iDRAC 8/7 v2.30.30.
Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your computer. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. © 2016 Dell Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws.
Contents 1 Overview...............................................................................................................16 Benefits of using iDRAC with Lifecycle Controller.............................................................................16 Key features..........................................................................................................................................17 New in this release..............................................................................
Enabling or disabling default password warning message using web interface........................ 42 Enabling or disabling warning message to change default login password using RACADM.... 42 Invalid password credentials...............................................................................................................43 3 Setting up managed system and management station...............................44 Setting up iDRAC IP address.................................................................
Backing up server profile.................................................................................................................... 82 Backing up server profile using iDRAC web interface................................................................. 83 Backing up server profile using RACADM.................................................................................... 83 Scheduling automatic backup server profile...............................................................................
Enabling or disabling OS to iDRAC Pass-through using RACADM........................................... 103 Enabling or disabling OS to iDRAC Pass-through using iDRAC settings utility........................ 103 Obtaining certificates........................................................................................................................104 SSL server certificates..................................................................................................................
Switching between RAC serial and serial console while using DB9 cable..................................... 129 Switching from serial console to RAC serial.............................................................................. 129 Switching from RAC serial to serial console.............................................................................. 129 Communicating with iDRAC using IPMI SOL...................................................................................
Creating Active Directory objects and providing privileges.......................................................172 Configuring the browser to enable Active Directory SSO......................................................... 172 Configuring iDRAC SSO login for Active Directory users................................................................ 173 Configuring iDRAC SSO login for Active Directory users using web interface.........................
Viewing System Event Log................................................................................................................190 Viewing System Event Log using web interface........................................................................ 190 Viewing System Event Log using RACADM................................................................................190 Viewing System Event Log using iDRAC settings utility.............................................................
Supported NIC firmware versions for I/O Identity Optimization..............................................205 Virtual/Flex Address and Persistence Policy behavior when iDRAC is set to Flex Address mode or Console mode............................................................................................................. 205 System behavior for FlexAddress and I/O Identity.................................................................... 206 Enabling or disabling I/O Identity Optimization............
12 Gbps SAS HBA adapter operations........................................................................................ 246 Monitoring predictive failure analysis on drives........................................................................ 246 Controller operations in non-RAID (HBA) mode.......................................................................246 Running RAID configuration jobs on multiple storage controllers...........................................247 Managing PCIe SSDs.............
Synchronizing mouse pointers...................................................................................................272 Passing all keystrokes through virtual console for Java or ActiveX plug-in............................. 273 15 Managing virtual media................................................................................. 277 Supported drives and devices...........................................................................................................
Downloading partition contents................................................................................................ 298 Booting to a partition..................................................................................................................299 18 Using SMCLP...................................................................................................300 System management capabilities using SMCLP..............................................................................
Configuring iDRAC Quick Sync settings using RACADM.......................................................... 325 Configuring iDRAC Quick Sync settings using iDRAC settings utility.......................................326 Using mobile device to view iDRAC information............................................................................ 326 22 Deploying operating systems...................................................................... 327 Deploying operating system using VMCLI....................
System Event Log............................................................................................................................. 346 Network security............................................................................................................................... 347 Active Directory.................................................................................................................................347 Single Sign-On.......................................................
Overview 1 The Integrated Dell Remote Access Controller (iDRAC) is designed to make server administrators more productive and improve the overall availability of Dell servers. iDRAC alerts administrators to server issues, helps them perform remote server management, and reduces the need for physical access to the server. iDRAC with Lifecycle Controller technology is part of a larger data center solution that helps keep business critical applications and workloads available always.
• Secure Environment — By providing secure access to remote servers, administrators can perform critical management functions while maintaining server and network security. • Enhanced Embedded Management through Lifecycle Controller – Lifecycle Controller provides deployment and simplified serviceability through Lifecycle Controller GUI for local deployment and Remote Services (WS-Management) interfaces for remote deployment integrated with Dell OpenManage Essentials and partner consoles.
• Perform the following operations for storage devices: – Physical disks: Assign or unassign physical disk as a global hot spare. – Virtual disks: * Create virtual disks. * Edit virtual disks cache policies. * Check virtual disk consistency. * Initialize virtual disks. * Encrypt virtual disks. * Assign or unassign dedicated hot spare. * Delete virtual disks. – Controllers: * Configure controller properties. * Import or auto-import foreign configuration. * Clear foreign configuration.
• View boot and crash capture videos. • Out-of-band monitor and alert the performance index of CPU, memory, and I/O modules. • Configure warning threshold for inlet temperature and power consumption. • Use iDRAC Service Module to: – View operating system information. – Replicate Lifecycle Controller logs to operating system logs. – Automatic system recovery options. – Populate Windows Management Instrumentation (WMI) information. – Integrate with SupportAssist collection.
NOTE: Telnet does not support SSL encryption and is disabled by default. • Secure Shell (SSH) that uses an encrypted transport layer for higher security. • Login failure limits per IP address, with login blocking from that IP address when the limit is exceeded. • Limited IP address range for clients connecting to iDRAC. • Dedicated Gigabit Ethernet adapter available on rack and tower servers (additional hardware may be required). New in this release • Added support for Redfish 1.
in the iDRAC Settings GUI (press during boot, and then click iDRAC Settings on the System Setup Main Menu page). Supported web browsers iDRAC is supported on the following browsers: • • • • Internet Explorer Mozilla Firefox Google Chrome Safari For the list of versions, see the iDRAC8 Release Notes available at dell.com/idracmanuals. Managing licenses iDRAC features are available based on the purchased license (Basic Management, iDRAC Express, or iDRAC Enterprise).
You can perform the following licensing operations using iDRAC, RACADM, WS-MAN, and Lifecycle Controller-Remote Services for one-to-one license management, and Dell License Manager for one-tomany license management: • View — View the current license information. • Import — After acquiring the license, store the license in a local storage and import it into iDRAC using one of the supported interfaces. The license is imported if it passes the validation checks.
License/ Component state or condition Import Export Delete Replace Learn More License installed but component missing No Yes Yes No Yes NOTE: In the iDRAC Web interface, on the Licenses page, expand the device to view the Replace option in the drop-down menu. Managing licenses using iDRAC web interface To manage the licenses using the iDRAC web interface, go to Overview → Server → Licenses.
Feature Basic Mana geme nt (iDRA C7) iDRAC iDRAC 8 Basic 7 Expres s iDRAC 8 Expres s iDRAC iDRAC8 7 Express Expre for Blades ss for Blades iDRAC7 Enterprise iDRAC8 Enterprise SSH No Yes Yes Yes Yes Yes Yes Yes WS-MAN Yes Yes Yes Yes Yes Yes Yes Yes Network Time Protocol No No Yes Yes Yes Yes Yes Yes Shared NIC (LOM) Yes Yes Yes Yes N/A N/A Yes Yes Dedicated NIC2 No Yes No Yes Yes Yes Yes Yes1 VLAN tagging Yes Yes Yes Yes Yes Yes Yes Yes IPv4 Yes
Feature Basic Mana geme nt (iDRA C7) iDRAC iDRAC 8 Basic 7 Expres s iDRAC 8 Expres s iDRAC iDRAC8 7 Express Expre for Blades ss for Blades iDRAC7 Enterprise iDRAC8 Enterprise Single sign-On (kerberos) No No No Yes No Yes Yes Yes PK authentication (for SSH) No No No Yes No Yes No Yes Power control Yes4 Yes Yes Yes Yes Yes Yes Yes Boot control No Yes No Yes No Yes No Yes Serial-over-LAN Yes Yes Yes Yes Yes Yes Yes Yes Virtual Media No No No No Yes Yes
Feature Basic Mana geme nt (iDRA C7) iDRAC iDRAC 8 Basic 7 Expres s iDRAC 8 Expres s iDRAC iDRAC8 7 Express Expre for Blades ss for Blades iDRAC7 Enterprise iDRAC8 Enterprise Real-time power meter Yes Yes Yes Yes Yes Yes Yes Yes Power thresholds and alerts (includes headroom) No No No Yes No Yes No Yes Real-time power graphing No No Yes Yes Yes Yes Yes Yes Historical power counters Yes No Yes Yes Yes Yes Yes Yes Power capping No No No No No No Yes Yes Powe
Feature Basic Mana geme nt (iDRA C7) iDRAC iDRAC 8 Basic 7 Expres s iDRAC 8 Expres s iDRAC iDRAC8 7 Express Expre for Blades ss for Blades iDRAC7 Enterprise iDRAC8 Enterprise Memory monitoring No Yes No Yes No Yes No Yes CPU monitoring No Yes No Yes No Yes No Yes RAID monitoring No Yes No Yes No Yes No Yes NIC monitoring No Yes No Yes No Yes No Yes HD monitoring (enclosure) No Yes No Yes No Yes No Yes Out of Band Performance Monitoring No No No No No
Feature Basic Mana geme nt (iDRA C7) iDRAC iDRAC 8 Basic 7 Expres s iDRAC 8 Expres s iDRAC iDRAC8 7 Express Expre for Blades ss for Blades iDRAC7 Enterprise iDRAC8 Enterprise Auto-Discovery No Yes Yes Yes Yes Yes Yes Yes Remote OS deployment No No No Yes No Yes No Yes Embedded driver pack No Yes No Yes No Yes No Yes Full configuration inventory No Yes No Yes No Yes No Yes Inventory export No Yes No Yes No Yes No Yes Remote configuration No Yes Yes Yes
Feature Basic Mana geme nt (iDRA C7) iDRAC iDRAC 8 Basic 7 Expres s iDRAC 8 Expres s iDRAC iDRAC8 7 Express Expre for Blades ss for Blades iDRAC7 Enterprise iDRAC8 Enterprise iDRAC Direct (front USB management port) No Yes No Yes No Yes No Yes iDRAC Service Module (iSM) No Yes Yes Yes Yes Yes Yes Yes Embedded Tech Support Report No Yes Yes Yes Yes Yes Yes Yes Crash screen capture5 No No Yes Yes Yes Yes Yes Yes Crash video capture5 No No No No No No Yes Yes
[4] Available only using IPMI. [5] Requires OMSA agent on target server. Interfaces and protocols to access iDRAC The following table lists the interfaces to access iDRAC. NOTE: Using more than one interface at the same time may generate unexpected results. Table 2. Interfaces and protocols to access iDRAC Interface or Protocol Description iDRAC Settings Utility Use the iDRAC Settings utility to perform pre-OS operations.
Interface or Protocol Description To reset iDRAC without rebooting the server, press and hold the System Identification button for 16 seconds.
Interface or Protocol Description client (Windows) or the OpenWSMAN client (Linux) to use the LC-Remote Services functionality. You can also use Power Shell and Python to script to the WS-MAN interface. Web Services for Management (WS-Management) are a Simple Object Access Protocol (SOAP)–based protocol used for systems management. iDRAC uses WS– Management to convey Distributed Management Task Force (DMTF) Common Information Model (CIM)–based management information.
Port Number Function When VNC feature is enabled, the port 5901 opens. * Configurable port The following table lists the ports that iDRAC uses as a client. Table 4.
started with Remote Services, Lifecycle Controller API, and provides references to various resources on Dell TechCenter. • The Dell Remote Access Configuration Tool User’s Guide provides information on how to use the tool to discover iDRAC IP addresses in your network and perform one-to-many firmware updates and active directory configurations for the discovered IP addresses.
Dell provides several online and telephone-based support and service options. Availability varies by country and product, and some services may not be available in your area. To contact Dell for sales, technical support, or customer service issues: 1. Go to Dell.com/support. 2. Select your support category. 3. Verify your country or region in the Choose a Country/Region drop-down list at the bottom of the page. 4. Select the appropriate service or support link based on your need.
Logging in to iDRAC 2 You can log in to iDRAC as an iDRAC user, as a Microsoft Active Directory user, or as a Lightweight Directory Access Protocol (LDAP) user. The default user name is root and the default password is calvin. You can also log in using Single Sign-On or Smart Card. NOTE: You must have Login to iDRAC privilege to log in to iDRAC.
If the domain is not specified in the user name, select the Active Directory domain from the Domain drop-down menu. 5. For an LDAP user, in the Username and Password fields, enter your LDAP user name and password. Domain name is not required for LDAP login. By default, This iDRAC is selected in the drop-down menu. 6. Click Submit. You are logged in to iDRAC with the required user privileges.
3. Enter the Smart Card PIN for local Smart Card users. You are logged in to the iDRAC. NOTE: If you are a local user for whom Enable CRL check for Smart Card Logon is enabled, iDRAC attempts to download the CRL and checks the CRL for the user's certificate. The login fails if the certificate is listed as revoked in the CRL or if the CRL cannot be downloaded for some reason.
• You have logged in to your system using a valid Active Directory user account. • Single Sign-On option is enabled during Active Directory configuration. To log in to iDRAC using web interface: 1. Log in to your management station using a valid Active Directory account. 2. In a web browser, type https://[FQDN address] NOTE: If the default HTTPS port number (port 443) has been changed, type: https://[FQDN address]:[port number] where, [FQDN address] is the iDRAC FQDN (iDRACdnsname.domain.
To validate the certificate for using remote RACADM: 1. Convert the certificate in DER format to PEM format (using openssl command-line tool): openssl x509 -inform pem -in [yourdownloadedderformatcert.crt] –outform pem -out [outcertfileinpemformat.pem] –text 2. Find the location of the default CA certificate bundle on the management station. For example, for RHEL5 64 bit, it is /etc/pki/tls/cert.pem. 3. Append the PEM formatted CA certificate to the management station CA certificate.
Multiple iDRAC sessions The following table provides the list of multiple iDRAC sessions that are possible using the various interfaces. Table 5. Multiple iDRAC sessions Interface Number of Sessions iDRAC Web Interface 6 Remote RACADM 4 Firmware RACADM / SMCLP SSH - 2 Telnet - 2 Serial - 1 Changing default login password The warning message that allows you to change the default password is displayed if: • You log in to iDRAC with Configure User privilege.
NOTE: Continue is enabled only if the passwords entered in the New Password and Confirm Password fields match. For information about the other fields, see the iDRAC Online Help. Changing default login password using RACADM To change the password, run the following RACADM command: racadm set iDRAC.Users..Password where, is a value from 1 to 16 (indicates the user account) and is the new user— defined password.
Invalid password credentials To provide security against unauthorized users and denial of service (DoS) attack, iDRAC provides the following before blocking the IP and SNMP traps (if enabled): • Series of sign-in errors and alerts • Increased time intervals with each sequential incorrect login attempt • Log entries NOTE: The sign-errors and alerts, increased time interval for each incorrect login, and log entries are available using any of the iDRAC interfaces such as web interface, Telnet, SSH, Remote
Setting up managed system and management station 3 To perform out-of-band systems management using iDRAC, you must configure iDRAC for remote accessibility, set up the management station and managed system, and configure the supported web browsers. NOTE: In case of blade servers, install CMC and I/O modules in the chassis and physically install the system in the chassis before performing the configurations. Both iDRAC Express and iDRAC Enterprise ship from the factory with a default static IP address.
NOTE: In case of blade servers, you can configure the network setting using the Chassis LCD panel only during initial configuration of CMC. After the chassis is deployed, you cannot reconfigure iDRAC using the Chassis LCD panel. • CMC Web interface (see Dell Chassis Management Controller Firmware User’s Guide) In case of rack and tower servers, you can set up the IP address or use the default iDRAC IP address 192.168.0.
IPv4 settings IPv6 settings IPMI settings VLAN settings Network settings To configure the Network Settings: NOTE: For information about the options, see the iDRAC Settings Utility Online Help. 1. Under Enable NIC, select the Enabled option. 2. From the NIC Selection drop-down menu, select one of the following ports based on the network requirement: • Dedicated — Enables the remote access device to use the dedicated network interface available on the Remote Access Controller (RAC).
NOTE: Failover is not supported on shared LOM for the following Emulex rNDCs and bNDCs: • Emulex OCM14104-UX-D rNDC 10 Gbx • Emulex OCM14104-U1-D rNDC 10 Gb • Emulex OCM14104-N1-D rNDC 10 Gb • Emulex OCM14104B-N1-D rNDC 10 Gb • Emulex OCM14102-U2-D bNDC 10 Gb • Emulex OCM14102-U4-D bNDC 10 Gb • Emulex OCM14102-N6-D bNDC 10 Gb NOTE: On Dell PowerEdge FM120x4 and FX2 servers, Failover Network is not supported for the chassis sled configurations.
3. Optionally, enable Use DHCP to obtain DNS server address, so that the DHCP server can assign the Static Preferred DNS Server and Static Alternate DNS Server. Else, enter the IP addresses for Static Preferred DNS Server and Static Alternate DNS Server. IPv6 settings Alternately, based on the infrastructure setup, you can use IPv6 address protocol. To configure the IPv6 settings: 1. Select Enabled option under Enable IPv6. 2.
NOTE: You must have Chassis Configuration Administrator privilege to set up iDRAC network settings from CMC. 1. Log in to CMC Web interface. 2. Go to Server Overview → Setup → iDRAC. The Deploy iDRAC page is displayed. 3. Under iDRAC Network Settings, select Enable LAN and other network parameters as per requirements. For more information, see CMC online help. 4. For additional network settings specific to each blade server, go to Server Overview → . The Server Status page is displayed.
To enable provisioning server using iDRAC Settings utility: 1. Turn on the managed system. 2. During POST, press F2, and go to iDRAC Settings → Remote Enablement. The iDRAC Settings Remote Enablement page is displayed. 3. Enable auto-discovery, enter the provisioning server IP address, and click Back. NOTE: Specifying the provisioning server IP is optional. If it is not set, it is discovered using DHCP or DNS settings (step 7). 4. Click Network. The iDRAC Settings Network page is displayed. 5.
two server models to configure — PowerEdge R730s and PowerEdge R530s, use two SCP files, R730config.xml and R530-config.xml. NOTE: On systems with iDRAC version 2.20.20.20 and later if the file name parameter is not present in DHCP option 60, the iDRAC server configuration agent automatically generates the configuration filename using the server Service Tag, model number, or the default filename — config.xml.
option subnet-mask 255.255.255.0; option nis-domain "domain.org"; option domain-name "domain.org"; option domain-name-servers 192.168.1.1; option time-offset -18000; #Eastern Standard Time option vendor-class-identifier "iDRAC"; set vendor-string = option vendor-class-identifier; option myname "-f system_config.xml -i 192.168.0.
6. In the Description: field, type Vendor Class. 7. Click in the ASCII: section and type iDRAC. 8. Click OK and then Close. 9. On the DHCP window, right-click IPv4 and select Set Predefined Options. 10. From the Option class drop-down menu, select iDRAC (created in step 4) and click Add. 11. In the Option Type dialog box, enter the following information: • Name — iDRAC • Data Type — String • Code — 060 • Description — Dell vendor class identifier 12. Click OK to return to the DHCP window. 13.
CIFS: -f system_config.xml -i 192.168.1.101 -n cifs_share -s 2 -u -p -d 1 -t 400 Configuring option 43 and option 60 on Linux Update the /etc/dhcpd.conf file. The steps to configure the options are similar to the steps for Windows: 1. Set aside a block or pool of addresses that this DHCP server can allocate. 2. Set the option 43 and use the name vendor class identifier for option 60. option myname code 43 = text; subnet 192.168.0.0 netmask 255.255.0.
• Timetowait (-t) — Indicates the time the host system waits before shutting down. The default setting is 300. • EndHostPowerState (-e) — Indicates the power state of the host. 0 indicates OFF and 1 indicates ON. The default setting is 1. NOTE: ShutdownType (-d), Timetowait (-t), and EndHostPowerState (-e) are optional attributes. The following is an example of a static DHCP reservation from a dhcpd.conf file: host my_host { hardware ethernet b8:2a:72:fb:e6:56; fixed-address 192.168.0.
Enabling Auto Config using RACADM To enable Auto Config feature using RACADM, use the iDRAC.NIC.AutoConfig object. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide. NOTE: For more information on the Auto Config feature, see the Zero-Touch Bare Metal Server Provisioning using Dell iDRAC with Lifecycle Controller Auto Config white paper available at the delltechcenter.com/idrac. Using hash passwords for improved security On PowerEdge servers with version 2.xx.xx.
NOTE: The attributes are not applicable to the INI configuration file. Hash password in server configuration profile The new hash passwords can be optionally exported in the server configuration profile. When importing server configuration profile, you can uncomment the existing password attribute or the new password hash attribute(s). If both are uncommented an error is generated and the password is not set. A commented attribute is not applied during an import.
• Blade servers — The management station must be on the same network as CMC. For more information on isolating CMC network from the managed system’s network, see Chassis Management Controller User’s Guide available at dell.com/support/manuals. • Rack and tower servers — Set the iDRAC NIC to Dedicated or LOM1 and make sure that the management station is on the same network as iDRAC. To access the managed system’s console from a management station, use Virtual Console through iDRAC Web interface.
For information about the options, see the iDRAC Online Help. 3. Click Apply. The system location details are saved in iDRAC. Setting up managed system location using RACADM To specify the system location details, use the System.Location group objects. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals. Setting up managed system location using iDRAC settings utility To specify the system location details: 1.
* Reduced probability of memory or CPU throttling. * Increased probability of turbo mode activation. * Generally, higher fan speeds at idle and stress loads. – Minimum Power (Performance per Watt Optimized): * Optimized for lowest system power consumption based on optimum fan power state. * Generally, lower fan speeds at idle and stress loads.
The allowable range for minimum fan speed PWM is dynamic based on the system configuration. The first value is the idle speed and the second value is the configuration max (which may or may not be 100% based on system configuration). System fans can run higher than this speed as per thermal requirements of the system but not lower than the defined minimum speed. For example, setting Minimum Fan Speed at 35% limits the fan speed to never go lower than 35% PWM. NOTE: 0% PWM does not indicate fan is off.
Object Description Usage Example If a system does not support a particular air exhaust temperature limit, then when you run the following command: racadm set system.thermalsettings.AirE xhaustTemp 0 The following error message is displayed: ERROR: RAC947: Invalid object value specified. Make sure to specify the value depending on the type of object. For more information, see RACADM help. To set the limit to the default value: racadm set system.thermalsettings.
Object FanSpeedMed iumOffsetVa l Description Use FanSpeedOffset to set this value using index value 3 This returns a value such as “100”. This means that when you use the following command, it applies a fan speed offset of Max (meaning full speed, 100% PWM). In most cases, this offset results in fan speeds increasing to full speed. racadm set system.thermalsettings FanSpeedOffset 3 • Getting this variable reads Values from 0-100 the fan speed offset value in %PWM for Medium Fan Speed Offset setting.
Object Description Usage MFSMinimumL imit Read Minimum limit for MFS Values from 0 to To display the lowest value that can MFSMaximumLimi be set using MinimumFanSpeed t option. MinimumFanS peed • • • ThermalProf ile • • Example Default is 255 (means None) racadm get system.thermalsettings.MFSM inimumLimit Allows configuring the Minimum Fan speed that is required for the system to operate.
• Fan Speed Offset • Minimum Fan Speed For information about the fields, see the Modifying thermal settings using web interface. The settings are persistent, which means that once they are set and applied, they do not automatically change to the default setting during system reboot, power cycling, iDRAC, or BIOS updates. A few Dell servers may or may not support some or all of these custom user cooling options.
• Launching programs and files in an IFRAME: Enable • Open files based on content, not file extension: Enable • Software channel permissions: Low safety • Submit non-encrypted form data: Enable • Use Pop-up Blocker: Disable Under Scripting: • Active scripting: Enable • Allow paste operations via script: Enable • Scripting of Java applets: Enable 5. Go to Tools → Internet Options → Advanced. 6.
NOTE: To modify the settings, it is recommended that you learn and understand the consequences. For example, if you block pop-ups, parts of iDRAC Web interface may not function properly. 7. Click Apply, and then click OK. 8. Click the Connections tab. 9. Under Local Area Network (LAN) settings, click LAN Settings. 10. If you are using IE9 and IPv6 address to access iDRAC, clear the Use automatic configuration script option. 11.
The values for Preference Name, Status, Type, and Value change to bold text. The Status value changes to user set and the Value changes to false. 4. In the Preferences Name column, locate xpinstall.enabled. Make sure that Value is true. If not, double-click xpinstall.enabled to set Value to true.
immediately. Updates that require a system reboot are staged and committed to run on the next system reboot. Only one system reboot is required to perform all updates. After the firmware is updated, the System Inventory page displays the updated firmware version and logs are recorded. The supported firmware image file types are: • .exe — Windows-based Dell Update Package (DUP) • .d7 — Contains both iDRAC and Lifecycle Controller firmware For files with .
Component Name Firmware Rollback Out-of-band — Supported? (Yes or System Restart No) Required? In-band — System Restart Required? Lifecycle Controller GUI — Restart Required? RAID Controller Yes Yes Yes Yes Backplanes Yes Yes Yes Yes Enclosures Yes Yes No Yes NIC Yes Yes Yes Yes Power Supply Unit Yes Yes Yes Yes CPLD No Yes Yes Yes FC Cards Yes Yes Yes Yes NVMe PCIe SSD drives (Dell’s 13th generation of PowerEdge servers only) Yes No No No SAS/SATA hard drives No
Downloading device firmware The image file format that you download depends on the method of update: • iDRAC Web interface — Download the binary image packaged as a self-extracting archive. The default firmware image file is firmimg.d7. NOTE: The same file format is used to recover iDRAC using CMC Web interface. • Managed System — Download the operating system-specific Dell Update Package (DUP). The file extensions are .bin for Linux Operating systems and .exe for Windows operating systems.
Related Links Updating device firmware Viewing and managing staged updates Downloading device firmware Updating firmware using repository You can perform multiple firmware updates by specifying a network share containing a valid repository of DUPs and a catalog describing the available DUPs. When iDRAC connects to the network share location and checks for available updates, a comparison report is generated that lists all available updates.
Scheduling automatic firmware updates Updating firmware using FTP You can directly connect to the Dell FTP site or any other FTP site from iDRAC to perform the firmware updates. You can use the Windows-based update packages (DUPs) and a catalog file available on the FTP site instead of creating custom repositories. Before performing an update using the repository, make sure that: • Lifecycle Controller is enabled. • You have Server Control privilege to update firmware for devices other than iDRAC.
To update device firmware using TFTP: 1. In the iDRAC web interface, go to Overview → iDRAC Settings → Update and Rollback. The Firmware Update page is displayed. 2. On the Update tab, select TFTP as the File Location. 3. In the TFTP Server Settings section, enter the TFTP details. For information about the fields, see the iDRAC Online Help. 4. Click Check for Update. 5.
5. After the upload is complete, the Update Details section displays a comparison report showing the current firmware versions and the firmware versions available in the repository. NOTE: Any update in the repository that is not applicable to the system or the installed hardware or is not supported is not included in the comparison report. 6. Select the required updates and do one of the following: • For firmware images that do not require a host system reboot, click Install. For example, .
NOTE: IPv6 address is not supported for scheduling automatic firmware updates. Related Links Downloading device firmware Updating device firmware Viewing and managing staged updates Scheduling automatic firmware update using web interface To schedule automatic firmware update using web Interface: NOTE: Do not create the next scheduled occurrence of an automatic update job if a job is already Scheduled. It overwrites the current scheduled job. 1.
For example, – To automatically update firmware using a CIFS share: racadm AutoUpdateScheduler create -u admin -p pwd -l //1.2.3.4/CIFS-share –f cat.xml -time 14:30 -wom 1 -dow sun -rp 5 -a 1 – To automatically update firmware using FTP: racadm AutoUpdateScheduler create -u admin -p pwd -l ftp.mytest.com -pu puser –pp puser –po 8080 –pt http –f cat.
Updating firmware using remote RACADM To update using remote RACADM: 1. Download the firmware image to the TFTP or FTP server. For example, C:\downloads\firmimg.d7 2. Run the following RACADM command: TFTP server: • Using fwupdate command: racadm -r -u -p fwupdate -g -u -a • Using update command: racadm -r -u -p update —f where path is the location on the TFTP server where firmimg.d7 is stored.
3. From the Chassis Management at Server Mode drop-down menu, select Manage and Monitor, and the click Apply. iDRAC settings to update CMC firmware In the PowerEdge FX2/FX2s chassis, before updating the firmware for CMC and its shared components from iDRAC, do the following settings in iDRAC: 1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Update and Rollback → Settings The Chassis Management Controller Firmware Update Settings page is displayed. 2.
NOTE: On a 12th generation of PowerEdge server with firmware version 2.10.10.10, you cannot roll back Lifecycle Controller to 1.xx.xx without rolling back iDRAC. You must roll back iDRAC first to 1.xx.xx version and only then can you roll back Lifecycle Controller.
4. Click Job Queue. The Job Queue page is displayed, where you can view and manage the staged firmware updates. NOTE: • While in rollback mode, the rollback process continues in the background even if you navigate away from this page. An error message appears if: • You do not have Server Control privilege to rollback any firmware other than the iDRAC or Configure privilege to rollback iDRAC firmware. • Firmware rollback is already in-progress in another session.
Recovering iDRAC iDRAC supports two operating system images to make sure a bootable iDRAC. In the event of an unforeseen catastrophic error and you lose both boot paths: • iDRAC bootloader detects that there is no bootable image. • System Health and Identify LED is flashed at ~1/2 second rate. (LED is located on the back of a rack and tower servers and on the front of a blade server.) • Bootloader is now polling the SD card slot.
• To perform backup on a vFlash SD card: – vFlash SD card is inserted, enabled, and initialized. – vFlash SD card has a minimum available space of 100MB to store the backup file. The backup file contains encrypted user sensitive data, configuration information, and firmware images that you can use for import server profile operation. Backup events are recorded in the Lifecycle Log.
– vFlash SD card has enough space to store the backup file. NOTE: IPv6 address is not supported for scheduling automatic backup server profile. Scheduling automatic backup server profile using web interface To schedule automatic backup server profile: 1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Server Profile. 2. Click the Automatic Backup tab. 3. Select the Enable Automatic Backup option. 4.
Importing server profile You can use the backup image file to import (restore) the configuration and firmware for the same server without rebooting the server. In 13th generation servers, this feature automates the entire motherboard replacement process. After replacing the motherboard and reinstalling the memory, HDDs, and other hardware, a special boot screen is displayed that provides an option to restore all saved configuration, Service Tag and license settings, and diagnostic programs.
• Preserve - Preserves the RAID level, virtual disk, controller attributes, and hard disk data in the system and restores the system to a previously known state using the backup image file. • 6. Delete and Replace - Deletes and replaces the RAID level, virtual disk, controller attributes, and hard disk configuration information in the system with the data from the backup image file. Click Import. The import server profile operation is initiated.
Configuring iDRAC 4 iDRAC enables you to configure iDRAC properties, set up users, and set up alerts to perform remote management tasks. Before you configure iDRAC, make sure that the iDRAC network settings and a supported browser is configured, and the required licenses are updated. For more information about the licensable feature in iDRAC, see Managing licenses.
Modifying network settings Configuring services Configuring front panel display Setting up managed system location Configuring time zone and NTP Setting up iDRAC communication Configuring user accounts and privileges Monitoring and managing power Enabling last crash screen Configuring and using virtual console Managing virtual media Managing vFlash SD card Setting first boot device Enabling or disabling OS to iDRAC Pass-through Configuring iDRAC to send alerts Viewing iDRAC information You can view the bas
NOTE: Changing the network settings may terminate the current network connections to iDRAC. Modifying network settings using web interface To modify the iDRAC network settings: 1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network. 2. Specify the network settings, common settings, IPv4, IPv6, IPMI, and/or VLAN settings as per your requirement and click Apply. The Network page is displayed.
racadm racadm racadm racadm racadm racadm racadm racadm racadm racadm set set set set set set set set set set iDRAC.IPv4.Netmask 255.255.255.0 iDRAC.IPv4.Gateway 192.168.0.120 iDRAC.IPv4.DHCPEnable 0 iDRAC.IPv4.DNSFromDHCP 0 iDRAC.IPv4.DNS1 192.168.0.5 iDRAC.IPv4.DNS2 192.168.0.6 iDRAC.Nic.DNSRegister 1 iDRAC.Nic.DNSRacName RAC-EK00002 iDRAC.Nic.DNSDomainFromDHCP 0 iDRAC.Nic.DNSDomainName MYDOMAIN NOTE: If cfgNicEnable or iDRAC.Nic.Enable is set to 0, the iDRAC LAN is disabled even if DHCP is enabled.
– cfgRacTuneIpRangeEnable – cfgRacTuneIpRangeAddr – cfgRacTuneIpRangeMask • With set command, use the objects in the iDRAC.IPBlocking group: – RangeEnable – RangeAddr – RangeMask The cfgRacTuneIpRangeMask or the RangeMask property is applied to both the incoming IP address and to the cfgRacTuneIpRangeAddr or RangeAddr property. If the results are identical, the incoming login request is allowed to access iDRAC. Logging in from IP addresses outside this range results in an error.
• SSH — Access iDRAC through firmware RACADM. • Telnet — Access iDRAC through firmware RACADM • Remote RACADM — Remotely access iDRAC. • SNMP Agent — Enables support for SNMP queries (GET, GETNEXT, and GETBULK operations) in iDRAC. • Automated System Recovery Agent — Enable Last System Crash Screen. • VNC Server — Enable VNC server with or without SSL encryption. Configuring services using web interface To configure the services using iDRAC Web interface: 1.
– iDRAC.Racadm – iDRAC.SNMP For more information about these objects, see iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals. Enabling or disabling HTTPs redirection If you do not want automatic redirection from HTTP to HTTPs due to certificate warning issue with default iDRAC certificate or as a temporary setting for debugging purpose, you can configure iDRAC such that redirection from http port (default is 80) to https port (default is 443) is disabled.
VNC server disables Virtual Console and allows only Virtual Media. After termination of the VNC session, VNC server restores the original state of Virtual Console (enabled or disabled). NOTE: • When iDRAC NIC is in shared mode and the host system is power cycled, the network connection is lost for a few seconds. During this time, if you perform any action in the active VNC client, the VNC session may close.
disabled when configuring the VNC server settings in iDRAC, then to connect to the VNC Viewer do the following: In the VNC Viewer dialog box, enter the iDRAC IP address and the VNC port number in the VNC Server field. The format is For example, if the iDRAC IP address is 192.168.0.120 and VNC port number is 5901, then enter 192.168.0.120:5901. Configuring front panel display You can configure the front panel LCD and LED display for the managed system.
If you select None, home message is not displayed on the server LCD front panel. 3. Enable Virtual Console indication (optional). If enabled, the Live Front Panel Feed section and the LCD panel on the server displays the Virtual console session active message when there is an active Virtual Console session. 4. Click Apply. The server LCD front panel displays the configured home message. Configuring LCD setting using RACADM To configure the server LCD front panel display, use the objects in the System.
Configuring time zone and NTP You can configure the time zone on iDRAC and synchronize the iDRAC time using Network Time Protocol (NTP) instead of BIOS or host system times. You must have Configure privilege to configure time zone or NTP settings. Configuring time zone and NTP using iDRAC web interface To configure time zone and NTP using iDRAC web interface: 1. Go to Overview → iDRAC Settings → Properties → Settings. The Time zone and NTP page is displayed. 2.
NOTE: • BIOS Setup (F2), Lifecycle Controller (F10), BIOS Boot Manager (F11) only support boot once enabled. • Virtual Console does not support permanent boot configuration. It is always boot once. • The first boot device setting in iDRAC Web Interface overrides the System BIOS boot settings. Setting first boot device using web interface To set the first boot device using iDRAC Web interface: 1. Go to Overview → Server → Setup → First Boot Device. The First Boot Device page is displayed. 2.
3. Use Server Administrator to enable the Auto Recovery timer, set the Auto Recovery action to Reset, Power Off, or Power Cycle, and set the timer in seconds (a value between 60 - 480). For more information, see the Dell OpenManage Server Administrator Installation Guide at dell.com/ support/manuals. 4. 5. Enable the Auto Shutdown and Recovery (ASR) option using one of the following: • Server Administrator — See Dell OpenManage Server Administrator User’s Guide at dell.com/ support/manuals.
• In shared mode, the host operating system's IP address is used. • In dedicated mode, you must provide a valid IP address of the host operating system. If more than one LOM is active, enter the first LOM’s IP address. If the OS to iDRAC Pass-through feature does not work after it is enabled, ensure that you check the following: • The iDRAC dedicated NIC cable is connected properly. • At least one LOM is active. NOTE: It is recommended to use the default IP address.
• PCIe, Mezzanine, and Network Interface Cards. Supported operating systems for USB NIC The operating systems supported for USB NIC are: • Windows Server 2008 R2 SP1 • Windows Server 2008 SP2 (64-bit) • Windows Server 2012 • Windows Server 2012 R2 • SUSE Linux Enterprise Server 10 SP4 (64-bit) • SUSE Linux Enterprise Server 11 SP2 (64-bit) • SUSE Linux Enterprise Server 11 SP4 • RHEL 5.9 (32-bit and 64-bit) • RHEL 6.4 • RHEL 6.7 • vSphere v5.0 U2 ESXi • vSphere v5.
Operating System Firewall Status Avahi Package nss-mdns Package RHEL 5.9 32–bit Disable Install as a separate package (avahi-0.6.16-10.el5_6.i386.rpm) Install as a separate package (nssmdns-0.10-4.el5.i386.rpm) RHEL 6.4 64–bit Disable Install as a separate package (avahi-0.6.25-12.el6.x86_64.rpm) Install as a separate package (nssmdns-0.10-8.el6.x86_64.
The output displays the usb0 entry. Enabling or disabling OS to iDRAC Pass-through using web interface To enable OS to iDRAC Pass-through using Web interface: 1. Go to Overview → iDRAC Settings → Network → OS to iDRAC Pass-through. The OS to iDRAC Pass-through page is displayed. 2. Select any of the following options to enable OS to iDRAC pass-through: • LOM — The OS to iDRAC pass-through link between the iDRAC and the host operating system is established through the LOM or NDC.
NOTE: If the server is connected in shared LOM mode, then the OS IP Address field is disabled. 4. If you select USB NIC as the pass-through configuration, enter the IP address of the USB NIC. The default value is 169.254.0.1. However, if this IP address conflicts with an IP address of other interfaces of the host system or the local network, you must change it. Do not enter 169.254.0.3 and 169.254.0.4 IPs. These IPs are reserved for the USB NIC port on the front panel when a A/A cable is used 5.
Generating a new certificate signing request SSL server certificates iDRAC includes a Web server that is configured to use the industry-standard SSL security protocol to transfer encrypted data over a network. Built upon asymmetric encryption technology, SSL is widely accepted for providing authenticated and encrypted communication between clients and servers to prevent eavesdropping across a network.
Uploading server certificate Viewing server certificate Uploading custom signing certificate Downloading custom SSL certificate signing certificate Deleting custom SSL certificate signing certificate Generating a new certificate signing request A CSR is a digital request to a Certificate Authority (CA) for a SSL server certificate. SSL server certificates allow clients of the server to trust the identity of the server and to negotiate an encrypted session with the server.
CAUTION: During reset, iDRAC is not available for a few minutes. Related Links SSL server certificates Uploading server certificate using web interface To upload the SSL server certificate: 1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network → SSL, select Upload Server Certificate and click Next. The Certificate Upload page is displayed. 2. Under File Path, click Browse and select the certificate on the management station. 3. Click Apply.
Viewing server certificate using RACADM To view the SSL server certificate, use the sslcertview command. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals. Uploading custom signing certificate You can upload a custom signing certificate to sign the SSL certificate. SHA-2 certificates are also supported. Uploading custom signing certificate using web interface To upload the custom signing certificate using iDRAC web interface: 1.
Downloading custom SSL certificate signing certificate using RACADM To download the custom SSL certificate signing certificate, use the sslcertdownload subcommand. For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals. Deleting custom SSL certificate signing certificate You can also delete an existing custom signing certificate using iDRAC Web interface or RACADM.
The command requests the iDRAC configuration and generates the myfile.cfg file. If required, you can configure the file with another name. NOTE: Redirecting the iDRAC configuration to a file using getconfig -f is only supported with the local and remote RACADM interfaces. NOTE: The generated .cfg file does not contain user passwords. The getconfig command displays all configuration properties in a group (specified by group name and index) and all configuration properties for a user by user name. 2.
cfgUserAdminUserName= # cfgUserAdminPassword=******** (Write-Only) cfgUserAdminEnable=0 cfgUserAdminPrivilege=0x00000000 cfgUserAdminIpmiLanPrivilege=15 cfgUserAdminIpmiSerialPrivilege=15 cfgUserAdminSolEnable=0 – If you have used the get command: [idrac.users.
White spaces that are included after the value are ignored. A white space inside a value string remains unmodified. Any character to the right of the '=' is taken as is (for example, a second '=', or a '#', '[', ']', and so forth). These characters are valid modem chat script characters. See the example in the previous bullet. The racadm getconfig -f .cfg command places a comment in front of index objects, allowing the user to see the included comments.
# comment, the rest of this line is ignored cfgNicGateway=10.35.9.1 The command racadm config -f myfile.cfg parses the file and identifies any errors by line number. A correct file updates the proper entries. Additionally, you can use the same getconfig command from the previous example to confirm the update. Use this file to download company-wide changes or to configure new systems over the network. NOTE: "Anchor" is an internal term and do not use it in the file.
Viewing iDRAC and managed system information 5 You can view iDRAC and managed system’s health and properties, hardware and firmware inventory, sensor health, storage devices, network devices, and view and terminate user sessions. For blade servers, you can also view the flex address information.
• RAID controller • Batteries • CPUs • DIMMs • HDDs • Backplanes • Network Interface Cards (integrated and embedded) • Video card • SD card • Power Supply Units (PSUs) • Fans • Fibre Channel HBAs • USB • NVMe PCIe SSD devices The Firmware Inventory section displays the firmware version for the following components: • BIOS • Lifecycle Controller • iDRAC • OS driver pack • 32-bit diagnostics • System CPLD • PERC controllers • Batteries • Physical disks • Power su
NOTE: Configuration changes and firmware updates that are made within the operating system may not reflect properly in the inventory until you perform a server restart. Click Export to export the hardware inventory in an XML format and save it to a location of your choice. Viewing sensor information The following sensors help to monitor the health of the managed system: • Batteries — Provides information about the batteries on the system board CMOS and storage RAID On Motherboard (ROMB).
• Voltage — Indicates the status and reading of the voltage sensors on various system components. The following table provides how to view the sensor information using iDRAC web interface and RACADM. For information about the properties that are displayed on the web interface, see the iDRAC Online Help for the respective pages. Table 10.
monitors this CUPS index for the overall system utilization and also monitors the instantaneous value of CPU, Memory, and I/O utilization index. Utilization information of system resources is obtained by querying the data from a set of dedicated counters provided by the CPU and chipset. These counters are called Resource Monitoring Counters or RMCs.
• Configure privilege is required for setting warning thresholds and reset historical peaks. • Login privilege and Enterprise license is required for reading historical statics data. Monitoring performance index for of CPU, memory, and I/O modules using web interface To monitor the performance index of CPU, memory, and I/O modules, in the iDRAC web interface, go to Overview → Hardware.
duration when the system is powered on. You can track and store the monitored temperature for the last seven years. NOTE: You can track the temperature history even for systems that are not fresh air compliant. However, the threshold limits and fresh air related warnings generated are based on fresh air supported limits. The limits are 42ºC for warning and 47ºC for critical. These values correspond to 40ºC and 45ºC fresh air limits with 2ºC margin for accuracy.
Configuring warning threshold for inlet temperature You can modify the minimum and maximum warning threshold values for the system board inlet temperature sensor. If reset to default action is performed, the temperature thresholds are set to the default values. You must have Configure user privilege to set the warning threshold values for the inlet temperature sensor. Configuring warning threshold for inlet temperature using web interface To configure warning threshold for inlet temperature: 1.
The Network Interfaces page displays all the network interfaces that are available on the host operating system. 2. To view the list of network interfaces associated with a network device, from the Network Device FQDD drop-down menu, select a network device and click Apply. The OS IP details are displayed in the Host OS Network Interfaces section. 3. From the Device FQDD column, click on the network device link.
• Overview → Server → Properties Details → iDRAC Information. • Overview → Server → Properties WWN/MAC. • Overview → iDRAC Settings → Properties iDRAC Information → Current Network Settings. • Overview → iDRAC Settings → Network → Network Settings. CAUTION: With FlexAddress enabled, if you switch from a server–assigned MAC address to a chassis–assigned MAC address and vice–versa, iDRAC IP address also changes.
Setting up iDRAC communication 6 You can communicate with iDRAC using any of the following modes: • iDRAC Web Interface • Serial connection using DB9 cable (RAC serial or IPMI serial) - For rack and tower servers only • IPMI Serial Over LAN • IPMI Over LAN • Remote RACADM • Local RACADM • Remote Services For an overview of the supported protocols, supported commands, and pre-requisites, see the following table. Table 11.
Mode of Communication Supported Protocol Supported Commands Prerequisite Firmware RACADM SSH Firmware RACADM Firmware RACADM is installed and enabled Telnet Local RACADM IPMI Local RACADM Local RACADM is installed. Remote Services [1] WS-MAN WinRM (Windows) WinRM is installed (Windows) or OpenWSMAN is installed (Linux). OpenWSMAN (Linux) [1] For more information, see the Lifecycle Controller Remote Services User’s Guide available at dell.com/idracmanuals.
• Hilgraeve’s HyperTerminal Private Edition (version 6.3) Based on where the managed system is in its boot process, you can see either the POST screen or the operating system screen. This is based on the configuration: SAC for Windows and Linux text mode screens for Linux. 4. Enable RAC serial or IPMI serial connections in iDRAC.
NOTE: This is applicable only for iDRAC on rack and tower servers. • IPMI basic mode — Supports a binary interface for program access, such as the IPMI shell (ipmish) that is included with the Baseboard Management Utility (BMU). For example, to print the System Event Log using ipmish via IPMI Basic mode, run the following command: ipmish -com 1 -baud 57600 -flow cts -u root -p calvin sel get • IPMI terminal mode — Supports ASCII commands that are sent from a serial terminal.
3. 4. Enable the IPMI serial hardware flow control: • Using config command: racadm config -g cfgIpmiSerial -o cfgIpmiSerialFlowControl 1 • Using set command: racadm set iDRAC.IPMISerial.FlowControl 1 Set the IPMI serial channel minimum privilege level: • Using config command: racadm config -g cfgIpmiSerial -o cfgIpmiSerialChanPrivLimit • Using set command: racadm set iDRAC.IPMISerial.ChanPrivLimit where is 2 (User), 3 (Operator), or 4 (Administrator). 5.
Switching between RAC serial and serial console while using DB9 cable iDRAC supports Escape key sequences that allow switching between RAC Serial Interface communication and Serial Console on rack and tower servers.
Enabling supported protocol Configuring BIOS for serial connection To configure BIOS for Serial Connection: NOTE: This is applicable only for iDRAC on rack and tower servers. 1. Turn on or restart the system. 2. Press . 3. Go to System BIOS Settings → Serial Communication. 4. Specify the following values: • Serial Communication — On With Console Redirection • Serial Port Address — COM2.
Configuring iDRAC to use SOL using RACADM To configure IPMI Serial over LAN (SOL): 1. 2. Enable IPMI Serial over LAN: • Using config command: racadm config -g cfgIpmiSol -o cfgIpmiSolEnable 1 • Using set command: racadm set iDRAC.IPMISol.Enable 1 Update the IPMI SOL minimum privilege level: • Using config command: racadm config -g cfgIpmiSol o cfgIpmiSolMinPrivilege • Using set command: racadm set iDRAC.IPMISol.MinPrivilege 1 where is 2 (User), 3 (Operator), 4 (Administrator).
– Using set command: racadm set iDRAC.Telnet.Enable 1 • SSH: – Using config command:racadm config -g cfgSerial -o cfgSerialSshEnable 1 – Using set command: racadm set iDRAC.SSH.Enable 1 To change the SSH port: – Using config command:racadm config -g cfgRacTuning -o cfgRacTuneSshPort – Using set command:racadm set iDRAC.SSH.
SSH has improved security over Telnet. iDRAC only supports SSH version 2 with password authentication, and is enabled by default. iDRAC supports up to two SSH sessions and two Telnet sessions at a time. It is recommended to use SSH as Telnet is not a secure protocol. You must use Telnet only if you cannot install an SSH client or if your network infrastructure is secure.
Disconnecting SOL session in iDRAC command line console Using SOL from OpenSSH or Telnet on Linux To start SOL from OpenSSH or Telnet on a Linux management station: NOTE: If required, you can change the default SSH or Telnet session time-out at Overview → iDRAC Settings → Network → Services. 1. Start a shell. 2.
To use Telnet virtual console: 1. Enable Telnet in Windows Component Services. 2. Connect to the iDRAC using the command: telnet < IP address >:< port number >, where IP address is the IP address for the iDRAC and port number is the Telnet port number (if you are using a new port). Configuring backspace key for your Telnet session Depending on the Telnet client, using the key may produce unexpected results. For example, the session may echo ^h.
For information about the options, see the iDRAC Online Help. The IPMI over LAN settings are configured. Configuring IPMI over LAN using iDRAC settings utility To configure IPMI over LAN: 1. In the iDRAC Settings Utility, go to Network. The iDRAC Settings Network page is displayed. 2. For IPMI Settings, specify the values. For information about the options, see the iDRAC Settings Utility Online Help. 3. Click Back, click Finish, and then click Yes. The IPMI over LAN settings are configured.
The Services page is displayed. 2. Under Remote RACADM, select Enabled. Else, select Disabled. 3. Click Apply. The remote RACADM is enabled or disabled based on the selection. Enabling or disabling remote RACADM using RACADM The RACADM remote capability is enabled by default. If disabled, type one of the following command: • Using config command: racadm config -g cfgRacTuning -o cfgRacTuneRemoteRacadmEnable 1 • Using set command: racadm set iDRAC.Racadm.
3. Disable GRUB's graphical interface and use the text-based interface. Else, the GRUB screen is not displayed in RAC Virtual Console. To disable the graphical interface, comment-out the line starting with splashimage. The following example provides a sample /etc/grub.conf file that shows the changes described in this procedure. # grub.conf generated by anaconda # Note that you do not have to rerun grub after making changes to this file # NOTICE: You do not have a /boot partition.
l1:1:wait:/etc/rc.d/rc 1 l2:2:wait:/etc/rc.d/rc 2 l3:3:wait:/etc/rc.d/rc 3 l4:4:wait:/etc/rc.d/rc 4 l5:5:wait:/etc/rc.d/rc 5 l6:6:wait:/etc/rc.d/rc 6 #Things to run in every runlevel. ud::once:/sbin/update ud::once:/sbin/update #Trap CTRL-ALT-DELETE ca::ctrlaltdel:/sbin/shutdown -t3 -r now #When our UPS tells us power has failed, assume we have a few #minutes of power left. Schedule a shutdown for 2 minutes from now.
tty10 tty11 ttyS1 Supported SSH cryptography schemes To communicate with iDRAC using SSH protocol, it supports multiple cryptography schemes listed in the following table. Table 12.
CAUTION: This privilege is normally reserved for users who are members of the Administrator user group on iDRAC. However, users in the ‘Custom’ user group can be assigned this privilege. A user with this privilege can modify any user’s configuration. This includes creation or deletion of any user, SSH Key management for users, and so on. For these reasons, assign this privilege carefully. CAUTION: The capability to upload, view, and/ or delete SSH keys is based on the ’Configure Users’ user privilege.
Uploading SSH keys using web interface To upload the SSH keys: 1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network → User Authentication → Local Users. The Users page is displayed. 2. In the User ID column, click a user ID number. The Users Main Menu page is displayed. 3. Under SSH Key Configurations, select Upload SSH Key(s) and click Next. The Upload SSH Key(s) page is displayed. 4. Upload the SSH keys in one of the following ways: • Upload the key file.
• Specific key — racadm sshpkauth -i <2 to 16> -v -k <1 to 4> • All keys — racadm sshpkauth -i <2 to 16> -v -k all Deleting SSH keys Before deleting the public keys, make sure that you view the keys if they are set up, so that a key is not accidentally deleted. Deleting SSH keys using web interface To delete the SSH key(s): 1. In Web interface, go to Overview → iDRAC Settings → Network → User Authentication → Local Users. The Users page is displayed. 2. In the User ID column, click a user ID number.
7 Configuring user accounts and privileges You can setup user accounts with specific privileges (role-based authority) to manage your system using iDRAC and maintain system security. By default iDRAC is configured with a local administrator account. This default user name is root and the password is calvin. As an administrator, you can setup user accounts to allow other users to access iDRAC.
4. Enable the user ID and specify the user name, password, and access privileges for the user. You can also enable SNMPv3 authentication for the user. For more information about the options, see the iDRAC Online Help. 5. Click Apply. The user is created with the required privileges. Configuring local users using RACADM NOTE: You must be logged in as user root to execute RACADM commands on a remote Linux system. You can configure single or multiple iDRAC users using RACADM.
When you manually enable or disable a user with the racadm config subcommand, you must specify the index with the -i option. Observe that the cfgUserAdminIndex object displayed in the previous example contains a '#' character. It indicates that it is a read-only object. Also, if you use the racadm config -f racadm.cfg command to specify any number of groups/objects to write, the index cannot be specified. This behavior allows more flexibility in configuring multiple iDRAC with the same settings.
NOTE: You can use the getconfig and config commands or get and set commands. 1. 2. Locate an available user index using the command syntax: • Using getconfig command: racadm getconfig -g cfgUserAdmin -i • Using get command: racadm get iDRAC.Users Type the following commands with the new user name and password. • Using config command: racadm config -g cfgUserAdmin -o cfgUserAdminPrivilege -i • Using set command: racadm set iDRAC.Users..
Table 14. iDRAC user privileges Current Generation Prior Generation Description Login Login to iDRAC Enables the user to log in to iDRAC. Configure Configure iDRAC Enables the user to configure iDRAC. Configure Users Configure Users Enables the user to allow specific users to access the system. Logs Clear Logs Enables the user to clear the System Event Log (SEL). System Control Execute Server Control Allows power cycling the host system.
Certificate Authority (CA)—the root certificate of which is also uploaded into iDRAC. For iDRAC to authenticate to any domain controller—whether it is the root or the child domain controller—that domain controller must have an SSL-enabled certificate signed by the domain’s CA. If you are using Microsoft Enterprise Root CA to automatically assign all your domain controllers to an SSL certificate, you must: 1. Install the SSL certificate on each domain controller. 2.
Importing iDRAC firmware SSL certificate iDRAC SSL certificate is the identical certificate used for iDRAC Web server. All iDRAC controllers are shipped with a default self-signed certificate. If the Active Directory Server is set to authenticate the client during an SSL session initialization phase, you need to upload iDRAC Server certificate to the Active Directory Domain controller.
Figure 1. Configuration of iDRAC with active directory standard schema In Active Directory, a standard group object is used as a role group. A user who has iDRAC access is a member of the role group. To give this user access to a specific iDRAC, the role group name and its domain name need to be configured on the specific iDRAC. The role and the privilege level are defined on each iDRAC and not in the Active Directory. You can configure up to five role groups in each iDRAC.
NOTE: The Bit Mask values are used only when setting Standard Schema with the RACADM. Single domain versus multiple domain scenarios If all the login users and role groups, including the nested groups, are in the same domain, then only the domain controllers’ addresses must be configured on iDRAC. In this single domain scenario, any group type is supported.
7. Click Next. The Active Directory Configuration and Management Step 3 of 4 page is displayed. 8. Select Standard Schema and click Next. The Active Directory Configuration and Management Step 4a of 4 page is displayed. 9. Enter the location of Active Directory global catalog server(s) and specify privilege groups used to authorize users. 10. Click a Role Group to configure the control authorization policy for users under the standard schema mode.
racadm set name or IP racadm set name or IP iDRAC.ActiveDirectory.GlobalCatalog2 iDRAC.ActiveDirectory.GlobalCatalog3 For Bit Mask values for specific Role Group permissions, see Default role group privileges. Enter the FQDN of the domain controller, not the FQDN of the domain. For example, enter servername.dell.com instead of dell.com.
• • 4. Using config command: racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 0 racadm config -g cfgLanNetworking -o cfgDNSServer1 racadm config -g cfgLanNetworking -o cfgDNSServer2 Using set command: racadm set iDRAC.IPv4.DNSFromDHCP 0 racadm set iDRAC.IPv4.DNSFromDHCP.DNS1 racadm set iDRAC.IPv4.DNSFromDHCP.
You can create multiple association objects, and each association object can be linked to as many users, groups of users, or iDRAC device objects as required. The users and iDRAC user groups can be members of any domain in the enterprise. However, each association object can be linked (or, may link users, groups of users, or iDRAC device objects) to only one privilege object. This example allows an administrator to control each user’s privileges on specific iDRAC devices.
Accumulating privileges using Extended Schema The Extended Schema Authentication mechanism supports Privilege Accumulation from different privilege objects associated with the same user through different Association Objects. In other words, Extended Schema Authentication accumulates privileges to allow the user the super set of all assigned privileges corresponding to the different privilege objects associated with the same user.
Configuring Active Directory with Extended schema using RACADM Extending Active Directory schema Extending your Active Directory schema adds a Dell organizational unit, schema classes and attributes, and example privileges and association objects to the Active Directory schema. Before you extend the schema, make sure that you have Schema Admin privileges on the Schema Master Flexible Single Master Operation (FSMO) Role Owner of the domain forest.
Classes and attributes Table 16. Class definitions for classes added to the active directory schema Class Name Assigned Object Identification Number (OID) delliDRACDevice 1.2.840.113556.1.8000.1280.1.7.1.1 delliDRACAssociation 1.2.840.113556.1.8000.1280.1.7.1.2 dellRAC4Privileges 1.2.840.113556.1.8000.1280.1.1.1.3 dellPrivileges 1.2.840.113556.1.8000.1280.1.1.1.4 dellProduct 1.2.840.113556.1.8000.1280.1.1.1.5 Table 17. DelliDRACdevice class OID 1.2.840.113556.1.8000.1280.1.7.1.
Table 19. dellRAC4Privileges class OID 1.2.840.113556.1.8000.1280.1.1.1.3 Description Defines the privileges (Authorization Rights) for iDRAC Class Type Auxiliary Class SuperClasses None Attributes dellIsLoginUser dellIsCardConfigAdmin dellIsUserConfigAdmin dellIsLogClearAdmin dellIsServerResetUser dellIsConsoleRedirectUser dellIsVirtualMediaUser dellIsTestAlertUser dellIsDebugCommandAdmin Table 20. dellPrivileges class OID 1.2.840.113556.1.8000.1280.1.1.1.
Table 22. List of attributes added to the active directory schema Attribute Name/Description Assigned OID/Syntax Object Identifier Single Valued dellPrivilegeMember 1.2.840.113556.1.8000.1280.1.1.2.1 FALSE List of dellPrivilege Objects that belong to this Attribute. Distinguished Name (LDAPTYPE_DN 1.3.6.1.4.1.1466.115.121.1.12) dellProductMembers 1.2.840.113556.1.8000.1280.1.1.2.2 FALSE List of dellRacDevice and DelliDRACDevice Objects that belong to this role.
Attribute Name/Description Assigned OID/Syntax Object Identifier Single Valued TRUE if the user has Virtual Media rights on the device. dellIsTestAlertUser TRUE if the user has Test Alert User rights on the device. dellIsDebugCommandAdmin TRUE if the user has Debug Command Admin rights on the device. dellSchemaVersion 1.2.840.113556.1.8000.1280.1.1.2.1 TRUE 0 Boolean (LDAPTYPE_BOOLEAN 1.3.6.1.4.1.1466.115.121.1.7) 1.2.840.113556.1.8000.1280.1.1.2.1 TRUE 1 Boolean (LDAPTYPE_BOOLEAN 1.3.6.1.4.1.1466.115.
:\SYSMGMT\ManagementStation\support\OMActiveDirectory_SnapIn64 For more information about the Active Directory Users and Computers Snap-in, see Microsoft documentation. Adding iDRAC users and privileges to Active Directory Using the Dell-extended Active Directory Users and Computers Snap-in, you can add iDRAC users and privileges by creating device, association, and privilege objects.
NOTE: iDRAC association object is derived from the group and its scope is set to Domain Local. 1. In the Console Root (MMC) window, right-click a container. 2. Select New → Dell Remote Management Object Advanced. This New Object window is displayed. 3. Enter a name for the new object and select Association Object. 4. Select the scope for the Association Object and click OK. 5. Provide access privileges to the authenticated users for accessing the created association objects.
3. Click the Privilege Object tab to add the privilege object to the association that defines the user’s or user group’s privileges when authenticating to an iDRAC device. Only one privilege object can be added to an Association Object. Adding iDRAC devices or iDRAC device groups To add iDRAC devices or iDRAC device groups: 1. Select the Products tab and click Add. 2. Enter iDRAC devices or iDRAC device group name and click OK. 3. In the Properties window, click Apply and click OK. 4.
• racadm config -g cfgActiveDirectory -o cfgADRacName racadm config -g cfgActiveDirectory -o cfgADRacDomain racadm config -g cfgActiveDirectory -o cfgADDomainController1 racadm config -g cfgActiveDirectory -o cfgADDomainController2 racadm config -g cfgActiveDirectory -o cfgADDomainController3
• • 4. Using config command: racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 0 racadm config -g cfgLanNetworking -o cfgDNSServer1 racadm config -g cfgLanNetworking -o cfgDNSServer2 Using set command: racadm set iDRAC.IPv4.DNSFromDHCP 0 racadm set iDRAC.IPv4.DNSFromDHCP.DNS1 racadm set iDRAC.IPv4.DNSFromDHCP.
To make iDRAC LDAP implementation generic, the commonality between different directory services is utilized to group users and then map the user-group relationship. The directory service specific action is the schema. For example, they may have different attribute names for the group, user, and the link between the user and the group. These actions can be configured in iDRAC.
10. Click Finish. The generic LDAP directory service is configured. Configuring generic LDAP directory service using RACADM To configure the LDAP directory service: • Use the objects in the cfgLdap and cfgLdapRoleGroup groups with the config command. • Use the objects in the iDRAC.LDAP and iDRAC.LDAPRole groups with the set command. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
8 Configuring iDRAC for Single Sign-On or smart card login This section provides information to configure iDRAC for Smart Card login (for local users and Active Directory users), and Single Sign-On (SSO) login (for Active Directory users.) SSO and smart card login are licensed features. iDRAC supports Kerberos based Active Directory authentication to support Smart Card and SSO logins. For information on Kerberos, see the Microsoft website.
Registering iDRAC as a computer in Active Directory root domain To register iDRAC in Active Directory root domain: 1. Click Overview → iDRAC Settings → Network → Network. The Network page is displayed. 2. Provide a valid Preferred/Alternate DNS Server IP address. This value is a valid DNS server IP address that is part of the root domain. 3. Select Register iDRAC on DNS. 4. Provide a valid DNS Domain Name. 5. Verify that network DNS configuration matches with the Active Directory DNS information.
A keytab file is generated. NOTE: If you find any issues with iDRAC user for which the keytab file is created, create a new user and a new keytab file. If the same keytab file which was initially created is again executed, it does not configure correctly. Creating Active Directory objects and providing privileges Perform the following steps for Active Directory Extended schema based SSO login: 1. Create the device object, privilege object, and association object in the Active Directory server. 2.
Configuring iDRAC SSO login for Active Directory users Before configuring iDRAC for Active Directory SSO login, make sure that you have completed all the prerequisites. You can configure iDRAC for Active Directory SSO when you setup an user account based on Active Directory.
Enabling or disabling smart card login Uploading smart card user certificate Before you upload the user certificate, make sure that the user certificate from the smart card vendor is exported in Base64 format. SHA-2 certificates are also supported. Related Links Obtaining certificates Uploading smart card user certificate using web interface To upload smart card user certificate: 1. In iDRAC Web interface, go to Overview → iDRAC Settings → Network → User Authentication → Local Users.
Configuring iDRAC smart card login for Active Directory users Before configuring iDRAC Smart Card login for Active Directory users, make sure that you have completed the required prerequisites. To configure iDRAC for smart card login: 1. 2. In iDRAC Web interface, while configuring Active Directory to set up an user account based on standard schema or extended schema, on the Active Directory Configuration and Management Step 1 of 4 page: • Enable certificate validation.
For more information about the options, see the iDRAC Online Help. 3. Click Apply to apply the settings. You are prompted for a Smart Card login during any subsequent logon attempts using the iDRAC web interface. Enabling or disabling smart card login using RACADM To enable smart card login, use one of the following: • Use the objects in the cfgSmartCard group with the config command. • Use the objects in the iDRAC.SmartCard group with the set command.
Configuring iDRAC to send alerts 9 You can set alerts and actions for certain events that occur on the managed system. An event occurs when the status of a system component is greater than the pre-defined condition. If an event matches an event filter and you have configured this filter to generate an alert (e-mail, SNMP trap, IPMI alert, remote system logs, Redfish event, or WS events), then an alert is sent to one or more configured destinations.
Enabling or disabling alerts using web interface To enable or disable generating alerts: 1. In iDRAC Web interface, go to Overview → Server → Alerts. The Alerts page is displayed. 2. Under Alerts section: • 3. Select Enable to enable alert generation or perform an event action. • Select Disable to disable alert generation or disable an event action. Click Apply to save the setting.
• 3. 4. Updates • Work Notes Select one or more of the following severity levels: • Informational • Warning • Critical Click Apply. The Alert Results section displays the results based on the selected category and severity. Filtering alerts using RACADM To filter the alerts, use the eventfilters command. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
Setting event alerts using RACADM To set an event alert, use the eventfilters command. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals. Setting alert recurrence event You can configure iDRAC to generate additional events at specific intervals if the system continues to operate at a temperature which is greater than the inlet temperature threshold limit. The default interval is 30 days. The valid range is 0 to 366 days.
3. • No Action Click Apply. The setting is saved. Setting event actions using RACADM To configure an event action, use one of the following: • eventfilters command. • cfgIpmiPefAction object with config command. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
For more information about the options, see the iDRAC Online Help. NOTE: The Community String value indicates the community string to use in a Simple Network Management Protocol (SNMP) alert trap sent from iDRAC. Make sure that the destination community string is the same as the iDRAC community string. The default value is Public. 5. To test whether the IP address is receiving the IPMI or SNMP traps, click Send under Test IPMI Trap and Test SNMP Trap respectively. 6. Click Apply.
• 5. To enable SNMPv3 for a user: racadm set idrac.users.2.SNMPv3Enable Enabled To test the trap, if required: racadm testtrap -i [index] where [index] is the trap destination index to test. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals. Configuring IP alert destinations using iDRAC settings utility You can configure alert destinations (IPv4, IPv6, or FQDN) using the iDRAC Settings utility. To do this: 1.
where [index] is the email destination index. 0 disables the email alert and 1 enables the alert. The email destination index can be a value from 1 through 4. For example, to enable email with index 4, enter the following command: racadm config -g cfgEmailAlert -o cfgEmailAlertEnable -i 4 1 • Using set command: racadm set iDRAC.EmailAlert.Enable.[index] 1 where [index] is the email destination index. 0 disables the email alert and 1 enables the alert.
For more information about the fields, see the iDRAC Online Help. 5. Click Apply. The SMTP settings are configured. Configuring SMTP email server address settings using RACADM To configure the SMTP email server, use one of the following: • • Using set command: racadm set iDRAC.RemoteHosts.
CMC also forwards the events generated to iDRAC. In case the iDRAC on the server is not functional, CMC queues the first 16 events and logs the rest in the CMC log. These 16 events are sent to iDRAC as soon as Chassis monitoring is set to enabled. In instances where iDRAC detects that a required CMC functionality is absent, a warning message is displayed informing you that certain features may not be functional without a CMC firmware upgrade.
Message ID Description CPU Processor CPUA Proc Absent CTL Storage Contr DH Cert Mgmt DIS Auto-Discovery ENC Storage Enclosr FAN Fan Event FSD Debug HWC Hardware Config IPA DRAC IP Change ITR Intrusion JCP Job Control LC Lifecycle Controller LIC Licensing LNK Link Status LOG Log event MEM Memory NDR NIC OS Driver NIC NIC Config OSD OS Deployment OSE OS Event PCI PCI Device PDR Physical Disk PR Part Exchange PST BIOS POST 187
Message ID Description PSU Power Supply PSUA PSU Absent PWR Power Usage RAC RAC Event RDU Redundancy RED FW Download RFL IDSDM Media RFLA IDSDM Absent RFM FlexAddress SD RRDU IDSDM Redundancy RSI Remote Service SEC Security Event SEL Sys Event Log SRD Software RAID SSD PCIe SSD STOR Storage SUP FW Update Job SWC Software Config SWU Software Change SYS System Info TMP Temperature TST Test Alert UEFI UEFI Event USR User Tracking VDR Virtual Disk 188
Message ID Description VF vFlash SD card VFL vFlash Event VFLA vFlash Absent VLT Voltage VME Virtual Media VRM Virtual Console WRK Work Note 189
Managing logs 10 iDRAC provides Lifecycle log that contains events related to system, storage devices, network devices, firmware updates, configuration changes, license messages, and so on. However, the system events are also available as a separate log called System Event Log (SEL). The lifecycle log is accessible through iDRAC Web interface, RACADM, and WS-MAN interface. When the size of the lifecycle log reaches 800 KB, the logs are compressed and archived.
racadm getsel If no arguments are specified, the entire log is displayed. To display the number of SEL entries: racadm getsel -i To clear the SEL entries: racadm clrsel For more information, see iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals. Viewing System Event Log using iDRAC settings utility You can view the total number of records in the System Event Log (SEL) using the iDRAC Settings Utility and clear the logs. To do this: 1.
NOTE: Lifecycle logs for Personality Mode change is generated only during the Warm Boot of the host. Related Links Filtering Lifecycle logs Exporting Lifecycle Controller logs using web interface Adding comments to Lifecycle logs Viewing Lifecycle log using web interface To view the Lifecycle Logs, click Overview → Server → Logs → Lifecycle Log. The Lifecycle Log page is displayed. For more information about the options, see the iDRAC Online Help.
Exporting Lifecycle Controller logs using web interface To export the Lifecycle Controller logs using the Web interface: 1. In the Lifecycle Log page, click Export. 2. Select any of the following options: • Network — Export the Lifecycle Controller logs to a shared location on the network. • Local — Export the Lifecycle Controller logs to a location on the local system.
The Remote Syslog Settings page is displayed 2. Enable remote syslog, specify the server address, and the port number. For information about the options, see the iDRAC Online Help. 3. Click Apply. The settings are saved. All logs written to the lifecycle log are also simultaneously written to configured remote server(s). Configuring remote system logging using RACADM To configure the remote syslog server settings, use one of the following: • Objects in the cfgRemoteHosts group with the config command.
Monitoring and managing power 11 You can use iDRAC to monitor and manage the power requirements of the managed system. This helps to protect the system from power outages by appropriately distributing and regulating the power consumption on the system. The key features are: • Power Monitoring — View the power status, history of power measurements, the current averages, peaks, and so on for the managed system.
Monitoring power using web interface To view the power monitoring information, in iDRAC Web interface, go to Overview → Server → Power/ Thermal → Power Monitoring. The Power Monitoring page is displayed. For more information, see the iDRAC Online Help. Monitoring power using RACADM To view the power monitoring information, use the System.Power group objects with the get command or the cfgServerPower object with the getconfig command.
Executing power control operations using web interface To perform power control operations: 1. In iDRAC web interface, go to Overview → Server → Power/Thermal → Power Configuration → Power Control. The Power Control page is displayed. 2. Select the required power operation: • Power On System • Power Off System • NMI (Non-Masking Interrupt) • Graceful Shutdown • Reset System (warm boot) • Power Cycle System (cold boot) Click Apply. For more information, see the iDRAC Online Help. 3.
independent of the user defined policy. The system performance is dynamically adjusted to maintain power consumption close to the specified threshold. Actual power consumption may be less for light workloads and momentarily may exceed the threshold until performance adjustments are completed. For example, for a given system configuration, the Maximum Potential Power Consumption is 700W and the Minimum Potential Power Consumption is 500W.
For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals. Configuring power cap policy using iDRAC settings utility To view and configure power policies: 1. In iDRAC Settings utility, go to Power Configuration. NOTE: The Power Configuration link is available only if the server power supply unit supports power monitoring. The iDRAC Settings Power Configuration page is displayed. 2.
Configuring power supply options using RACADM To configure the power supply options, use the following objects with the set subcommand: • System.Power.RedundancyPolicy • System.Power.Hotspare.Enable • System.Power.Hotspare.PrimaryPSU • System.Power.PFC.Enable For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals. Configuring power supply options using iDRAC settings utility To configure the power supply options: 1.
Inventorying, monitoring, and configuring network devices 12 You can inventory, monitor, and configure the following network devices: • Network Interface Cards (NICs) • Converged Network Adapters (CNAs) • LAN On Motherboards (LOMs) • Network Daughter Cards (NDCs) • Mezzanine cards (only for blade servers) Related Links Inventorying and monitoring FC HBA devices Dynamic configuration of virtual addresses, initiator, and storage target settings Inventorying and monitoring network devices You can
Monitoring network devices using RACADM To view the network device information, use the hwinventory and nicstatistics commands. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/ idracmanuals. Additional properties may be displayed when using RACADM or WS-MAN in addition to the properties displayed in the iDRAC Web interface.
• Virtual WWPN NOTE: When you clear the persistence policy, all the virtual addresses are reset to the default permanent address set at the factory. NOTE: Some cards with the virtual FIP, virtual WWN, and virtual WWPN MAC attributes, the virtual WWN and virtual WWPN MAC attributes are automatically configured when you configure virtual FIP. Using the IO Identity feature, you can: • View and configure the virtual addresses for network and fibre channel devices (for example, NIC, CNA, FC HBA).
Manufacturer Type • 5720 bNDC 1 GB Intel • • • • • • • • • • i350 Mezz 1Gb x520+i350 rNDC 10Gb+1Gb I350 bNDC 1Gb x540 PCIe 10Gb x520 PCIe 10Gb i350 PCIe 1Gb x540+i350 rNDC 10Gb+1Gb i350 rNDC 1Gb x520 bNDC 10Gb 40G 2P XL710 QSFP+ rNDC Mellanox • • • • • • ConnectX-3 10G ConnectX-3 40G ConnectX-3 10G ConnectX-3 Pro 10G ConnectX-3 Pro 40G ConnectX-3 Pro 10G Qlogic • • • QME2662 Mezz FC16 QLE2660 PCIe FC16 QLE2662 PCIe FC16 Emulex • • • • • • • • • • • • • • • • • • • LPM16002 Mezz FC16 LPe16000 P
Supported NIC firmware versions for I/O Identity Optimization In 13th generation Dell PowerEdge servers, the required NIC firmware is available by default. The following table provides the NIC firmware versions for the I/O identity optimization feature.
Flex Address Mode set in Feature State in iDRAC CMC IO Identity XML Feature State in Configuration iDRAC Persistence Policy Clear Persistence Policy — Virtual Address Flex Address enabled Console Mode Enabled VAM configured Configured VAM persists Flex Address enabled Console Mode Enabled VAM not configured Set to hardware Set to hardware MAC address MAC address Flex Address enabled Console Mode Disabled Configured using the path provided in Lifecycle Controller Lifecycle Controller configu
FlexAddress IO Identity Availability of Feature State in Feature State in Remote Agent CMC iDRAC VA for the Reboot Cycle Disabled Disabled Enabled VA Programming Source Reboot Cycle VA Persistence Behavior No FlexAddress from CMC Per FlexAddress spec Yes — New or Persisted Remote Agent Virtual Address No Virtual Address Cleared Per Remote Agent Policy Setting Disabled Enabling or disabling I/O Identity Optimization Normally, after the system boots, the devices are configured and then after a
To disable I/O Identity Optimization, use the command: racadm set idrac.ioidopt.IOIDOptEnable Disabled To view the I/O Identity Optimization setting, use the command: racadm get iDRAC.IOIDOpt Configuring persistence policy settings Using IO identity, you can configure policies specifying the system reset and power cycle behaviors that determine the persistence or clearance of the virtual address, initiator, and storage target settings.
NOTE: When a persistent policy is disabled and when you perform the action to lose the virtual address, re-enabling the persistent policy does not retrieve the virtual address. You must set the virtual address again after you enable the persistent policy. Related Links Enabling or disabling I/O Identity Optimization Configuring persistence policy settings using iDRAC web interface To configure the persistence policy: 1. In the iDRAC Web interface, go to Overview → Hardware → Network Devices.
iSCSI Initiator Default Values in IPv4 mode Default Values in IPv6 mode IscsiInitiatorIpv4Gateway 0.0.0.0 0.0.0.0 IscsiInitiatorIpv6Gateway :: :: IscsiInitiatorPrimDns 0.0.0.0 :: IscsiInitiatorIpv4PrimDns 0.0.0.0 0.0.0.0 IscsiInitiatorIpv6PrimDns :: :: IscsiInitiatorSecDns 0.0.0.0 :: IscsiInitiatorIpv4SecDns 0.0.0.0 0.0.0.
iSCSI Storage Target Attributes Default Values in IPv4 mode Default Values in IPv6 mode SecondTgtBootLun 0 0 SecondTgtIscsiName Value Cleared Value Cleared SecondTgtChapId Value Cleared Value Cleared SecondTgtChapPwd Value Cleared Value Cleared SecondTgtIpVer Ipv4 211
Managing storage devices 13 In the iDRAC 2.00.00.00 release, iDRAC expands its agent-free management to include direct configuration of the new PERC9 controllers. It enables you to remotely configure the storage components attached to your system at run-time. These components include RAID and non-RAID controllers and the channels, ports, enclosures, and disks attached to them.
alarms, and so on) associated with external enclosures. Physical disks can be contained in an enclosure or attached to the backplane of a system. In addition to managing the physical disks contained in the enclosure, you can monitor the status of the fans, power supply, and temperature probes in an enclosure. You can hot plug enclosures. Hot plugging is defined as adding of a component to a system while the operating system is still running.
concepts, as well as some familiarity with how the RAID controllers and operating system view disk space on your system. What is RAID? RAID is a technology for managing the storage of data on the physical disks that reside or are attached to the system. A key aspect of RAID is the ability to span physical disks so that the combined storage capacity of multiple physical disks can be treated as a single, extended disk space.
• • • Stripe element size — The amount of disk space consumed by a stripe element. For example, consider a stripe that contains 64KB of disk space and has 16KB of data residing on each disk in the stripe. In this case, the stripe element size is 16KB and the stripe size is 64KB. Parity — Parity refers to redundant data that is maintained using an algorithm in combination with striping. When one of the striped disks fails, the data can be reconstructed from the parity information using the algorithm.
• Raid level 0 (striping) • Raid level 1 (mirroring) • Raid level 5 (striping with distributed parity) • Raid level 6 (striping with additional distributed parity) • Raid level 50 (striping over raid 5 sets) • Raid level 60 (striping over raid 6 sets) • Raid level 10 (striping over mirror sets) RAID level 0 (striping) RAID 0 uses data striping, which is writing data in equal-sized segments across the physical disks. RAID 0 does not provide data redundancy.
RAID 1 characteristics: • Groups n + n disks as one virtual disk with the capacity of n disks. The controllers currently supported by Storage Management allow the selection of two disks when creating a RAID 1. Because these disks are mirrored, the total storage capacity is equal to one disk. • Data is replicated on both the disks. • When a disk fails, the virtual disk still works. The data is read from the mirror of the failed disk. • Better read performance, but slightly slower write performance.
RAID 5 characteristics: • Groups n disks as one large virtual disk with a capacity of (n-1) disks. • Redundant information (parity) is alternately stored on all disks. • When a disk fails, the virtual disk still works, but it is operating in a degraded state. The data is reconstructed from the surviving disks. • Better read performance, but slower write performance. • Redundancy for protection of data.
RAID 6 characteristics: • Groups n disks as one large virtual disk with a capacity of (n-2) disks. • Redundant information (parity) is alternately stored on all disks. • The virtual disk remains functional with up to two disk failures. The data is reconstructed from the surviving disks. • Better read performance, but slower write performance. • Increased redundancy for protection of data. • Two disks per span are required for parity. RAID 6 is more expensive in terms of disk space.
RAID 50 characteristics: • Groups n*s disks as one large virtual disk with a capacity of s*(n-1) disks, where s is the number of spans and n is the number of disks within each span. • Redundant information (parity) is alternately stored on all disks of each RAID 5 span. • Better read performance, but slower write performance. • Requires as much parity information as standard RAID 5. • Data is striped across all spans. RAID 50 is more expensive in terms of disk space.
RAID 60 characteristics: • Groups n*s disks as one large virtual disk with a capacity of s*(n-2) disks, where s is the number of spans and n is the number of disks within each span. • Redundant information (parity) is alternately stored on all disks of each RAID 6 span. • Better read performance, but slower write performance. • Increased redundancy provides greater data protection than a RAID 50. • Requires proportionally as much parity information as RAID 6.
RAID 10 characteristics: • Groups n disks as one large virtual disk with a capacity of (n/2) disks, where n is an even integer. • Mirror images of the data are striped across sets of physical disks. This level provides redundancy through mirroring. • When a disk fails, the virtual disk still works. The data is read from the surviving mirrored disk. • Improved read performance and write performance. • Redundancy for protection of data.
RAID Level Data Availability Read Performanc e Write Performanc e Rebuild Performanc e Minimum Disks Required Suggested Uses logs, and critical information. RAID 5 Good Sequential reads: good. Transactiona l reads: Very good Fair, unless using writeback cache Fair N + 1 (N = at least two disks) Databases and other read intensive transactional uses. RAID 10 Excellent Very Good Fair Good 2N x X Data intensive environment s (large records).
Supported controllers Supported RAID controllers The iDRAC interfaces support the following PERC9 controllers: • PERC H830 • PERC H730P • PERC H730 • PERC H330 The iDRAC interfaces support the following PERC8 controllers: • PERC H810 • PERC H710P • PERC H710 • PERC H310 The iDRAC interfaces support the following modular PERC controllers: • PERC FD33xS • PERC FD33xD NOTE: For more information on configuring and changing the controller mode on the PERC FD33xS and PERC FD33xD controllers, se
Feature Name PERC 9 Controllers H83 H73 0 0P PCIe SSD H330 FD33 xS FD33 xD H810 H710P H710 H310 Assign or Real Real Realunassign time physical disk as a time time global hot spare Realtime Realtime Realtime Stage d Staged Stage d Stage d Not applic able Create virtual disks Real Real Realtime time time Realtime Realtime Realtime Stage d Staged Stage d Stage d Not applic able Edit virtual disks cache policies Real Real Realtime time time Realtime Realtime Realtime Stage d St
Feature Name PERC 9 Controllers H83 H73 0 0P FD33 xD H810 web interf inter ace) face ) interf ace) interf ace) interf ace) interfa ce) Check Consistency Mode Real Real Realtime time time Realtime Realtime Realtime Stage d Staged Stage d Stage d Not applic able Copyback Mode Real Real Realtime time time Realtime Realtime Realtime Stage d Staged Stage d Stage d Not applic able Load Balance Mode Real Real Realtime time time Realtime Realtime Realtime Stage d Staged Stage d
Feature Name PERC 9 Controllers H83 H73 0 0P H730 PERC 8 Controllers PCIe SSD H330 FD33 xS FD33 xD H810 H710P H710 H310 Realtime Realtime Stage d Staged Stage d Stage d Not applic able Create or change security keys Real Real Realtime time time Inventory and remotely monitor the health of PCIe SSD devices Not appl icab le Not Not Not Not Not Not appli applic applic applic applic applic cabl able able able able able e Not applica ble Not applic able Not applic able Realtime Prepare
Alerts and SNMP traps are generated for storage events. The events are logged in the Lifecycle Log. Monitoring storage devices using web interface To view the storage device information using Web interface: • Go to Overview → Storage → Summary to view the summary of the storage components and the recently logged events. This page is automatically refreshed every 30 seconds. • Go to Overview → Storage → Topology to view the hierarchical physical containment view of the key storage components.
• Convert to non-RAID disk (supported only in RACADM and is a staged operation) • Blink or unblink the LED Related Links Inventorying and monitoring storage devices Assigning or unassigning physical disk as global hot spare Assigning or unassigning physical disk as global hot spare A global hot spare is an unused backup disk that is part of the disk group. Hot spares remain in standby mode.
The Setup Physical Disk page is displayed. 2. From the Controller drop-down menu, select the controller to view the associated physical disks. 3. To assign as a global hotspare, from the drop-down menus in the Action-Assign to All column, select Global Hotspare for one or more physical disks. 4. To unassign a hot spare, from the drop-down menus in the Action-Assign to All column, select Unassign Hotspare for one or more physical disks. 5.
5. Click Apply. The settings are applied based on the option selected in the operation mode. Converting physical disks to RAID capable or non-RAID mode using RACADM Depending on whether you want to convert to RAID or Non-RAID mode, use the following RACADM commands • To convert to RAID mode, use the racadm storage converttoraid command. • To convert to Non-RAID mode, use the racadm storage converttononraid command.
Before creating a virtual disk, you should be familiar with the information in Considerations Before Creating Virtual Disks. You can create a Virtual Disk using the Physical Disks attached to the PERC controller. To create a Virtual Disk, you must have the Server Control user privilege. You can create a maximum of 64 virtual drives and a maximum of 16 virtual drives in the same drive group. You cannot create a virtual disk if: • Physical disk drives are not available for virtual disk creation.
b. From the Controller drop-down menu, select the controller for which you want to create the virtual disk. c. From the Layout drop-down menu, select the RAID level for the Virtual Disk. Only those RAID levels supported by the controller appear in the drop-down menu and it is based on the RAID levels are available based on the total number of physical disks available. d. Select the Media Type, Stripe Size, Read Policy, Write Policy, Disk Cache Policy, T10 PI Capability.
The write policies specify if the controller sends a write-request completion signal when the data is in the cache or after it has been written to the disk. • Write Through — The controller sends a write-request completion signal only after the data is written to the disk. Write-through caching provides better data security than write-back caching, since the system assumes that the data is available only after it has been safely written to the disk.
virtual drive has a degraded status, running a check consistency may be able to return the virtual drive to ready status. You can also cancel the check consistency operation. The cancel check consistency is a real-time operation. You must have Login and Server Control privilege to check consistency of virtual disks. Initializing virtual disks Initializing virtual disks erases the all the data on the disk but does not change the virtual disk configuration.
It is always recommended to do a full initialization on drives that previously contained data. Full initialization can take up to 1-2 minutes per GB. The speed of initialization depends on the controller model, speed of hard drives, and the firmware version. The full initialize task initializes one physical disk at a time. NOTE: Full initialize is supported only in real-time. Only few controllers support full initialization.
You can specify more than one action for a virtual drive. When you select an action, an additional Action drop-down menu is displayed. Select another action from this drop-down menu. The action that is already selected does not appear in the additional Action drop-down menus. Also, the Remove link is displayed next to the selected action. Click this link to remove the selected action.
• To delete virtual disk: racadm storage deletevd: • To initialize virtual disk: racadm storage init: -speed {fast|full} • To check consistency of virtual disks: racadm storage ccheck: • To encrypt virtual disks: racadm storage encryptvd: • To assign or unassign dedicated hot spares: racadm storage hotspare: -assign yes -type dhs -vdkey: • To cancel the check consistency: racadm storage cancelcheck: Managing co
You must have Login and Server Control privilege to configure the controller properties. Patrol read mode considerations Patrol read identifies disk errors to avoid disk failures, data loss, or corruption. The Patrol Read does not run on a physical disk in the following circumstances: • The physical disk is not included in a virtual disk or assigned as a hot spare.
Check consistency The Check Consistency task verifies the accuracy of the redundant (parity) information. This task only applies to redundant virtual disks. When necessary, the Check Consistency task rebuilds the redundant data. If the virtual disk is in a Failed Redundancy state, running a check consistency may be able to return the virtual disk to a Ready state.
NOTE: Patrol read mode operations such as Start and Stop are not supported if there are no virtual disks available in the controller. Though you can invoke the operations successfully using the iDRAC interfaces, the operations will fail when the associated job is started. • To specify the Check Consistency Mode, use Storage.Controller.CheckConsistencyMode object. • To enable or disable the Copyback Mode, use Storage.Controller.CopybackMode object.
previous controller, but the virtual disk to which the hot spare was assigned is no longer present in the foreign configuration, then the physical disk is imported as a global hot spare. If any foreign configurations locked using Local Key manager (LKM) are Detected, then import foreign configuration operation is not possible in iDRAC in this release. You must unlock the drives through CTRL-R and then continue to import foreign configuration from iDRAC.
3. From the Apply Operation Mode drop-down menu, select when you want to import. 4. Click Import Foreign Configuration. Based on the selected operation mode, the configuration is imported. To automatically import foreign configurations, in the Configure Controller Properties section, enable the Enhanced Auto Import Foreign Config option, select the Apply Operation Mode and click Apply.
Resetting controller configuration You can reset the configuration for a controller. This operation deletes virtual disk drives and unassigns all hot spares on the controller. It does not erase any data other than removing the disks from the configuration. Reset configuration also does not remove any foreign configurations. The real-time support of this feature is available only in PERC 9.1 firmware. Reset configuration does not erase any data.
NOTE: Ensure that you back up the foreign configuration, security key, virtual disks, and hot spares before you switch the mode as the data is deleted. NOTE: Ensure that a CMC license is available for PERC FD33xS and FD33xD storage sleds before you change the controller mode. For more information on CMC license for the storage sleds, see the Dell Chassis Management Controller Version 1.2 for PowerEdge FX2/FX2s User's Guide available at dell.com/support/manuals.
For more information about the RACADM commands, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals. 12 Gbps SAS HBA adapter operations The non-RAID controllers are the HBAs that do not have few RAID capabilities. They do not support virtual disks. iDRAC interface supports only 12 Gbps SAS HBA controller and HBA330 internal controller in this release.
• All physical disks are in non-RAID mode. You can perform the following operations if the controller is in non-RAID mode: • Blink/unblink the physical disk.
• Hot plug capability • High-performance device The PCIe SSD subsystem consists of the Backplane, PCIe Extender card which is attached to the backplane of the system and provides PCIe connectivity for up to four or eight PCIe SSDs at the front of the chassis and the PCIe SSDs.
To view PCIe extender cards: racadm storage get controllers To view PCIe SSD backplane information: racadm storage get enclosures NOTE: For all the mentioned commands, PERC devices are also displayed. For more information, see the iDRAC RACADM Command Line Reference Guide available at dell.com/ esmmanuals. Preparing to remove PCIe SSD PCIe SSDs support orderly hot swap allowing you to add or remove a device without halting or rebooting the system in which the devices are installed.
NOTE: Ensure that iSM is installed and running to perform the preparetoremove operation. 4. From the Apply Operation Mode drop-down menu, select Apply Now to apply the actions immediately. If there are jobs to be completed, then this option is grayed-out. NOTE: For PCIe SSD devices, only the Apply Now option is available. This operation is not supported in staged mode. 5. Click Apply. If the job is not created, a message indicating that the job creation was not successful is displayed.
Erasing PCIe SSD device data using web interface To erase the data on the PCIe SSD device: 1. In the iDRAC Web interface, go to Overview → Storage → Physical Disks → Setup. The Setup Physical Disk page is displayed. 2. From the Controller drop-down menu, select the controller to view the associated PCIe SSDs. 3. From the drop-down menus, select Secure Erase for one or more PCIe SSDs.
Managing enclosures or backplanes You can perform the following for enclosures or backplanes: • • • • View properties Configure universal mode or split mode View slot information (universal or shared) Set SGPIO mode Related Links Summary of supported features for storage devices Supported enclosures Configuring backplane mode Viewing universal slots Setting SGPIO mode Configuring backplane mode The Dell 13th generation PowerEdge servers supports a new internal storage topology, where two storage controll
If any other RAID operations are in pending state or any RAID job is scheduled, you cannot change the backplane mode. Similarly, if this setting is pending, you cannot schedule other RAID jobs. NOTE: • Warning messages are displayed when the setting is being changed as there is a possibility of data loss. • LC Wipe or iDRAC reset operations do not change the expander setting for this mode. • This operation is supported only in real-time and not staged.
The output is: BackplaneCurrentMode=UnifiedMode 2. Run the following command to view the requested mode: get storage.enclosure.1.backplanerequestedmode The output is: BackplaneRequestedMode=None 3. Run the following command to set the requested backplane mode to split mode: set storage.enclosure.1.backplanerequestedmode "splitmode" The successful message is displayed. 4. Run the following command to verify if the backplanerequestedmode attribute is set to split mode: get storage.enclosure.1.
12. Run the following command and verify that only 0–11 drives are displayed: storage get pdisks For more information about the racadm command, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals Viewing universal slots Some of the 13th generation PowerEdge server backplanes supports both SAS/SATA and PCIe SSD drives in the same slot. These slots are wired to the primary storage controller (PERC) and a PCIe extender card. These slots are called “universal” slots.
NOTE: You cannot set the SGPIO mode using iDRAC Web interface. Setting SGPIO mode using RACADM To configure the SGPIO mode, use the SGPIOMode object with the set sub command. If it is set to disabled, it is I2C mode. If enabled, it is set to SGPIO mode. For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
NOTE: For PERC 8 or earlier controllers, Graceful Shutdown is the default option. For PERC 9 controllers, No Reboot (Manually Reboot System) is the default option. • Add to Pending Operations — Select this option to create a pending operation to apply the settings. You can view all pending operations for a controller in the Overview → Storage → Pending Operations page. NOTE: • 3.
• At Next Reboot — Select this option to commit all the operations during the next system reboot. This is the default option for PERC 8 controllers. This option is applicable for PERC 8 and later versions. • At Scheduled Time — Select this option to commit the operations at a scheduled day and time. This option is applicable for PERC 8 and later versions. – Start Time and End Time — Click the calendar icons and select the days. From the drop-down menus, select the time.
Case 2: selected an apply operation (apply now, at next reboot, or at scheduled time) and there are existing pending operations If you have selected Apply Now, At Next Reboot, or At Scheduled Time and then clicked Apply, first the pending operation is created for the selected storage configuration operation. • If the pending operation is created successfully and if there are existing pending operations, then a message is displayed.
– Click OK to remain on the page to perform more storage configuration operations. – Click Pending Operations to view the pending operations for the device. NOTE: • At any time, if you do not see the option to create a job on the storage configuration pages, go to Storage Overview → Pending Operations page to view the existing pending operations and to create the job on the required controller. • Only cases 1 and 2 are applicable for PCIe SSD.
• Select or deselect individual virtual disks — Select one or more virtual disks and click Blink to start blinking the LEDs for the virtual disks. Similarly, click Unblink to stop blinking the LEDs. If the blink or unblink operation is not successful, error messages are displayed.
Configuring and using virtual console 14 You can use the virtual console to manage a remote system using the keyboard, video, and mouse on your management station to control the corresponding devices on a managed server. This is a licensed feature for rack and tower servers. It is available by default in blade servers. The key features are: • A maximum of six simultaneous Virtual Console sessions are supported. All the sessions view the same managed server console simultaneously.
Screen Resolution Refresh Rate (Hz) 1024x768 60, 70, 72, 75, 85 1280x1024 60 It is recommended that you configure your monitor display resolution to 1280x1024 pixels or higher. NOTE: If you have an active Virtual Console session and a lower resolution monitor is connected to the Virtual Console, the server console resolution may reset if the server is selected on the local console. If the system is running a Linux operating system, an X11 console may not be viewable on the local monitor.
2. You can start the HTML5 virtual console using any of the following methods: 3. • In Internet Explorer, click Tools → Compatibility View Settings and clear the Display intranet sites in Compatibility View check-box. • In Internet Explorer using an IPv6 address, modify the IPv6 address as follows: https://[fe80::d267:e5ff:fef4:2fe9]/ to https://fe80--d267-e5fffef4-2fe9.ipv6-literal.
For ActiveX applications in Windows 2003, Windows XP, Windows Vista, Windows 7, and Windows 2008, configure the following Internet Explorer settings to use the ActiveX plug-in: 1. Clear the browser’s cache. 2. Add iDRAC IP or host name to the Trusted Sites list. 3. Reset the custom settings to Medium-low or change the settings to allow installation of signed ActiveX plug-ins. 4. Enable the browser to download encrypted content and to enable third-party browser extensions.
7. Close and restart the browser for the settings to take effect. Clearing browser cache If you have issues when operating the Virtual Console, (out of range errors, synchronization issues, and so on) clear the browser’s cache to remove or delete any old versions of the viewer that may be stored on the system and try again. NOTE: You must have administrator privilege to clear the browser’s cache.
An output file is generated. For example, if the CA certificate file name is cacert.pem, the command is: openssl x509 –in cacert.pem –noout –hash The output similar to “431db322” is generated. 3. Rename the CA file to the output file name and include a “.0" extension. For example, 431db322.0. 4. Copy the renamed CA certificate to your home directory. For example, C:\Documents and Settings \ directory.
Launching virtual console You can launch the virtual console using the iDRAC Web Interface or a URL. NOTE: Do not launch a Virtual Console session from a Web browser on the managed system. Before launching the Virtual Console, make sure that: • You have administrator privileges. • Web browser is configured to use HTML5, Java, or ActiveX plug-ins. • Minimum network bandwidth of one MB/sec is available.
Multiple message boxes may appear after you launch the application. To prevent unauthorized access to the application, navigate through these message boxes within three minutes. Otherwise, you are prompted to relaunch the application. If one or more Security Alert windows appear while launching the viewer, click Yes to continue. Two mouse pointers may appear in the viewer window: one for the managed server and another for your management station. To synchronize the cursors, see Synchronizing mouse pointers.
Using virtual console viewer The Virtual Console Viewer provides various controls such as mouse synchronization, virtual console scaling, chat options, keyboard macros, power actions, next boot devices, and access to Virtual Media. For information to use these features, see the iDRAC Online Help. NOTE: If the remote server is powered off, the message ’No Signal’ is displayed.
• Console control — This has the following configuration options: – Keyboard – Keyboard Macros – Aspect Ratio – Touch Mode – Mouse Acceleration • Keyboard — This keyboard uses open source code. The difference from physical keyboard is that the number keys are switched to special character when you the Caps Lock key is enabled. Functionality remains the same and number is entered if you press the special character when the Caps Lock key is enabled.
– Relative, no acceleration – Relative (RHEL, earlier versions of Linux) – Linux RHEL 6.x and SUSE Linux Enterprise Server 11 or later Click Apply to apply the selected settings on the server. • Virtual Media — Click Connect Virtual Media option to start the virtual media session. The virtual media menu displays the Browse option to browse and map the ISO and IMG files. NOTE: You cannot map physical media such USB-based drives, CD, or DVD by using the HTML5 based virtual console.
the iDRAC Virtual Console, this feature must be disabled. To disable Predictable Pointer Acceleration, in the mouse section of the /etc/X11/xorg.conf file, add: Option "AccelerationScheme" "lightweight". If synchronization problems continue, do the following additional change in the /.gconf/ desktop/gnome/peripherals/mouse/%gconf.xml file: Change the values for motion_threshold and motion_acceleration to -1.
Java based virtual console session running on Linux operating system ActiveX based virtual console session running on Windows operating system Java-based virtual console session running on Windows operating system • Ctrl+Alt+Del key is not sent to the managed system, but always interpreted by the management station.
– Add an entry to /etc/sysctl.conf – echo "1" > /proc/sys/kernel/sysrq • When Pass all keystrokes to server is enabled, the magic SysRq keys are sent to the operating system on the managed system.
ActiveX based virtual console session running on Windows operating system The behavior of the pass all keystrokes to server feature in ActiveX based Virtual Console session running on Windows operating system is similar to the behavior explained for Java based Virtual Console session running on the Windows management station with the following exceptions: • When Pass All Keys is disabled, pressing F1 launches the application Help on both management station and managed system, and the following message is d
Managing virtual media 15 Virtual media allows the managed server to access media devices on the management station or ISO CD/DVD images on a network share as if they were devices on the managed server. Using the Virtual Media feature, you can: • Remotely access media connected to a remote system over the network • Install applications • Update drivers • Install an operating system on the managed system This is a licensed feature for rack and tower servers.
Figure 4. Virtual media setup Supported drives and devices The following table lists the drives supported through virtual media. Table 28. Supported drives and devices Drive Supported Storage Media Virtual Optical Drives • • • • • Virtual floppy drives USB flash drives • Legacy 1.44 floppy drive with a 1.
Configuring virtual media using RACADM To configure the virtual media, • Use the objects in the iDRAC.VirtualMedia group with the set command. • Use the objects in the cfgRacVirtual group with the config command. For more information, see the RACADM Command Line Reference Guide for iDRAC available at dell.com/idracmanuals. Configuring virtual media using iDRAC settings utility You can attach, detach, or auto-attach virtual media using the iDRAC Settings utility. To do this: 1.
If the RFS connection is not active and you attempt to launch the Virtual Media client, the client launches successfully. You can then use the Virtual Media client to map devices and files to the Virtual Media virtual drives. Related Links Configuring web browsers to use virtual console Configuring virtual media Launching virtual media using virtual console Before you launch Virtual Media through the Virtual Console, make sure that: • Virtual Console is enabled.
The following message is displayed: Virtual Console has been disabled. Do you want to continue using Virtual Media redirection? 3. Click OK. The Virtual Media window is displayed. 4. From the Virtual Media menu, click Map CD/DVD or Map Removable Disk. For more information, see Mapping virtual drive. NOTE: The virtual device drive letters on the managed system do not coincide with the physical drive letters on the management station.
Viewing virtual device details To view the virtual device details, in the Virtual Console Viewer, click Tools → Stats. In the Stats window, the Virtual Media section displays the mapped virtual devices and the read/write activity for each device. If Virtual Media is connected, this information is displayed. If Virtual Media is not connected, the “Virtual Media is not connected” message is displayed.
3. In the Drive/Image File field, select the device from the drop-down list. The list contains all the available (unmapped) devices that you can map (CD/DVD, Removable Disk, Floppy Drive) and image file types that you can map (ISO or IMG). The image files are located in the default image file directory (typically the user’s desktop). If the device is not available in the dropdown list, click Browse to specify the device.
The check mark for that menu item does not appear indicating that it is not mapped to the host server. NOTE: After unmapping a USB device attached to vKVM from a client system running the Macintosh operating system, the unmapped device may be unavailable on the client. Restart the system or manually mount the device on the client system to view the device.
Related Links Mapping virtual drive Configuring virtual media 285
Installing and using VMCLI utility 16 The Virtual Media Command Line Interface (VMCLI) utility is an interface that provides virtual media features from the management station to iDRAC on the managed system. Using this utility you can access virtual media features, including image files and physical drives, to deploy an operating system on multiple remote systems in a network. NOTE: You can run the VMCLI utility only on the management station that is installed with 32–bit operating system.
VMCLI syntax The VMCLI interface is identical on both Windows and Linux systems. The VMCLI syntax is: VMCLI [parameter] [operating_system_shell_options] For example, vmcli -r iDRAC-IP-address:iDRAC-SSL-port The parameter enables VMCLI to connect to the specified server, access iDRAC, and map to the specified virtual media. NOTE: VMCLI syntax is case-sensitive. To ensure security, it is recommended to use the following VMCLI parameters: • vmcli -i — Enables an interactive method of starting VMCLI.
If the file is not write-protected, Virtual Media may write to the image file. To make sure that Virtual Media does not write to the media: • Configure the operating system to write-protect a floppy image file that must not be overwritten. • Use the write-protection feature of the device. When virtualizing read-only image files, multiple sessions can use the same image media simultaneously. When virtualizing physical drives, only one session can access a given physical drive at a time.
Managing vFlash SD card 17 The vFlash SD card is a Secure Digital (SD) card that plugs into the vFlash SD card slot in the system. You can use a card with a maximum of 16 GB capacity. After you insert the card, you must enable vFlash functionality to create and manage partitions. vFlash is a licensed feature. If the card is not available in the system's vFlash SD card slot, the following error message is displayed in the iDRAC Web interface at Overview → Server → vFlash: SD card not detected.
Viewing vFlash SD card properties After vFlash functionality is enabled, you can view the SD card properties using iDRAC Web interface or RACADM. Viewing vFlash SD card properties using web interface To view the vFlash SD card properties, in the iDRAC Web interface, go to Overview → Server → vFlash. The SD Card Properties page is displayed. For information about the displayed properties, see the iDRAC Online Help.
NOTE: If vFlash functionality is disabled, SD card properties are not displayed. 3. Click Apply. The vFlash functionality is enabled or disabled based on the selection.
Initializing vFlash SD card using RACADM To initialize the vFlash SD card using RACADM, use one of the following: • Using vFlashSD command: racadm vflashsd initialize • Using set command: racadm set iDRAC.vflashsd.Initialized 1 All existing partitions are deleted and the card is reformatted. For more information about these commands, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals and dell.com/esmmanuals.
• Formatting a partition • Viewing available partitions • Modifying a partition • Attaching or detaching partitions • Deleting existing partitions • Downloading partition contents • Booting to a partition NOTE: If you click any option on the vFlash pages when an application such as WS-MAN, iDRAC Settings utility, or RACADM is using vFlash, or if you navigate to some other page in the GUI, iDRAC may display the message: vFlash is currently in use by another process. Try again after some time.
A 20 MB empty partition in FAT16 format is created. By default, an empty partition is created as readwrite. Creating a partition using an image file You can create a new partition on the vFlash SD card using an image file (available in the .img or .iso format.) The partitions are of emulation types: Floppy (.img), Hard Disk (.img), or CD (.iso). The created partition size is equal to the image file size.
A new partition is created. By default, the created partition is read-only. This command is case sensitive for the image file name extension. If the file name extension is in upper case, for example FOO.ISO instead of FOO.iso, then the command returns a syntax error. NOTE: This feature is not supported in local RACADM. NOTE: Creating vFlash partition from an image file located on the CFS or NFS IPv6 enabled network share is not supported.
• To get the status of operation on partition 1: racadm vflashpartition status -i 1 • To get the status of all existing partitions: racadm vflashpartition status -a NOTE: The -a option is valid only with the status action. Modifying a partition You can change a read-only partition to read-write or vice-versa. Before modifying the partition, make sure that: • The vFlash functionality is enabled. • You have Access Virtual Media privileges. NOTE: By default, a read-only partition is created.
racadm set iDRAC.vflashpartition..AccessType 0 • Using set command to specify the Emulation type: racadm set iDRAC.vflashpartition..EmulationType Attaching or detaching partitions When you attach one or more partitions, they are visible to the operating system and BIOS as USB mass storage devices. When you attach multiple partitions, based on the assigned index, they are listed in an ascending order in the operating system and the BIOS boot order menu.
racadm set iDRAC.vflashpartition..AttachState 1 – To detach a partition: racadm set iDRAC.vflashpartition..AttachState 0 Operating system behavior for attached partitions For Windows and Linux operating systems: • The operating system controls and assigns the drive letters to the attached partitions. • Read-only partitions are read-only drives in the operating system. • The operating system must support the file system of an attached partition.
• Managed system (where iDRAC is operated from) • Network location mapped to a management station. Before downloading the partition contents, make sure that: • You have Access Virtual Media privileges. • The vFlash functionality is enabled. • An initialize operation is not being performed on the card. • For a read-write partition, it must not be attached. To download the contents of the vFlash partition: 1. In the iDRAC Web interface, go to Overview → Server → vFlash → Download.
Using SMCLP 18 The Server Management Command Line Protocol (SMCLP) specification enables CLI-based systems management. It defines a protocol for management commands transmitted over standard character oriented streams. This protocol accesses a Common Information Model Object Manager (CIMOM) using a human-oriented command set. The SMCLP is a sub-component of the Distributed Management Task Force (DMTF) SMASH initiative to streamline systems management across multiple platforms.
Running SMCLP commands You can run the SMCLP commands using SSH or Telnet interface. Open an SSH or Telnet interface and log in to iDRAC as an administrator. The SMCLP prompt (admin ->)is displayed. SMCLP prompts: • yx1x blade servers use -$. • yx1x rack and tower servers use admin->. • yx2x blade, rack, and tower servers use admin->. where, y is an alpha-numeric character such as M (for blade servers), R (for rack servers), and T (for tower servers) and x is a number.
Verb Definition load Moves a binary image to a specified target address from a URL The following table provides a list of targets. Table 32.
Target Definitions admin1/system1/sp1/capabilities1/ rolemgtcap* Local Role Based Management capabilities admin1/system1/sp1/capabilities/ PwrutilmgtCap1 Power utilization management capabilities admin1/system1/sp1/capabilities1/ elecap1 Authentication capabilities admin1/system1/sp1/settings1 Service Processor settings collection admin1/system1/sp1/settings1/ clpsetting1 CLP service settings data admin1/system1/sp1/clpsvc1 CLP service protocol service admin1/system1/sp1/clpsvc1/clpendpt* CLP
Target Definitions admin1/system1/sp1/rolesvc2/Role1-3 IPMI role admin1/system1/sp1/rolesvc2/Role4 IPMI Serial Over LAN (SOL) role admin1/system1/sp1/rolesvc3 CLP RBA Service admin1/system1/sp1/rolesvc3/Role1-3 CLP role admin1/system1/sp1/rolesvc3/Role1-3/ privilege1 CLP role privilege Related Links Running SMCLP commands Usage examples Navigating the map address space Objects that can be managed with SM-CLP are represented by targets arranged in a hierarchical space called the Manageability Ac
show –d properties=(userid,name) /admin1/system1/sp1/account1 If you only want to show one property, you can omit the parentheses. Using the -level option The show -level option executes show over additional levels beneath the specified target. To see all targets and properties in the address space, use the -l all option. Using the -output option The -output option specifies one of four formats for the output of SM-CLP verbs: text, clpcsv, keyword, and clpxml.
• To reboot the server: reset /system1 The following message is displayed: system1 has been reset successfully SEL management The following examples show how to use the SMCLP to perform SEL-related operations on the managed system.
Commands: cd show help exit version • To view the SEL record: show/system1/logs1/log1 The following output is displayed: /system1/logs1/log1/record4 Properties: LogCreationClassName= CIM_RecordLog CreationClassName= CIM_LogRecord LogName= IPMI SEL RecordID= 1 MessageTimeStamp= 20050620100512.
Map target navigation The following examples show how to use the cd verb to navigate the MAP. In all examples, the initial default target is assumed to be /. Type the following commands at the SMCLP command prompt: • To navigate to the system target and reboot: cd system1 reset The current default target is /. • To navigate to the SEL target and display the log records: cd system1 cd logs1/log1 show • To display current target: type cd . • To move up one level: type cd ..
Using iDRAC Service Module v2.3.0 19 The iDRAC Service Module is a software application that is recommended to be installed on the server (it is not installed by default). It complements iDRAC with monitoring information from the operating system. It complements iDRAC by providing additional data to work with iDRAC interfaces such as the Web interface, RACADM, and WSMAN.
• Redfish profile support for network attributes • iDRAC Hard Reset • iDRAC access via Host OS (Experimental Feature) • In-band iDRAC SNMP alerts • View operating system (OS) information • Replicate Lifecycle Controller logs to operating system logs • Perform automatic system recovery options • Populate Windows Management Instrumentation (WMI) Management Providers • Integrate with SupportAssist Collection. This is applicable only if iDRAC Service Module version 2.0 or later is installed.
NOTE: Starting iDRAC Service Module version 2.1, the Lifecycle Controller Logs replication location in the Windows OS logs can be configured using the iDRAC Service Module installer. You can configure the location while installing iDRAC Service Module or modifying the iDRAC Service Module installer. If OpenManage Server Administrator is installed, this monitoring feature is disabled to avoid duplicate SEL entries in the OS log.
CIM Interface WinRM WMIC PowerShell CreationClassName= DCIM_Account +Name=iDRAC.Embedd ed.1#Users. 2+SystemCreationCl assName=DCIM_SPCom puterSystem +SystemName=system mc where Name="iDRAC.Embedd ed.1#Users.16" Class dcim_account filter "Name='iDRAC.Embed ded.1#Users.16'" winrm e wmi/root/ Get associated instances of an instance cimv2/dcim/* dialect:associatio n -filter: {object=DCIM_Accou nt? CreationClassName= DCIM_Account +Name=iDRAC.Embedd ed.1#Users.
NOTE: This feature is not supported on Dell PowerEdge R930 server and is supported only on Dell’s 13th generation of PowerEdge servers and later. Command usage This section provides the command usages for Windows, Linux, and ESXi operating systems to perform iDRAC hard reset.
NOTE: VMware ESXi operating system does not prompt for confirmation before resetting the iDRAC. NOTE: Due to limitations on the VMware ESXi operating system, iDRAC connectivity is not restored completely after the reset. Ensure that you manually reset iDRAC. For more information, see the “Remote iDRAC Hard Reset” in this document. Error Handling Table 33.
-u: -p: -r:http:/// wsman -a:Basic -encoding:utf-8 -skipCACheck –skipCNCheck • Linux operating system On all iSM supported Linux operating system, iSM provides an executable command. You can run this command by logging into the operating system by using SSH or equivalent. – To enable this feature: Enable-iDRACSNMPTrap.sh 1 Enable-iDRACSNMPTrap.sh enable – To disable this feature: Enable-iDRACSNMPTrap.sh 0 Enable-iDRACSNMPTrap.
rule, OS2iDRAC. The listen port number is added to the OS2iDRAC firewall rule in the host operating system, which allows incoming connections. By default, the firewall rule is disabled. You can enable the rule in the Windows Firewall Advanced Options menu. NOTE: Ensure that the Microsoft IP Helper Services is running on your system for this feature to function. To access the iDRAC Web interface, use the format https:// or OS-IP>:443/ login.
— If the value is 1, is required and is optional. Coexistence of OpenManage Server Administrator and iDRAC Service Module In a system, both OpenManage Server Administrator and the iDRAC Service Module can co-exist and continue to function correctly and independently.
20 Using USB port for server management In Dell PowerEdge 12th generation servers, all USB ports are dedicated to the server. With the 13th generation of servers, one of the front panel USB port is used by iDRAC for management purposes such as pre-provisioning and troubleshooting. The port has an icon to indicate that it is a management port. All 13th generation servers with LCD panel support this feature. This port is not available in a few of the 200-500 model variations without the LCD panel.
Management LED (if present) turns green and remains ON for two seconds. 4. Wait for the IP address to be assigned to the laptop (169.254.0.4) and iDRAC (169.254.0.3). This may take several seconds. 5. Start using iDRAC network interfaces such as Web interface, RACADM, or WS-Man. 6. When iDRAC is using the USB port, LED blinks indicating activity. Blink frequency is four per second. 7. After using, disconnect the cable. The LED turns off.
• USB Management Port Mode is modified. • Device is automatically switched from iDRAC to OS. • Device is ejected from iDRAC or OS When a device exceeds its power requirements as allowed by USB specification, the device is detached and an over-current event is generated with the following properties: • Category : System Health • Type: USB device • Severity: Warning • Allowed notifications: Email, SNMP trap, remote syslog and WS-Eventing. • Actions: None.
• To view USB device inventory: racadm hwinventory • To set up over current alert configuration: racadm eventfilters For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/esmmanuals. Configuring USB management port using iDRAC settings utility To configure the USB port: 1. In the iDRAC Settings Utility, go to Media and USB Port Settings. The iDRAC Settings Media and USB Port Settings page is displayed. 2. 3.
Minimum value is 300 -Maximum value is 3600 seconds. Configuration XML import Host control Instruction EndHostPowerState On On,Off InstructionRow>
LED blinking behavior If the USB LED is present, it indicates the following: • Solid green – When the server configuration profile is being copied from the USB device. • Blinking green – When the job is in-progress. • Solid green – When the job has completed successfully. Logs and results file The following information is logged for the import operation: • Automatic import from USB is logged in the Lifecycle Controller log file.
Using iDRAC Quick Sync 21 A few Dell 13th generation PowerEdge servers have the Quick Sync bezel that supports the Quick Sync feature. This feature enables at-the-server management with a mobile device. This allows you to view inventory and monitoring information and configure basic iDRAC settings (such as root credential setup and configuration of the first boot device) using the mobile device. You can configure iDRAC Quick Sync access for your mobile device (example, OpenManage Mobile) in iDRAC.
Configuring iDRAC Quick Sync Using iDRAC web interface or RACADM, you can configure iDRAC Quick Sync feature to allow access to the mobile device: • Access — You can specify any of the following options to configure the access state of iDRAC Quick Sync feature: – Read-Write — Default status. – Read-write access – Allows you to configure the basic iDRAC settings. – Read-only access – Allows you to view inventory and monitoring information.
Configuring iDRAC Quick Sync settings using iDRAC settings utility To configure iDRAC Quick Sync: 1. In the iDRAC Settings Utility, go to Front Panel Security. The iDRAC Settings Front Panel Security page is displayed. 2. In the iDRAC Quick Sync section: • Specify the access level. • Enable Timeout. • Specify the User Defined Timeout Limit (15 seconds to 3600 seconds). For more information about the fields, see the iDRAC Online Help. 3. Click Back, click Finish, and then click Yes.
Deploying operating systems 22 You can use any of the following utilities to deploy operating systems to managed systems: • Virtual Media Command Line Interface (CLI) • Virtual Media Console • Remote File Share Related Links Deploying operating system using VMCLI Deploying operating system using remote file share Deploying operating system using virtual media Deploying operating system using VMCLI Before you deploy the operating system using the vmdeploy script, make sure that: • VMCLI utility is
3. Open a command prompt with administrator privileges and run the vmdeploy script: vmdeploy.bat -r -u -p [ -f { | < device-name>} | -c { |} ] [-i ] NOTE: vmdeploy does not support IPv6, since IPv6 does not support the IPMI tool. NOTE: The vmdeploy script processes the -r option slightly differently than the vmcli -r option.
• Network share contains drivers and operating system bootable image file, in an industry standard format such as .img or .iso. NOTE: While creating the image file, follow standard network-based installation procedures, and mark the deployment image as read-only to make sure that each target system boots and runs the same deployment procedure. To deploy an operating system using RFS: 1. Using Remote File Share (RFS), mount the ISO or IMG image file to the managed system through NFS or CIFS. 2.
NOTE: iDRAC vFlash feature and RFS are not related. If you update the iDRAC firmware from version 1.30.30 to 1.50.50 firmware while there is an active RFS connection and the Virtual Media Attach Mode is set to Attach or Auto Attach, the iDRAC attempts to reestablish the RFS connection after the firmware upgrade is completed and the iDRAC reboots. If you update the iDRAC firmware from version 1.30.30 to 1.50.
where, user_defined_mount_point is any directory you choose to use for the mount similar to any mount command. For RHEL, the CD device (.iso virtual device) is /dev/scd0 and floppy device (.img virtual device) is /dev/sdc. For SLES, the CD device is /dev/sr0 and the floppy device is /dev/sdc.
To deploy an operating system using Virtual Media: 1. Do one of the following: • Insert the operating system installation CD or DVD into the management station CD or DVD drive. 2. • Attach the operating system image. Select the drive on the management station with the required image to map it. 3. Use one of the following methods to boot to the required device: • 4. Set the boot order to boot once from Virtual Floppy or Virtual CD/DVD/ISO using the iDRAC Web interface.
About IDSDM Internal Dual SD Module (IDSDM) is available only on applicable platforms. IDSDM provides redundancy on the hypervisor SD card by using another SD card that mirrors the first SD card’s content. Either of the two SD cards can be the master. For example, if two new SD cards are installed in the IDSDM, SD1 is active (master) card and SD2 is the standby card. The data is written on both the cards, but the data is read from SD1.
23 Troubleshooting managed system using iDRAC You can diagnose and troubleshoot a remote managed system using: • Diagnostic console • Post code • Boot and crash capture videos • Last system crash screen • System event logs • Lifecycle logs • Front panel status • Trouble indicators • System health Related Links Using diagnostic console Scheduling remote automated diagnostics Viewing post codes Viewing boot and crash capture videos Viewing logs Viewing last system crash screen Viewing front
Scheduling remote automated diagnostics You can remotely invoke automated offline diagnostics on a server as a one-time event and return the results. If the diagnostics require a reboot, you can reboot immediately or stage it for a subsequent reboot or maintenance cycle (similar to updates). When diagnostics are run, the results are collected and stored in the internal iDRAC storage. You can then export the results to an NFS or CIFS network share using the diagnostics export racadm command.
Scheduling remote automated diagnostics using RACADM To run the remote diagnostics and save the results on the local system, use the following command: racadm diagnostics run -m -r -s -e To export the last run remote diagnostics results, use the following command: racadm diagnostics export -f -l -u -p For more information about the options, see the iDRAC8 RACADM Command Line Interface Reference Guide ava
• 3. Capture until buffer full — Boot sequence is captured until the buffer size has reached. • Capture until end of POST — Boot sequence is captured until end of POST. Click Apply to apply the settings. Viewing logs You can view System Event Logs (SELs) and Lifecycle logs. For more information, see Viewing System Event Log and Viewing Lifecycle log . Viewing last system crash screen The last crash screen feature captures a screenshot of the most recent system crash, saves, and displays it in iDRAC.
panel), then both Hide Error and UnHide Error is grayed-out. You can hide or unhide the errors only for rack and tower servers. To view LCD front panel status using RACADM, use the objects in the System.LCD group. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/ idracmanuals.
CAUTION: You should only perform troubleshooting and simple repairs as authorized in your product documentation, or as directed by online or telephone service and support team. Damage due to servicing that is not authorized by Dell is not covered by your warranty. Read and follow the safety instructions that came with the product.
The report is generated in the standard ZIP format.
• Hardware • OS and Application Data NOTE: While specifying the network share settings, it is recommended to avoid special characters for user name and password or percent encode the special characters. • Click Advanced Export Options to select the following additional options: – RAID Controller Log – Enable Report Filtering under OS and Application Data Based on the options selected, the time taken to collect the data is displayed next to these options. 3.
Linux Operating System Command to Check the IPMI Service Status Command to Start the IPMI Service $ systemctl status ipmi.service $ systemctl start ipmi.service Oracle Linux 6.4 Red Hat Enterprise Linux 7 NOTE: – CentOS is supported only for iDRAC Service Module 2.0 or later. – If the IPMI modules are not present, then you can install the respective modules from the OS distribution media. The service starts once the installation is complete.
7. • For Linux, run Linux_OSCollector_Startup.exe. After the OS collector has completed transferring the data to iDRAC, the USB device is removed automatically by iDRAC. 8. Return to the SupportAssist page, click the Refresh icon to reflect the new timestamp. 9. To export the data, under Export Location, select Local or Network. 10. If you have selected Network, enter the network location details. 11.
• iDRAC reset to default Before performing system erase, make sure that: • You have iDRAC Server Control privilege. • Lifecycle Controller is enabled. The Lifecycle Controller Data option erases any content such as the LC Log, configuration database, rollback firmware, factory as-shipped logs, and the configuration information from the FP SPI (or management riser).
3. Click Back and navigate to the same Reset iDRAC configurations to defaults page to view the success message.
Frequently asked questions 24 This section lists the frequently asked questions for the following: • System Event Log • Network security • Active Directory • Single Sign On • Smart card login • Virtual console • Virtual media • vFlash SD card • SNMP authentication • Storage devices • iDRAC Service Module • RACADM • Miscellaneous System Event Log While using iDRAC Web interface through Internet Explorer, why does SEL not save using the Save As option? This is due to a browser sett
Network security While accessing the iDRAC Web interface, a security warning appears stating that the SSL certificate issued by the Certificate Authority (CA) is not trusted. iDRAC includes a default iDRAC server certificate to ensure network security while accessing through the Web-based interface and remote RACADM. This certificate is not issued by a trusted CA. To resolve this, upload a iDRAC server certificate issued by a trusted CA (for example, Microsoft Certificate Authority, Thawte or Verisign).
– The Active Directory Enabled option is selected on the Active Directory Configuration and Management page. – The DNS setting is correct on the iDRAC Networking configuration page. – The correct Active Directory root CA certificate is uploaded to iDRAC if certificate validation was enabled. – The iDRAC name and iDRAC Domain name matches the Active Directory environment configuration if you are using extended schema.
This must be the host name (FQDN) or the IP address of the domain controller(s) that serves the domain in which the iDRAC object resides. When to configure Global Catalog Address(es)? If you are using standard schema and the users and role groups are from different domains, Global Catalog Address(es) are required. In this case, you can use only Universal Group. If you are using standard schema and all the users and role groups are in the same domain, Global Catalog Address(es) are not required.
• Security — Security groups allow you to manage user and computer access to shared resources and to filter group policy settings. • Distribution — Distribution groups are intended to be used only as email distribution lists. Always make sure that the group type is Security. You cannot use distribution groups to assign permission on any object, however use them to filter group policy settings. Single Sign-On SSO login fails on Windows Server 2008 R2 x64.
7. Navigate to HKEY_LOCAL_MACHINE → System → CurrentControlSet → Control → LSA . 8. In the right-pane, right-click and select New → DWORD (32-bit) Value. 9. Name the new key as SuppressExtendedProtection. 10. Right-click SuppressExtendedProtection and click Modify. 11. In the Value data field, type 1 and click OK. 12. Close the Registry Editor window. You can now log in to iDRAC using SSO.
It gives a local user an opportunity to take any action before the video is switched off. Is there a time delay when turning on the local video? No, after a local video turn ON request is received by iDRAC, the video is turned on instantly. Can the local user also turn off or turn on the video? When the local console is disabled, the local user cannot turn off or turn on the video. Does switching off the local video also switch off the local keyboard and mouse? No.
Before starting a Virtual Console session, make sure that the correct mouse is selected for your operating system. Make sure that the Single Cursor option under Tools in the iDRAC Virtual Console menu is selected on iDRAC Virtual Console client. The default is two cursor mode. Can a keyboard or mouse be used while installing a Microsoft operating system remotely through the Virtual Console? No.
You may see this message because a parameter necessary to capture video is beyond the range for which the iDRAC can capture the video. Parameters such as display resolution or refresh rate too high causes an out of range condition. Normally, physical limitations such as video memory size or bandwidth sets the maximum range of parameters. When starting a Virtual Console session from iDRAC web interface, why is an ActiveX security popup displayed? iDRAC may not be in the trusted site list.
1. Activate the magic key function on the remote Linux server. You can use the following command to activate it on the Linux terminal: echo 1 > /proc/sys/kernel/sysrq 2. Activate the keyboard pass-through mode of Active X Viewer. 3. Press Ctrl+Alt+Print Screen. 4. Release only Print Screen. 5. Press Print Screen+Ctrl+Alt. NOTE: The SysRq feature is currently not supported with Internet Explorer and Java.
iDRAC allows you to boot from the following bootable media: • CDROM/DVD Data media • ISO 9660 image • 1.44 Floppy disk or floppy image • A USB key that is recognized by the operating system as a removable disk • A USB key image How to make the USB key a bootable device? You can also boot with a Windows 98 startup disk and copy system files from the startup disk to the USB key.
6. At the Linux prompt, run the following command: mount /dev/sdx /mnt/CD where: /dev/sdx is the device name found in step 4 and /mnt/floppy is the mount point. Why are the virtual drives attached to the server removed after performing a remote firmware update using the iDRAC web interface? Firmware updates cause the iDRAC to reset, drop the remote connection, and unmount the virtual drives. The drives reappear when iDRAC reset is complete.
vFlash SD card When is the vFlash SD card locked? The vFlash SD card is locked when an operation is in-progress. For example, during an initialize operation. SNMP authentication Why is the message 'Remote Access: SNMP Authentication Failure' displayed? As part of discovery, IT Assistant attempts to verify the get and set community names of the device. In IT Assistant, you have the get community name = public and the set community name = private.
NOTE: Use the systemctl status dcismeng.service command instead of the init.d command to check if the iDRAC Service Module is installed on Red Hat Enterprise Linux 7 operating system. How to check the version number of the iDRAC Service Module installed in the system? To check the version of the iDRAC Service Module in the system, do any of the following: • Click Start → Control Panel → Programs and Features. The version of the installed iDRAC Service Module is listed in the Version tab.
• Change the iDRAC USBNIC address on a unique destination mask. • Delete the entries that are not required from the routing table to make sure that USB NIC is chosen by route when the host wants to reach the iDRAC USB NIC IPv4 address. On iDRAC Service Module version 2.0 and earlier, when uninstalling iDRAC Service Module from a VMware ESXi server, the virtual switch is named as vSwitchiDRACvusb and port group as iDRAC Network on the vSphere client.
RACADM After performing an iDRAC reset (using the racadm racreset command), if any command is issued, the following message is displayed. What does this indicate? ERROR: Unable to connect to RAC at specified IP address The message indicates that you must wait until the iDRAC completes the reset before issuing another command. When using RACADM commands and subcommands, some errors are not clear.
This occurs because the create partition operation is in-progress. However, the partition is deleted after sometime and a message that the partition is deleted is displayed. If not, wait until the create partition operation is completed and then delete the partition.
From iDRAC web Interface: Go to Overview → Server → Properties → Summary. The System Summary page displays the iDRAC IP address. From Local RACADM: Use the command racadm getsysinfo. From LCD: On the physical server, use the LCD panel navigation buttons to view the iDRAC IP address. Go to Setup View → View → iDRAC IP → IPv4 or IPv6 → IP.
• Memory is not installed or is inaccessible. • CPU is not installed or is inaccessible • Video riser card is missing or not connected properly. Also, see error messages in iDRAC log using iDRAC web interface or from the server LCD.
Use case scenarios 25 This section helps you in navigating to specific sections in the guide to perform typical use case scenarios. Troubleshooting an inaccessible managed system After receiving alerts from OpenManage Essentials, Dell Management Console, or a local trap collector, five servers in a data center are not accessible with issues such as hanging operating system or server. Need to identify the cause to troubleshoot and bring up the server using iDRAC.
Inventorying and monitoring storage devices Using iDRAC Service Module v2.3.0 Obtaining system information and assess system health To obtain system information and assess system health: • In iDRAC Web interface, go to Overview → Server → System Summary to view the system information and access various links on this page to asses system health. For example, you can check the health of the chassis fan. • You can also configure the chassis locator LED and based on the color, assess the system health.
• CMC Web interface • Lifecycle Controller–Remote Services • Lifecycle Controller • Dell Remote Access Configuration Tool (DRACT) Performing graceful shutdown To perform graceful shutdown, in iDRAC Web interface, go to one of the following locations: • Overview → Server → Power/Thermal → Power Configuration → Power Control. The Power Control page is displayed. Select Graceful Shutdown and click Apply. • Overview → Server → Power/Thermal → Power Monitoring.
Managing rack density Suppose two servers are installed in a rack. To add two additional servers, need to determine how much capacity is left in the rack. To assess the capacity of a rack to add additional servers: 1. View the current power consumption data and historical power consumption data for the servers. 2. Based on the data, power infrastructure and cooling system limitations, enable the power cap policy and set the power cap values.