Users Guide
Prerequisites before enabling Auto Config
Before enabling the Auto config feature, make sure that following are already set:
● Supported network share (NFS or CIFS) is available on the same subnet as the iDRAC and DHCP server. Test the network
share to ensure that it can be accessed and that the firewall and user permissions are set correctly.
● Server configuration profile is exported to the network share. Also, make sure that the necessary changes in the XML file are
complete so that proper settings can be applied when the Auto Config process is initiated.
● DHCP server is set and the DHCP configuration is updated as required for iDRAC to call the server and initiate the Auto
Config feature.
Enabling Auto Config using iDRAC web interface
Make sure that DHCPv4 and the Enable IPv4 options are enabled and Auto-discovery is disabled.
To enable Auto Config:
1. In the iDRAC web interface, go to Overview > iDRAC Settings > Network.
The Network page is displayed.
2. In the Auto Config section, select one of the following options from the Enable DHCP Provisioning drop-down menu:
● Enable Once — Configures the component only once using the XML file referenced by the DHCP server. After this,
Auto Config is disabled.
● Enable once after reset — After the iDRAC is reset, configures the components only once using the XML file
referenced by the DHCP server. After this, Auto Config is disabled.
● Disable — Disables the Auto Config feature.
3. Click Apply to apply the setting.
The network page automatically refreshes.
Enabling Auto Config using RACADM
To enable Auto Config feature using RACADM, use the iDRAC.NIC.AutoConfig object.
For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
For more information on the Auto Config feature, see the Zero-Touch Bare Metal Server Provisioning using Dell iDRAC with
Lifecycle Controller Auto Config white paper available at the delltechcenter.com/idrac.
Using hash passwords for improved security
You can set user passwords and BIOS passwords using a one-way hash format. The user authentication mechanism is not
affected (except for SNMPv3 and IPMI) and you can provide the password in plain text format.
With the new password hash feature:
● You can generate your own SHA256 hashes to set iDRAC user passwords and BIOS passwords. This allows you to have the
SHA256 values in the server configuration profile, RACADM, and WSMAN. When you provide the SHA256 password values,
you cannot authenticate through SNMPv3 and IPMI.
● You can set up a template server including all the iDRAC user accounts and BIOS passwords using the current plain text
mechanism. After the server is set up, you can export the server configuration profile with the password hash values. The
export includes the hash values required for SNMPv3 authentication. Importing this profile results in losing the IPMI
authentication for users who have the hashed password values set and the F2 IDRAC interface shows that the user account
is disabled.
● The other interfaces such as IDRAC GUI will show the user accounts enabled.
NOTE:
When downgrading a Dell 12th generation PowerEdge server from version 2.xx.xx.xx to 1.xx.xx, if the server is set
with hash authentication, then you will not be able to log in to any interface unless the password is set to default.
You can generate the hash password with and without Salt using SHA256.
You must have Server Control privileges to include and export hash passwords.
If access to all accounts is lost, use iDRAC Settings Utility or local RACADM and perform reset iDRAC to default task.
48
Setting up managed system and management station