Users Guide

ManualsBrandsDell ManualsAlienwareOEMR T440

100

Configuring services

You can configure and enable the following services on iDRAC:

Local

Configuration

Disable access to iDRAC configuration (from the host system) using Local RACADM and iDRAC Settings

utility.

Web Server Enable access to iDRAC web interface. If you disable the web interface, remote RACADM also gets

disabled. Use local RACADM to re-enable the web server and remote RACADM.

SEKM

Configuration

Enables secure enterprise key management functionality on iDRAC using a client server architecture.

SSH Access iDRAC through firmware RACADM.

Remote RACADM Remotely access iDRAC.

SNMP Agent Enables support for SNMP queries (GET, GETNEXT, and GETBULK operations) in iDRAC.

Automated

System Recovery

Agent

Enable Last System Crash Screen.

Redfish Enables support for Redfish RESTful API.

VNC Server Enable VNC server with or without SSL encryption.

Configuring services using web interface

To configure the services using iDRAC Web interface:

1. In the iDRAC Web interface, go to iDRAC Settings > Services.

The Services page is displayed.

2. Specify the required information and click Apply.

For information about the various settings, see the iDRAC Online Help.

NOTE:

Do not select the Prevent this page from creating additional dialogs check-box. Selecting this option

prevents you from configuring services.

You can configure SEKM from iDRAC Settings page. Click iDRAC Settings > Services > SEKM Configuration.

NOTE: For detailed step by step procedure for configuring SEKM, see the iDRAC Online Help.

NOTE: When Security (Encryption) mode is changed from None to SEKM, Real-Time job is not available. But it will

be added to Staged job list. However, Real-Time job is successful when the mode is changed from SEKM to None.

Verify the following when changing the value of the Username Field in Client Certificate section on the KeySecure server

(for ex: changing the value from Common Name (CN) to User ID (UID))

a. While using an existing account:

● Verify in the iDRAC SSL certificate that, instead of the Common Name field, the User name field now matches the

existing username on the KMS. If they don't, then you will have to set the username field and regenerate the SSL

certificate again, get it signed on KMS and re-upload to iDRAC.

b. While using a new user account:

● Make sure the User name string matches the username field in the iDRAC SSL certificate.

● If they don't match, then you will need to reconfigure the iDRAC KMS attributes Username and Password.

● Once the certificate is verified to contain the username, then the only change that needs to be made is to change the

key ownership from the old user to the new user to match the newly created KMS username.

While using Vormetric Data Security Manager as KMS, ensure that the Common Name (CN) field in iDRAC SSL certificate

matches with the host name added to Vormetric Data Security Manager. Otherwise, the certificate may not import

successfully.

NOTE:

● Rekey option will be disabled when racadm sekm getstatus reports as Failed.

● SEKM only supports Common name, User ID, or Organization Unit for User Name field under Client certificate.

96 Configuring iDRAC