1280.1.1.1.4 dellProduct 1.2.840.113556.1.8000.1280.1.1.1.5 Table 17. DelliDRACdevice class OID 1.2.840.113556.1.8000.1280.1.7.1.
Table 19. dellRAC4Privileges class OID 1.2.840.113556.1.8000.1280.1.1.1.3 Description Defines the privileges (Authorization Rights) for iDRAC Class Type Auxiliary Class SuperClasses None Attributes dellIsLoginUser dellIsCardConfigAdmin dellIsUserConfigAdmin dellIsLogClearAdmin dellIsServerResetUser dellIsConsoleRedirectUser dellIsVirtualMediaUser dellIsTestAlertUser dellIsDebugCommandAdmin Table 20. dellPrivileges class OID 1.2.840.113556.1.8000.1280.1.1.1.
Table 22. List of attributes added to the active directory schema Attribute Name/Description Assigned OID/Syntax Object Identifier Single Valued dellPrivilegeMember 1.2.840.113556.1.8000.1280.1.1.2.1 FALSE List of dellPrivilege Objects that belong to this Attribute. Distinguished Name (LDAPTYPE_DN 1.3.6.1.4.1.1466.115.121.1.12) dellProductMembers 1.2.840.113556.1.8000.1280.1.1.2.2 FALSE List of dellRacDevice and DelliDRACDevice Objects that belong to this role.
Attribute Name/Description Assigned OID/Syntax Object Identifier Single Valued TRUE if the user has Virtual Media rights on the device. dellIsTestAlertUser TRUE if the user has Test Alert User rights on the device. dellIsDebugCommandAdmin TRUE if the user has Debug Command Admin rights on the device. dellSchemaVersion 1.2.840.113556.1.8000.1280.1.1.2.1 TRUE 0 Boolean (LDAPTYPE_BOOLEAN 1.3.6.1.4.1.1466.115.121.1.7) 1.2.840.113556.1.8000.1280.1.1.2.1 TRUE 1 Boolean (LDAPTYPE_BOOLEAN 1.3.6.1.4.1.1466.115.
:\SYSMGMT\ManagementStation\support\OMActiveDirectory_SnapIn64 For more information about the Active Directory Users and Computers Snap-in, see Microsoft documentation. Adding iDRAC users and privileges to Active Directory Using the Dell-extended Active Directory Users and Computers Snap-in, you can add iDRAC users and privileges by creating device, association, and privilege objects.
NOTE: iDRAC association object is derived from the group and its scope is set to Domain Local. 1. In the Console Root (MMC) window, right-click a container. 2. Select New → Dell Remote Management Object Advanced. This New Object window is displayed. 3. Enter a name for the new object and select Association Object. 4. Select the scope for the Association Object and click OK. 5. Provide access privileges to the authenticated users for accessing the created association objects.
3. Click the Privilege Object tab to add the privilege object to the association that defines the user’s or user group’s privileges when authenticating to an iDRAC device. Only one privilege object can be added to an Association Object. Adding iDRAC devices or iDRAC device groups To add iDRAC devices or iDRAC device groups: 1. Select the Products tab and click Add. 2. Enter iDRAC devices or iDRAC device group name and click OK. 3. In the Properties window, click Apply and click OK. 4.
• • Using config command: racadm config -g cfgActiveDirectory racadm config -g cfgActiveDirectory racadm config -g cfgActiveDirectory racadm config -g cfgActiveDirectory rac domain name> racadm config -g cfgActiveDirectory qualified domain name or IP Address racadm config -g cfgActiveDirectory qualified domain name or IP Address racadm config -g cfgActiveDirectory qualified domain name or IP Address -o -o -o -o cfgADEnable 1 cfgADType 1 cfgADRacName cfgADRacDomain
3. 4. • Using config command: racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 1 • Using set command: racadm set iDRAC.IPv4.
Testing Active Directory settings using RACADM To test the Active Directory settings, use the testfeature command. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Configuring generic LDAP users iDRAC provides a generic solution to support Lightweight Directory Access Protocol (LDAP)-based authentication. This feature does not require any schema extension on your directory services.
7. Click Role Group. The Generic LDAP Configuration and Management Step 3b of 3 page is displayed. 8. Specify the group distinguished name, the privileges associated with the group, and click Apply. NOTE: If you are using Novell eDirectory and if you have used these characters—#(hash), "(double quotes), ;(semi colon), > (greater than), , (comma), or <(lesser than)—for the Group DN name, they must be escaped. The role group settings are saved.
8 Configuring iDRAC for Single Sign-On or smart card login This section provides information to configure iDRAC for Smart Card login (for local users and Active Directory users), and Single Sign-On (SSO) login (for Active Directory users.) SSO and smart card login are licensed features. iDRAC supports Kerberos based Active Directory authentication to support Smart Card and SSO logins. For information on Kerberos, see the Microsoft website.
Registering iDRAC as a computer in Active Directory root domain To register iDRAC in Active Directory root domain: 1. Click Overview → iDRAC Settings → Network → Network. The Network page is displayed. 2. Provide a valid Preferred/Alternate DNS Server IP address. This value is a valid DNS server IP address that is part of the root domain. 3. Select Register iDRAC on DNS. 4. Provide a valid DNS Domain Name. 5. Verify that network DNS configuration matches with the Active Directory DNS information.
A keytab file is generated. NOTE: If you find any issues with iDRAC user for which the keytab file is created, create a new user and a new keytab file. If the same keytab file which was initially created is again executed, it does not configure correctly. Creating Active Directory objects and providing privileges Perform the following steps for Active Directory Extended schema based SSO login: 1. Create the device object, privilege object, and association object in the Active Directory server. 2.
Configuring iDRAC SSO login for Active Directory users Before configuring iDRAC for Active Directory SSO login, make sure that you have completed all the prerequisites. You can configure iDRAC for Active Directory SSO when you setup an user account based on Active Directory.
Enabling or disabling smart card login Uploading smart card user certificate Before you upload the user certificate, make sure that the user certificate from the smart card vendor is exported in Base64 format. SHA-2 certificates are also supported. Related Links Obtaining certificates Uploading smart card user certificate using web interface To upload smart card user certificate: 1. In iDRAC Web interface, go to Overview → iDRAC Settings → Network → User Authentication → Local Users.
Uploading trusted CA certificate for smart card using RACADM To upload trusted CA certificate for smart card login, use the usercertupload object. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/ support/manuals. Configuring iDRAC smart card login for Active Directory users Before configuring iDRAC Smart Card login for Active Directory users, make sure that you have completed the required prerequisites. To configure iDRAC for smart card login: 1.
Enabling or disabling smart card login using web interface To enable or disable the Smart Card logon feature: 1. In the iDRAC web interface, go to Overview → iDRAC Settings → User Authentication → Smart Card. The Smart Card page is displayed. 2. From the Configure Smart Card Logon drop-down menu, select Enabled to enable smart card logon or select Enabled With Remote RACADM. Else, select Disabled. For more information about the options, see the iDRAC Online Help. 3. Click Apply to apply the settings.
Configuring iDRAC to send alerts 9 You can set alerts and actions for certain events that occur on the managed system. An event occurs when the status of a system component is greater than the pre-defined condition. If an event matches an event filter and you have configured this filter to generate an alert (e-mail, SNMP trap, IPMI alert, remote system logs, or WS events), then an alert is sent to one or more configured destinations.
Enabling or disabling alerts using web interface To enable or disable generating alerts: 1. In iDRAC Web interface, go to Overview → Server → Alerts. The Alerts page is displayed. 2. Under Alerts section: • 3. Select Enable to enable alert generation or perform an event action. • Select Disable to disable alert generation or disable an event action. Click Apply to save the setting.
• 3. 4. Updates • Work Notes Select one or more of the following severity levels: • Informational • Warning • Critical Click Apply. The Alert Results section displays the results based on the selected category and severity. Filtering alerts using RACADM To filter the alerts, use the eventfilters command. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals.
Setting event alerts using RACADM To set an event alert, use the eventfilters command. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Setting alert recurrence event You can configure iDRAC to generate additional events at specific intervals if the system continues to operate at a temperature which is greater than the inlet temperature threshold limit. The default interval is 30 days. The valid range is 0 to 366 days.
• No Action Click Apply. 3. The setting is saved. Setting event actions using RACADM To configure an event action, use one of the following: • eventfilters command. • cfgIpmiPefAction object with config command. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals.
For more information about the options, see the iDRAC Online Help. NOTE: The Community String value indicates the community string to use in a Simple Network Management Protocol (SNMP) alert trap sent from iDRAC. Make sure that the destination community string is the same as the iDRAC community string. The default value is Public. 5. To test whether the IP address is receiving the IPMI or SNMP traps, click Send under Test IPMI Trap and Test SNMP Trap respectively. 6. Click Apply.
• 5. To enable SNMPv3 for a user: racadm set idrac.users.2.SNMPv3Enable Enabled To test the trap, if required: racadm testtrap -i [index] where [index] is the trap destination index to test. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Configuring IP alert destinations using iDRAC settings utility You can configure alert destinations (IPv4, IPv6, or FQDN) using the iDRAC Settings utility. To do this: 1.
• Using config command: racadm config -g cfgEmailAlert -o cfgEmailAlertEnable -i [index] [0|1] where [index] is the email destination index. 0 disables the email alert and 1 enables the alert. The email destination index can be a value from 1 through 4. For example, to enable email with index 4, enter the following command: racadm config -g cfgEmailAlert -o cfgEmailAlertEnable -i 4 1 • Using set command: racadm set iDRAC.EmailAlert.Enable.[index] 1 where [index] is the email destination index.
3. Select the Enable Authentication option and then provide the user name and password (of a user who has access to SMTP server). 4. Enter the SMTP port number. For more information about the fields, see the iDRAC Online Help. 5. Click Apply. The SMTP settings are configured. Configuring SMTP email server address settings using RACADM To configure the SMTP email server, use one of the following: • Using set command: racadm set iDRAC.RemoteHosts.
In instances where iDRAC detects that a required CMC functionality is absent, a warning message is displayed informing you that certain features may not be functional without a CMC firmware upgrade. Monitoring chassis events using the iDRAC web interface To monitor chassis events using the iDRAC web interface, perform the following steps: NOTE: This section appears only for PowerEdge FX2/FX2s chassis and if Chassis Management at Server mode is set to Monitor or Manage and Monitor in CMC. 1.
Message ID Description CTL Storage Contr DH Cert Mgmt DIS Auto-Discovery ENC Storage Enclosr FAN Fan Event FSD Debug HWC Hardware Config IPA DRAC IP Change ITR Intrusion JCP Job Control LC Lifecycle Contr LIC Licensing LNK Link Status LOG Log event MEM Memory NDR NIC OS Driver NIC NIC Config OSD OS Deployment OSE OS Event PCI PCI Device PDR Physical Disk PR Part Exchange PST BIOS POST PSU Power Supply PSUA PSU Absent 186
Message ID Description PWR Power Usage RAC RAC Event RDU Redundancy RED FW Download RFL IDSDM Media RFLA IDSDM Absent RFM FlexAddress SD RRDU IDSDM Redundancy RSI Remote Service SEC Security Event SEL Sys Event Log SRD Software RAID SSD PCIe SSD STOR Storage SUP FW Update Job SWC Software Config SWU Software Change SYS System Info TMP Temperature TST Test Alert UEFI UEFI Event USR User Tracking VDR Virtual Disk VF vFlash SD card VFL vFlash Event 187
Message ID Description VFLA vFlash Absent VLT Voltage VME Virtual Media VRM Virtual Console WRK Work Note 188
Managing logs 10 iDRAC provides Lifecycle log that contains events related to system, storage devices, network devices, firmware updates, configuration changes, license messages, and so on. However, the system events are also available as a separate log called System Event Log (SEL). The lifecycle log is accessible through iDRAC Web interface, RACADM, and WS-MAN interface. When the size of the lifecycle log reaches 800 KB, the logs are compressed and archived.
racadm getsel If no arguments are specified, the entire log is displayed. To display the number of SEL entries: racadm getsel -i To clear the SEL entries: racadm clrsel For more information, see iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Viewing System Event Log using iDRAC settings utility You can view the total number of records in the System Event Log (SEL) using the iDRAC Settings Utility and clear the logs. To do this: 1.
You can filter logs based on the category and severity level, view, export, and add a work note to a log event. Related Links Filtering Lifecycle logs Exporting Lifecycle Controller logs using web interface Adding comments to Lifecycle logs Viewing Lifecycle log using web interface To view the Lifecycle Logs, click Overview → Server → Logs → Lifecycle Log. The Lifecycle Log page is displayed. For more information about the options, see the iDRAC Online Help.
Exporting Lifecycle Controller logs using web interface To export the Lifecycle Controller logs using the Web interface: 1. In the Lifecycle Log page, click Export. 2. Select any of the following options: • Network — Export the Lifecycle Controller logs to a shared location on the network. • Local — Export the Lifecycle Controller logs to a location on the local system.
The Remote Syslog Settings page is displayed 2. Enable remote syslog, specify the server address, and the port number. For information about the options, see the iDRAC Online Help. 3. Click Apply. The settings are saved. All logs written to the lifecycle log are also simultaneously written to configured remote server(s). Configuring remote system logging using RACADM To configure the remote syslog server settings, use one of the following: • Objects in the cfgRemoteHosts group with the config command.
Monitoring and managing power 11 You can use iDRAC to monitor and manage the power requirements of the managed system. This helps to protect the system from power outages by appropriately distributing and regulating the power consumption on the system. The key features are: • Power Monitoring — View the power status, history of power measurements, the current averages, peaks, and so on for the managed system.
Monitoring power using web interface To view the power monitoring information, in iDRAC Web interface, go to Overview → Server → Power/ Thermal → Power Monitoring. The Power Monitoring page is displayed. For more information, see the iDRAC Online Help. Monitoring power using RACADM To view the power monitoring information, use the System.Power group objects with the get command or the cfgServerPower object with the getconfig command.
Executing power control operations using web interface To perform power control operations: 1. In iDRAC web interface, go to Overview → Server → Power/Thermal → Power Configuration → Power Control. The Power Control page is displayed. 2. Select the required power operation: • Power On System • Power Off System • NMI (Non-Masking Interrupt) • Graceful Shutdown • Reset System (warm boot) • Power Cycle System (cold boot) Click Apply. For more information, see the iDRAC Online Help. 3.
independent of the user defined policy. The system performance is dynamically adjusted to maintain power consumption close to the specified threshold. Actual power consumption may be less for light workloads and momentarily may exceed the threshold until performance adjustments are completed. For example, for a given system configuration, the Maximum Potential Power Consumption is 700W and the Minimum Potential Power Consumption is 500W.
For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Configuring power cap policy using iDRAC settings utility To view and configure power policies: 1. In iDRAC Settings utility, go to Power Configuration. NOTE: The Power Configuration link is available only if the server power supply unit supports power monitoring. The iDRAC Settings Power Configuration page is displayed. 2.
Configuring power supply options using RACADM To configure the power supply options, use the following objects with the set subcommand: • System.Power.RedundancyPolicy • System.Power.Hotspare.Enable • System.Power.Hotspare.PrimaryPSU • System.Power.PFC.Enable For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Configuring power supply options using iDRAC settings utility To configure the power supply options: 1.
Inventorying, monitoring, and configuring network devices 12 You can inventory, monitor, and configure the following network devices: • • • • • Network Interface Cards (NICs) Converged Network Adapters (CNAs) LAN On Motherboards (LOMs) Network Daughter Cards (NDCs) Mezzanine cards (only for blade servers) Related Links Inventorying and monitoring FC HBA devices Dynamic configuration of virtual addresses, initiator, and storage target settings Inventorying and monitoring network devices You can remotely
Additional properties may be displayed when using RACADM or WS-MAN in addition to the properties displayed in the iDRAC Web interface. Inventorying and monitoring FC HBA devices You can remotely monitor the health and view the inventory of the Fibre Channel Host Bus Adapters (FC HBA) devices in the managed system. The Emulex and QLogic (except FC8) FC HBAs are supported.
NOTE: On cards with the virtual FIP, virtual WWN, and virtual WWPN MAC attributes, the virtual WWN and virtual WWPN MAC attributes are automatically configured when you configure virtual FIP.
Manufacturer Type • • • x540+i350 rNDC 10Gb+1Gb i350 rNDC 1Gb x520 bNDC 10Gb Qlogic • • • QME2662 Mezz FC16 QLE2660 PCIe FC16 QLE2662 PCIe FC16 Emulex • • • • • • • • LPM16002 Mezz FC16 LPe16000 PCIe FC16 LPe16002 PCIe FC16 LPM16002 Mezz FC16 OCm14104-UX-D rNDC 10Gb OCm14102-U2-D bNDC 10Gb OCm14102-U3-D Mezz 10Gb Ce14102-UX-D PCIe 10Gb NOTE: I/O Identity Optimization is not supported on the following cards: • Intel x520 Mezz 10 GB • Mellanox cards Supported BIOS version for I/O Identity Optimiz
Virtual/Flex Address and Persistence Policy behavior when iDRAC is set to Flex Address mode or Console mode The following table describes the Virtual address management (VAM) configuration and Persistence Policy behavior depending on Flex Address feature state in CMC, mode set in iDRAC, I/O Identity feature state in iDRAC, and XML configuration.
Flex Address Mode set in Feature State in iDRAC CMC IO Identity XML Feature State in Configuration iDRAC Persistence Policy Clear Persistence Policy — Virtual Address Flex Address enabled Console Mode Disabled Configured using the path provided in Lifecycle Controller Lifecycle Controller configuration persists for that cycle No persistence supported.
FlexAddress IO Identity Availability of Feature State in Feature State in Remote Agent CMC iDRAC VA for the Reboot Cycle No Disabled VA Programming Source Reboot Cycle VA Persistence Behavior Virtual Address Cleared Disabled Enabling or disabling I/O Identity Optimization Normally, after the system boots, the devices are configured and then after a reboot the devices are initialized. You can enable the I/O Identity Optimization feature to achieve boot optimization.
To view the I/O Identity Optimization setting, use the command: racadm get iDRAC.IOIDOpt Configuring persistence policy settings Using IO identity, you can configure policies specifying the system reset and power cycle behaviors that determine the persistence or clearance of the virtual address, initiator, and storage target settings. Each individual persistence policy attribute applies to all ports and partitions of all applicable devices in the system.
Related Links Enabling or disabling I/O Identity Optimization Configuring persistence policy settings using iDRAC web interface To configure the persistence policy: 1. In the iDRAC Web interface, go to Overview → Hardware → Network Devices. The Network Devices page is displayed. 2. Click I/O Identity Optimization tab. 3.
iSCSI Initiator Default Values in IPv4 mode Default Values in IPv6 mode IscsiInitiatorPrimDns 0.0.0.0 :: IscsiInitiatorIpv4PrimDns 0.0.0.0 0.0.0.0 IscsiInitiatorIpv6PrimDns :: :: IscsiInitiatorSecDns 0.0.0.0 :: IscsiInitiatorIpv4SecDns 0.0.0.0 0.0.0.0 IscsiInitiatorIpv6SecDns :: :: IscsiInitiatorName Value Cleared Value Cleared IscsiInitiatorChapId Value Cleared Value Cleared IscsiInitiatorChapPwd Value Cleared Value Cleared IPVer Ipv4 Table 25.
iSCSI Storage Target Attributes Default Values in IPv4 mode Default Values in IPv6 mode SecondTgtChapId Value Cleared Value Cleared SecondTgtChapPwd Value Cleared Value Cleared SecondTgtIpVer Ipv4 210
Managing storage devices 13 In the iDRAC 2.00.00.00 release, iDRAC expands its agent-free management to include direct configuration of the new PERC9 controllers. It enables you to remotely configure the storage components attached to your system at run-time. These components include RAID and non-RAID controllers and the channels, ports, enclosures, and disks attached to them.
alarms, and so on) associated with external enclosures. Physical disks can be contained in an enclosure or attached to the backplane of a system. In addition to managing the physical disks contained in the enclosure, you can monitor the status of the fans, power supply, and temperature probes in an enclosure. You can hot plug enclosures. Hot plugging is defined as adding of a component to a system while the operating system is still running.
concepts, as well as some familiarity with how the RAID controllers and operating system view disk space on your system. What is RAID? RAID is a technology for managing the storage of data on the physical disks that reside or are attached to the system. A key aspect of RAID is the ability to span physical disks so that the combined storage capacity of multiple physical disks can be treated as a single, extended disk space.
• Stripe element size — The amount of disk space consumed by a stripe element. For example, consider a stripe that contains 64KB of disk space and has 16KB of data residing on each disk in the stripe. In this case, the stripe element size is 16KB and the stripe size is 64KB. • Parity — Parity refers to redundant data that is maintained using an algorithm in combination with striping. When one of the striped disks fails, the data can be reconstructed from the parity information using the algorithm.
• Raid level 0 (striping) • Raid level 1 (mirroring) • Raid level 5 (striping with distributed parity) • Raid level 6 (striping with additional distributed parity) • Raid level 50 (striping over raid 5 sets) • Raid level 60 (striping over raid 6 sets) • Raid level 10 (striping over mirror sets) RAID level 0 (striping) RAID 0 uses data striping, which is writing data in equal-sized segments across the physical disks. RAID 0 does not provide data redundancy.
RAID 1 characteristics: • Groups n + n disks as one virtual disk with the capacity of n disks. The controllers currently supported by Storage Management allow the selection of two disks when creating a RAID 1. Because these disks are mirrored, the total storage capacity is equal to one disk. • Data is replicated on both the disks. • When a disk fails, the virtual disk still works. The data is read from the mirror of the failed disk. • Better read performance, but slightly slower write performance.
RAID 5 characteristics: • Groups n disks as one large virtual disk with a capacity of (n-1) disks. • Redundant information (parity) is alternately stored on all disks. • When a disk fails, the virtual disk still works, but it is operating in a degraded state. The data is reconstructed from the surviving disks. • Better read performance, but slower write performance. • Redundancy for protection of data.
RAID 6 characteristics: • Groups n disks as one large virtual disk with a capacity of (n-2) disks. • Redundant information (parity) is alternately stored on all disks. • The virtual disk remains functional with up to two disk failures. The data is reconstructed from the surviving disks. • Better read performance, but slower write performance. • Increased redundancy for protection of data. • Two disks per span are required for parity. RAID 6 is more expensive in terms of disk space.
RAID 50 characteristics: • Groups n*s disks as one large virtual disk with a capacity of s*(n-1) disks, where s is the number of spans and n is the number of disks within each span. • Redundant information (parity) is alternately stored on all disks of each RAID 5 span. • Better read performance, but slower write performance. • Requires as much parity information as standard RAID 5. • Data is striped across all spans. RAID 50 is more expensive in terms of disk space.
RAID 60 characteristics: • Groups n*s disks as one large virtual disk with a capacity of s*(n-2) disks, where s is the number of spans and n is the number of disks within each span. • Redundant information (parity) is alternately stored on all disks of each RAID 6 span. • Better read performance, but slower write performance. • Increased redundancy provides greater data protection than a RAID 50. • Requires proportionally as much parity information as RAID 6.
RAID 10 characteristics: • Groups n disks as one large virtual disk with a capacity of (n/2) disks, where n is an even integer. • Mirror images of the data are striped across sets of physical disks. This level provides redundancy through mirroring. • When a disk fails, the virtual disk still works. The data is read from the surviving mirrored disk. • Improved read performance and write performance. • Redundancy for protection of data.
RAID Level Data Availability Read Performanc e Write Performanc e Rebuild Performanc e Minimum Disks Required Suggested Uses logs, and critical information. RAID 5 Good Sequential reads: good. Transactiona l reads: Very good Fair, unless using writeback cache Fair N + 1 (N = at least two disks) Databases and other read intensive transactional uses. RAID 10 Excellent Very Good Fair Good 2N x X Data intensive environment s (large records).
Supported controllers Supported RAID controllers The iDRAC interfaces support the following PERC9 controllers: • PERC H830 • PERC H730P • PERC H730 • PERC H330 The iDRAC interfaces support the following PERC8 controllers: • PERC H810 • PERC H710P • PERC H710 • PERC H310 The iDRAC interfaces support the following modular PERC controllers: • PERC FD33xS • PERC FD33xD NOTE: For more information on configuring and changing the controller mode on the PERC FD33xS and PERC FD33xD controllers, se
Feature Name PERC 9 Controllers H83 H73 0 0P H730 PERC 8 Controllers H330 FD33 xS FD33 xD H810 H710P H710 H310 PCIe SSD physical disk as a global hot spare Create virtual disks Real Real Realtime time time Realtime Realtime Realtime Stage d Staged Stage d Stage d Not applic able Edit virtual disks cache policies Real Real Realtime time time Realtime Realtime Realtime Stage d Staged Stage d Stage d Not applic able Check virtual disk consistency Real Real Realtime time time Rea
Feature Name PERC 9 Controllers H83 H73 0 0P H730 PERC 8 Controllers H330 FD33 xS FD33 xD H810 H710P H710 H310 PCIe SSD face face ) ) Check Consistency Mode Real Real Realtime time time Realtime Realtime Realtime Stage d Staged Stage d Stage d Not applic able Copyback Mode Real Real Realtime time time Realtime Realtime Realtime Stage d Staged Stage d Stage d Not applic able Load Balance Mode Real Real Realtime time time Realtime Realtime Realtime Stage d Staged Stage d
Feature Name PERC 9 Controllers H83 H73 0 0P H710P H710 H310 Not appl icab le Not Not Not Not Not Not appli applic applic applic applic applic cabl able able able able able e Not applica ble Not applic able Not applic able Realtime Prepare the PCIe Not SSD to be appl removed icab le Not Not Not Not Not Not appli applic applic applic applic applic cabl able able able able able e Not applica ble Not applic able Not applic able Realtime Securely erase the data Not Not Not Not Not Not appli ap
• Go to Overview → Storage → Summary to view the summary of the storage components and the recently logged events. This page is automatically refreshed every 30 seconds. • Go to Overview → Storage → Topology to view the hierarchical physical containment view of the key storage components. • Go to Overview → Storage → Physical Disks → Properties to view physical disk information. The Physical Disks Properties page is displayed.
Assigning or unassigning physical disk as global hot spare A global hot spare is an unused backup disk that is part of the disk group. Hot spares remain in standby mode. When a physical disk that is used in a virtual disk fails, the assigned hot spare is activated to replace the failed physical disk without interrupting the system or requiring your intervention. When a hot spare is activated, it rebuilds the data for all redundant virtual disks that were using the failed physical disk.
Based on the selected operation mode, the settings are applied. Related Links Choosing operation mode using web interface Assigning or unassigning global hot spare using RACADM Use the storage subcommand and specify the type as global hot spare. For more information, see the iDRAC RACADM Command Line Reference Guide available at dell.com/esmmanuals.
• To convert to Non-RAID mode, use the racadm storage converttononraid command. For more information about the commands, see the iDRAC RACADM Command Line Reference Guide available at dell.com/esmmanuals.
• A job is currently running or scheduled on the selected controller. You must wait for this job to complete or you can delete the job before attempting a new operation. You can view and manage the status of the scheduled job in the Job Queue page. • Physical disk is in non-RAID mode. You must convert to RAID mode using iDRAC interfaces such as iDRAC web interface, RACADM, WS-MAN, or .
selected RAID 10 and if the controller supports uneven RAID 10, then the span count value is not displayed. The controller automatically sets the appropriate value. 3. In the Select Physical Disks section, select the number of physical disks. For more information about the fields, see the iDRAC Online Help 4. From the Apply Operation Mode drop-down menu, select when you want to apply the settings. 5. Click Create Virtual Disk. Based on the selected Apply Operation Mode, the settings are applied.
NOTE: • Controller non-volatile cache and battery backup of controller cache affects the read-policy or the write policy that a controller can support. All PERCs do not have battery and cache. • Read ahead and write back requires cache. Therefore, if the controller does not have cache, it does not allow you to set the policy value. Similarly, if the PERC has cache but not battery and the policy is set that requires accessing cache, then data loss may occur if base of power off.
Fast initialization The fast initialize operation initializes all physical disks included in the virtual disk. It updates the metadata on the physical disks so that all disk space is available for future write operations. The initialize task can be completed quickly because the existing information on the physical disks is not erased, although future write operations overwrite any information that remains on the physical disks. Fast initialization only deletes the boot sector and stripe information.
You must have Login and Server Control privilege to manage the encryption keys. Assigning or unassigning dedicated hot spares A dedicated hot spare is an unused backup disk that is assigned to a virtual disk. When a physical disk in the virtual disk fails, the hot spare is activated to replace the failed physical disk without interrupting the system or requiring your intervention. You must have Login and Server Control privilege to run this operation.
– Enabled – Disabled • Initialize: Fast — Updates the metadata on the physical disks so that all the disk space is available for future write operations. The initialize can be completed quickly because existing information on the physical disks is not erased, although future write operations overwrites any information that remains on the physical disks. • Initialize: Full — All existing data and file systems are erased. • Check Consistency • Encrypt Virtual Disk — Encrypts the virtual disk drive.
Configuring controller properties You can configure the following properties for the controller: • Patrol read mode (auto or manual) • Start or stop patrol read if patrol read mode is manual • Patrol read unconfigured areas • Check consistency mode • Copyback mode • Load balance mode • Check consistency rate • Rebuild rate • BGI rate • Reconstruct rate • Enhanced auto import foreign configuration • Create or change security keys NOTE: You can configure the Patrol Read Unconfigured Are
prepares the virtual disk to maintain redundant data and improves write performance. For example, after the background initialization of a RAID 5 virtual disk completes, the parity information has been initialized. After the background initialization of a RAID 1 virtual disk completes, the physical disks are mirrored. The background initialization process helps the controller identify and correct problems that may occur with the redundant data at a later time.
The Setup Controllers page is displayed. 2. In the Configure Controller Properties section, from the Controller drop-down menu, select the controller that you want to configure. 3. Specify the required information for the various properties. The Current Value column displays the existing values for each property. You can modify this value by selecting the option from the Action drop-down menu for each property. For information about the fields, see the iDRAC Online Help. 4.
Importing or auto importing foreign configuration A foreign configuration is data residing on physical disks that have been moved from one controller to another. Virtual disks residing on physical disks that have been moved are considered to be a foreign configuration. You can import foreign configurations so that virtual disks are not lost after moving Physical Disks.
• All the physical disks in a configuration are removed and re-inserted. • Some of the physical disks in a configuration are removed and re-inserted. • All the physical disks in a virtual disk are removed, but at different times, and then re-inserted. • The physical disks in a non-redundant virtual disk are removed.
performed to remove foreign data. If you have an incomplete foreign configuration which cannot be imported, you can use the Clearing Foreign Configuration option to erase the foreign data on the physical disks. Clearing foreign configuration using web interface To clear the foreign configuration: 1. In the iDRAC web interface, go to Overview → Storage → Controllers → Setup. The Setup Controllers page is displayed. 2.
For more information, see the iDRAC RACADM Command Line Reference Guide available at dell.com/ esmmanuals. Switching the controller mode On PERC 9.1 and later controllers, you can change the personality of the controller by switching the mode from RAID to HBA. The controller operates similar to a HBA controller where the drivers are passed through the operating system. The controller mode change is a staged operation and does not occur in real time.
• When the PERC controller is in HBA mode, if you run import preview on export xml which is edited to change controller mode to RAID, and try creating a VD, the virtual disk creation fails. Import preview does not support validating stacking RAID operations with changing controller mode. Switching the controller mode using the iDRAC web interface To switch the controller mode, perform the following steps: 1. In the iDRAC web interface, click Overview → Storage → Controllers. 2.
Inventorying and monitoring storage devices Viewing system inventory Updating device firmware Monitoring predictive failure analysis on drives Blinking or unblinking component LEDs Monitoring predictive failure analysis on drives Storage management supports Self Monitoring Analysis and Reporting Technology (SMART) on physical disks that are SMART-enabled. SMART performs predictive failure analysis on each disk and sends alerts if a disk failure is predicted.
• Run the jobs on each controller individually. Wait for each job to complete before starting the configuration and job creation on the next controller. • Schedule multiple jobs to run at a later time using the scheduling options.
Inventorying and monitoring PCIe SSDs using RACADM Use the racadm storage get controllers: command to inventory and monitor PCIe SSDs. To view all PCIe SSD drives: racadm storage get pdisks To view PCIe extender cards: racadm storage get controllers To view PCIe SSD backplane information: racadm storage get enclosures NOTE: For all the mentioned commands, PERC devices are also displayed. For more information, see the iDRAC RACADM Command Line Reference Guide available at dell.
Preparing to remove PCIe SSD using web interface To prepare the PCIe SSD for removal: 1. In the iDRAC Web interface, go to Overview → Storage → Physical Disks → Setup. The Setup Physical Disk page is displayed. 2. From the Controller drop-down menu, select the extender to view the associated PCIe SSDs. 3. From the drop-down menus, select Prepare to Remove for one or more PCIe SSDs.
• You have Server Control and Login privileges NOTE: • After the drive is erased, it displays in the operating system as online but it is not initialized. You must re-initialize and re-format the drive before using it again. • After you hot-plug a PCIe SSD, it may take several seconds to be displayed on the Web interface. Erasing PCIe SSD device data using web interface To erase the data on the PCIe SSD device: 1. In the iDRAC Web interface, go to Overview → Storage → Physical Disks → Setup. 2.
To query the job ID returned, run the following command: racadm jobqueue view -i For more information, see the iDRAC RACADM Command Line Reference Guide available at dell.com/ esmmanuals.
NOTE: • Warning messages are displayed when the setting is being changed as there is a possibility of data loss. • LC Wipe or iDRAC reset operation does not change the expander setting for this mode. • This operation is supported only in real-time and not staged. Any change in this setting only takes effect after a system power reset. If you change from Split mode to Unified, an error message is displayed on the next boot as the second controller does not see any drives.
4. Run the following command to verify if the backplanerequestedmode attribute is set to split mode: get storage.enclosure.1.backplanerequestedmode The output is: BackplaneRequestedMode=None (Pending=SplitMode) 5. Run storage get controllers command and note down the controller instance ID. 6. Run the following command to create a job: jobqueue create -s TIME_NOW --realtime A job ID is returned. 7.
are universal. For, example, in a universal backplane supporting 24 slots, slots 0-19 support only SAS/ SATA disks while slots 20-23 support either SAS/SATA or PCIe SSD. The roll-up health status for the enclosure provides the combined health status for all the drives in the enclosure. The enclosure link on the Topology page display the entire enclosure information, irrespective of which controller it is associated with.
Choosing operation mode to apply settings While creating and managing virtual disks, setting up physical disks, controllers, and enclosures or resetting controllers, before you apply the various settings, you must select the operation mode. That is, specify when you want to apply the settings: • Immediately • During the next system reboot • At a scheduled time • As a pending operation to be applied as a batch as part of a single job.
NOTE: • 3. The Add to Pending Operations option in not applicable for the Pending Operations page and for PCIe SSDs in the Physical Disks → Setup page. • Only the Apply Now option is available on the Enclosure Setup page. Click Apply. Based on the operation mode selected, the settings are applied. Choosing operation mode using RACADM Use the jobqueue subcommand to select the operation mode. For more information, see the iDRAC RACADM Command Line Reference Guide available at dell.com/esmmanuals.
– From the drop-down menu, select the type of reboot: * No Reboot (Manually Reboot System) * Graceful Shutdown * Force Shutdown * Power Cycle System (cold boot) NOTE: For PERC 8 or earlier controllers, Graceful Shutdown is the default option. For PERC 9 controllers, No Reboot (Manually Reboot System) is the default option. If the commit job is not created, a message indicating that the job creation was not successful is displayed.
– Click the View Pending Operations link to view the pending operations for the device. – Click Create Job to create job for the selected device. If the job is created successfully, a message indicating that the job ID is created for the selected device is displayed. Click Job Queue to view the progress of the job in the Job Queue page. If the job is not created, a message indicating that the job creation was not successful is displayed. Also, the message ID and the recommended response action is displayed.
NOTE: • At any time, if you do not see the option to create a job on the storage configuration pages, go to Storage Overview → Pending Operations page to view the existing pending operations and to create the job on the required controller. • Only cases 1 and 2 are applicable for PCIe SSD. You cannot view the pending operations for PCIe SSDs and hence Add to Pending Operations option is not available. Use racadm command to clear the pending operations for PCIe SSDs.
If the blink or unblink operation is not successful, error messages are displayed. Blinking or unblinking component LEDs using RACADM To blink or unblink component LEDs, use the following commands: racadm storage blink: racadm storage unblink: For more information, see the iDRAC RACADM Command Line Reference Guide available at dell.com/ esmmanuals.
Configuring and using virtual console 14 You can use the virtual console to manage a remote system using the keyboard, video, and mouse on your management station to control the corresponding devices on a managed server. This is a licensed feature for rack and tower servers. It is available by default in blade servers. The key features are: • A maximum of six simultaneous Virtual Console sessions are supported. All the sessions view the same managed server console simultaneously.
Screen Resolution Refresh Rate (Hz) 1024x768 60, 70, 72, 75, 85 1280x1024 60 It is recommended that you configure your monitor display resolution to 1280x1024 pixels or higher. NOTE: If you have an active Virtual Console session and a lower resolution monitor is connected to the Virtual Console, the server console resolution may reset if the server is selected on the local console. If the system is running a Linux operating system, an X11 console may not be viewable on the local monitor.
Related Links Configuring virtual console Configuring IE to use ActiveX plug-in You must configure the IE browser settings before you launch and run ActiveX based Virtual Console and Virtual Media applications. The ActiveX applications are delivered as signed CAB files from the iDRAC server. If the plug-in type is set to Native-ActiveX type in Virtual console, when you try to launch the Virtual Console, the CAB file is downloaded to the client system and ActiveX based Virtual Console is launched.
Additional settings for Windows Vista or newer Microsoft operating systems Additional settings for Windows Vista or newer Microsoft operating systems The Internet Explorer browsers in Windows Vista or newer operating systems have an additional security feature called Protected Mode. To launch and run ActiveX applications in Internet Explorer browsers with Protected Mode: 1. Run IE as an administrator. 2. Go to Tools → Internet Options → Security → Trusted Sites. 3.
The Java Cache viewer is displayed. 2. Delete the items titled iDRAC Virtual Console Client. Importing CA certificates to management station When you launch Virtual Console or Virtual Media, prompts are displayed to verify the certificates. If you have custom Web server certificates, you can avoid these prompts by importing the CA certificates to the Java or ActiveX trusted certificate store.
Configuring web browsers to use virtual console Launching virtual console Configuring virtual console using web interface To configure Virtual Console using iDRAC Web interface: 1. Go to Overview → Server → Virtual Console. The Virtual Console page is displayed. 2. Enable virtual console and specify the required values. For information about the options, see the iDRAC Online Help. 3. Click Apply. The virtual console is configured.
While launching Virtual Console using 32-bit or 64-bit IE browsers, the required plug-in (Java or ActiveX) is available in the respective browser. The Internet Options settings are common for both the browsers. While launching the Virtual Console using Java plug-in, occasionally you may see a Java compilation error. To resolve this, go to Java control panel → General → Network Settings and select Direct Connection.
• Control Panel → Power Options → High–Performance → Advanced Settings → Hard Disk → Turnoff Hard Disk After Launching virtual console using a URL To launch the Virtual Console using the URL: 1. Open a supported Web browser and in the address box, type the following URL in lower case: https://iDRAC_ip/console 2.
NOTE: If the remote server is powered off, the message ’No Signal’ is displayed. The Virtual Console Viewer title bar displays the DNS name or the IP address of the iDRAC you are connected to from the management station. If iDRAC does not have a DNS name, then the IP address is displayed.
If synchronization problems continue, do the following additional change in the /.gconf/ desktop/gnome/peripherals/mouse/%gconf.xml file: Change the values for motion_threshold and motion_acceleration to -1. If you turn off mouse acceleration in GNOME desktop, in the Virtual Console viewer, go to Tools → Session Options → Mouse. Under Mouse Acceleration tab, select None.
Java-based virtual console session running on Windows operating system • Ctrl+Alt+Del key is not sent to the managed system, but always interpreted by the management station.
– echo "1" > /proc/sys/kernel/sysrq • When Pass all keystrokes to server is enabled, the magic SysRq keys are sent to the operating system on the managed system. The key sequence behavior to reset the operating system, that is reboot without un-mounting or sync, depends on whether the magic SysRq is enabled or disabled on the management station: – If SysRq is enabled on the management station, then or resets the management station irrespective of the system’s state.
ActiveX based virtual console session running on Windows operating system The behavior of the pass all keystrokes to server feature in ActiveX based Virtual Console session running on Windows operating system is similar to the behavior explained for Java based Virtual Console session running on the Windows management station with the following exceptions: • When Pass All Keys is disabled, pressing F1 launches the application Help on both management station and managed system, and the following message is d
Managing virtual media 15 Virtual media allows the managed server to access media devices on the management station or ISO CD/DVD images on a network share as if they were devices on the managed server. Using the Virtual Media feature, you can: • Remotely access media connected to a remote system over the network • Install applications • Update drivers • Install an operating system on the managed system This is a licensed feature for rack and tower servers.
Figure 4. Virtual media setup Supported drives and devices The following table lists the drives supported through virtual media. Table 28. Supported drives and devices Drive Supported Storage Media Virtual Optical Drives • • • • • Virtual floppy drives USB flash drives • Legacy 1.44 floppy drive with a 1.
Configuring virtual media using RACADM To configure the virtual media, • Use the objects in the iDRAC.VirtualMedia group with the set command. • Use the objects in the cfgRacVirtual group with the config command. For more information, see the RACADM Command Line Reference Guide for iDRAC available at dell.com/support/manuals. Configuring virtual media using iDRAC settings utility You can attach, detach, or auto-attach virtual media using the iDRAC Settings utility. To do this: 1.
If the RFS connection is not active and you attempt to launch the Virtual Media client, the client launches successfully. You can then use the Virtual Media client to map devices and files to the Virtual Media virtual drives. Related Links Configuring web browsers to use virtual console Configuring virtual media Launching virtual media using virtual console Before you launch Virtual Media through the Virtual Console, make sure that: • Virtual Console is enabled.
The following message is displayed: Virtual Console has been disabled. Do you want to continue using Virtual Media redirection? 3. Click OK. The Virtual Media window is displayed. 4. From the Virtual Media menu, click Map CD/DVD or Map Removable Disk. For more information, see Mapping virtual drive. NOTE: The virtual device drive letters on the managed system do not coincide with the physical drive letters on the management station.
If Virtual Media is connected, this information is displayed. If Virtual Media is not connected, the “Virtual Media is not connected” message is displayed. If the Virtual Media is launched without using the Virtual Console, then the Virtual Media section is displayed as a dialog box. It provides information about the mapped devices. Resetting USB To reset the USB device: 1. In the Virtual Console viewer, click Tools → Stats. The Stats window is displayed. 2. Under Virtual Media, click USB Reset.
If the image is created in the default path (Desktop), when you select Map Removable Disk, the created image is available for selection in the drop-down menu. If image is created in a different location, when you select Map Removable Disk, the created image is not available for selection in the drop-down menu. Click Browse to specify the image. 4. Select Read-only to map writable devices as read-only. For CD/DVD devices, this option is enabled by default and you cannot disable it. 5.
Setting boot order through BIOS Using the System BIOS Settings utility, you can set the managed system to boot from virtual optical drives or virtual floppy drives. NOTE: Changing Virtual Media while connected may stop the system boot sequence. To enable the managed system to boot: 1. Boot the managed system. 2. Press to enter the System Setup page. 3. Go to System BIOS Settings → Boot Settings → BIOS Boot Settings → Boot Sequence.
Installing and using VMCLI utility 16 The Virtual Media Command Line Interface (VMCLI) utility is an interface that provides virtual media features from the management station to iDRAC on the managed system. Using this utility you can access virtual media features, including image files and physical drives, to deploy an operating system on multiple remote systems in a network. NOTE: You can run the VMCLI utility only on the management station that is installed with 32–bit operating system.
VMCLI syntax The VMCLI interface is identical on both Windows and Linux systems. The VMCLI syntax is: VMCLI [parameter] [operating_system_shell_options] For example, vmcli -r iDRAC-IP-address:iDRAC-SSL-port The parameter enables VMCLI to connect to the specified server, access iDRAC, and map to the specified virtual media. NOTE: VMCLI syntax is case-sensitive. To ensure security, it is recommended to use the following VMCLI parameters: • vmcli -i — Enables an interactive method of starting VMCLI.
If the file is not write-protected, Virtual Media may write to the image file. To make sure that Virtual Media does not write to the media: • Configure the operating system to write-protect a floppy image file that must not be overwritten. • Use the write-protection feature of the device. When virtualizing read-only image files, multiple sessions can use the same image media simultaneously. When virtualizing physical drives, only one session can access a given physical drive at a time.
Managing vFlash SD card 17 The vFlash SD card is a Secure Digital (SD) card that plugs into the vFlash SD card slot in the system. You can use a card with a maximum of 16 GB capacity. After you insert the card, you must enable vFlash functionality to create and manage partitions. vFlash is a licensed feature. If the card is not available in the system's vFlash SD card slot, the following error message is displayed in the iDRAC Web interface at Overview → Server → vFlash: SD card not detected.
Viewing vFlash SD card properties After vFlash functionality is enabled, you can view the SD card properties using iDRAC Web interface or RACADM. Viewing vFlash SD card properties using web interface To view the vFlash SD card properties, in the iDRAC Web interface, go to Overview → Server → vFlash. The SD Card Properties page is displayed. For information about the displayed properties, see the iDRAC Online Help.
The SD Card Properties page is displayed. 2. Select or clear the vFLASH Enabled option to enable or disable the vFlash functionality. If any vFlash partition is attached, you cannot disable vFlash and an error message is displayed. NOTE: If vFlash functionality is disabled, SD card properties are not displayed. 3. Click Apply. The vFlash functionality is enabled or disabled based on the selection.
All existing contents are removed and the card is reformatted with the new vFlash system information. If any vFlash partition is attached, the initialize operation fails and an error message is displayed. Initializing vFlash SD card using RACADM To initialize the vFlash SD card using RACADM, use one of the following: • Using vFlashSD command: racadm vflashsd initialize • Using set command: racadm set iDRAC.vflashsd.Initialized 1 All existing partitions are deleted and the card is reformatted.
NOTE: An administrator can perform all operations on the vFlash partitions. Else, you must have Access Virtual Media privilege to create, delete, format, attach, detach, or copy the contents for the partition.
• An initialize operation is being performed on the card. Creating an empty partition using RACADM To create a 20 MB empty partition: 1. Open a telnet, SSH, or Serial console to the system and log in. 2. Enter the command: racadm vflashpartition create -i 1 -o drive1 -t empty -e HDD -f fat16 -s 20 A 20 MB empty partition in FAT16 format is created. By default, an empty partition is created as readwrite.
• An initialize operation is already being performed on the card. Creating a partition from an image file using RACADM To create a partition from an image file using RACADM: 1. Open a telnet, SSH, or Serial console to the system and log in. 2. Enter the command: racadm vflashpartition create –i 1 –o drive1 –e HDD –t image –l //myserver/sharedfolder/foo.iso –u root –p mypassword A new partition is created. By default, the created partition is read-only.
Viewing available partitions using RACADM To view the available partitions and their properties using RACADM: 1. Open a Telnet, SSH, or Serial console to the system and log in. 2.
– To change a read-write partition to read-only: racadm config –g cfgvflashpartition –i 1 –o cfgvflashPartitionAccessType 0 • Using set command to change the read-write state of the partition: – To change a read-only partition to read-write: racadm set iDRAC.vflashpartition..AccessType 1 – To change a read-write partition to read-only: racadm set iDRAC.vflashpartition..AccessType 0 • Using set command to specify the Emulation type: racadm set iDRAC.vflashpartition..
racadm config –g cfgvflashpartition –i 1 –o cfgvflashPartitionAttachState 1 – To detach a partition: racadm config –g cfgvflashpartition –i 1 –o cfgvflashPartitionAttachState 0 • Using set command: – To attach a partition: racadm set iDRAC.vflashpartition..AttachState 1 – To detach a partition: racadm set iDRAC.vflashpartition..
Deleting existing partitions using RACADM To delete partitions: 1. Open a telnet, SSH, or Serial console to the system and log in. 2. Enter the following commands: • To delete a partition: racadm vflashpartition delete -i 1 • To delete all partitions, re-initialize the vFlash SD card. Downloading partition contents You can download the contents of a vFlash partition in the .img or .iso format to the: • Managed system (where iDRAC is operated from) • Network location mapped to a management station.
NOTE: If the attached vFlash partition(s) are not listed in the First Boot Device drop-down menu, make sure that the BIOS is updated to the latest version. Booting to a partition using RACADM To set a vFlash partition as the first boot device, use cfgServerInfo. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. NOTE: When you run this command, the vFlash partition label is automatically set to boot once— cfgserverBootOnce is set to 1.
Using SMCLP 18 The Server Management Command Line Protocol (SMCLP) specification enables CLI-based systems management. It defines a protocol for management commands transmitted over standard character oriented streams. This protocol accesses a Common Information Model Object Manager (CIMOM) using a human-oriented command set. The SMCLP is a sub-component of the Distributed Management Task Force (DMTF) SMASH initiative to streamline systems management across multiple platforms.
Running SMCLP commands You can run the SMCLP commands using SSH or Telnet interface. Open an SSH or Telnet interface and log in to iDRAC as an administrator. The SMCLP prompt (admin ->)is displayed. SMCLP prompts: • yx1x blade servers use -$. • yx1x rack and tower servers use admin->. • yx2x blade, rack, and tower servers use admin->. where, y is an alpha-numeric character such as M (for blade servers), R (for rack servers), and T (for tower servers) and x is a number.
Verb Definition load Moves a binary image to a specified target address from a URL The following table provides a list of targets. Table 32.
Target Definitions admin1/system1/sp1/capabilities1/ rolemgtcap* Local Role Based Management capabilities admin1/system1/sp1/capabilities/ PwrutilmgtCap1 Power utilization management capabilities admin1/system1/sp1/capabilities1/ elecap1 Authentication capabilities admin1/system1/sp1/settings1 Service Processor settings collection admin1/system1/sp1/settings1/ clpsetting1 CLP service settings data admin1/system1/sp1/clpsvc1 CLP service protocol service admin1/system1/sp1/clpsvc1/clpendpt* CLP
Target Definitions admin1/system1/sp1/rolesvc2/Role1-3 IPMI role admin1/system1/sp1/rolesvc2/Role4 IPMI Serial Over LAN (SOL) role admin1/system1/sp1/rolesvc3 CLP RBA Service admin1/system1/sp1/rolesvc3/Role1-3 CLP role admin1/system1/sp1/rolesvc3/Role1-3/ privilege1 CLP role privilege Related Links Running SMCLP commands Usage examples Navigating the map address space Objects that can be managed with SM-CLP are represented by targets arranged in a hierarchical space called the Manageability Ac
show –d properties=(userid,name) /admin1/system1/sp1/account1 If you only want to show one property, you can omit the parentheses. Using the -level option The show -level option executes show over additional levels beneath the specified target. To see all targets and properties in the address space, use the -l all option. Using the -output option The -output option specifies one of four formats for the output of SM-CLP verbs: text, clpcsv, keyword, and clpxml.
• To reboot the server: reset /system1 The following message is displayed: system1 has been reset successfully SEL management The following examples show how to use the SMCLP to perform SEL-related operations on the managed system.
Commands: cd show help exit version • To view the SEL record: show/system1/logs1/log1 The following output is displayed: /system1/logs1/log1/record4 Properties: LogCreationClassName= CIM_RecordLog CreationClassName= CIM_LogRecord LogName= IPMI SEL RecordID= 1 MessageTimeStamp= 20050620100512.
Map target navigation The following examples show how to use the cd verb to navigate the MAP. In all examples, the initial default target is assumed to be /. Type the following commands at the SMCLP command prompt: • To navigate to the system target and reboot: cd system1 reset The current default target is /. • To navigate to the SEL target and display the log records: cd system1 cd logs1/log1 show • To display current target: type cd . • To move up one level: type cd ..
Using iDRAC Service Module 19 The iDRAC Service Module is a software application that is recommended to be installed on the server (it is not installed by default). It complements iDRAC with monitoring information from the operating system. It does not have an interface but, complements iDRAC by providing additional data to work with iDRAC interfaces such as the Web interface, RACADM, and WSMAN.
• • • • • • View operating system (OS) information Replicate Lifecycle Controller logs to operating system logs Perform automatic system recovery options Populate Windows Management Instrumentation (WMI) Management Providers Integrate with Technical Support Report. This is applicable only if iDRAC Service Module Version 2.0 or later is installed. For more information, see Generating tech support report. Prepare to Remove NVMe PCIe SSD. For more information, see Idracug_preparing to remove nvme pcie ssd.
timer that continuously counts down. The Health Monitor frequently reloads the counter to prevent it from counting down to zero. If the ASR counts down to zero, it is assumed that the operating system has locked up and the system automatically attempts to reboot. You can perform automatic system recovery operations such as reboot, power cycle, or power off the server after a specified time interval. This feature is enabled only if the operating system watchdog timer is disabled.
CIM Interface Get references of an instance WinRM WMIC PowerShell nt? CreationClassName= DCIM_Account +Name=iDRAC.Embedd ed.1#Users. 1+SystemCreationCl assName=DCIM_SPCom puterSystem +SystemName=system mc} ed.1#Users.2' ASSOC DRAC.Embedded. 1#Users. 2',SystemCreationC lassName='DCIM_SPC omputerSystem',Sys temName='systemmc' }" -namespace root/cimv2/dcim winrm e wmi/root/ cimv2/dcim/* dialect:associatio n –associations filter: {object=DCIM_Accou nt? CreationClassName= DCIM_Account +Name=iDRAC.
3. • Connection status of the iDRAC Service Module with iDRAC. To perform out-of-band monitoring functions, select one or more of the following options: • OS Information — View the operating system information. • Replicate Lifecycle Log in OS Log — Include Lifecycle Controller logs to operating system logs. This option is disabled if OpenManage Server Administrator is installed on the system. • WMI Information — Include WMI information.
20 Using USB port for server management In Dell PowerEdge 12th generation servers, all USB ports are dedicated to the server. With the 13th generation of servers, one of the front panel USB port is used by iDRAC for management purposes such as pre-provisioning and troubleshooting. The port has an icon to indicate that it is a management port. All 13th generation servers with LCD panel support this feature. This port is not available in a few of the 200-500 model variations without the LCD panel.
Management LED (if present) turns green and remains ON for two seconds. 4. Wait for the IP address to be assigned to the laptop (169.254.0.4) and iDRAC (169.254.0.3). This may take several seconds. 5. Start using iDRAC network interfaces such as Web interface, RACADM, or WS-Man. 6. When iDRAC is using the USB port, LED blinks indicating activity. Blink frequency is four per second. 7. After using, disconnect the cable. The LED turns off.
• Device is automatically switched from iDRAC to OS. • Device is ejected from iDRAC or OS When a device exceeds its power requirements as allowed by USB specification, the device is detached and an over-current event is generated with the following properties: • Category : System Health • Type: USB device • Severity: Warning • Allowed notifications: Email, SNMP trap, remote syslog and WS-Eventing. • Actions: None.
• To set up over current alert configuration: racadm eventfilters For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/esmmanuals.com. Configuring USB management port using iDRAC settings utility To configure the USB port: 1. In the iDRAC Settings Utility, go to Media and USB Port Settings. The iDRAC Settings Media and USB Port Settings page is displayed. 2. 3.
Configuration XML import Host control Instruction EndHostPowerState On On,Off InstructionRow>
• Blinking green – When the job is in-progress. • Solid green – When the job has completed successfully. Logs and results file The following information is logged for the import operation: • Automatic import from USB is logged in the Lifecycle Controller log file. • If the USB device is left inserted, the job results are recorded in the Results file located in the USB key. A Result file named Results.
Using iDRAC Quick Sync 21 A few Dell 13th generation PowerEdge servers have the Quick Sync bezel that supports the Quick Sync feature. This feature enables at-the-server management with a mobile device. This allows you to view inventory and monitoring information and configure basic iDRAC settings (such as root credential setup and configuration of the first boot device) using the mobile device. You can configure iDRAC Quick Sync access for your mobile device (example, OpenManage Mobile) in iDRAC.
Configuring iDRAC Quick Sync Using iDRAC web interface or RACADM, you can configure iDRAC Quick Sync feature to allow access to the mobile device: • Access — You can specify any of the following options to configure the access state of iDRAC Quick Sync feature: – Read-Write — Default status. – Read-write access – Allows you to configure the basic iDRAC settings. – Read-only access – Allows you to view inventory and monitoring information.
Configuring iDRAC Quick Sync settings using iDRAC settings utility To configure iDRAC Quick Sync: 1. In the iDRAC Settings Utility, go to Front Panel Security. The iDRAC Settings Front Panel Security page is displayed. 2. In the iDRAC Quick Sync section: • Specify the access level. • Enable Timeout. • Specify the User Defined Timeout Limit (15 seconds to 3600 seconds). For more information about the fields, see the iDRAC Online Help. 3. Click Back, click Finish, and then click Yes.
Deploying operating systems 22 You can use any of the following utilities to deploy operating systems to managed systems: • Virtual Media Command Line Interface (CLI) • Virtual Media Console • Remote File Share Related Links Deploying operating system using VMCLI Deploying operating system using remote file share Deploying operating system using virtual media Deploying operating system using VMCLI Before you deploy the operating system using the vmdeploy script, make sure that: • VMCLI utility is
3. Open a command prompt with administrator privileges and run the vmdeploy script: vmdeploy.bat -r -u -p [ -f { | < device-name>} | -c { |} ] [-i ] NOTE: vmdeploy does not support IPv6, since IPv6 does not support the IPMI tool. NOTE: The vmdeploy script processes the -r option slightly differently than the vmcli -r option.
• Network share contains drivers and operating system bootable image file, in an industry standard format such as .img or .iso. NOTE: While creating the image file, follow standard network-based installation procedures, and mark the deployment image as read-only to make sure that each target system boots and executes the same deployment procedure. To deploy an operating system using RFS: 1. Using Remote File Share (RFS), mount the ISO or IMG image file to the managed system through NFS or CIFS. 2.
If you update the iDRAC firmware from version 1.30.30 to 1.50.50 firmware while there is an active RFS connection and the Virtual Media Attach Mode is set to Attach or Auto Attach, the iDRAC attempts to reestablish the RFS connection after the firmware upgrade is completed and the iDRAC reboots. If you update the iDRAC firmware from version 1.30.30 to 1.50.
For RHEL, the CD device (.iso virtual device) is /dev/scd0 and floppy device (.img virtual device) is /dev/sdc. For SLES, the CD device is /dev/sr0 and the floppy device is /dev/sdc. To make sure that the correct device is used (for either SLES or RHEL), when you connect the virtual device, on the Linux OS you must immediately run the command: tail /var/log/messages | grep SCSI This displays the text that identifies the device (example, SCSI device sdc).
2. 3. 4. • Attach the operating system image. Select the drive on the management station with the required image to map it. Use one of the following methods to boot to the required device: • Set the boot order to boot once from Virtual Floppy or Virtual CD/DVD/ISO using the iDRAC Web interface. • Set the boot order through System Setup → System BIOS Settings by pressing during boot. Reboot the managed system and follow the on-screen instructions to complete the deployment.
Either of the two SD cards can be the master. For example, if two new SD cards are installed in the IDSDM, SD1 is active (master) card and SD2 is the standby card. The data is written on both the cards, but the data is read from SD1. At any time if SD1 fails or is removed, SD2 automatically become the active (master) card. You can view the status, health, and the availability of IDSDM using iDRAC Web Interface or RACADM.
23 Troubleshooting managed system using iDRAC You can diagnose and troubleshoot a remote managed system using: • Diagnostic console • Post code • Boot and crash capture videos • Last system crash screen • System event logs • Lifecycle logs • Front panel status • Trouble indicators • System health Related Links Using diagnostic console Scheduling remote automated diagnostics Viewing post codes Viewing boot and crash capture videos Viewing logs Viewing last system crash screen Viewing front
Scheduling remote automated diagnostics You can remotely invoke automated offline diagnostics on a server as a one-time event and return the results. If the diagnostics require a reboot, you can reboot immediately or stage it for a subsequent reboot or maintenance cycle (similar to updates). When diagnostics are run, the results are collected and stored in the internal iDRAC storage. You can then export the results to an NFS or CIFS network share using the diagnostics export racadm command.
Scheduling remote automated diagnostics using RACADM To run the remote diagnostics and save the results on the local system, use the following command: racadm diagnostics run -m -r -s -e To export the last run remote diagnostics results, use the following command: racadm diagnostics export -f -l -u -p For more information about the options, see the iDRAC8 RACADM Command Line Interface Reference Guide ava
• 3. Capture until buffer full — Boot sequence is captured until the buffer size has reached. • Capture until end of POST — Boot sequence is captured until end of POST. Click Apply to apply the settings. Viewing logs You can view System Event Logs (SELs) and Lifecycle logs. For more information, see Viewing System Event Log and Viewing Lifecycle log . Viewing last system crash screen The last crash screen feature captures a screenshot of the most recent system crash, saves, and displays it in iDRAC.
panel), then both Hide Error and UnHide Error is grayed-out. You can hide or unhide the errors only for rack and tower servers. To view LCD front panel status using RACADM, use the objects in the System.LCD group. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/ support/manuals.
CAUTION: You should only perform troubleshooting and simple repairs as authorized in your product documentation, or as directed by online or telephone service and support team. Damage due to servicing that is not authorized by Dell is not covered by your warranty. Read and follow the safety instructions that came with the product.
The report is generated in the standard ZIP format.
• Hardware • OS and Application Data NOTE: While specifying the network share settings, it is recommended to avoid special characters for user name and password or percent encode the special characters. • Click Advanced Export Options to select the following additional options: – RAID Controller Log – Enable Report Filtering under OS and Application Data Based on the options selected, the time taken to collect the data is displayed next to these options. 3.
Linux Operating System Command to Check the IPMI Service Status Command to Start the IPMI Service $ systemctl status ipmi.service $ systemctl start ipmi.service Oracle Linux 6.4 Red Hat Enterprise Linux 7 NOTE: – CentOS is supported only for iDRAC Service Module 2.0 or later. – If the IPMI modules are not present, then you can install the respective modules from the OS distribution media. The service starts once the installation is complete.
7. • For Linux, run Linux_OSCollector_Startup.exe. After the OS collector has completed transferring the data to iDRAC, the USB device is removed automatically by iDRAC. 8. Return to the Tech Support Report page, click the Refresh icon to reflect the new timestamp. 9. To export the data, under Export Location, select Local or Network. 10. If you have selected Network, enter the network location details. 11.
Before performing system erase, make sure that: • You have iDRAC Server Control privilege. • Lifecycle Controller is enabled. The Lifecycle Controller Data option erases any content such as the LC Log, configuration database, rollback firmware, factory as-shipped logs, and the configuration information from the FP SPI (or management riser). NOTE: The Lifecycle Controller log contains the information about the system erase request and any information generated when the iDRAC restarts.
Frequently asked questions 24 This section lists the frequently asked questions for the following: • System Event Log • Network security • Active Directory • Single Sign On • Smart card login • Virtual console • Virtual media • vFlash SD card • SNMP authentication • Storage devices • iDRAC Service Module • RACADM • Miscellaneous System Event Log While using iDRAC Web interface through Internet Explorer, why does SEL not save using the Save As option? This is due to a browser sett
Network security While accessing the iDRAC Web interface, a security warning appears stating that the SSL certificate issued by the Certificate Authority (CA) is not trusted. iDRAC includes a default iDRAC server certificate to ensure network security while accessing through the Web-based interface and remote RACADM. This certificate is not issued by a trusted CA. To resolve this, upload a iDRAC server certificate issued by a trusted CA (for example, Microsoft Certificate Authority, Thawte or Verisign).
– The Active Directory Enabled option is selected on the Active Directory Configuration and Management page. – The DNS setting is correct on the iDRAC Networking configuration page. – The correct Active Directory root CA certificate is uploaded to iDRAC if certificate validation was enabled. – The iDRAC name and iDRAC Domain name matches the Active Directory environment configuration if you are using extended schema.
This must be the host name (FQDN) or the IP address of the domain controller(s) that serves the domain in which the iDRAC object resides. When to configure Global Catalog Address(es)? If you are using standard schema and the users and role groups are from different domains, Global Catalog Address(es) are required. In this case, you can use only Universal Group. If you are using standard schema and all the users and role groups are in the same domain, Global Catalog Address(es) are not required.
• Security — Security groups allow you to manage user and computer access to shared resources and to filter group policy settings. • Distribution — Distribution groups are intended to be used only as email distribution lists. Always make sure that the group type is Security. You cannot use distribution groups to assign permission on any object, however use them to filter group policy settings. Single Sign-On SSO login fails on Windows Server 2008 R2 x64.
7. Navigate to HKEY_LOCAL_MACHINE → System → CurrentControlSet → Control → LSA . 8. In the right-pane, right-click and select New → DWORD (32-bit) Value. 9. Name the new key as SuppressExtendedProtection. 10. Right-click SuppressExtendedProtection and click Modify. 11. In the Value data field, type 1 and click OK. 12. Close the Registry Editor window. You can now log in to iDRAC using SSO.
It gives a local user an opportunity to take any action before the video is switched off. Is there a time delay when turning on the local video? No, after a local video turn ON request is received by iDRAC, the video is turned on instantly. Can the local user also turn off or turn on the video? When the local console is disabled, the local user cannot turn off or turn on the video. Does switching off the local video also switch off the local keyboard and mouse? No.
Before starting a Virtual Console session, make sure that the correct mouse is selected for your operating system. Make sure that the Single Cursor option under Tools in the iDRAC Virtual Console menu is selected on iDRAC Virtual Console client. The default is two cursor mode. Can a keyboard or mouse be used while installing a Microsoft operating system remotely through the Virtual Console? No.
You may see this message because a parameter necessary to capture video is beyond the range for which the iDRAC can capture the video. Parameters such as display resolution or refresh rate too high causes an out of range condition. Normally, physical limitations such as video memory size or bandwidth sets the maximum range of parameters. When starting a Virtual Console session from iDRAC web interface, why is an ActiveX security popup displayed? iDRAC may not be in the trusted site list.
1. Activate the magic key function on the remote Linux server. You can use the following command to activate it on the Linux terminal: echo 1 > /proc/sys/kernel/sysrq 2. Activate the keyboard pass-through mode of Active X Viewer. 3. Press Ctrl + Alt +Print Screen. 4. Release only Print Screen. 5. Press Print Screen+Ctrl+Alt. NOTE: The SysRq feature is currently not supported with Internet Explorer and Java.
iDRAC allows you to boot from the following bootable media: • CDROM/DVD Data media • ISO 9660 image • 1.44 Floppy disk or floppy image • A USB key that is recognized by the operating system as a removable disk • A USB key image How to make the USB key a bootable device? You can also boot with a Windows 98 startup disk and copy system files from the startup disk to the USB key.
6. At the Linux prompt, run the following command: mount /dev/sdx /mnt/CD where: /dev/sdx is the device name found in step 4 and /mnt/floppy is the mount point. Why are the virtual drives attached to the server removed after performing a remote firmware update using the iDRAC web interface? Firmware updates cause the iDRAC to reset, drop the remote connection, and unmount the virtual drives. The drives reappear when iDRAC reset is complete.
vFlash SD card When is the vFlash SD card locked? The vFlash SD card is locked when an operation is in-progress. For example, during an initialize operation. SNMP authentication Why is the message 'Remote Access: SNMP Authentication Failure' displayed? As part of discovery, IT Assistant attempts to verify the get and set community names of the device. In IT Assistant, you have the get community name = public and the set community name = private.
NOTE: Use the systemctl status dcismeng.service command instead of the init.d command to check if the iDRAC Service Module is installed on Red Hat Enterprise Linux 7 operating system. How to check the version number of the iDRAC Service Module installed in the system? To check the version of the iDRAC Service Module in the system, do any of the following: • Click Start → Control Panel → Programs and Features. The version of the installed iDRAC Service Module is listed in the Version tab.
• Change the iDRAC USBNIC address on a unique destination mask. • Delete the entries that are not required from the routing table to make sure that USB NIC is chosen by route when the host wants to reach the iDRAC USB NIC IPv4 address. On iDRAC Service Module version 2.0 and earlier, when uninstalling iDRAC Service Module from a VMware ESXi server, the virtual switch is named as vSwitchiDRACvusb and port group as iDRAC Network on the vSphere client.
RACADM After performing an iDRAC reset (using the racadm racreset command), if any command is issued, the following message is displayed. What does this indicate? ERROR: Unable to connect to RAC at specified IP address The message indicates that you must wait until the iDRAC completes the reset before issuing another command. When using RACADM commands and subcommands, some errors are not clear.
This occurs because the create partition operation is in-progress. However, the partition is deleted after sometime and a message that the partition is deleted is displayed. If not, wait until the create partition operation is completed and then delete the partition.
From iDRAC web Interface: Go to Overview → Server → Properties → Summary. The System Summary page displays the iDRAC IP address. From Local RACADM: Use the command racadm getsysinfo. From LCD: On the physical server, use the LCD panel navigation buttons to view the iDRAC IP address. Go to Setup View → View → iDRAC IP → IPv4 or IPv6 → IP.
• Memory is not installed or is inaccessible. • CPU is not installed or is inaccessible • Video riser card is missing or not connected properly. Also, see error messages in iDRAC log using iDRAC web interface or from the server LCD.
Use case scenarios 25 This section helps you in navigating to specific sections in the guide to perform typical use case scenarios. Troubleshooting an inaccessible managed system After receiving alerts from OpenManage Essentials, Dell Management Console, or a local trap collector, five servers in a data center are not accessible with issues such as hanging operating system or server. Need to identify the cause to troubleshoot and bring up the server using iDRAC.
Inventorying and monitoring storage devices Using iDRAC Service Module Obtaining system information and assess system health To obtain system information and assess system health: • In iDRAC Web interface, go to Overview → Server → System Summary to view the system information and access various links on this page to asses system health. For example, you can check the health of the chassis fan. • You can also configure the chassis locator LED and based on the color, assess the system health.
• CMC Web interface • Lifecycle Controller–Remote Services • Lifecycle Controller • Dell Remote Access Configuration Tool (DRACT) Performing graceful shutdown To perform graceful shutdown, in iDRAC Web interface, go to one of the following locations: • Overview → Server → Power/Thermal → Power Configuration → Power Control. The Power Control page is displayed. Select Graceful Shutdown and click Apply. • Overview → Server → Power/Thermal → Power Monitoring.
Managing rack density Suppose two servers are installed in a rack. To add two additional servers, need to determine how much capacity is left in the rack. To assess the capacity of a rack to add additional servers: 1. View the current power consumption data and historical power consumption data for the servers. 2. Based on the data, power infrastructure and cooling system limitations, enable the power cap policy and set the power cap values.