User’s Guide Managed Rack Power Distribution Unit
Contents Introduction--1 Product Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Establishing Network Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Recovering from a Lost Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Command Line Interface--15 About the Command Line Interface . . . . . . . . . . . . . . . . . . .
Resetting Peak Load and kWh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 Configure and Control Outlet Groups . . . . . . . . . . . . . . . . . . . . . . . . 98 Outlet Settings for Outlets and Outlet Groups . . . . . . . . . . . . . . . . . 108 Scheduling Outlet Actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112 Outlet Manager Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Administration: General Options--167 Identification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167 Set the Date and Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168 Use an .ini File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170 Event Log and Temperature Units . . . . . . . . . . . . . . . . . . . . . . . . . . 171 Reset the Rack PDU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Command Line Interface Access and Security . . . . . . . . . . . . . . . . . 220 Telnet and Secure Shell (SSH) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221 Web Interface Access and Security: HTTP and HTTPS (with SSL) . . 222 Supported RADIUS Functions and Servers . . . . . . . . . . . . . . . . . . . 225 Configure the Rack PDU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226 Configure the RADIUS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Introduction Product Features You can manage a Rack PDU through its Web interface, its command line interface (CLI), or Simple Network Management Protocol (SNMP): Managed Rack PDU USER’S GUIDE The Dell® Managed Rack Power Distribution Unit (PDU) is a stand-alone, networkmanageable power distribution device. The Rack PDU provides real-time remote monitoring of connected loads. User-defined alarms warn of potential circuit overloads.
• Up to twenty-four independent outlet user accounts. • Event and data logging. The event log is accessible by Telnet, Secure CoPy (SCP), File Transfer Protocol (FTP), serial connection, or Web browser (using HTTPS access with SSL, or using HTTP access). The data log is accessible by Web browser, SCP, or FTP. • E-mail notifications for Rack PDU and system events. • SNMP traps, Syslog messages, and e-mail notifications based on the severity level or category of the Rack PDU and system events.
Types of user accounts The Rack PDU has four levels of access (Administrator, Device User, Read-Only User, and Outlet User), which are protected by user name and password requirements. • An Administrator can use all of the menus in the Web interface and all of the commands in the command line interface. The default user name and password are both admin.
• An Outlet User has the following restricted access: – Access through the Web interface and command line interface. – Access to the same menus as a Device User, but with limited capability to change configurations, control devices, delete data, or use file transfer options. Links to configuration options are visible but are disabled. The Outlet User has access to the Outlet Control menu option that allows the user to control the outlets assigned by the Administrator.
Establishing Network Settings You must configure the following TCP/IP settings before the Rack PDU can operate on a network: • IP address of the Rack PDU • Subnet mask If a default gateway is unavailable, use the IP address of a computer that is located on the same subnet as the Rack PDU and that is usually running. The Rack PDU uses the default gateway to test the network when traffic is very light. Managed Rack PDU USER’S GUIDE • Default gateway Do not use the loopback address (127.0.0.
BOOTP and DHCP configuration The default TCP/IP configuration setting, DHCP, assumes that a properly configured DHCP server is available to provide TCP/IP settings to Rack PDUs. You can also configure the setting for BOOTP. A user configuration (INI) file can function as a BOOTP or DHCP boot file. For more information, see Use an .ini File. In the BOOTPTAB file of the BOOTP server, enter the Rack PDU’s MAC address, IP address, subnet mask, and default gateway, and, optionally, a bootup file name.
DHCP. You can use an RFC2131/RFC2132-compliant DHCP server to configure the TCP/IP settings for the Rack PDU. This section summarizes the Rack PDU’s communication with a DHCP server. For more detail about how a DHCP server can configure the network settings for a Rack PDU, see DHCP response options. 1.
Note: By selecting the Require vendor specific cookie to accept DHCP Address check box in the Web interface, you can require the DHCP server to provide a vendor cookie, which supplies information to the Rack PDU Administration > Network>TCP/IP>ipv4 settings. Command Line Interface 1. Log on to the command line interface. See Logging on to the Command Line Interface. 3. Use these three commands to configure network settings. (Text in italics indicates a variable.) a.
Recovering from a Lost Password You can use a local computer (a computer that connects to the Rack PDU or other device through the serial port) to access the command line interface. 1. Select a serial port at the local computer, and disable any service that uses that port. 2. Connect the provided serial cable to the selected port on the computer and to the Serial port at the Rack PDU. 4. Press ENTER, repeatedly if necessary, to display the User Name prompt.
Managed Rack PDU USER’S GUIDE 8. Type quit or exit to log off, reconnect any serial cable you disconnected, and restart any service you disabled.
pdu0536a Managed Rack PDU USER’S GUIDE Rack PDU Front Panel Item Function 1 Dry contact inputs Connector for two dry contact devices. 2 Phase LEDs Note: for single-phase Rack PDUs, only one LED is present. When no alarms are present, the LED display shows a phase current, and a green Phase LED indicates for which phase. The system automatically cycles through each phase, displaying the phase current for three seconds.
Managed Rack PDU USER’S GUIDE Item Function 4 Function button • To manually display the current for each phase, repeatedly press the button. The current displays for 30 seconds or until you press the button again. (This functionality is not available for single-phase Rack PDUs.) • To display the IP address, press and hold for five seconds until IP appears; then release. On the LED display, the address will appear two digits at a time and then the cycle will repeat.
Managed Rack PDU USER’S GUIDE Network Status LED Condition Description Off One of the following situations exists: • The Rack PDU is not receiving input power. • The Rack PDU is not operating properly. It may need to be repaired or replaced. Solid Green The Rack PDU has valid TCP/IP settings. Flashing Green The Rack PDU does not have valid TCP/IP settings. Solid Orange A hardware failure has been detected in the Rack PDU. Flashing Orange The Rack PDU is making BOOTP requests.
Managed Rack PDU USER’S GUIDE 10/100 LED Condition Description Off One or more of the following situations exists: • The Rack PDU is not receiving input power. • The cable that connects the Rack PDU to the network is disconnected or defective. • The device that connects the Rack PDU to the network is turned off. • The Rack PDU itself is not operating properly. It may need to be repaired or replaced. Solid green The Rack PDU is connected to a network operating at 10 Megabits per second (Mbps).
Command Line Interface About the Command Line Interface Managed Rack PDU USER’S GUIDE You can use the command line interface to view the status of and manage the Rack PDU. In addition, the command line interface enables you to create scripts for automated operation. An Administrator has full access to the command line interface, a Device user and Outlet user have limited access, and a Read-Only user is completely restricted. (For additional details, see Types of user accounts.
Telnet for basic access. Telnet provides the basic security of authentication by user name and password, but not the high-security benefits of encryption. 1 . From a computer on the same network as the Rack PDU, at a command prompt, type telnet and the IP address for the Rack PDU (for example, telnet 139.225.6.133, when the Rack PDU uses the default Telnet port of 23), and press ENTER.
Local access to the command line interface For local access, use a computer that connects to the Rack PDU through the serial port to access the command line interface: 1 . Select a serial port at the computer and disable any service that uses that port. 2 . Connect the supplied serial cable from the selected serial port on the computer to the serial port on the Rack PDU. 3 . Run a terminal program (e.g.
About the Main Screen Following is an example of the main screen, which is displayed when you log on to the command line interface of a Rack PDU: cli> Managed Rack PDU USER’S GUIDE Dell Corporation Network Management Card AOS vx.x.x (c)Copyright 2009 All Rights Reserved RPDUD PPPP vx.x.
Main screen information fields: • Two fields identify the operating system (AOS) and application (APP) firmware versions. The application firmware name identifies the type of device that connects to the network. In the preceding example, the application firmware for the Rack PDU is displayed. Network Management Card AOS vx.x.x RPDUD vx.x.x • Three fields identify the system name, contact person, and location of the Rack PDU. (In the control console, use the System menu to set these values.
• A Stat field reports the Rack PDU status. Managed Rack PDU USER’S GUIDE Stat : P+ N+ A+ P+ The Dell operating system is functioning properly. IPv4 only IPv6 only IPv4 and IPv6* Description N+ N+ N4+ N6+ The network is functioning properly. N? N6? N4? N6? A BOOTP request cycle is in progress. N– N6– N4- N6- The Rack PDU failed to connect to the network. N! N6! N4! N6! Another device is using the Rack PDU IP address.
Using the Command Line Interface At the command line interface, use commands to configure the Rack PDU. To use a command, type the command and press ENTER. Commands and arguments are valid in lowercase, uppercase, or mixed case. Options are case-sensitive. While using the command line interface, you can also do the following: • To obtain information about the purpose and syntax of a specified command, type the command, a space, and ? or the word help.
Item Description - Options are preceded by a hyphen. <> Definitions of options are enclosed in angle brackets. For example: -dp [] If a command accepts multiple options or an option accepts mutually exclusive arguments, the values may be enclosed in brackets. | A vertical line between items enclosed in brackets or angle brackets indicates that the items are mutually exclusive. You must use one of the items.
Example of a command that accepts mutually exclusive arguments for an option: alarmcount -p [all | warning | critical] In this example, the option -p accepts only three arguments: all, warning, or critical. For example, to view the number of active critical alarms, type: alarmcount -p critical The command will fail if you type an argument that is not specified.
Network Management Card Command Descriptions ? Access: Administrator, Device User, Outlet User Description: View a list of all the CLI commands available to your account type. To view help text for a specific command, type the command followed by a question mark. alarmcount ? Managed Rack PDU USER’S GUIDE Example: To view a list of options that are accepted by the alarmcount command, type: about Access: Administrator, Device User, Outlet User Description: View hardware and firmware information.
alarmcount Access: Administrator, Device User, Outlet User Option Arguments Description -p all View the number of active alarms reported by the Rack PDU. Information about the alarms is provided in the event log. warning View the number of active warning alarms. critical View the number of active critical alarms.
boot Access: Administrator only Managed Rack PDU USER’S GUIDE Description: Define how the Rack PDU will obtain its network settings, including the IP address, subnet mask, and default gateway. Then configure the BOOTP or DHCP server settings. Option Argument Description -b dhcp | bootp | manual Define how the TCP/IP settings will be configured when the Rack PDU turns on, resets, or restarts. See TCP/IP and Communication Settings for information about each boot mode setting.
cd Access: Administrator, Device User, Outlet User Description: Navigate to a folder in the directory structure of the Rack PDU. Example 1: To change to the ssh folder and confirm that an SSH security certificate was uploaded to the Rack PDU: 1 . Type cd ssh and press ENTER. 2 . Type dir and press ENTER to list the files stored in the SSH folder. cd ..
console Access: Administrator only Managed Rack PDU USER’S GUIDE Description: Define whether users can access the command line interface using Telnet, which is enabled by default, or Secure Shell (SSH), which provides protection by transmitting user names, passwords, and data in encrypted form. You can change the Telnet or SSH port setting for additional security. Alternately, disable network access to the command line interface.
date Access: Administrator only Definition: Configure the date used by the Rack PDU. Managed Rack PDU USER’S GUIDE To configure an NTP server to define the date and time for the Rack PDU, see Set the Date and Time. Option Argument Description -d <“datestring”> Configure the current date. Use the date format specified by the date -f command. -t <00:00:00> Configure the current time, in hours, minutes, and seconds. Use the 24-hour clock format. -f mm/dd/yy | dd.mm.
delete Access: Administrator only Description: Delete a file in the file system. Argument Description Type the name of the file to delete. dir Description: View the files and folders stored on the Rack PDU.
dns Access: Administrator only Managed Rack PDU USER’S GUIDE Definition: Configure the manual Domain Name System (DNS) settings. Parameter Argument Description -OM enable | disable Override the manual DNS. -p Set the primary DNS server. -s Set the secondary DNS server. -d Set the domain name. -n Set the domain name IPv6. -h Set the host name.
eventlog Access: Administrator, Device User, Outlet User Managed Rack PDU USER’S GUIDE Description: View the date and time you retrieved the event log, the status of the Rack PDU, and the status of sensors connected to the Rack PDU. View the most recent device events and the date and time they occurred. Use the following keys to navigate the event log: Key Description ESC Close the event log and return to the command line interface. ENTER Update the log display.
FTP Access: Administrator only Option Argument Definition -p Define the TCP/IP port that the FTP server uses to communicate with the Rack PDU (21 by default). The FTP server uses both the specified port and the port one number lower than the specified port. -S enable | disable Configure access to the FTP server. Example: To change the TCP/IP port to 5001, type: Managed Rack PDU USER’S GUIDE Description: Enable or disable access to the FTP server.
netstat Access: Administrator, Device User, Outlet User Description: View the status of the network and all active IPv4 and IPv6 addresses. ntp Access: Administrator Managed Rack PDU USER’S GUIDE Definition: View and configure the network time protocol parameters. Option Argument Definition -OM enable | disable Override the manual settings. -p Specify the primary server. -s Specify the secondary server.
ping Access: Administrator, Device User Description. Determine whether the device with the IP address or DNS name you specify is connected to the network. Four inquiries are sent to the address. Argument Description Type an IP address with the format xxx.xxx.xxx.xxx, or the DNS name configured by the DNS server. ping 150.250.6.10 Managed Rack PDU USER’S GUIDE Example: To determine whether a device with an IP address of 150.250.6.
prompt Access: Administrator, Device User Option Argument Description -s long The prompt includes the account type of the currently logged-in user. short The default setting. The prompt is four characters long: cli> Example: To include the account type of the currently logged-in user in the command prompt, type: Managed Rack PDU USER’S GUIDE Description: Configure the command line interface prompt to include or exclude the account type of the currently logged-in user.
radius Access: Administrator only Description: View the existing RADIUS settings, enable or disable RADIUS authentication, and configure basic authentication parameters for up to two RADIUS servers. Additional authentication parameters for RADIUS servers are available at the Web interface of the Rack PDU. See RADIUS for more information. For detailed information about configuring your RADIUS server, see Appendix B: Security Handbook.
Option Argument Description -s1 -s2 The shared secret between the primary or secondary RADIUS server and the Rack PDU. -t1 -t2 The time in seconds that the Rack PDU waits for a response from the primary or secondary RADIUS server. Example 1: Example 2: To enable RADIUS and local authentication, type: radius -a radiusLocal Managed Rack PDU USER’S GUIDE To view the existing RADIUS settings for the Rack PDU, type radius and press ENTER.
resetToDef Access: Administrator only Description: Option Arguments Description -p all | keepip Reset all configuration changes, including event actions, device settings, and, optionally, TCP/IP configuration settings. resetToDef -p keepip snmp, snmpv3 Managed Rack PDU USER’S GUIDE Example: To reset all of the configuration changes except the TCP/IP settings for the Rack PDU, type: Access: Administrator only Description: Enable or disable SNMP 1 or SNMP 3.
system Access: Administrator only Managed Rack PDU USER’S GUIDE Description: View and set the system name, the contact, the location and view up time as well as the date and time, the logged-on user, and the high-level system status P, N, A (see About the Main Screen for more information about system status). Option Argument Description -n -c Define the device name, the name of the person responsible for the device, and the physical location of the device.
tcpip Access: Administrator only Managed Rack PDU USER’S GUIDE Description: View and manually configure these network settings for the Rack PDU: Option Argument Description -i Type the IP address of the Rack PDU, using the format xxx.xxx.xxx.xxx -s Type the subnet mask for the Rack PDU. -g Type the IP address of the default gateway. Do not use the loopback address (127.0.0.1) as the default gateway.
tcpip6 Access: Administrator only Managed Rack PDU USER’S GUIDE Description: Enable IPv6 and view and manually configure these network settings for the Rack PDU: Option Argument Description -S enable | disable Enable or disable IPv6. -man enable | disable Enable manual addressing for the IPv6 address of the Rack PDU. -auto enable | disable Enable the Rack PDU to automatically configure the IPv6 address. -i Set the IPv6 address of the Rack PDU.
user Access: Administrator only Description: Configure the user name, password, and inactivity timeout for the Administrator, Device User, and Read-Only User account types. Managed Rack PDU USER’S GUIDE For information on the permissions granted to each account type, see Types of user accounts. Option Argument Description -an -dn -rn Set the case-sensitive user name for each account type. The maximum length is 10 characters.
web Access: Administrator only Description: Enable access to the Web interface using HTTP or HTTPS. For additional security, you can change the port setting for HTTP and HTTPS to any unused port from 5000 to 32768. Users must then use a colon (:) in the address field of the browser to specify the port number. For example, for a port number of 5000 and an IP address of 152.214.12.114, type: Managed Rack PDU USER’S GUIDE http://152.214.12.
xferINI Access: Administrator only Description: Use XMODEM to upload an INI file while you are accessing the command line interface through a serial connection. After the upload completes: • If there are any system or network changes, the command line interface restarts and you must log in again.
Device Command Descriptions devLowLoad Access: Administrator, Device User Description: Set or view the low-load threshold in Kilowatts for the device. Example 1: To view the low-load threshold, type: Example 2: To set the low-load threshold to 1 kW, type: Managed Rack PDU USER’S GUIDE cli> devLowLoad E000: Success 0.5 kW cli> devLowLoad 1.0 E000: Success devNearOver Access: Administrator, Device User Description: Set or view the near-overload threshold in kilowatts for the device.
devOverLoad Access: Administrator, Device User Description: Set or view the overload threshold in kilowatts for the device. Example 1: To view the overload threshold, type: Example 2: To set the overload threshold to 25.5 kW, type: cli> devOverLoad 25.5 E000: Success Managed Rack PDU USER’S GUIDE cli> devOverLoad E000: Success 25.
devReading Access: Administrator, Device User Description: View the total power in kilowatts or total energy in kilowatt-hours for the device. Argument Definition power View the total power in kilowatts energy View the total energy in kilowatt-hours cli> devReading power E000: Success 5.2 kW Managed Rack PDU USER’S GUIDE Example 1: To view the total power, type: Example 2: To view the total energy, type: cli> devReading energy E000: Success 200.
devStartDly Access: Administrator, Device User Description: Set or view the amount of time (in seconds) to be added to each outlet’s Power On Delay after power is applied to the Rack PDU. Allowed values are within the range of 1 to 300 seconds or never (never turn on).
humLow Access: Administrator, Device User Description: Set or view the low humidity threshold as a percent of the relative humidity.
humMin Access: Administrator, Device User Description: Set or view the minimum humidity threshold as a percent of the relative humidity. Example 1: To view the minimum humidity threshold, type: Example 2: To set the minimum humidity threshold, type: Managed Rack PDU USER’S GUIDE cli> humMin E000: Success 6 %RH cli> humMin 8 E000: Success humReading Access: Administrator, Device User, Outlet User Description: View the humidity value from the sensor.
inNormal Access: Administrator, Device User Description: View the normal state for each dry contact input. Example: To view the normal state for each dry contact input, type: inReading Access: Administrator, Device User Managed Rack PDU USER’S GUIDE cli> inNormal E000: Success 1: Open 2: Open Description: View the current state of each dry contact input.
olAssignUsr Access: Administrator Managed Rack PDU USER’S GUIDE Description: Assign control of outlets to an outlet user that exists in the local database. Argument Description all All device outlets. The name configured for a specific outlet. (See olName.) A single number or a range of numbers separated with a dash, or a comma-separated list of single outlet numbers and number ranges. A user that exists in the local database. (See userAdd.
olCancelCmd Access: Administrator, Device User, and Outlet User, but only for outlets to which the user is assigned. Argument Description all All device outlets. The name configured for a specific outlet. (See olName.) A single number or a range of numbers separated with a dash, or a comma-separated list of single outlet numbers and number ranges.
olDlyOff Access: Administrator, Device User, and Outlet User, but only for outlets to which the user is assigned. Managed Rack PDU USER’S GUIDE Description: Turns off an outlet or group of outlets after the Power Off Delay (see olOff). Argument Description all All device outlets. The name configured for a specific outlet. (See olName.) A single number or a range of numbers separated with a dash, or a comma-separated list of single outlet numbers and number ranges.
olDlyOn Access: Administrator, Device User, and Outlet User, but only for outlets to which the user is assigned. Managed Rack PDU USER’S GUIDE Description: Turns on an outlet or group of outlets after the Power On Delay (see olOnDelay). Argument Description all All device outlets. The name configured for a specific outlet. (See olName.) A single number or a range of numbers separated with a dash, or a comma-separated list of single outlet numbers and number ranges.
olDlyReboot Access: Administrator, Device User, and Outlet User, but only for outlets to which the user is assigned. Managed Rack PDU USER’S GUIDE Description: Cycles power to an outlet or a group of outlets. The specified outlets will be turned off based on the configured Power Off Delay (see olOffDelay).
olGroups Access: Administrator, Device User, and Outlet User. Description: List the outlet synchronization groups defined on the rack PDU. (see Configure and Control Outlet Groups for more information.) Managed Rack PDU USER’S GUIDE Example: To list outlets synchronization groups, type: cli> olGroups E000: Success Outlet Group A: 159.215.6.141 -> 159.215.6.143 -> Outlet Group B: 159.215.6.141 -> 159.215.6.
olLowLoad Access: Administrator, Device User, and Outlet User, but only for outlets to which the user is assigned. Managed Rack PDU USER’S GUIDE Description: Set or view the outlet low load warning threshold. Argument Description all All device outlets. The name configured for a specific outlet. (See olName.) A single number or a range of numbers separated with a dash, or a comma-separated list of single outlet numbers and number ranges.
olName Access: Administrator, Device User, and Outlet User, but only for outlets to which the user is assigned. Argument Description all All device outlets. A single number or a range of numbers separated with a dash, or a comma-separated list of single outlet numbers and number ranges. The name for a specific outlet. Use only letters and numbers.
olNearOver Access: Administrator, Device User, and Outlet User, but only for outlets to which the user is assigned. Managed Rack PDU USER’S GUIDE Description: Set or view the outlet near overload warning threshold. Argument Description all All device outlets. The name configured for a specific outlet. (See olName.) A single number or a range of numbers separated with a dash, or a comma-separated list of single outlet numbers and number ranges.
olOff Access: Administrator, Device User, and Outlet User, but only for outlets to which the user is assigned. Argument Description all All device outlets. The name configured for a specific outlet. (See olName.) A single number or a range of numbers separated with a dash, or a comma-separated list of single outlet numbers and number ranges.
olOffDelay Access: Administrator, Device User, and Outlet User, but only for outlets to which the user is assigned. Managed Rack PDU USER’S GUIDE Description: Set or view the time delay for the Off Delayed command (see olDlyOff) and for a Reboot Delayed command (see olDlyReboot). Argument Description all All device outlets. The name configured for a specific outlet. (See olName.
olOn Access: Administrator, Device User, and Outlet User, but only for outlets to which the user is assigned. Argument Description all All device outlets. The name configured for a specific outlet. (See olName.) A single number or a range of numbers separated with a dash, or a comma-separated list of single outlet numbers and number ranges.
olOnDelay Access: Administrator, Device User, and Outlet User, but only for outlets to which the user is assigned. Managed Rack PDU USER’S GUIDE Description: Set or view the time delay for the On Delayed command (see olDlyOn) and for a Reboot Delayed command (see olDlyReboot). Argument Description all All device outlets. The name configured for a specific outlet. (See olName.
olOverLoad Access: Administrator, Device User, and Outlet User, but only for outlets to which the user is assigned. Managed Rack PDU USER’S GUIDE Description: Set or view the outlet overload warning threshold. Argument Description all All device outlets. The name configured for a specific outlet. (See olName.) A single number or a range of numbers separated with a dash, or a comma-separated list of single outlet numbers and number ranges.
olRbootTime Access: Administrator, Device User, and Outlet User, but only for outlets to which the user is assigned. Description: Set or view the amount of time an outlet will remain off for a Reboot Delayed command (see olDlyReboot).
olReading Access: Administrator, Device User, and Outlet User, but only for outlets to which the user is assigned. Managed Rack PDU USER’S GUIDE Description: View the current, power, or energy for an outlet or group of outlets. Argument Description all All device outlets. The name configured for a specific outlet. (See olName.) A single number or a range of numbers separated with a dash, or a comma-separated list of single outlet numbers and number ranges.
Example 3: To view the energy for outlet JoesServer, type: cli> olReading joesserver energy E000: Success 6: JoesServer: 7.3 kWh olReboot Access: Administrator, Device User, and Outlet User, but only for outlets to which the user is assigned. Managed Rack PDU USER’S GUIDE Description: Cycle power to an outlet or group of outlets without any delays. If more than one outlet is specified, then those outlets will be cycled together. Argument Description all All device outlets.
olStatus Access: Administrator, Device User, and Outlet User, but only for outlets to which the user is assigned. Argument Description all All device outlets. The name configured for a specific outlet. (See olName.) A single number or a range of numbers separated with a dash, or a comma-separated list of single outlet numbers and number ranges.
olUnasgnUsr Access: Administrator Managed Rack PDU USER’S GUIDE Description: Remove control of outlets from an outlet user that exists in the local database. Argument Description all All device outlets. The name configured for a specific outlet. (See olName.) A single number or a range of numbers separated with a dash, or a comma-separated list of single outlet numbers and number ranges. A user that exists in the local database. (See userList.
phLowLoad Access: Administrator, Device User Description: Set or view the phase low-load threshold in kilowatts. To specify phases, choose from the following options. Type: all, a single phase, a range, or a commaseparated list of phases.
phNearOver Access: Administrator, Device User Description: Set or view the phase near-overload threshold in Kilowatts. To specify phases, choose from the following options. Type: all, a single phase, a range, or a comma-separated list of phases.
phOverLoad Access: Administrator, Device User Description: Set or view the phase overload threshold in kilowatts. To specify phases, choose from the following options. Type: all, a single phase, a range, or a commaseparated list of phases.
phReading Access: Administrator, Device User Description: View the current, voltage, or power for a phase. Set or view the phase near-overload threshold in kilowatts. To specify phases, choose from the following options. Type: all, a single phase, a range, or a comma-separated list of phases.
phRestrictn Access: Administrator Description: Set or view the overload restriction feature to prevent outlets from turning on when the overload alarm threshold is violated. Acceptable arguments are none, near, and over. To specify phases, choose from the following options. Type: all, a single phase, a range, or a comma-separated list of phases.
prodInfo Access: Administrator, Device User, Outlet User Description: View information about the Rack PDU. Managed Rack PDU USER’S GUIDE Example: cli> prodInfo E000: Success AOS vX.X.X.X Managed Rack PDU vX.X.X.
sensorName Access: Administrator, Device User Description: Set or view the name assigned to the Rack PDU temperature/humidity sensor port.
tempHigh Access: Administrator, Device User Description: Set or view the high-temperature threshold in either Fahrenheit or Celsius.
tempMax Access: Administrator, Device User Description: Set or view the max-temperature threshold in either Fahrenheit or Celsius.
tempReading Access: Administrator, Device User, Outlet User Description: View the temperature value in either Fahrenheit or Celsius from the sensor. Example: To view the temperature value in Fahrenheit, type: userAdd Access: Administrator Managed Rack PDU USER’S GUIDE cli> tempReading F E000: Success 51.1 F Description: Add an outlet user to the local user database.
userList Access: Administrator, Device User, and Outlet User, but only for outlets to which the user is assigned. Example 1: When logged in as the Administrator, type: cli> userList E000: Success Local: admin: 1,2,3,4,5,6,7,8 Local: Bobby: 1,3 Local: Billy: 2,5 Local: Joe: 4,6 Local: Jack: 7,8 Managed Rack PDU USER’S GUIDE Description: List the users and the outlets assigned to them.
whoami Access: Administrator, Device User, Outlet User Description: View the user name of the active user.
Web Interface Supported Web Browsers The Rack PDU cannot work with a proxy server. Before you can use a Web browser to access the Rack PDU’s Web interface, you must do one of the following: • Configure the Web browser to disable the use of a proxy server for the Rack PDU. Managed Rack PDU USER’S GUIDE You can use Microsoft® Internet Explorer® (IE) 7.x and higher (on Windows® operating systems only), Mozilla® Firefox® 3.0.
Logging On to the Web Interface Overview You can use the DNS name or System IP address of the Rack PDU for the URL address of the Web interface. Use your case-sensitive user name and password to log on. The default user names and password differs by account type: • admin/admin for an Administrator • device/device for a Device User For Outlet User accounts, there is no default user name or password. An Administrator must define the user name and password and other account characteristics for an Outlet User.
URL address formats Type the DNS name or IP address of the Rack PDU in the Web browser’s URL address field and press ENTER. When you specify a non-default Web server port in Internet Explorer, you must include http:// or https:// in the URL. Common browser error messages at log-on. Cause of the Error Browser “You are not authorized to view this page” or “Someone is currently logged in...” Someone else is logged on Internet Explorer, Firefox “This page cannot be displayed.
URL format examples. • For a DNS name of Web1: – http://Web1 if HTTP is your access mode. – https://Web1 if HTTPS is your access mode. • For a System IP address of 139.225.6.133 and the default Web server port (80): – http://139.225.6.133 if HTTP is your access mode. – https//139.225.6.133 if HTTPS (HTTP with SSL) is your access mode. • For a System IP address of 139.225.6.133 and a non-default Web server port (5000): – https://139.225.6.133:5000 if HTTPS (HTTP with SSL) is your access mode.
Web Interface Features Read the following to familiarize yourself with basic Web interface features for your Rack PDU. Tabs The following tabs are available: Managed Rack PDU USER’S GUIDE • Home: Appears when you log on. View active alarms, the load status of the Rack PDU, and the most recent Rack PDU events. For more information, see About the Home Tab.
Device status icons One or more icons and accompanying text indicate the current operating status of the Rack PDU: Warning: An alarm condition requires attention and could jeopardize your data or equipment if not addressed. Managed Rack PDU USER’S GUIDE Critical: A critical alarm exists, which requires immediate action. No Alarms: No alarms are present and the Rack PDU is operating normally.
Quick Links At the lower left of the interface, there are three configurable links. The default settings follow: • Link 1: dell.com • Link 2: dell.com/home • Link 3: dell.com/business To reconfigure the links, see Configure Links. • The IP address appears in the upper left corner. • A context-sensitive Help link and Log off link are located in the upper right corner.
About the Home Tab Managed Rack PDU USER’S GUIDE Use the Home tab to view active alarms, the load status of the Rack PDU, and the most recent Rack PDU events. The Overview view Path: Home > Overview The top of the Overview indicates the alarm status. If one or more alarms are present, the number and type of alarms are indicated with a link to the Alarm Status view, where you can view descriptions of each alarm. If no alarms exist, the Overview displays, “No Alarms Present.
In the Load Status area, view the load for the device in kW and for the phases in Amps, as applicable. The green, yellow, and red meter shows the current load status: normal, near overload, or overload. Note that if a low load threshold was configured, the meter will also include a blue segment to the left of the green. Hover over the colors to view the configured load thresholds. Managed Rack PDU USER’S GUIDE Normal range is 0.3 to 5.
The Alarm Status view Path: Home > Alarm Status The Alarm Status view provides a description of all alarms present. Managed Rack PDU USER’S GUIDE For details about a temperature or humidity threshold violation, click the Environment tab.
Managed Rack PDU USER’S GUIDE Device Management About the Device Manager Tab Path: Device Manager 94
Use the Device Manager tab to: • View the load status for the Rack PDU • Configure load thresholds for all connected devices and for phases as applicable • Manage and control outlets • Configure a name and location for the Rack PDU • View and manage the peak load measurement • Click user-configurable links to open web pages for specific devices connected to the Rack PDU Path: Device Manager > Load Management options Managed Rack PDU USER’S GUIDE Viewing the load status and peak load The indicator in the
Configuring Load Thresholds Path: Device Manager > Load Management options To configure load thresholds: 1 . Click the Device Manager tab. 2 . To configure load thresholds for the device or phases, make a selection from the Load Management menu. 3 . Set Overload Alarm, Near Overload Warning, and Low Load Warning thresholds. Managed Rack PDU USER’S GUIDE 4 . Click Apply.
Configuring the Name and Location of the Rack PDU Path: Device Manager > Load Management > Device Load The name and location you enter appear on the Home tab. 1 . Click the Device Manager tab, then device load from the Load Management menu. 2 . Enter a name and location. 3 . Click Apply. Managed Rack PDU USER’S GUIDE You can set the Name and Location through either the Device Manager tab or the Administration tab. A change in one affects the other.
Resetting Peak Load and kWh Path: Device Manager > Device Load 1 . Click the Device Manager tab, then device load from the Load Management menu. 2 . Click the Peak Load and Kilowatt-Hours check boxes as desired. 3 . Click Apply. Outlet group terminology Managed Rack PDU USER’S GUIDE Configure and Control Outlet Groups An outlet group consists of outlets that are logically linked together on the same Rack PDU.
When you apply an outlet control action to outlets that are members of an outlet group, the outlets are synchronized as follows: • For a global outlet group, use the delay periods and reboot duration configured for the global outlet of the initiator outlet group. • For a local outlet group, the outlets use the delay periods and reboot duration of the lowest-numbered outlet in the group.
System requirements for outlet groups To set up and use synchronized outlet control groups: • You need a 10/100Base-T TCP/IP network, with an Ethernet hub or switch that has a power source not shared by the computers or other devices being synchronized. • If outlet groups are to be synchronized across multiple Rack PDUs, those Rack PDUs must meet the following requirements: – They must be on the same subnet.
Rules for configuring outlet groups For a system that uses outlet groups, the following rules apply: • A Rack PDU can have more than one outlet group, but an outlet can belong to only one outlet group. • A local outlet group, which has no global outlet, must consist of two or more outlets. – In a global outlet group, you can designate only one outlet to be a global outlet, linking to outlet groups on other Rack PDUs for the purpose of synchronization.
Enable outlet groups Click the Device Manager tab and select Group Configuration from the Outlet Groups left navigation menu. Configure the following parameters, and click Apply. Enable creation of outlet groups. Parameter Description Device Level Outlet Group To create an outlet group, you must enable this parameter. It is disabled by default.
Setting outlet group port. Parameter Description Outlet Group Port The port number on which the device will communicate with other devices. Devices attempting to synchronize with Outlet Groups on other devices must all have the same Authentication Phrase, Encryption Phrase, and Group Port number. The values are hidden to the user. 1. From the Device Manager tab, select Information from the Outlet Groups left navigation menu. Managed Rack PDU USER’S GUIDE Create a local outlet group 2.
Create multiple global outlet groups To set up multiple global outlet groups that link to outlet groups on other Rack PDUs: 1. From the Device Manager tab, select Information from the Outlet Groups left navigation menu. 2. Make sure outlet groups are enabled and that the Multicast parameters (name and IP address) are the same for all Rack PDUs to be linked. (See Enable outlet groups.) 4. For each global outlet group you create, select an outlet by clicking on its checkbox. Then click Apply.
Typical outlet group configurations The following configuration shows two Rack PDUs, each with eight outlet groups. Each outlet group consists of a single global outlet. Each outlet group 1 on the first Rack PDU is linked to the outlet group 2 in the same location on the second Rack PDU.
1 These four global outlet groups synchronize a total of 19 outlets. 2 These two global outlet groups synchronize 6 outlets, 2 in one group and 4 in the other. 3 This local outlet group synchronizes 3 outlets on the same Rack PDU. Managed Rack PDU USER’S GUIDE The following configuration shows three sets of synchronized outlets. Global outlets are shown in black. Outlet groups are enclosed in red rectangles.
Verify your setup and configuration for global outlet groups To ensure that your setup meets all system requirements for outlet groups and that you have configured the outlet groups correctly, select Information from the Outlet Groups left navigation menu in the Web interface to view the groups and their connections: • The Configured Outlet Groups section displays the following: – All configured outlet groups on the current Rack PDU.
Outlet Settings for Outlets and Outlet Groups Initiate a control action If you apply an outlet control action to outlets or outlet groups, the following delays are used for the action: • For an individual outlet (not in an outlet group), the action uses the delay periods and reboot duration configured for that outlet. • For a local outlet group, the action uses the delay periods configured for the lowest-numbered outlet in the group.
Managed Rack PDU USER’S GUIDE Control actions you can select. Option Description No Action (Web interface only) Do nothing. On Immediate Apply power to the selected outlets. On Delayed Apply power to each selected outlet according to its value for Power On Delay.† Off Immediate Remove power from the selected outlets. Off Delayed Remove power from each selected outlet according to its value for Power Off Delay.† Reboot Immediate Remove power from each selected outlet.
Configure outlet settings and the outlet name Managed Rack PDU USER’S GUIDE The following settings are available: Setting Description Name Set the name for one or more outlets. The name is displayed next to the outlet number on status screens. External Link Define an HTTP or HTTPS link to a Web site or IP address. • http://www.dell.com links the outlet to Dell’s Web site.
To configure the outlet settings or outlet names, select the Device Manager tab and then Configuration from the left navigation menu. Click the Configure Multiple Outlets button in the Outlet Configuration section or click on the outlet name. • Configure outlet settings for multiple outlets: – Select the checkboxes next to the numbers of the outlets you want to modify, or select the All Outlets checkbox. – Enter values for Name and Link, and click the Apply button immediately below the list.
Scheduling Outlet Actions Actions you can schedule Managed Rack PDU USER’S GUIDE To configure values for Power On Delay, Power Off Delay, and Reboot Duration for each outlet, see Configure outlet settings and the outlet name. Although you must use the Web interface to schedule outlet actions, you can set these values in either the Web or command line interfaces. For an action to be applied to an outlet group, you must have outlet groups enabled at the beginning of the scheduled action.
Managed Rack PDU USER’S GUIDE For any outlets you select, you can schedule any of the actions listed in the following table to occur daily; at intervals of one, two, four, or eight weeks; or only once. Option Description No Action Do nothing. On Immediate Apply power to the selected outlets. On Delayed Apply power to each selected outlet according to its value for Power On Delay.† Off Immediate Remove power from the selected outlets.
Schedule an outlet event 1. At the Web interface, select the Device Manager tab and then Scheduling from the left navigation menu. 2. On the Outlet Scheduling page, select how often the event will occur (OneTime, Daily, or Weekly), and click the Next button. 3. On the Schedule a Daily Action page, in the Name of event text box, replace the default name, Outlet Event, with a name that will identify your new event. 4. Use the drop-down lists to select the type of event and when it will occur.
Edit, disable, enable, or delete a scheduled outlet event 1. At the Web interface, select the Device Manager tab and then Scheduling from the left navigation menu. 2. In the event list in the Scheduled Outlet Action section of the Scheduling page, click on the name of the event. 3. On the Daily/Weekly scheduled action detail page, you can do any of the following: – Change details of the event, such as the name of the event, when it is scheduled to occur, and which outlets are affected.
Outlet Manager Menu Create and configure outlet user accounts. Individual outlets can be assigned a user with an Outlet User account. An Outlet User account allows control only to the outlets assigned. The configuration of outlets is allowed to those with Administrator rights. The Device Manager has limited outlet configuration rights. Configure an outlet user 1. At the Web interface, select the Device Manager tab and then Outlet Manager from the left navigational menu. 3.
Managed Rack PDU USER’S GUIDE Environment 117
Configuring Temperature and Humidity Sensors Path: Environment > Temperature & Humidity Through the Temperature & Humidity page, when you have a temperature or a temperature and humidity sensor connected to the Rack PDU, you can set thresholds for Warning and Critical alarm generation (see Device status icons for details on each type of alarm). For temperature: • If the maximum temperature threshold is reached, the system generates a Critical alarm.
Hysteresis. This value specifies how far past a threshold the temperature or humidity must return to clear a threshold violation. • For Maximum and High temperature threshold violations, the clearing point is the threshold minus the hysteresis. • For Minimum and Low humidity threshold violations, the clearing point is the threshold plus the hysteresis.
Configuring Dry Contact Inputs Path: Environment > Dry Contact Inputs Managed Rack PDU USER’S GUIDE Through the Dry Contact Inputs page, view the current status and state for the dry contacts, and configure the dry contacts. Parameter Description Name A name for this input contact. Maximum: 20 characters.
Managed Rack PDU USER’S GUIDE Logs 121
Using the Event and Data Logs Event log Path: Logs > Events > options You can view, filter, or delete the event log. By default, the log displays all events recorded during the last two days in reverse chronological order. See Configuring by event.
To filter the log (Logs > Events > log): Managed Rack PDU USER’S GUIDE • Filtering the log by date or time: To display the entire event log, or to change the number of days or weeks for which the log displays the most recent events, select Last. Select a time range from the drop-down menu, then click Apply. The filter configuration is saved until the Rack PDU restarts. To display events logged during a specific time range, select From.
To configure reverse lookup (Logs > Events > reverse lookup): Reverse lookup is disabled by default. Enable this feature unless you have no DNS server configured or have poor network performance because of heavy network traffic. To resize the event log (Logs > Events > size): Managed Rack PDU USER’S GUIDE With reverse lookup enabled, when a network-related event occurs, both the IP address and the domain name for the networked device associated with the event are logged in the event log.
Data log Path: Logs > Data > options The data log records the current and power for the device and phases (for a 3-phase Rack PDU), as applicable, as well as temperature and humidity and dry contact data at the specified time interval. Each entry is listed by the date and time the data was recorded. To display the data log (Logs > Data > log): – Click a page number to open a specific page of the log.
To display data logged during a specific time range, select From. Specify the beginning and ending times (using the 24-hour clock format) and dates for which to display data, then click Apply. The filter configuration is saved until the device restarts. To delete the data log: To delete all data recorded in the log, click Clear Data Log on the Web page that displays the log. Deleted data cannot be retrieved.
Parameter Description Delay X hours between uploads. The number of hours between uploads of data to the file. Upload every X minutes The number of minutes between attempts to upload data to the file after an upload failure. Up to X times The maximum number of times the upload will be attempted after an initial failure. Until Upload Succeeds Attempt to upload the file until the transfer is completed. By default, the data log stores 1000 records. You can change the number of records the log stores.
The Rack PDU uses a four-digit year for log entries. You may need to select a four-digit date format in your spreadsheet application to display all four digits. To use SCP to retrieve the files. To use SCP to retrieve the event.txt file, use the following command: scp username@hostname_or_ip_address:event.txt ./event.txt Managed Rack PDU USER’S GUIDE If you are using the encryption-based security protocols for your system, use Secure CoPy (SCP) to retrieve the log file.
To use FTP to retrieve the files. To use FTP to retrieve the event.txt or data.txt file: 1. At a command prompt, type ftp and the IP address of the Rack PDU, and press ENTER. If the Port setting for the FTP Server option (set through the Network menu of the Administration tab) has been changed from its default (21), you must use the nondefault value in the FTP command. For Windows FTP clients, use the following command, including spaces.
Managed Rack PDU USER’S GUIDE Administration: Security 130
Local Users Setting user access Path: Administration > Security > Local Users > options The Administrator user account always has access to the Rack PDU. Managed Rack PDU USER’S GUIDE The Device User and Read-Only User accounts are enabled by default. To disable the Device User or Read-Only User accounts, select the user account from the left navigation menu, then clear the Enable checkbox. You set the case-sensitive user name and password for each account type in the same manner.
Remote Users Authentication Path: Administration > Security > Remote Users > Authentication Method Use this option to select how to administer remote access to the Rack PDU. For information about local authentication (not using the centralized authentication of a RADIUS server), see the Appendix B: Security Handbook. • When a user accesses the Rack PDU or other network-enabled device that has RADIUS enabled, an authentication request is sent to the RADIUS server to determine the user’s permission level.
RADIUS Path: Administration > Security > Remote Users > RADIUS Use this option to do the following: • List the RADIUS servers (a maximum of two) available to the Rack PDU and the time-out period for each. • Click a link, and configure the parameters for authentication by a new RADIUS server. Managed Rack PDU USER’S GUIDE • Click a listed RADIUS server to display and modify its parameters. RADIUS Setting Definition RADIUS Server The server name or IP address (IPv4 or IPv6) of the RADIUS server.
Configuring the RADIUS Server Summary of the configuration procedure You must configure your RADIUS server to work with the Rack PDU. For examples of the RADIUS users file with Vendor Specific Attributes (VSAs) and an example of an entry in the dictionary file on the RADIUS server, see Appendix B: Security Handbook. 2. Users must be configured with Service-Type attributes unless Vendor Specific Attributes (VSAs) are defined.
Configuring a RADIUS server on UNIX® with shadow passwords If UNIX shadow password files are used (/etc/passwd) with the RADIUS dictionary files, the following two methods can be used to authenticate users: • If all UNIX users have administrative privileges, add the following to the RADIUS “user” file. To allow only Device Users, change the DELL-Service-Type to Device.
Managed Rack PDU USER’S GUIDE Administration: Notification 136
Event Actions Path: Administration > Notification > Event Actions > options Types of notification You can configure event actions to occur in response to an event or group of events. These actions notify users of the event in any of several ways: • Active, automatic notification. The specified users or monitoring devices are contacted directly. – SNMP traps – Syslog notification • Indirect notification Managed Rack PDU USER’S GUIDE – E-mail notification – Event log.
Configuring event actions Managed Rack PDU USER’S GUIDE Notification parameters. For events that have an associated clearing event, you can also set the following parameters as you configure events individually or by group, as described in the next two sections. To access the parameters, click the receiver or recipient name. Parameter Description Delay x time before sending If the event persists for the specified time, a notification is sent.
When viewing details of an event’s configuration, you can change the configuration, enable or disable event logging or Syslog, or disable notification for specific e-mail recipients or trap receivers, but you cannot add or remove recipients or receivers. To add or remove recipients or receivers, see the following: • Identifying Syslog servers • E-mail recipients • Trap Receivers 1. Select the Administration tab, Notification on the top menu bar, and by group under Event Actions on the left navigation menu.
Active, Automatic, Direct Notification E-mail notification Overview of setup. Use the Simple Mail Transfer Protocol (SMTP) to send e-mail to up to four recipients when an event occurs. To use the e-mail feature, you must define the following settings: • The IP addresses of the primary and, optionally, the secondary Domain Name System (DNS) servers • The IP address or DNS name for SMTP Server and From Address Managed Rack PDU USER’S GUIDE See DNS. See SMTP.
SMTP. Path: Administration > Notification > E-mail > server Setting Description Local SMTP Server The IPv4/IPv6 address or DNS name of the local SMTP server. The contents of the From field in e-mail messages sent by the Rack PDU: • In the format user@ [IP_address] (if an IP address is specified as Local SMTP Server) • In the format user@domain (if DNS is configured and the DNS name is specified as Local SMTP Server) in the e-mail messages.
Description SMTP Server Select one of the following methods for routing e-mail: • Local: Through the Rack PDU’s SMTP server. This setting (recommended) ensures that the e-mail is sent before the Rack PDU’s 20-second time-out, and, if necessary, is retried several times. Also do one of the following: • Enable forwarding at the Rack PDU’s SMTP server so that it can route e-mail to external SMTP servers. Typically, SMTP servers are not configured to forward e-mail.
SNMP traps Trap Receivers. Path: Administration > Notification > SNMP Traps > trap receivers View trap receivers by NMS IP/Host Name. You can configure up to six trap receivers. • To configure a new trap receiver, click Add Trap Receiver. • To specify the trap type for a trap receiver, select either the SNMPv1 or SNMPv3 radio button. For an NMS to receive both types of traps, you must configure two trap receivers for that NMS, one for each trap type.
Managed Rack PDU USER’S GUIDE SNMPv1 option. Item Definition Community Name The name (public by default) used as an identifier when SNMPv1 traps are sent to this trap receiver. Authenticate Traps When this option is enabled (the default), the NMS identified by the NMS IP/Host Name setting will receive authentication traps (traps generated by invalid attempts to log on to this device). To disable that ability, unmark the checkbox. SNMPv3 option.
Syslog Path: Logs > Syslog > options The Rack PDU can send messages to up to four Syslog servers when an event occurs. The Syslog servers record events that occur at network devices in a log that provides a centralized record of events. This user’s guide does not describe Syslog or its configuration values in detail. See RFC3164 for more information about Syslog. Identifying Syslog servers.
Syslog settings. Path: Logs > Syslog > settings Setting Definition Message Generation Enables (by default) or disables the Syslog feature. Facility Code Selects the facility code assigned to the Rack PDU’s Syslog messages (User, by default). Severity Mapping Managed Rack PDU USER’S GUIDE NOTE: User best defines the Syslog messages sent by the Rack PDU. Do not change this selection unless advised to do so by the Syslog network or system administrator.
Syslog test and format example. Path: Logs > Syslog > test Send a test message to the Syslog servers configured through the servers option. 1. Select a severity to assign to the test message. 2. Define the test message, according to the required message fields. – The priority (PRI): the Syslog priority assigned to the message’s event, and the facility code of messages sent by the Rack PDU. – The Header: a time stamp and the IP address of the Rack PDU.
Managed Rack PDU USER’S GUIDE Administration: Network Features 148
TCP/IP and Communication Settings TCP/IP settings Path: Administration > Network > TCP/IP The TCP/IP option on the left navigation menu, selected by default when you choose Network on the top menu bar, displays the current IPv4 address, subnet mask, default gateway, MAC address, and boot mode of the Rack PDU. Managed Rack PDU USER’S GUIDE For information on DHCP and DHCP options, see RFC2131 and RFC2132. Setting Description Enable Enable or disable IPv4 with this check box.
Description BOOTP A BOOTP server provides the TCP/IP settings. At 32-second intervals, the Rack PDU requests network assignment from any BOOTP server: • If the Rack PDU receives a valid response, it starts the network services. • If the Rack PDU finds a BOOTP server, but a request to that server fails or times out, the Rack PDU stops requesting network settings until it is restarted.
DHCP response options Each valid DHCP response contains options that provide the TCP/IP settings that the Rack PDU needs to operate on a network, and other information that affects the operation of the Rack PDU. • Vendor Cookie. Tag 1, Len 4, Data “1APC” Option 43 communicates to the Rack PDU that a DHCP server is configured to service the Dell Rack PDUs.
Managed Rack PDU USER’S GUIDE Other options. The Rack PDU also uses these options within a valid DHCP response. All of these options except the last are described in RFC2132. • Network Time Protocol Servers (option 42): Up to two NTP servers (primary and secondary) that the Rack PDU can use. • Time Offset (option 2): The offset of the Rack PDU's subnet, in seconds, from Coordinated Universal Time (UTC).
Managed Rack PDU USER’S GUIDE Setting Description DHCPv6 Mode Router Controlled: Selecting this option means that DHCPv6 is controlled by the Managed (M) and Other (O) flags received in IPv6 router advertisements. When a router advertisement is received, the NMC checks whether the M or the O flag is set.
Port Speed Path: Administration > Network > Port Speed The Port Speed setting defines the communication speed of the TCP/IP port. • For Auto-negotiation (the default), Ethernet devices negotiate to transmit at the highest possible speed, but if the supported speeds of two devices are unmatched, the slower speed is used.
DNS Path: Administration > Network > DNS > options Use the options under DNS to configure and test the Domain Name System (DNS): – The Rack PDU waits up to 15 seconds for a response from the primary DNS server or the secondary DNS server (if a secondary DNS server is specified). If the Rack PDU does not receive a response within that time, e-mail cannot be sent. Therefore, use DNS servers on the same segment as the Rack PDU or on a nearby segment (but not across a wide-area network [WAN]).
– As Query Type, select the method to use for the DNS query: • by Host: the URL name of the server • by FQDN: the fully-qualified domain name • by IP: the IP address of the server • by MX: the Mail Exchange used by the server Managed Rack PDU USER’S GUIDE – As Query Question, identify the value to be used for the selected query type: Query Type Selected Query Question to Use by Host The URL by FQDN The fully qualified domain name, my_server.my_domain.
Web Managed Rack PDU USER’S GUIDE Path: Administration > Network > Web > options Option Description access To activate changes to any of these selections, log off from the Rack PDU: • Disable: Disables access to the Web interface. (To re-enable access, log in to the command line interface, then type the command http -S enable. For HTTPS access, type https -S enable.
Managed Rack PDU USER’S GUIDE Option Description ssl certificate Add, replace, or remove a security certificate. Status: • Not installed: A certificate is not installed, or was installed by FTP or SCP to an incorrect location. Using Add or Replace Certificate File installs the certificate to the correct location, /ssl on the Rack PDU. • Generating: The Rack PDU is generating a certificate because no valid certificate was found. • Loading: A certificate is being activated on the Rack PDU.
Console Managed Rack PDU USER’S GUIDE Path: Administration > Network > Console > options Option Description access Choose one of the following for access by Telnet or Secure Shell (SSH): • Disable: Disables all access to the command line interface. • Enable Telnet (the default): Telnet transmits user names, passwords, and data without encryption.
Option Description ssh host key Status indicates the status of the host key (private key): • SSH Disabled: No host key in use: When disabled, SSH cannot use a host key. • Generating: The Rack PDU is creating a host key because no valid host key was found. • Loading: A host key is being activated on the Rack PDU.
SNMP All user names, passwords, and community names for SNMP are transferred over the network as plain text. If your network requires the high security of encryption, disable SNMP access or set the access for each community to Read. (A community with Read access can receive status information and use SNMP traps.) Managed Rack PDU USER’S GUIDE For detailed information on enhancing and managing the security of your system, see Appendix B: Security Handbook.
SNMPv1 Managed Rack PDU USER’S GUIDE Path: Administration > Network > SNMPv1 > options Option Description access Enable SNMPv1 Access: Enables SNMP version 1 as a method of communication with this device. access control You can configure up to four access control entries to specify which Network Management Systems (NMSs) have access to this device.
SNMPv3 Path: Administration > Network > SNMPv3 > options For SNMP GETs, SETs, and trap receivers, SNMPv3 uses a system of user profiles to identify users. An SNMPv3 user must have a user profile assigned in the MIB software program to perform GETs and SETs, browse the MIB, and receive traps. To use SNMPv3, you must have a MIB program that supports SNMPv3. Option Description access SNMPv3 Access: Enables SNMPv3 as a method of communication with this device.
Option Description user profiles By default, lists the settings of four user profiles, configured with the user names dell snmp profile1 through dell snmp profile4, and no authentication and no privacy (no encryption). To edit the following settings for a user profile, click a user name in the list.
Description access control You can configure up to four access control entries to specify which NMSs have access to this device. The opening page for access control, by default, assigns one entry to each of the four user profiles, but you can edit these settings to apply more than one entry to any user profile to grant access by several specific IP addresses, host names, or IP address masks.
FTP Server Path: Administration > Network > FTP Server Managed Rack PDU USER’S GUIDE The FTP Server settings enable (by default) or disable access to the FTP server and specify the TCP/IP port (21 by default) that the FTP server uses to communicate with the Rack PDU. The FTP server uses both the specified port and the port one number lower than the specified port. You can change the Port setting to the number of any unused port from 5001 to 32768 for added security.
Managed Rack PDU USER’S GUIDE Administration: General Options Identification Path: Administration > General > Identification Define the Name (the device name), Location (the physical location), and Contact (the person responsible for the device) used by the SNMP agent of the Rack PDU.
These settings are the values used for the MIB-II sysName, sysContact, and sysLocation Object Identifiers (OIDs). For more information about MIB-II OIDs, see the Dell Management Information Base (MIB). Set the Date and Time Method Set the time and date used by the Rack PDU.
Daylight saving Path: Administration > General > Date & Time > daylight saving Enable traditional United States Daylight Saving Time (DST), or enable and configure a customized daylight saving time to match how Daylight Saving Time is implemented in your local area. DST is disabled by default. When customizing Daylight Saving Time (DST): • If the local DST always starts or ends on the last occurrence of a specific weekday of a month, whether it is the fourth or the fifth occurrence, choose Fifth/Last.
Use an .ini File Path: Administration > General > User Config File Managed Rack PDU USER’S GUIDE Use the settings from one Rack PDU to configure another. Retrieve the config.ini file from the configured Rack PDU, customize that file (e.g., to change the IP address), and upload the customized file to the new Rack PDU. The file name can be up to 64 characters, and must have the.ini suffix. Status Reports the progress of the upload.
Event Log and Temperature Units Path: Administration > General > Preferences Color-code event log text Managed Rack PDU USER’S GUIDE This option is disabled by default. Mark the Event Log Color Coding checkbox to enable color-coding of alarm text recorded in the event log. System-event entries and configuration-change entries do not change color. Text Color Alarm Severity Red Critical: A critical alarm exists, which requires immediate action.
Reset the Rack PDU Managed Rack PDU USER’S GUIDE Path: Administration > General > Reset/Reboot Action Definition Reboot Management Interface Restarts the interface of the Rack PDU. Reset All1 Clear the Exclude TCP/IP checkbox to reset all configuration values; mark the Exclude TCP/IP checkbox to reset all values except TCP/IP.
Configure Links Path: Administration > General > Quick Links Select the Administration tab, General on the top menu bar, and Quick Links on the left navigation menu to view and change the URL links displayed at the bottom left of each page of the interface. By default, these links access the following Web pages: • Link 1: dell.com • Link 3: dell.
How to Export Configuration Settings Retrieving and Exporting the .ini File Summary of the procedure An Administrator can retrieve the .ini file of a Rack PDU and export it to another Rack PDU or to multiple Rack PDUs. 1. Configure a Rack PDU to have the settings you want to export. 3. Customize the file to change at least the TCP/IP settings. Managed Rack PDU USER’S GUIDE 2. Retrieve the .ini file from that Rack PDU. 4.
Detailed procedures Retrieving. To set up and retrieve an .ini file to export: 1. If possible, use the interface of a Rack PDU to configure it with the settings to export. Directly editing the .ini file risks introducing errors. 2. To use FTP to retrieve config.ini from the configured Rack PDU: a. Open a connection to the Rack PDU, using its IP address: ftp> open ip_address b. Log on using the Administrator user name and password. The file is written to the folder from which you launched FTP.
Customizing. You must customize the file before you export it. 1. Use a text editor to customize the file. • Section headings, keywords, and pre-defined values are not case-sensitive, but string values that you define are case-sensitive. • Use adjacent quotation marks to indicate no value. For example, LinkURL1="" indicates that the URL is intentionally undefined. • Enclose in quotation marks any values that contain leading or trailing spaces or are already enclosed in quotation marks.
Transferring the file to a single Rack PDU. To transfer the .ini file to another Rack PDU, do either of the following: • From the Web interface of the receiving Rack PDU, select the Administration tab, General on the top menu bar, and User Config File on the left navigation menu. Enter the full path of the file, or use Browse. • Use any file transfer protocol supported by Rack PDUs, i.e., FTP, FTP Client, SCP, or TFTP. The following example uses FTP: b. Export the copy of the customized .
The Upload Event and Error Messages The event and its error messages The following event occurs when the receiving Rack PDU completes using the .ini file to update its settings. Configuration file upload complete, with number valid values Managed Rack PDU USER’S GUIDE If a keyword, section name, or value is invalid, the upload by the receiving Rack PDU succeeds, and additional event text states the error. Event text Description Configuration file warning: Invalid keyword on line number.
Messages in config.ini A Rack PDU from which you download the config.ini file must be discovered successfully in order for its configuration to be included. If the Rack PDU is not present or is not discovered, the config.ini file contains a message under the appropriate section name, instead of keywords and values. For example: Rack PDU not discovered If you did not intend to export the configuration of the Rack PDU as part of the .ini file import, ignore these messages.
File Transfers How to Upgrade Firmware Benefits of upgrading firmware When you upgrade the firmware on the Rack PDU: • You obtain the latest bug fixes and performance improvements. Keeping the firmware versions consistent across your network ensures that all Rack PDUs support the same features in the same manner. Managed Rack PDU USER’S GUIDE • New features become available for immediate use.
Firmware files A firmware version consists of three modules: An Operating System (AOS) module, an application module, and a boot monitor (bootmon) module. Each module contains one or more Cyclical Redundancy Checks (CRCs) to protect its data from corruption during transfer. The Operating System (AOS), application, and boot monitor module files used with the Rack PDU share the same basic format: dell_hardware-version_type_firmware-version.
Firmware File Transfer Methods When you transfer individual firmware modules, you must transfer the Operating System (AOS) module to the Rack PDU before you transfer the application module. Use FTP or SCP to upgrade one Rack PDU Managed Rack PDU USER’S GUIDE To upgrade the firmware of a Rack PDU, use one of these methods: • From a networked computer on any supported operating system, use FTP or SCP to transfer the individual AOS and application firmware modules.
3. Type open and the IP address of the Rack PDU, and press ENTER. If the port setting for the FTP Server has changed from its default of 21, you must use the non-default value in the FTP command. • For Windows FTP clients, separate a non-default port number from the IP address by a space. For example: ftp> open 150.250.6.10 21000 • Some FTP clients require a colon instead before the port number. 4. Log on as Administrator; admin is the default user name and password. 5. Upgrade the AOS.
How to upgrade multiple Rack PDUs Use FTP or SCP to upgrade multiple Rack PDUs. To upgrade multiple Rack PDUs using an FTP client or using SCP, write a script which automatically performs the procedure. Use XMODEM to upgrade one Rack PDU To use XMODEM to upgrade one Rack PDU that is not on the network, you must first download the firmware files from Dell.com. Managed Rack PDU USER’S GUIDE To transfer the files: 1. Select a serial port at the local computer and disable any service that uses the port. 2.
Verifying Upgrades and Updates Verify the success or failure of the transfer To verify whether a firmware upgrade succeeded, use the xferStatus command in the command line interface to view the last transfer result, or use an SNMP GET to the mfiletransferStatusLastTransferResult OID. Last Transfer Result codes Managed Rack PDU USER’S GUIDE Code Description Successful The file transfer was successful. Result not available There are no recorded file transfers.
Troubleshooting Managed Rack PDU USER’S GUIDE Rack PDU Access Problems Problem Solution Unable to ping the Rack PDU If the Rack PDU’s Status LED is green, try to ping another node on the same network segment as the Rack PDU. If that fails, it is not a problem with the Rack PDU. If the Status LED is not green, or if the ping test succeeds, perform the following checks: • Verify all network connections. • Verify the IP addresses of the Rack PDU and the NMS.
Solution Cannot access the Web interface • Verify that HTTP or HTTPS access is enabled. • Make sure you are specifying the correct URL — one that is consistent with the security system used by the Rack PDU. SSL requires https, not http, at the beginning of the URL. • Verify that you can ping the Rack PDU. • Verify that you are using a Web browser supported for the Rack PDU. See Supported Web Browsers.
Appendix A: List of Supported Commands Managed Rack PDU USER’S GUIDE Network Management Card Command Descriptions ? about alarmcount [-p [all | warning | critical]] boot [-b ] [-a ] [-o ] [-f ] [-c [enable | disable]] [-s ] [-v ] [-i ] [-u ] cd console [-S] [-pt ] [-ps ] [-b <2
Managed Rack PDU USER’S GUIDE ftp [-p ] [-S ] help netstat ntp [-OM ] [-p ] [-s ] ping [] portspeed [-s [auto | 10H | 10F | 100H | 100F]] prompt [-s [long | short]] quit radius [-a [local | radiusLocal | radius]] [-p# ] [-s# ] [-t# ] reboot resetToDef [-p ] snmp, snmpv3 [-S ] system [-n ] [-c
user [-an ] [-dn ] [-rn ] [-ap ] [-dp ] [-rp ] [-t ] web [-S ] [-ph ] [-ps ] xferINI xferStatus Managed Rack PDU USER’S GUIDE Device Command Descriptions devLowLoad [] devNearOver [] devOverLoad [] devReading [<“power” | “energy”>] devStartDly humLow [] humMin [
Managed Rack PDU USER’S GUIDE olLowLoad [<“all” | outlet name | outlet#> ] olName [<“all” | outlet# > ] olNearOver [<“all” | outlet name | outlet#> ] olOff [<“all” | outlet name | outlet# >] olOffDelay [<“all” | outlet name | outlet#>
Managed Rack PDU USER’S GUIDE userAdd [] userDelete [] userList userPasswd [ ] whoami 192
Appendix B: Security Handbook Content and Purpose of This Appendix This appendix documents security features for firmware version 5.x.x for Dell® Rack PDUs which enable Rack PDUs to function remotely over the network.
Security Features Protection of passwords and passphrases No password or passphrase is stored on the Rack PDU in plain text. • Passwords are hashed using a one-way hash algorithm. • Passphrases, which are used for authentication and encryption, are encrypted before they are stored on the Rack PDU. Summary of access methods Security Access Managed Rack PDU USER’S GUIDE Serial access to the command line interface. Access is by user name and password. Description Always enabled.
Managed Rack PDU USER’S GUIDE SNMPv1 and SNMPv3. Security Access Description Available methods (SNMPv1): • Community Name • Host Name • NMS IP filters • Agents that can be enabled or disabled • Four access communities with read/write/disable capability For both SNMPv1 and SNMPv3, the host name restricts access to the Network Management System (NMS) at that location only, and the NMS IP filters allow access only to the NMSs specified by one of the IP address formats in the following examples: • 159.215.
Web server. Security Access In basic HTTP authentication mode, the user name and password are transmitted base-64 encoded (with no encryption). SSL is available on Web browsers supported for use with the Management Card or network-enabled device and on most Web servers. The Web protocol HyperText Transfer Protocol over Secure Sockets Layer (HTTPS) encrypts and decrypts page requests to the Web server and pages returned by the Web server to the user. RADIUS.
Change default user names and passwords immediately After installation and initial configuration of the Rack PDU, immediately change the user names and passwords from their defaults to unique user names and passwords to establish basic security. If Telnet, the FTP server, SSH/SCP, or the Web server uses a non-standard port, a user must specify the port in the command line or Web address used to access the Rack PDU. A non-standard port number provides an additional level of security.
Authentication You can choose security features for the Rack PDU that control access by providing basic authentication through user names, passwords, and IP addresses, without using encryption. These basic security features are sufficient for most environments in which sensitive data are not being transferred. For enhanced authentication when you use SNMP to monitor or configure the Rack PDU, choose SNMPv3.
Encryption SNMP GETS, SETS, and Traps For encrypted communication when you use SNMP to monitor or configure the Rack PDU, choose SNMPv3. The privacy passphrase used with SNMPv3 user profiles ensures the privacy of the data (by means of encryption, using the AES or DES encryption algorithm) that an NMS sends to or receives from the Rack PDU. The Secure Shell protocol. SSH provides a secure mechanism to access computer consoles, or shells, remotely.
Secure CoPy. SCP is a secure file transfer application that you can use instead of FTP. SCP uses the SSH protocol as the underlying transport protocol for encryption of user names, passwords, and files. • When you enable and configure SSH, you automatically enable and configure SCP. No further configuration of SCP is needed. • You must explicitly disable FTP. It is not disabled by enabling SSH.
You can use the Rack PDU Security Wizard to create a certificate signing request to an external Certificate Authority, or if you do not want to use an existing Certificate Authority, you can create a Dell root certificate to upload to the certificate store (cache) of the browser. You can also use the Wizard to create a server certificate to upload to the Rack PDU. Managed Rack PDU USER’S GUIDE See Creating and Installing Digital Certificates for a summary of how these certificates are used.
Creating and Installing Digital Certificates Purpose For network communication that requires a higher level of security than password encryption, the Web interface of the Rack PDU supports the use of digital certificates with the Secure Sockets Layer (SSL) protocol. Digital certificates can authenticate the Rack PDU (the server) to the Web browser (the SSL client).
Method 1: Use the default certificate auto-generated by the Rack PDU. When you enable SSL, you must reboot the Rack PDU. During rebooting, if no server certificate exists, the Rack PDU generates a default server certificate that is self-signed but that you cannot configure. Method 1 has the following advantages and disadvantages.
– The length of the public key (RSA key) that is used for encryption when setting up an SSL session is 2048 bits, by default. Method 2: Use the Rack PDU Security Wizard to create a CA certificate and a server certificate. Use the Rack PDU Security Wizard to create two digital certificates: • A server certificate that you upload to the Rack PDU. When the Rack PDU Security Wizard creates a server certificate, it uses the CA root certificate to sign the server certificate.
This provides an extra level of security beyond the encryption of the user name, password, and transmitted data. – The root certificate that you install to the browser enables the browser to authenticate the server certificate of the Rack PDU to provide additional protection from unauthorized access.
and a Certificate Authority of your own company or agency has probably already loaded its CA certificate to the browser store of each user’s browser.) Therefore, you do not have to upload a root certificate to the browser of each user who needs access to the Rack PDU. – You choose the length of the public key (RSA key) that is used for setting up an SSL session (use 1024 bits, which is the default setting, or use 2048 bits to provide complex encryption and a high level of security).
Using the Rack PDU Security Wizard The Rack PDU Security Wizard creates components needed for high security for a Rack PDU on the network when you are using Secure Sockets Layer (SSL) and related protocols and encryption routines. Authentication by certificates and host keys Managed Rack PDU USER’S GUIDE Authentication verifies the identity of a user or a network device (such as a Rack PDU). Passwords typically identify computer users.
How certificates are used. Most Web browsers, including all browsers supported by Rack PDUs, contain a set of CA root certificates from all of the commercial Certificate Authorities. For authentication to occur: • Each server (Rack PDU) with SSL enabled must have a server certificate on the server itself. • Any browser that is used to access the Web interface of the Rack PDU must contain the CA root certificate that signed the server certificate.
Managed Rack PDU USER’S GUIDE Files you create for SSL and SSH security Use the Rack PDU Security Wizard to create these components of an SSL and SSH security system: • The server certificate for the Rack PDU, if you want the benefits of authentication that such a certificate provides. You can create either of the following types of server certificate: – A server certificate signed by a custom CA root certificate also created with the Rack PDU Security Wizard.
Create a Root Certificate and Server Certificates Use this procedure if your company or agency does not have its own Certificate Authority and you do not want to use a commercial Certificate Authority to sign your server certificates. Define the size of the public RSA key that is part of the certificate generated by the Rack PDU Security Wizard.You can generate a 1024-bit key, or you can generate a 2048-bit key, which provides complex encryption and a higher level of security.
The procedure Create the CA root certificate. 1. If the Rack PDU Security Wizard is not already installed on your computer, obtain and run the installation program (Rack PDU Security Wizard.exe). 2. On the Windows Start menu, select Programs, then Rack PDU Security Wizard. Managed Rack PDU USER’S GUIDE 3.
7. The last screen verifies that the certificate was created and displays information you need for the next tasks: • The location and name of the .p15 file that you will use to sign the server certificates. • The location and name of the .crt file, which is the CA root certificate to load into the browser of each user who needs to access the Rack PDU. See the help system of the browser for information on how to load the .crt file into the browser’s certificate store (cache).
6. On the next screen, review the summary of the certificate. Scroll downward to view the certificate’s unique serial number and fingerprints. To make any changes to the information you provided, click Back. Revise the information. Managed Rack PDU USER’S GUIDE 5. On the screen labeled Step 2, provide the information to configure the server certificate. Country and Common Name are the only required fields. For the Common Name field, enter the IP address or DNS name of the server (the Rack PDU).
Create a Server Certificate and Signing Request Summary Use this procedure if your company or agency has its own Certificate Authority or if you plan to use a commercial Certificate Authority to sign your server certificates. • Create a Certificate Signing Request (CSR). The CSR contains all the information for a server certificate except the digital signature. This process creates two output files: – The file with the .
4. Enter a name for this file, which will contain the private key of the Rack PDU. The file must have a .p15 suffix and, by default, will be created in the installation folder C:\Program Files\Dell\Rack PDU Security Wizard. By default, a server certificate is valid for 10 years from the current date and time, but you can edit the Validity Period Start and Validity Period End fields. Managed Rack PDU USER’S GUIDE 5.
Import the signed certificate. When the external Certificate Authority returns the signed certificate, import the certificate. This procedure combines the signed certificate and the private key into an SSL server certificate that you then upload to the Rack PDU. 1. On the Windows Start menu, select Programs, then Rack PDU Security Wizard. 2. On the screen labeled Step 1, select Import Signed Certificate. 4.
Load the server certificate to the Rack PDU. 1. On the Administration tab, select Network on the top menu bar and ssl certificate under the Web heading on the left navigation menu. Alternatively, you can use FTP or Secure CoPy (SCP) to transfer the server certificate to the Rack PDU. For SCP, the command to transfer a certificate named cert.p15 to a Rack PDU with an IP address of 156.205.6.185 would be: scp cert.p15 dell@156.205.6.185 Managed Rack PDU USER’S GUIDE 2.
The procedure Create the host key. 1. If the Rack PDU Security Wizard is not already installed on your computer, obtain and run the installation program (Rack PDU Security Wizard.exe). 2. On the Windows Start menu, select Programs, then Rack PDU Security Wizard. 4. Enter a name for this file, which will contain the host key. The file must have a .p15 suffix. By default, the file will be created in the installation folder C:\Program Files\Dell\Rack PDU Security Wizard. Managed Rack PDU USER’S GUIDE 3.
Load the host key to the Rack PDU. 1. On the Administration tab, select Network on the top menu bar, and ssh host key under the Console heading on the left navigation menu. 3. At the bottom of the User Host Key page, note the SSH fingerprint. Log on to the Rack PDU through your SSH client program, and verify that the correct host key was uploaded by verifying that these fingerprints match the fingerprints that the client program displays.
Command Line Interface Access and Security Users with Administrator or Device User accounts can access the command line interface through Telnet or Secure Shell (SSH), depending on which is enabled. (An Administrator can enable these access methods by selecting the Administration tab, then Network on the top menu bar and access under the Console heading on the left navigation menu.) By default, Telnet is enabled. Enabling SSH automatically disables Telnet. SSH for high-security access.
Telnet and Secure Shell (SSH) While SSH is enabled, you cannot use Telnet to access the command line interface. Enabling SSH enables SCP automatically. When SSH is enabled and its port is configured, no further configuration is required to use Secure CoPy (SCP). SCP uses the same configuration as SSH. To configure the options for Telnet and Secure Shell (SSH): Managed Rack PDU USER’S GUIDE To use SSH, you must have an SSH client installed.
4. Display the fingerprint of the SSH host key for SSH version 2. Most SSH clients display the fingerprint at the start of a session. Compare the fingerprint displayed by the client to the fingerprint that you recorded from the Web interface or command line interface of the Rack PDU. HyperText Transfer Protocol (HTTP) provides access by user name and password, but does not encrypt user names, passwords, and data during transmission.
Creating and uploading a server certificate in advance reduces the time required to enable HTTPS. If you enable HTTPS with no server certificate loaded, the Rack PDU creates one when it reboots. The Rack PDU can take up to 1 minute to create the certificate, and the SSL server is unavailable during that time. A certificate that the Rack PDU generates has some limitations. See Method 1: Use the default certificate auto-generated by the Rack PDU. Parameter Issued To: Managed Rack PDU USER’S GUIDE 4.
Parameter Issued By: Description Common Name (CN): The Common Name as specified in the CA root certificate. For a server certificate generated by default by the Rack PDU, this field displays the serial number of the Rack PDU instead. Organization (O) and Organizational Unit (OU): The name and organizational unit of the organization that issued the server certificate. If the server certificate was generated by default by the Rack PDU or device, this field displays “Internally Generated Certificate.
Supported RADIUS Functions and Servers Supported functions Supported authentication and authorization functions: Remote Authentication Dial-In User Service (RADIUS). Use RADIUS to administer remote access for each Rack PDU centrally. When a user accesses the Rack PDU, an authentication request is sent to the RADIUS server to determine the permission level of the user. Supported RADIUS servers Managed Rack PDU USER’S GUIDE For more information on permission levels, see Types of user accounts.
Configure the Rack PDU Authentication RADIUS user names used with Rack PDU are limited to 32 characters. • Local Authentication Only: RADIUS is disabled. Local authentication is enabled. Managed Rack PDU USER’S GUIDE On the Administration tab, select Security on the top menu bar. Then, under Remote Users on the left navigation menu, select authentication to define an authentication method: • RADIUS, then Local Authentication: Both RADIUS and local authentication are enabled.
RADIUS Managed Rack PDU USER’S GUIDE To configure RADIUS, on the Administration tab, select Security on the top menu bar. Then, under Remote Users on the left navigation menu, select RADIUS. Setting Definition RADIUS Server The server name or IP address of the RADIUS server. NOTE: RADIUS servers use port 1812 by default to authenticate users. To use a different port, add a colon followed by the new port number to the end of the RADIUS server name or IP address.
Configure the RADIUS Server You must configure your RADIUS server to work with the Rack PDU. The examples in this section may differ somewhat from the required content or format of your specific RADIUS server. In the examples, any reference to outlets applies only to Rack PDU devices that support outlet users. 2. Users must be configured with Service-Type attributes unless Vendor Specific Attributes (VSAs) are defined instead.
Examples using Vendor Specific Attributes Managed Rack PDU USER’S GUIDE Vendor Specific Attributes (VSAs) can be used instead of the Service-Type attributes provided by your RADIUS server. This method requires a dictionary entry and a RADIUS users file. In the dictionary file, you can define the names for the ATTRIBUTE and VALUE keywords, but not the numeric values. If you change the numeric values, RADIUS authentication and authorization will not work correctly.
RADIUS Users file with VSAs. Following is an example of a RADIUS users file with VSAs: VSAAdmin Auth-Type = Local, Password = "admin" DELL-Service-Type = Admin VSADevice Auth-Type = Local, Password = "device" DELL-Service-Type = Device # Give user access to device outlets 1, 2 and 3.
Example with UNIX shadow passwords. If UNIX shadow password files are used (/etc/passwd) with the RADIUS dictionary files, the following two methods can be used to authenticate users: • If all UNIX users have administrative privileges, add the following to the RADIUS “user” file. To allow only Device Users, change the Dell-Service-Type to Device. DEFAULT Auth-Type = System DELL-Service-Type = Admin • Add user names and attributes to the RADIUS "user" file, and verify the password against /etc/passwd.
Index Numerics Browsers CA certificates in browser’s store (cache) 10/100 base-T connector, front panel 12 10/100 LED, front panel 12, 14 200 danger of leaving browser open 201 error messages 87 lock icon when SSL is installed 200 types and versions supported 84 A About options for information about the Rack PDU 173 enabling or disabling methods of access to the command line interface priorities 2 to the command line interface Managed Rack PDU USER’S GUIDE Access remotely 187 Administration 159
53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 69, 67, 68, 70, 71 phLowLoad 72, 73, 74, 75, 76, 35, 77, 36 quit 36 radius 37, 38, 39 sensorName 78, 40 tcpip 41, 42, 79, 80, 81 user 43, 81, 82 web 44, 83 xferINI 45 22, 159, 8 logging on 15 main screen 18 remote access 15, 23 Community Name for trap receivers 144 Configuring RADIUS authentication 133 SSH 221, 222 Contact identification (whom to contact) 167 reverse lookup 124 Telnet 159 use of a proxy server 85 Managed Rack PDU USER’S GUIDE olAss
F Humidity sensor Facility Code (Syslog setting) 146 Fingerprints, displaying and comparing 222 Firmware benefits of upgrading 180 Hysteresis 119 FTP or SCP 182 XMODEM 184 upgrading multiple Rack PDUs 184 Firmware versions displayed on main screen 19 Follower outlet groups 98 From Address (SMTP setting) 141 FTP Managed Rack PDU I Identification (Name, Location, and Contact) in Web interface 167 Identification fields on main screen 19 Inactivity timeout 135 ini files, See User configuration files Init
follower 98 global 98 initiator 98 local 98 purpose and benefits rules for configuring system requirements typical configurations Location (system value) 167 Logging on access priorities 2 locally (through a serial port) to the control console 17 Web interface 85 Login date and time control console 19 Outlet settings configuring 110, 108 M Outlets global 98 Override keyword, user configuration file 174 Main screen displaying identification 19 firmware values displayed 19 login date and time 19 status
S Primary NTP Server 168 Proxy servers SCP configuring not to proxy the PDU 85 disabling use of 85 enabled and configured with SSH 200, 221 Q for encrypted file transfer 199, 166, 219, Quick Links, configuration 173 transferring firmware files 182 using non-standard port 197, 127 213, 217 R configuring name and location 97 front panel 11 getting started 4 product features 1 troubleshooting access problems 186 RADIUS Managed Rack PDU USER’S GUIDE Rack PDU Secondary NTP Server 168 Section head
Syslog Server certificates identifying the Syslog server and port 145 mapping event severity to Syslog priorities 146 creating to use with a Certificate Authority 214, 210 Severity Mapping (Syslog setting) 146 Signing requests, creating 214 SMTP server selecting for e-mail recipients 142, 141 SNMP access and access control SNMPv1 162, 163 disabling SNMPv1 for high-security systems 161 v1 disabling 197 READ access 197 authentication 198 encryption 199 Managed Rack PDU USER’S GUIDE 144 SSH 16 confi
Up Time Managed Rack PDU USER’S GUIDE control console main screen 19 in Web interface 173 Update Interval, Date & Time setting 168 Update Using NTP Now, Date & Time setting 168 Upgrade firmware 180 Upload event 178 URL address formats 86 User access identification in control console interface 19 User access, types of accounts 3 User configuration files contents 174, 176 exporting system time separately 176 messages for undiscovered devices 179 overriding device-specific values 174 retrieving and exporti
Managed Rack PDU USER’S GUIDE Information in this document is subject to change without notice. © 2010 Dell Inc. All rights reserved. Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden. Trademarks used in this text: Dell, and the DELL logo, are trademarks of Dell Inc. Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Dell Inc.