Dell Chassis Management Controller Version 6.
Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your product. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. © 2008 - 2018 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries.
Contents 1 Overview.................................................................................................................................... 13 What is new in this release..................................................................................................................................................14 Key Features.........................................................................................................................................................................
Configuring LEDs to Identify Components on the Chassis............................................................................................32 Configuring LED Blinking Using CMC Web Interface............................................................................................... 32 Configuring LED Blinking Using RACADM..................................................................................................................32 Configuring CMC Properties....................................
Server Component Update Sequence........................................................................................................................49 Supported Firmware Versions for Server Component Update............................................................................... 50 Enabling Lifecycle Controller........................................................................................................................................
Disabling FIPS Mode......................................................................................................................................................76 Configuring Services........................................................................................................................................................... 76 Configuring Services Using CMC Web Interface......................................................................................................
Configuring iDRAC Network Settings...............................................................................................................................97 Configuring iDRAC QuickDeploy Network Settings.................................................................................................. 97 Modifying iDRAC Network Settings for Individual Server iDRAC..........................................................................100 Modifying iDRAC Network Settings Using RACADM.................
9 Configuring User Accounts and Privileges................................................................................... 120 Types of Users................................................................................................................................................................... 120 Modifying Root User Administrator Account Settings..................................................................................................123 Configuring Local Users.........................
About FlexAddress Plus.....................................................................................................................................................157 FlexAddress and FlexAddress Plus Comparison.............................................................................................................157 Activating FlexAddress......................................................................................................................................................
iKVM User Interface.......................................................................................................................................................... 179 iKVM Key Features............................................................................................................................................................ 179 Physical Connection Interfaces..............................................................................................................................
Power Conservation and Power Budget..................................................................................................................203 Maximum Power Conservation Mode...................................................................................................................... 203 Server Power Reduction to Maintain Power Budget............................................................................................. 204 110V PSUs AC Operation......................................
LCD Error Messages.........................................................................................................................................................226 LCD Module and Server Status Information................................................................................................................. 230 18 Frequently Asked Questions..................................................................................................... 233 RACADM......................................
1 Overview The Dell Chassis Management Controller (CMC) for Dell EMC PowerEdge M1000e chassis is a systems management hardware and software solution for managing multiple Dell server chassis. It is a hot-pluggable card that is installed at the back of Dell PowerEdge M1000e chassis. The CMC has its own microprocessor and memory and is powered by the modular chassis into which it is plugged.
What is new in this release This release of CMC for Dell EMC PowerEdge M1000e supports: • • • • Enabling forced password change to comply with SB-327 Regulations of California, USA. Regenerating SSH self-signed-key using CLI command. Updating OpenSSH open-source package to version 7.9p1. Updating OpenSSH open-source package to version 1.0.2r. Key Features The CMC features are grouped into management and security features.
Security Features CMC provides the following security features: • • Password-level security management — Prevents unauthorized access to a remote system. Centralized user authentication through: • • • Active Directory using Standard Schema or an Extended Schema (optional.) • Hardware-stored user IDs and passwords. Role-based authority — Enables an administrator to configure specific privileges for each user. User ID and password configuration through the Web interface.
Table 2. CMC Server Listening Ports Port Number Function 22* SSH 23* Telnet 80* HTTP 161 SNMP Agent 443* HTTPS * Configurable port The following table lists the ports that CMC uses as a client. Table 3.
Servers Minimum version of CMC PowerEdge M630 CMC 5.0 PowerEdge M830 CMC 5.0 PowerEdge M640 CMC 6.0 The following table lists the minimum CMC version required to enable the listed IOMs. Table 5. Minimum CMC Version for IOMs IOM Switches Minimum version of CMC PowerConnect M6220 CMC 1.0 PowerConnect M6348 CMC 2.1 PowerConnect M8024 CMC 1.2 PowerConnect M8024-k CMC 3.2 PowerConnect M8428-k CMC 3.1 Dell 10/100/1000Mb Ethernet Pass-Through CMC 1.0 Dell 4Gbps FC Pass-Through Module CMC 1.
Servers BIOS iDRAC Lifecycle Controller PowerEdge M610 6.3.0 3.50 1.6 PowerEdge M610x 6.3.0 3.50 1.6 PowerEdge M710 6.4.0 3.80 1.7.5.4 PowerEdge M710HD 7.0.0 3.50 1.6 PowerEdge M910 2.9.0 3.50 1.6 Power Edge M915 3.2.2 3.80 1.7.5.4 PowerEdge M420 2.3.3 2.40.40.40 2.40.40.40 PowerEdge M520 2.4.2 2.40.40.40 2.40.40.40 PowerEdge M620 2.5.4 2.40.40.40 2.40.40.40 PowerEdge M820 2.3.3 2.40.40.40 2.40.40.40 PowerEdge M630 2.7.1 2.52.52.52 2.52.52.
Supported Management Station web browsers For the latest information about supported web browsers, see the Chassis Management Controller Version 6.21 Release Notes at dell.com/cmcmanuals. • • • • • • • • Microsoft Internet Explorer 11 Microsoft EDGE Safari version 10.1.2 Safari version 11.1.2 Mozilla Firefox 61 Mozilla Firefox 62 Google Chrome 68 Google Chrome 69 NOTE: By default, TLS 1.1 and TLS 1.2 are supported in this release. However, to enable TLS 1.
The following system documents available at dell.com/support/manuals provide more information about the system in which CMC is installed: • • • • • • • • The safety instructions that came with your system provide important safety and regulatory information. For additional regulatory information, see the Regulatory Compliance home page at www.dell.com/regulatory_compliance. Warranty information may be included within this document or as a separate document.
2 Installing and Setting Up CMC This section provides information about how to install the PowerEdge M1000e Chassis Management Controller (CMC) hardware, establish access to CMC, configure your management environment to use CMC, and guides you through the next steps for configuring the CMC: • • • • Set up initial access to CMC. Access CMC through a network. Add and configure CMC users. Update CMC firmware.
5. Push the power button at the lower left corner of the chassis or power on the chassis from the CMC Web interface after completing step 7. NOTE: Do not turn on the servers. 6. Using the LCD panel on the front of the system, provide CMC with a static IP address or configure it for DHCP. 7. Connect to the CMC IP address and provide default username (root) and password (calvin). 8. Provide each iDRAC with an IP address in the CMC Web interface and enable the LAN and IPMI interface.
Figure 2. Daisy-chained CMC network 1 Management Network 2 Standby CMC 3 Active CMC The following figures provide examples of incorrect cabling of CMC. Figure 3. Incorrect cabling for CMC network — 2 CMCs Figure 4.
Figure 5. Incorrect cabling for CMC network — 2 CMCs To daisy-chain up to four chassis: 1. 2. 3. 4. 5. Connect the GB port of the active CMC in the first chassis to the management network. Connect the GB port of the active CMC in the second chassis to the STK port of the active CMC in the first chassis. If you have a third chassis, connect the GB port of its active CMC to the STK port of the active CMC in the second chassis.
NOTE: On the Red Hat Enterprise Linux 5 operating system, DVDs are auto-mounted with the -noexec mount option. This option does not allow you to run any executable from the DVD. You need to mount the DVD-ROM manually and then run the executables. 4. Navigate to the SYSMGMT/ManagementStation/linux/rac directory. To install the RAC software, type the following command: rpm -ivh *.rpm 5. For help on the RACADM command, type racadm help after you run the previous commands.
4. In the Local Area Network (LAN) settings dialog box, go to the Proxy server section. Select the Use a proxy server for your LAN option. The Advanced option is enabled. 5. Click Advanced. 6. In the Exceptions section, add the addresses for CMCs and iDRACs on the management network as a semicolon-separated list. You can use DNS names and wildcards in your entries. Mozilla FireFox To edit the exception list in Mozilla Firefox version 3.0: 1. Start Mozilla Firefox. 2.
1. Start Internet Explorer. 2. Click Tools > Internet Options > Advanced. 3. Scroll to the Multimedia section and select the Play animations in web pages option. Setting Up Initial Access to CMC To manage CMC remotely, connect CMC to your management network and then configure CMC network settings. NOTE: To manage the M1000e solution, it must be connected to your management network. For information to configure CMC network settings, see Configuring Initial CMC Network.
Configuring CMC Network Using LCD Panel Interface NOTE: The option to configure CMC using the LCD panel is available only until CMC is deployed or the default password is changed. If the password is not changed, you can continue to use the LCD to reset the configurations of the CMC causing a possible security risk. The LCD panel is on the bottom-left corner on the front of the chassis. To set up a network using the LCD panel interface: 1. Press the chassis power button to turn it on.
To register your DNS server’s IP address, press the center button to proceed. If you have no DNS, press the right arrow key. The Register DNS? screen appears; go to step 10. Set the DNS IP Address using the right or left arrow keys to move between positions, and the up and down arrow keys to select a number for each position. When you have finished setting the DNS IP address, press the center button to continue. 9. Indicate whether you want to configure iDRAC: • • No: Skip to step 13.
Table 8. CMC Interfaces Interface Description Web interface Provides remote access to CMC using a graphical user interface. The Web interface is built into the CMC firmware and is accessed through the NIC interface from a supported Web browser on the management station. For a list of supported Web browsers, see the Supported Browsers section in the Chassis Management Controller Version 5.0 Release Notes at dell.com/support/manuals.
Interface Description WinRM tool sets a default response timeout of 60 seconds for all WSMan commands it sends out. WinRM does not allow varying this timeout interval. Using “winrm set winrm/config @{MaxTimeoutms ="80000"}” does not change the timeout due to a bug in the WinRM tool. Therefore, it is recommended that WinRM is not used for commands that may take more than one minute to complete execution.
Setting Chassis Physical Location and Chassis Name Using RACADM To set the chassis name or location, date and time using the command line interface, see the setsysinfo and setchassisname commands. For more information, see Chassis Management Controller for Dell PowerEdge M1000e RACADM Command Line Reference Guide. Setting Date and Time on CMC You can set the date and time manually, or you can synchronize the date and time with a Network Time Protocol (NTP) server.
where specifies the module whose LED you want to configure. Configuration options: • • • server-nx where n = 1-8 and x = a, b, c, or d switch-n where n=1–6 cmc-active and specifies whether the LED should blink. Configuration options: • • 0 — not blinking (default) 1 — blinking Configuring CMC Properties You can configure CMC properties such as power budgeting, network settings, users, and SNMP and email alerts using the Web interface or RACADM.
Configuring Login Lockout Policy Attributes Using RACADM You can use RACADM to configure the Login lockout policy attributes for the following features: • • • • • User blocking IP address blocking Number of login attempts allowed Timespan for the lockout failure counts to occur Lockout penalty time • To enable user blocking feature, use: racadm config -g cfgRacTuning -o • cfgRacTuneUserBlkEnable <0|1> To enable IP blocking feature, use: racadm config –g cfgRacTuning –o cfgRacTuneIPBlkEnable <0|1> •
About Standby CMC The standby CMC is identical to and is maintained as a mirror of the active CMC. The active and standby CMCs must both be installed with the same firmware revision. If the firmware revisions differ, the system reports as redundancy degraded. The standby CMC assumes the same settings and properties of the active CMC. Maintain the same firmware version on both CMCs, but you need not duplicate configuration settings on the standby CMC.
3 Logging In to CMC You can log in to CMC as a CMC local user, as a Microsoft Active Directory user, or as an LDAP user. The default user name and password is root and calvin, respectively. You can also log in using Single Sign-On or Smart Card.
Related tasks Configuring Web Browser Logging Into CMC as Local User, Active Directory User, or LDAP User Logging Into CMC Using Smart Card Logging Into CMC Using Single Sign-on Logging Into CMC as Local User, Active Directory User, or LDAP User To log in to CMC, you must have a CMC account with Log In to CMC privilege. The default CMC user name is root, and the password is calvin. The root account is the default administrative account that ships with CMC.
Related tasks Accessing CMC Web Interface Logging Into CMC Using Smart Card You can log in to CMC using a smart card. Smart cards provide Two Factor Authentication (TFA) that provide two-layers of security: • • Physical smart card device. Secret code such as a password or PIN. Users must verify their credentials using the smart card and the PIN. NOTE: You cannot use the IP address to log in to CMC using Smart Card login. Kerberos validates your credentials based on the Fully Qualified Domain Name (FQDN).
NOTE: If you did not log in to the Active Directory domain and are using a browser other then Internet Explorer, the login fails and the browser only displays a blank page. Related tasks Configuring CMC SSO Or Smart Card Login For Active Directory Users Logging In to CMC Using Serial, Telnet, or SSH Console You can log in to CMC through a serial, Telnet, or SSH connection, or through Dell CMC console on iKVM.
For example: • Logging in: ssh service@ or ssh service@ where IP_address is the CMC IP address. • Sending RACADM commands: ssh service@ racadm getversion and ssh service@ racadm getsel When you log in using the service account, if a passphrase was set up when creating the public or private key pair, you may be prompted to enter that passphrase again. If a passphrase is used with the keys, both Windows and Linux clients provide methods to automate that as well.
• • a-z Special characters: +, &, ?, >, -, }, |, ., !, (, ', ,, _,[, ", @, #, ), *, ;, $, ], /, §, %, =, <, :, {, I, \ 3. In the Confirm Password field, type the password again. 4. Click Continue. The new password is configured and you are logged in to CMC. NOTE: Continue is enabled only if the passwords provided in the New Password and Confirm Password fields match. For information about the other fields, see the CMC Online Help.
• • a-z Special characters: +, &, ?, >, -, }, |, ., !, (, ', ,, _, [, ", @, #, ), *, ;, $, ], /, §, %, =, <, :, {, I, ~, and \ 2. Reenter the new password in the Confirm Password text box. 3. Click Continue to submit the new password for logging into the CMC web interface.
4 Updating Firmware You can update firmware for the following: • • • CMC - active and standby iKVM IOMs You can update firmware for the following server components: • • • • • • • iDRAC - iDRACs earlier than iDRAC6 must be updated using the recovery interface. iDRAC6 firmware can also be updated with the recovery interface, but is deprecated for iDRAC6 and future versions.
CMC Web Interface Saving Chassis Inventory Report Using CMC Web Interface. It is recommended to update the firmware for a M1000e chassis in the following order: • • Blade components firmware CMC firmware For more information on the update sequence for M1000e chassis, see the CMC Firmware 5.0 Release Notes on support site. Signed CMC Firmware Image For M1000e CMC version 5.0 and later, the firmware includes a signature.
If you have redundant CMCs installed in the chassis, it is recommended to update both the CMCs to the same firmware version at the same time with a single operation. If CMCs have different firmware and a failover occurs, unexpected results may occur. NOTE: CMC firmware update or roll back is supported only for the firmware versions 3.10, 3.20, 3.21, 4.0, 4.10, 4.11, 4.30, 4.31, 4.45, 4.5, 5.0, and later.
• The Update State field displays the firmware update status. NOTE: The update may take several minutes for CMC. 6. For a standby CMC, when the update is complete the Update State field displays Done. For an active CMC, during the final phases of the firmware update process, the browser session and connection with CMC is lost temporarily as the active CMC is taken offline. You must log in again after a few minutes, when the active CMC has rebooted.
Updating IOM Infrastructure Device Firmware By performing this update, the firmware for a component of the IOM device is updated, but not the firmware of the IOM device itself; the component is the interface circuitry between the IOM device and CMC. The update image for the component resides in the CMC file system, and the component displays as an updatable device on the CMC Web interface only if the current revision on the component and the component image on CMC do not match.
• • • Chassis Overview > Chassis Controller > Update Chassis Overview > I/O Module Overview > Update Chassis Overview > iKVM > Update The Firmware Update page is displayed. You can also update server iDRAC firmware at Chassis Overview > Server Overview > Update . For more information, see the Updating Server Component Firmware. 2.
stored on a network share and update the server components in a single operation. You can set up a custom remote repository of firmware DUPs and binary images, using the Dell Repository Manager, and share it on the Network Share. NOTE: The Single Click all blade update method has the following benefits: • Enables you to update all the components on all the blade servers with minimal clicks. • All the updates are packaged in a directory. This avoids individual upload of each component’s firmware.
Supported Firmware Versions for Server Component Update The following section provides the supported component versions for CMC firmware update and Server Component Update. The following table lists the supported firmware versions for server components when CMC Firmware is updated from 6.0 to 6.1 version but the server components are not updated to the next version. NOTE: CMC firmware update from 6.0 to 6.
Platform M420 M520 M620 M820 M630 M830 M640 Server Component Current Component Version (N-1 Version) Diagnostics 5158A3 BIOS 8.0.0 iDRAC 2.52.52.52 Lifecycle Controller 2.52.52.52 Diagnostics 4231A0 BIOS 2.4.2 NIC 19.2.0 iDRAC 2.52.52.52 Lifecycle Controller 2.52.52.52 Diagnostics 4231A0 BIOS 2.4.2 NIC 19.2.0 iDRAC 2.52.52.52 Lifecycle Controller 2.52.52.52 Diagnostics 4231A0 BIOS 2.5.4 iDRAC 2.52.52.52 Lifecycle Controller 2.52.52.
Platform Server Component Current Component Version (N-1 Version) BIOS 1.3.7 The following table lists the supported firmware versions for server components in a scenario where the existing CMC Firmware version is 6.0 and the server components are updated from N-1 version to N version. NOTE: Server components firmware update from N-1 version to N version is successful when the CMC firmware is at version 5.
Platform M420 M520 M620 M820 M630 M830 M640 Server Component Previous Component Version (N-1 Version) Updated Component Version (N Version) BIOS 8.0.0 8.2.0 NIC 7.8.15 20.6.18 iDRAC 2.52.52.52 2.60.60.60 Lifecycle Controller 2.52.52.52 2.60.60.60 Diagnostics 4231A0 4247A1 BIOS 2.4.2 2.6.1 NIC 19.2.0 20.00.00.13 iDRAC 2.52.52.52 2.60.60.60 Lifecycle Controller 2.52.52.52 2.60.60.60 Diagnostics 4231A0 4247A1 BIOS 2.4.2 2.6.1 NIC 19.2.0 20.00.00.13 iDRAC 2.52.52.
Platform Server Component Previous Component Version (N-1 Version) Updated Component Version (N Version) BIOS 1.3.7 1.4.8 Enabling Lifecycle Controller You can enable the Lifecycle Controller service during the server boot process: • • For iDRAC servers, on the boot console, when prompted with the message Press for Remote Access Setup within 5 sec., press . Then, on the setup screen, enable System Services. For iDRAC servers, on the boot console, select F2 for System Setup.
The following table lists the components that are supported by the Firmware Update feature. NOTE: When multiple firmware updates are applied through out-of-band methods or using the LC Web interface, the updates are ordered in the most efficient possible manner to reduce unnecessary restarting of a system. Table 12.
Few devices such as Network Interface Controllers (NICs) and RAID Controllers contain many types and models. The update selection logic automatically filters the relevant device type or model based on the initially selected devices. The primary reason for this automatic filtering behavior is that only one firmware image file for the category can be specified. NOTE: The update size limitation of either a single DUP or combined DUPs can be ignored if the Extended Storage feature is installed and enabled.
6. In the Component/Device Firmware Inventory section, select the check box against Select/Deselect All to select all the supported servers. Alternatively, select the check box against the server for which you want to update the server component firmware. You cannot select individual components for the server. 7.
After the filtered set of components and devices is displayed in the inventory section, further filtering may occur when a component or device is selected for update. For example, if the BIOS filter is selected, then the inventory section displays all the servers with only their BIOS component. If a BIOS component on one of the servers is selected, the inventory is further filtered to display the servers that match the model name of the selected server.
Field Description Name Displays the name of the server in each slot. Model Displays the model of the server. Component/Device Displays a description of the component or device on the server. If the column width is too narrow the mouse-over tool provides a view of the description. The description is displayed as shown in the following example: QLogic 577xx/578xx 10 Gb Ethernet BCM12345 - 22:X1:X2:X3:BB:0A NOTE: The WWN details of FC 16 cards are not displayed in the Firmware Inventory section.
NOTE: File Name is optional only when the default catalog file name is catalog.xml. If the catalog file name is • • • • • changed, then the new name must be entered in this field. Profile Folder Domain Name User Name Password SMB Version NOTE: The SMB Version option is available only if the Protocol type is CIFS.
Re-installing Server Component Firmware You can re-install the firmware image of the currently installed firmware for selected components or devices across one or more servers. The firmware image is available within the Lifecycle Controller. Re-installing Server Component Firmware Using Web Interface To re-install Server Component Firmware: 1. In the system tree, go to Server Overview, and then Click > Update > Server Component Update. The Server Component Update page is displayed. 2.
5 Viewing Chassis Information and Monitoring Chassis and Component Health You can view information and monitor the health for the following: • • • • • • • • • Active and standby CMCs All severs and individual servers Storage arrays All IO Modules (IOMs) and individual IOMs Fans iKVM Power supplies (PSUs) Temperature sensors LCD assembly Topics: • • • • • • • • • • • • • Viewing Chassis Component Summaries Viewing Chassis Summary Viewing Chassis Controller Information and Status Viewing Information and He
To view the chassis health, go to Chassis Overview > Properties > Health. It displays the overall health status for the chassis, active and standby CMCs, sever modules, IO Modules (IOMs), fans, iKVM, power supplies (PSUs), temperature sensors, and LCD assembly. Detailed information for each component is displayed when you click on that component. In addition, the latest events in the CMC Hardware Log are also displayed. For more information, see the CMC Online Help.
Table 15. Server Icon States in 14th generation systems Icon Description Server is powered on and is operating normally. Server is off. Server is reporting a non-critical error. Server is reporting a critical error. No server is present. NOTE: By default, the server state icons for Dell's 13th generation PowerEdge systems are displayed if, you insert a 14th generation PowerEdge server when the chassis is turned off.
Table 16.
Viewing Information and Health Status of All Servers To view the health status of all the servers, do any of the following: 1. Go to Chassis Overview > Properties > Health. The Chassis Health page displays a graphical overview of all the servers installed in the chassis. Server health status is indicated by the overlay of the server subgraphic. For more information, see the CMC Online Help. 2. Go to Chassis Overview > Server Overview > Properties > Status.
Viewing Information and Health Status For Individual IOM To view health status of the individual IOMs, in the CMC Web interface, do any of the following: 1. Go to Chassis Overview > Properties > Health. The Chassis Health page is displayed. The lower section of Chassis Graphics depicts the rear view of the chassis and contains the health status for the IOMs. IOM health status is indicated by the overlay of the IOM subgraphic. Move the cursor to hover over the individual IOM subgraphic.
Viewing PSU Information and Health Status To view the health status of the Power Supply Units (PSUs) associated with the chassis, do any of the following: 1. Go to Chassis Overview > Properties > Health. The Chassis Health page is displayed. The lower section of chassis graphics provides the rear view of the chassis and contains the health status of all PSUs. PSU health status is indicated by the overlay of the PSU subgraphic.
6 Configuring CMC CMC enables you to configure CMC properties, set up users, and set up alerts to perform remote management tasks. Before you begin configuring the CMC, you must first configure the CMC network settings to allow the CMC to be managed remotely. This initial configuration assigns the TCP/IP networking parameters that enable access to the CMC. For more information, see Setting Up Initial Access to CMC. You can configure CMC using Web interface or RACADM.
• • • • Configuring Multiple CMCs through RACADM Using Chassis Configuration Profiles Configuring Multiple CMCs through RACADM Using Configuration File Viewing and Terminating CMC Sessions Configuring Enhanced Cooling Mode for Fans Viewing and Modifying CMC Network LAN Settings The LAN settings, such as community string and SMTP server IP address, affect both the CMC and the external settings of the chassis.
To enable/disable the CMC IPv4 addressing, type: racadm config -g cfgLanNetworking -o cfgNicIPv4Enable 1 racadm config -g cfgLanNetworking -o cfgNicIPv4Enable 0 NOTE: The CMC IPv4 addressing is enabled by default. To enable/disable the CMC IPv6 addressing, type: racadm config -g cfgIpv6LanNetworking -o cfgIPv6Enable 1 racadm config -g cfgIpv6LanNetworking -o cfgIPv6Enable 0 NOTE: The CMC IPv6 addressing is disabled by default.
Setting Static DNS IP addresses NOTE: The Static DNS IP addresses settings are not valid unless the DCHP for DNS address feature is disabled.
is 0 (half duplex) or 1 (full duplex, default) racadm config -g cfgNetTuning -o cfgNetTuningNicSpeed where: is 10 or 100 (default). Setting the Maximum Transmission Unit for IPv4 and IPv6 The Maximum Transmission Unit (MTU) property allows you to set a limit for the largest packet that can be passed through the interface. To set the MTU, type: racadm config -g cfgNetTuning -o cfgNetTuningMtu where is a value between 576–1500 (inclusive; default is 1500).
IP filtering compares the IP address of an incoming login to the IP address range that is specified.
3. Then, specify the VLAN priority for the external chassis management network: racadm config -g cfgLanNetworking -o cfgNicVLanPriority The valid values for are 0–7. Default is 0. For example: racadm config -g cfgLanNetworking -o cfgNicVLanPriority 7 You can also specify both the VLAN ID and the VLAN priority with a single command: racadm setniccfg -v For example: racadm setniccfg -v 1 7 4.
Enabling FIPS Mode Using CMC Web Interface To enable FIPS: 1. In the left pane, click Chassis Overview. The Chassis Health page is displayed. 2. On the menu bar, click Network. The Network Configuration page is displayed. 3. Under the Federal Information Processing Standards (FIPS) section, from the FIPS Mode drop-down menu, select Enabled. A message is displayed that enabling FIPS resets CMC to the default settings. 4. Click OK to proceed.
Configuring Services Using CMC Web Interface To configure CMC services using CMC Web interface: 1. In the system tree, go to Chassis Overview, and then click Network > Services. The Services page is displayed. 2. Configure the following services as required: • • • • • • • CMC serial console Web server SSH Telnet Remote RACADM SNMP Remote Syslog For information about the fields, see CMC Online Help. 3. Click Apply, and then update all default time outs and maximum time out limits.
If two CMCs are present in the chassis, both CMCs must contain flash media. CMC features which depend on flash media (except for Flexaddress) do not function properly until the Dell-authorized media is installed and enabled on this page. Setting Up Chassis Group CMC enables you to monitor multiple chassis from a single lead chassis. When a Chassis Group is enabled, CMC in the lead chassis generates a graphical display of the status of the lead chassis and all member chassis within the Chassis Group.
The status of the new member is displayed by selecting the Group in the tree. Details are available by clicking on the chassis image or the details button. NOTE: The credentials entered for a member are passed securely to the member chassis, to establish a trust relationship between the member and lead chassis. The credentials are not persisted on either chassis, and are never exchanged again after the initial trust relationship is established.
3. If a member CMC is the required destination, select Launch CMC for the required chassis. If you try logging in to the member chassis using Launch CMC when both the leader and chassis are FIPS enabled or disabled, you are directed to the Chassis Group Health page. Else, you are directed to the Login page of the member chassis. If a server in a chassis is the required destination: a) Select the image of the destination chassis.
• • The Chassis Group leader chassis and all Chassis Group member chassis must be in Chassis Power State On. All servers in the associated chassis must be powered on.
• • • OS Drivers RAID NIC NOTE: The inventory information displayed for the chassis group, member chassis, servers, and server components is updated every time a chassis is added or removed from the group. Viewing Chassis Group Inventory To view the chassis group using CMC Web interface, in the system tree, select Group. Click Properties > Firmware Version. The Chassis Group Firmware Version page displays all the chassis in the group.
Login Type Certificate Type How to Obtain • Trusted CA certificate — This certificate is issued by a CA. Active Directory user login Trusted CA certificate This certificate is issued by a CA. Local User login SSL Certificate Generate a CSR and get it signed from a trusted CA. NOTE: CMC ships with a default self-signed SSL server certificate. The CMC Web server and Virtual Console use this certificate.
Related concepts Generating a New Certificate Signing Request Uploading Server Certificate Viewing Server Certificate Generating a New Certificate Signing Request To ensure security, it is strongly recommended that you obtain and upload a secure server certificate to CMC. Secure server certificates ensure the identity of a remote system and that information exchanged with the remote system cannot be viewed or changed by others.
Uploading Server Certificate Using CMC Web Interface To upload a server certificate using the CMC Web interface: 1. In the system tree, go to Chassis Overview, and then click Network > SSL. The SSL Main Menu is displayed. 2. Select Upload Server Certificate Based on Generated CSR option and click Next. 3. Click Choose File and specify the certificate file. 4. Click Apply. If the certificate is invalid, an error message is displayed.
NOTE: The server certificate displays the common name as the rack name appended with the domain name, if available. Else, only the rack name is displayed. Viewing Server Certificate Using RACADM To view the SSL server certificate, use the sslcertview command. For more information, see the Chassis Management Controller for Dell PowerEdge M1000e RACADM Command Line Reference Guide available at dell.com/support/manuals.
To restore the chassis configuration, perform the following tasks: 1. Go to the Chassis Configuration Profiles page. In the Restore Configuration > Restore Chassis Configuration section, click Browse and select the backup file to import the saved chassis configuration. 2. Click Restore Configuration to upload an encrypted backup file (.bak) or a .xml stored profile file to the CMC. The CMC web interface returns to the login page after a successful restore operation. NOTE: If the backup files (.
Editing Chassis Configuration Profiles You can edit chassis configuration profile name of a chassis. To edit a chassis configuration profile name, perform the following tasks: 1. Go to the Chassis Configuration Profiles page. In the Chassis Configuration Profiles > Stored Profiles section, select the required profile and then click Edit Profile. The Edit Profile window is displayed. 2. Enter a desired profile name in the Profile Name field and click Edit Profile. Operation Successful message is displayed.
1. To export the chassis configuration profiles as clone.xml file, type the following: racadm –r xx.xx.xx.xx –u USERNAMECMC –p PASSWORDCMC get –f clone.xml –t xml Importing Chassis Configuration profiles You can import chassis configuration profiles from network share to another chassis by using the set command. 1. To import the chassis configuration profiles from CIFS network share, type the following: racadm set –f clone.xml –t xml –l //xx.xx.xx.xx/PATH –u USERNAME –p PASSWORDCMC 2.
Configuring Multiple CMCs through RACADM Using Configuration File Using configuration file, you can configure one or more CMCs with identical properties through RACADM.. When you query a specific CMC card using its group ID and object ID, RACADM creates the racadm.cfg configuration file from the retrieved information. By exporting the file to one or more CMCs, you can configure your controllers with identical properties in a minimal amount of time.
To check for errors before you create the configuration file, use the -c option with the config subcommand. With the -c option, config only verifies syntax and does not write to the CMC. Follow these guidelines when you create a .cfg file: • If the parser encounters an indexed group, it is the value of the anchored object that differentiates the various indexes. • The parser reads in all of the indexes from the CMC for that group.
• All parameters are specified as "object=value" pairs with no white space between the object, =, or value. White spaces that are included after the value are ignored. A white space inside a value string remains unmodified. Any character to the right of the = (for example, a second =, a #, [, ], and so on) is taken as-is. These characters are valid modem chat script characters. [cfgLanNetworking] -{group name} cfgNicIpAddress=143.154.133.121 {object value} • The .cfg parser ignores an index object entry.
This file is updated as follows: # # Object Group "cfgLanNetworking" # [cfgLanNetworking] cfgNicIpAddress=192.168.1.143 # comment, the rest of this line is ignored cfgNicGateway=192.168.1.1 The command racadm config -f .cfg parses the file and identifies any errors by line number. A correct file updates the proper entries. Additionally, you can use the same getconfig command from the previous example to confirm the update.
NOTE: In the Enhanced Cooling Mode (ECM), the new generation fans provide superior cooling features when compared to current generation fans of M1000e chassis. This increased cooling is not always needed and comes at the expense of higher acoustics (where the system can sound up to 40% louder) and increased system fan power. You can enable or disable the ECM feature on the basis of cooling required for a chassis. By default, the ECM feature is disabled on a chassis.
In case of errors, an error message is displayed. The default value of Enhanced Cooling Mode option is disabled (0). This value is set to disabled (0) when racresetcfg command is issued.
7 Configuring Server You can do the following on the server: • • • • • • • Configuring Slot Names Configuring iDRAC Network Settings Configuring iDRAC VLAN Tag Settings Setting First Boot Device Configuring Server FlexAddress Configuring Remote File Share Configuring BIOS Settings Using Server Clone Topics: • • • • • • • Configuring Slot Names Configuring iDRAC Network Settings Configuring iDRAC VLAN Tag Settings Setting First Boot Device Configuring Server FlexAddress Configuring Remote File Share Confi
2. In the Slot Name field, edit the slot name. Repeat this step for each slot you want to rename. 3. To use the host name of the server as slot name, select Use Host Name for Slot Name option. This option replaces the static slot names with the host names (or system names) of the server, if it is available. NOTE: To use the Use Host Name for Slot Name, you must install OMSA agent on the server. For more details on the OMSA agent, see the Dell OpenManage Server Administrator User's Guide. 4.
Setting Description Set iDRAC Root Password on Server Insertion Specifies whether a server’s iDRAC root password must be changed to the value provided in the iDRAC Root Password field when the server is inserted. iDRAC Root Password When Set iDRAC Root Password on Server Insertion and QuickDeploy Enabled options are selected, this password value is assigned to a server's iDRAC root user password when the server is inserted into chassis.
Setting Description addresses is 16 and subnet mask is 255.255.255.0, the IP addresses generated for slots beyond 11 are all outside the subnet. Hence, trying to set this combination for QuickDeploy settings generates an error message. iDRAC IPv4 Netmask Specifies the QuickDeploy subnet mask that is assigned to all newly inserted servers. iDRAC IPv4 Gateway Specifies the QuickDeploy default gateway that is assigned to all iDRAC present in the chassis.
The following figure shows the QuickDeploy IP addresses assignment to the servers when there are 16 half height severs in a M1000e chassis: The following figure shows the QuickDeploy IP addresses assignment to the servers when there are 32 quarter height severs in a M1000e chassis: Configuring Reserved QuickDeploy IP Addresses Using RACADM To modify the number of static IP addresses allocated for servers on the chassis using RACADM, use the following command: racadm deploy –q -n where is the
Modifying iDRAC Network Settings Using RACADM RACADM config or getconfig commands support the -m option for the following configuration groups: • • • • • • cfgLanNetworking cfgIPv6LanNetworking cfgRacTuning cfgRemoteHosts cfgSerial cfgSessionManagement For more information on the property default values and ranges, see the Chassis Management Controller for Dell PowerEdge M1000e RACADM Command Line Reference Guide.
For example: racadm setniccfg -m server-1 -v Setting First Boot Device You can specify the CMC first boot device for each server. This may not be the actual first boot device for the server or even represent a device present in that server; instead it represents a device sent by CMC to the server and used as its first boot device for that server.
1. In the system tree, go to Server Overview, and then click Setup > First Boot Device. A list of servers is displayed. 2. In the First Boot Device column, from the drop-down menu, select the boot device you want to use for each server. 3. If you want the server to boot from the selected device every time it boots, clear the Boot Once option for the server. If you want the server to boot from the selected device only on the next boot cycle, select the Boot Once option for the server. 4.
This action involves the following: • • • • The remote file share is connected. The file is selected as the first boot device for the servers. The server is restarted. Power is applied to the server if the server is turned off. Configuring Profile Settings Using Server Configuration Replication The server configurations replicating feature allows you to apply all profile settings from a specified server to one or more servers.
Accessing Server Profiles Page You can add, manage, and apply server profiles to one or more servers using the Server Profiles page. To access the Server Profiles page using the CMC Web interface, in the system tree, go to Chassis Overview > Server Overview. Click Setup > Profiles. The Server Profiles page is displayed.
1. Go to the Server Profiles page. In the Save and Apply Profiles section, select the server or servers for which you want to apply the selected profile. The Select Profile drop-down menu gets enabled. NOTE: The Select Profile drop-down menu displays all available profiles, sorted by type, including those that are on the remote share and SD card. 2. From the Select Profile drop-down menu, select the profile that you want to apply. The Apply Profile option gets enabled. 3. Click Apply Profile.
NOTE: The CMC web interface captures the normal server configuration profile (snapshot of the server), which can be used for replication on a target system. However, some configurations such as RAID and identity attributes are not propagated to the new server. For more information on alternate export modes for RAID configurations and identity attributes, see the white paper, Server Cloning with Server Configuration Profiles, at DellTechCenter.com.
Viewing Profile Log To view the profile log, in the Server Profiles page, see the Recent Profile Log section. This section lists the 10 latest profile log entries directly from server configuration operations. Each log entry displays the severity, the time and date of submission of the server configuration operation, and the configuration log message description. The log entries are also available in the RAC log. To view the other available entries, click Go to Profile Log.
• If an assigned profile is on the Network Share which is not accessible when a server is inserted in the slot, the LCD displays a message that the assigned profile is not available for Slot . • The Network Share option is enabled and the details are displayed in the Stored Profiles section only if the network share is mounted and is accessible. If the Network Share is not connected, configure the Network Share for the chassis. To configure the Network Share, click Edit in the Stored Profiles section.
The number of templates created are based on the number of profiles you specify. CMC communicates with the Lifecycle Controller to get the available server profile settings and store them as a named profile. The format for the name file is — __. For example: FC630_01_0E0000000000. A progress indicator indicates that the save operation is in progress. After the action is complete, Operation Successful message is displayed.
Importing Boot Identity Profiles You can import boot identity profiles that are stored on the management station to the network share. To import a stored profile on to the network share from the management station, perform the following tasks: 1. Go to the Server Profiles page. In the Boot Identity Profiles > Stored Profiles section, click Import Profile. The Import Profile section is displayed. 2. Click Browse to access the profile from the required location and then click Import Profile.
4. Click Create MAC Pool to create the MAC address pool. After the MAC address database is created in the network share, the Manage Virtual MAC Address Pool displays the list and status of the MAC addresses that are stored in the network share. This section now enables you to add or remove MAC addresses from the MAC Address Pool. Adding MAC Addresses You can add a range of MAC addresses to the network share by using the Add MAC Addresses option available in the CMC web interface.
• • A CMC user who does NOT have the server administrative privilege, but has the same account on iDRAC is automatically logged in to iDRAC using single sign-on. Once on the iDRAC site, this user is granted the privileges that were created for the iDRAC account. A CMC user who does not have the server administrative privilege, or the same account on the iDRAC, is not automatically logged in to iDRAC using single sign-on. This user is directed to the iDRAC login page when the Launch iDRAC GUI is clicked.
Launching Remote Console from Chassis Health Page To launch a remote console from the CMC Web interface, do any of the following: 1. In the system tree, go to Chassis Overview, and then click Properties > Health. The Chassis Health page is displayed. 2. Click on the specified server in the chassis graphic. 3. In the Quicklinks section, click the Launch Remote Console link to launch the remote console. Launching Remote Console from Server Status Page To launch a remote console for an individual server: 1.
8 Configuring CMC To Send Alerts You can set alerts and actions for certain events that occur on the managed system. An event occurs when the status of a system component is greater than the pre-defined condition. If an event matches an event filter and you have configured this filter to generate an alert (email alert or SNMP trap), then an alert is sent to one or more configured destinations. To configure CMC to send alerts: 1. 2. 3. 4. Enable the global chassis event alerts.
Related concepts Configuring SNMP Trap Alert Destinations Configuring Email Alert Settings Configuring SNMP Trap Alert Destinations You can configure the IPv6 or IPv4 addresses to receive the SNMP traps. Configuring SNMP Trap Alert Destinations Using CMC Web Interface To configure IPv4 or IPv6 alert destination settings using CMC Web interface: 1. In the system tree, go to Chassis Overview, and then click Alerts > Trap Settings. The Chassis Event Alert Destinations page is displayed. 2.
Table 20.
NOTE: The commands in steps 2–6 overwrites any existing settings configured for the index specified (1–4). To determine whether an index has previously configured values, type: racadm getconfig -g cfgTraps -i . If the index is configured, values appear for the cfgTrapsAlertDestIPAddr and cfgTrapsCommunityName objects. 7. To test an event trap for an alert destination, type: racadm testtrap -i where is a value 1–4 representing the alert destination you want to test.
4. Enable email alert generation: racadm config -g cfgEmailAlert -o cfgEmailAlertEnable 1 -i where is a value between 1–4. CMC uses the index number to distinguish up to four configurable destination email addresses. 5. Specify a destination email address to receive the email alerts: racadm config -g cfgEmailAlert -o cfgEmailAlertAddress -i where is a valid email address, and is the index value you specified in step 4. 6.
9 Configuring User Accounts and Privileges You can setup user accounts with specific privileges (role-based authority) to manage your system with CMC and maintain system security. By default CMC is configured with a local administrator account. This default user name is root and the password is calvin. As an administrator, you can setup user accounts to allow other users to access CMC.
Privilege Description • • • Is assigned specifically to the chassis, such as IP mode (static or DHCP), static IP address, static gateway, and static subnet mask. Provides services to the chassis, such as date and time, firmware update, and CMC reset. Is associated with the chassis, such as slot name and slot priority. Although these properties apply to the servers, they are strictly chassis properties relating to the slots rather than the servers themselves.
Privilege Description • • Set iDRAC root password iDRAC reset Server Control Administrator: • • • • • Power on Power off Power cycle Graceful shutdown Server Reboot Test Alert User User can send test alert messages. Debug Command Administrator User can execute system diagnostic commands. Fabric A Administrator User can set and configure the Fabric A IOM, which resides in either slot A1 or slot A2 of the I/O slots.
User Group Privileges Granted • • • None Fabric A Administrator Fabric B Administrator Fabric C Administrator No assigned permissions Table 23.
NOTE: You must have Configure Users permission to create a CMC user. 1. In the system tree, go to Chassis Overview, and then click User Authentication > Local Users. The Users page is displayed. 2. In the User ID column, click a user ID number. NOTE: User ID 1 is the root user account that is shipped by default with CMC. This cannot be changed. The User Configuration page is displayed. 3. Enable the user ID and specify the user name, password, and access privileges for the user.
-i 2 123456 racadm config -g cfgUserAdmin -i 2 -o cfgUserAdminPrivilege 0x00000001 racadm config -g cfgUserAdmin -i 2 -o cfgUserAdminEnable 1 NOTE: See the Chassis Management Controller for Dell PowerEdge M1000e RACADM Command Line Reference Guide for a list of valid bit mask values for specific user privileges. The default privilege value is 0, which indicates the user has no privileges enabled.
• • Standard schema solution that uses Microsoft’s default Active Directory group objects only. Extended schema solution that has customized Active Directory objects provided by Dell. All the access control objects are maintained in Active Directory. It provides maximum flexibility to configure user access on different CMCs with varying privilege levels.
Role Group Default Privilege Level Permissions Granted • • • Bit Mask Fabric A Administrator Fabric B Administrator Fabric C Administrator 3 None CMC Login User 0x00000001 4 None No assigned permissions 0x00000000 5 None No assigned permissions 0x00000000 NOTE: The Bit Mask values are used only when setting Standard Schema with the RACADM. NOTE: For more information about user privileges, see Types of Users.
12. Select Chassis in the system tree, and navigate to the Network tab. The Network Configuration page appears. 13. Under Network Settings, if Use DHCP (for CMC Network Interface IP Address) is selected, select Use DHCP to obtain DNS server address. To manually enter a DNS server IP address, clear Use DHCP to obtain DNS server addresses and type the primary and alternate DNS server IP addresses. 14. Click Apply Changes. The CMC Standard Schema Active Directory feature configuration is complete.
Each attribute or class that is added to an existing Active Directory Schema must be defined with a unique ID. To maintain unique IDs across the industry, Microsoft maintains a database of Active Directory Object Identifiers (OIDs) so that when companies add extensions to the schema, they can be guaranteed to be unique and not to conflict with each other.
When adding Universal Groups from separate domains, create an Association Object with Universal Scope. The Default Association objects created by the Dell Schema Extender Utility are Domain Local Groups and does not work with Universal Groups from other domains. Figure 9. Setting Up Active Directory Objects in a Single Domain To configure the objects for the single domain scenario: 1. 2. 3. 4. 5. 6. Create two Association Objects. Create two RAC Device Objects, RAC1 and RAC2, to represent the two CMCs.
3. 4. 5. 6. 7. Create two RAC Device Objects, RAC1 and RAC2, to represent the two CMCs. Create two Privilege Objects, Priv1 and Priv2, in which Priv1 has all privileges (administrator) and Priv2 has login privilege. Group user1 and user2 into Group1. The group scope of Group1 must be Universal. Add Group1 as Members in Association Object 1 (A01), Priv1 as Privilege Objects in A01, and RAC1, RAC2 as RAC Devices in A01.
The schema is extended. To verify the schema extension, use the MMC and the Active Directory Schema Snap-in to verify that the classes and attributes exist. For more information on classes and attributes, see Classes and Attributes. See the Microsoft documentation for details about using the MMC and the Active Directory Schema Snap-in. Classes and Attributes Table 25.
OID 1.2.840.113556.1.8000.1280.1.1.1.3 dellIsTestAlertUser dellIsDebugCommandAdmin dellPermissionMask1 dellPermissionMask2 Table 29. : dellPrivileges Class OID 1.2.840.113556.1.8000.1280.1.1.1.4 Description Used as a container Class for the Dell Privileges (Authorization Rights). Class Type Structural Class SuperClasses User Attributes dellRAC4Privileges Table 30. : dellProduct Class OID 1.2.840.113556.1.8000.1280.1.1.1.5 Description The main class from which all Dell products are derived.
Assigned OID/Syntax Object Identifier Single Valued Boolean (LDAPTYPE_BOOLEAN 1.3.6.1.4.1.1466.115.121.1.7) Attribute: delIsLogClearAdmin TRUE Description: TRUE if the user has Clear Logs Administrator rights on the device. OID: 1.2.840.113556.1.8000.1280.1.1.2.6 Boolean (LDAPTYPE_BOOLEAN 1.3.6.1.4.1.1466.115.121.1.7) Attribute: dellIsServerResetUser TRUE Description: TRUE if the user has Server Reset rights on the device. OID: 1.2.840.113556.1.8000.1280.1.1.2.7 Boolean (LDAPTYPE_BOOLEAN 1.3.6.1.4.1.
When you install your systems management software using the Dell Systems Management Tools and Documentation DVD, you can extend the Snap-in by selecting the Active Directory Users and Computers Snap-in option during the installation procedure. See the Dell OpenManage Software Quick Installation Guide for additional instructions about installing systems management software. For 64-bit Windows Operating Systems, the Snap-in installer is located under::\SYSMGMT\ManagementStation\support \OMActiveDire
This New Object window is displayed. 3. Enter a name for the new object and select Association Object. 4. Select the scope for the Association Object and click OK. Adding Objects to Association Object Using the Association Object Properties window, you can associate users or user groups, privilege objects, and RAC devices or RAC device groups. If your system is running on Microsoft Windows 2000 mode or higher, use Universal Groups to span domains with your user or RAC objects.
NOTE: You can specify a list of domain controller or global catalog servers separated by commas. CMC allows you to specify up to three IP addresses or host names. NOTE: Domain controller and global catalog servers that are not correctly configured for all domains and applications may produce unexpected results during the functioning of the existing applications/domains. 4. Click Apply to save the settings. NOTE: You must apply the settings before continuing.
NOTE: When you use the Specify Server option, the host name in the certificate authority-signed certificate is not matched against the name of the specified server. This is particularly useful if you are a CMC administrator, because it enables you to enter a host name as well as an IP address. After you enable the Specify Server option, you can specify an LDAP server and global catalog with IP addresses or fully qualified domain names (FQDNs) of the servers.
Figure 11. Configuration of CMC with Generic LDAP Configuring the Generic LDAP Directory to Access CMC The CMC's Generic LDAP implementation uses two phases in granting access to a user—user authentication and then user authorization. Authentication of LDAP Users Some directory servers require a bind before any searches can be performed against a specific LDAP server. To authenticate a user: 1. Optionally bind to the Directory Service. The default is an anonymous bind.
NOTE: For information about the various fields, see the CMC Online Help. • • Common Settings Server to use with LDAP: • • Static server — Specify the FQDN or IP address and the LDAP port number. DNS server — Specify the DNS server to retrieve a list of LDAP servers by searching for their SRV record within the DNS. The following DNS query is performed for SRV records: _[Service Name]._tcp.
For more information about the RACADM objects, see the Chassis Management Controller for Dell PowerEdge M1000e RACADM Command Line Reference Guide available at dell.com/support/manuals.
10 Configuring CMC For Single Sign-On Or Smart Card Login This section provides information to configure CMC for Smart Card login and Single Sign-On (SSO) login for Active Directory users. Starting with CMC version 2.10, CMC supports Kerberos based Active Directory authentication to support Smart Card and SSO logins. SSO uses kerberos as an authentication method allowing users who have signed in to the domain to have an automatic or single sign-on to subsequent applications such as Exchange.
• For Single Sign-On or smart card login, the client system must be a part of the Active Directory domain and Kerberos Realm. CMC • • • CMC must have firmware version 2.10 or later. Each CMC must have an Active Directory account. CMC must be a part of the Active Directory domain and Kerberos Realm.
Configuring CMC For Active Directory Schema For information to configure CMC for Active Directory standard schema, see Configuring Standard Schema Active Directory. For information to configure CMC for Extended Schema Active Directory, see Extended Schema Active Directory Overview. Configuring Browser For SSO Login Single Sign-On (SSO) is supported on Internet Explorer versions 6.0 and later and Firefox versions 3.0 and later.
NOTE: For information about the options, see the CMC Online Help. 1. While configuring Active Directory to setup a user account, perform the following additional steps: • • • Upload the keytab file. To enable SSO, select Enable Single Sign-On option. To enable smart card login, select Enable Smart-Card Login option. NOTE: All command line out-of-band interfaces including secure shell (SSH), Telnet, Serial, and remote RACADM remain unchanged if this option is selected. 2. Click Apply.
11 Configuring CMC to Use Command Line Consoles This section provides information about the CMC command line console (or serial/Telnet/Secure Shell console) features, and explains how to set up the system so that you can perform systems management actions through the console. For information on using the RACADM commands in CMC through the command line console, see Chassis Management Controller for Dell PowerEdge M1000e RACADM Command Line Reference Guide.
Using Telnet Console With CMC You can have up to four Telnet sessions with CMC at a time. If your management station is running Microsoft Windows XP or Windows 2003, you may experience an issue with the characters in a CMC Telnet session. This issue may occur as a frozen login where the return key does not respond and the password prompt does not appear. To fix this issue, download hotfix 824810 from support.microsoft.com. You can also see the Microsoft Knowledge Base article 824810 for more information.
Scheme Type Scheme Message Integrity • • • • Authentication Password HMAC-SHA1-160 HMAC-SHA1-96 HMAC-MD5-128 HMAC-MD5-96 Configure Public Key Authentication over SSH You can configure up to 6 public keys that can be used with the service username over SSH interface. Before adding or deleting public keys, be sure to use the view command to see what keys are already set up so that a key is not accidentally overwritten or deleted.
• CMC accepts RSA keys up to key strength 4096, but the recommended key strength is 1024. 3. Click Generate, and move the mouse in the window as directed. After the key is created, you can modify the key comment field. You can also enter a passphrase to make the key secure. Ensure that you save the private key. 4. You have two options for using the public key: • • Save the public key to a file to upload later.
To delete all public keys type: racadm sshpkauth –i svcacct –k all –d Enabling Front Panel to iKVM Connection For information and instructions on using the iKVM front panel ports, see Enabling or Disabling Access to iKVM from Front Panel Configuring Terminal Emulation Software The CMC supports a serial text console from a management station running one of the following types of terminal emulation software: • • Linux Minicom. Hilgraeve’s HyperTerminal Private Edition (version 6.3).
Setting Description Required Setting Hardware flow control Yes Software flow control No Terminal emulation ANSI Modem dialing and parameter settings Clear the init, reset, connect, and hangup settings so that they are blank. Connecting to Servers or Input Output Modules Using Connect Command CMC can establish a connection to redirect the serial console of server or I/O modules. For servers, serial console redirection can be accomplished using: • racadm connect command.
The connect server-n command enables the user to access the server's serial port. After this connection is established, the user can view the server's console redirection through CMC's serial port that includes both the BIOS serial console and the operating system serial console. NOTE: To view the BIOS boot screens, serial redirection has to be enabled in the servers’ BIOS Setup. Also, you must set the terminal emulator window to 80x25. Otherwise, the screen is garbled.
1. Locate the general setting sections in the file and add the following two new lines: serial --unit=1 --speed=57600 terminal --timeout=10 serial 2. Append two options to the kernel line: kernel console=ttyS1,57600 3. If the /etc/grub.conf contains a splashimage directive, comment it out. The following example shows the changes described in this procedure. # grub.
# should set up the system in a certain # run-level. # # Author: Miquel van Smoorenburg # Modified for RHS Linux by Marc Ewing and # Donnie Barnes # # Default runlevel. The runlevels used by RHS are: # 0 - halt (Do NOT set initdefault to this) # 1 - Single user mode # 2 - Multiuser, without NFS (The same as 3, if you # do not have networking) # 3 - Full multiuser mode # 4 - unused # 5 - X11 # 6 - reboot (Do NOT set initdefault to this) # id:3:initdefault: # System initialization. si::sysinit:/etc/rc.d/rc.
vc/8 vc/9 vc/10 vc/11 tty1 tty2 tty3 tty4 tty5 tty6 tty7 tty8 tty9 tty10 tty11 ttyS1 Configuring CMC to Use Command Line Consoles 155
12 Using FlexAddress and FlexAdress Plus Cards This section provides information about FlexAddress and FlexAddress Plus cards, how to configure and use these cards.
where 208 is the mac_count and the formula is: + - 1 = For example: (starting_mac)00188BFFDCFA + (mac_count)0xCF - 1 = (ending_mac)00188BFFDDC8 NOTE: Lock the SD card prior to inserting in the USB Memory Card Reader to prevent accidently modifying any of the contents. You must unlock the SD card before inserting into CMC. About FlexAddress Plus The FlexAddress Plus is a new feature added to the feature card version 2.0.
Table 37. Minimum software versions for activating FlexAddress Component Minimum Required Version Ethernet Mezzanine card — Broadcom M5708t, 5709, 5710 • • • FC Mezzanine card — QLogic QME2472, FC8 BIOS 2.04 or later FC Mezzanine card — Emulex LPe1105-M4, FC8 BIOS 3.03a3 and firmware 2.72A2 or later Server Module BIOS • • • • • • • PowerEdge M600 — BIOS 2.02 or later PowerEdge M605 — BIOS 2.
Some servers, such as the PowerEdge M710HD, may require more MAC addresses than FA can provide to CMC, depending on how they are configured. For these servers, upgrading to FA+ enables full optimization of the WWN/MACs configuration. Contact Dell to obtain support for the FlexAddress Plus feature. To activate the FlexAddress Plus feature, the following software updates are required: server BIOS, server iDRAC, and CMC firmware. If these updates are not applied, only FlexAddress feature is available.
NOTE: The SD card must be physically installed in CMC, and the chassis must be powered-down before executing the deactivation command. If you execute the deactivation command with no card installed, or with a card from a different chassis installed, the feature is deactivated and no change is made to the card.
Configuring FlexAddress for Chassis-Level Fabric and Slots At the chassis level, you can enable or disable the FlexAddress feature for fabrics and slots. FlexAddress is enabled on a per-fabric basis and then slots are selected for participation in the feature. Both fabrics and slots must be enabled to successfully configure FlexAddress.
The Server Status page displays. 3. Click the Setup tab, and the FlexAddress subtab. The FlexAddress page is displayed. 4. From the FlexAddress Enabled drop-down menu, select Yes to enable FlexAddress or select No to disable FlexAddress. 5. Click Apply to save the changes. For more information, see the CMC Online Help.
In both the Basic mode and the Advanced mode, the WWN/MAC Addresses information is displayed in a collapsed form. Click the against a slot or click Expand/Collapse All to view the information for a specific slot or all the slots. You can also export the WWN/MAC Addresses information for all the servers in the chassis to a local folder. For information about the fields, see the Online Help.
7. From the Protocol drop-down menu, select All Protocols or one of the listed network protocols to view all the MACs or the MACs associated with the selected protocol. 8. In the WWN/MAC Addresses field, enter the MAC address to view only the slots associated with the specific MAC address. Alternately, partially enter the MAC address entries to view the associated slots. For example, enter 4A to view the slots with MAC addresses that contain 4A. 9.
To display the Ethernet and iSCSI MAC/WWN addresses for all iDRAC/LOMs/mezzanine cards, use the following RACADM command: racadm getmacaddress -a For more information on the getflexaddr and getmacaddress subcommand, see the Chassis Management Controller for PowerEdge M1000e RACADM Command Line Reference Guide.
Situation Command Output FlexAddress: The feature card is bound to this chassis SD card in the active CMC module that is not bound to any service tag. $racadm featurecard -s The feature card inserted is valid and contains the following feature(s) FlexAddress: The feature card is not bound to any chassis FlexAddress feature not active on the chassis for any reason (No SD card inserted/ corrupt SD card/ after feature deactivated /SD card bound to a different chassis).
contains compact discs, 3.5" and/or 5.25" disks, you may use only the disks appropriate for your computer. You may not use the disks on another computer or network, or loan, rent, lease, or transfer them to another user except as permitted by this agreement. LIMITED WARRANTY Dell warrants that the Software disks is free from defects in materials and workmanship under normal use for ninety (90) days from the date you receive them. This warranty is limited to you and is not transferable.
13 Managing Input Output Fabric The chassis can have up to six I/O modules (IOMs), where each IOM is a pass-through or switch module. The IOMs are classified into three groups—A, B, and C. Each group has two slots—Slot 1 and Slot 2. The slots are designated with letters, from left to right, across the back of the chassis: A1 | B1 | C1 | C2 | B2 | A2. Each server has slots for two mezzanine cards (MCs) to connect to the IOMs. The MC and the corresponding IOM must have the same fabric.
Fabric Management Overview Fabric management helps avoid electrical, configuration, or connectivity-related problems due to installation of an IOM or MC that has an incompatible fabric type from the chassis' established fabric type. Invalid hardware configurations can cause electric or functional problems to the chassis or its components. Fabric management prevents invalid configurations from powering on. The following figure shows the location of IOMs in the chassis.
Fabric verification for server IOMs and MCs is performed only when the chassis is powered on. When the chassis is on standby power, the iDRACs on the server modules remain powered off and thus are unable to report the MC fabric type of the server. The MC fabric type may not be reported in the CMC user interface until the iDRAC on the server is powered on. Also, if the chassis is powered on, fabric verification is performed when a server or IOM is inserted (optional).
Viewing Input Output Module FCoE Session Information Using Web Interface You can view the FCoE session information for Dell PowerEdge M I/O Aggregator using the CMC Web interface: 1. In the system trees, go to Chassis Overview and expand I/O Module Overview. All the IOMs (1–6) appear in the expanded list. 2. Click the IOM (slot) you want to view and click Properties > FCoE. The FCoE I/O Module page specific to the IOM slot is displayed. 3.
Configuring Network Settings for IOMs Using CMC Web Interface NOTE: This feature is supported on PowerEdge M I/O Aggregator IOM only. Other IOMs including MXL 10/40GbE are not supported. To configure the network settings for IOM(s) using the CMC web interface: 1. In the system tree, go to I/O Module Overview and click Setup or expand I/O Module Overview, select the IOM, and click Setup. The Deploy I/O Modules page displays the IOMs that are powered on. 2.
Monitoring IOM Health Configuring Network Settings for IOMs Managing VLAN for IOM Managing Power Control Operation for IOMs Enabling or Disabling LED Blinking for IOMs Updating IOM Software Using CMC Web Interface You can update the IOM software by selecting the required software image from a specified location. You can also rollback to an earlier software version. NOTE: This feature is supported on PowerEdge M I/O Aggregator IOM only. Other IOMs including MXL 10/40GbE are not supported.
Launching IOA GUI from the I/O Module Overview page In the directory tree, go to I/O Module Overview. On the I/O Module Status page, click Launch I/O Module GUI. The IOA login page is displayed. Launching IOA GUI from the I/O Module Status page In the directory tree, under the I/O Module Overview, click an I/O Aggregator. On the I/O Module Status page, click Launch I/O Module GUI.
Related tasks Configuring VLAN settings on IOMs Using CMC Web Interface Viewing the VLAN settings on IOMs Using CMC Web Interface Viewing the Current VLAN Settings on IOMs Using CMC Web Interface Adding Tagged VLANs for IOMs Using CMC Web Interface Removing VLANs for IOMs Using CMC Web Interface Updating Untagged VLANs for IOMs Using CMC Web Interface Resetting VLANs for IOMs Using CMC Web Interface Configuring Management VLAN on IOMs Using Web Interface You can manage the IO Aggregator in-band through a V
Configuring VLAN settings on IOMs Using CMC Web Interface NOTE: You can configure VLAN settings only on PowerEdge M I/O Aggregator IOM. Other IOMs including MXL 10/40GbE are not supported. To configure the VLAN settings on IOM(s) using the CMC Web interface: 1. In the system tree, go to I/O Module Overview and click Setup > VLAN Manager. The VLAN Manager page displays the IOM(s) that are turned on and the available ports. 2.
Adding Tagged VLANs for IOMs Using CMC Web Interface To add tagged VLANs for IOM(s) using the CMC Web interface: 1. In the system tree, go to I/O Module Overview and click Setup > VLAN Manager. The VLAN Manager page is displayed. 2. In the Step 1: Select I/O Module section, select the required IOMs. 3. In the Step 2: Specify Port Range section, select the range of fabric ports to be assigned to the selected IOM(s). For information about the fields, see CMC Online Help. 4.
Resetting VLANs for IOMs Using CMC Web Interface To reset VLANs for IOM(s) to default configurations using the CMC web interface: 1. In the system tree, go to I/O Module Overview and click Setup > VLAN Manager. The VLAN Manager page is displayed. 2. In the Step 1: Select I/O Module section, select the required IOMs. 3. In the Step 3: Edit VLANs section, select Reset VLANs in the drop down list and click Apply.
14 Configuring and Using iKVM The local access KVM module for the Dell M1000e server chassis is called the Avocent Integrated KVM Switch Module, or iKVM. The iKVM is an analog keyboard, video, and mouse switch that plugs into the chassis. It is an optional, hot-pluggable module to the chassis that provides local keyboard, mouse, and video access to the servers in the chassis, and to the active CMC’s command line.
Physical Connection Interfaces You can connect to a server or the CMC CLI console through the iKVM from the chassis front panel, an Analog Console Interface (ACI), and the chassis rear panel. NOTE: The ports on the control panel on the front of the chassis are designed specifically for the iKVM, which is optional. If you do not have the iKVM module, you cannot use the front control panel ports. iKVM Connection Precedences Only one iKVM connection is available at a time.
Related concepts Setting Console Security Navigation Basics Navigation Basics Table 41. : OSCAR Keyboard and Mouse Navigation Key or Key Sequence Result • Any of these key sequences opens OSCAR depending on the Invoke OSCAR settings. You can enable two, three, or all of these key sequences by selecting boxes in the Invoke OSCAR section of the Main dialog box, and then clicking OK.
Table 42. Setup dialog box — features Feature Purpose Menu Changes the server listing between numerically by slot or alphabetically by name. Security • • Flag Changes display, timing, color, or location of the status flag. Language Changes the language for all OSCAR screens. Broadcast Sets up to simultaneously control multiple servers through keyboard and mouse actions. Scan Sets up a custom scan pattern for up to 16 servers. Sets a password to restrict access to servers.
Table 43. Flag display Flag Description Flag type by name. Flag indicating that the user is disconnected from all systems. Flag indicating that Broadcast mode is enabled. To set the display of the status flag: 1. Press to launch OSCAR. The Main dialog box appears. 2. Click Setup and then Flag. The Flag dialog box appears. 3. Select Displayed to always display the flag or Displayed and Timed to display the flag for only five seconds after switching.
Viewing and Selecting Servers When you launch OSCAR, the Main dialog box appears. Use the Main dialog box to view, configure, and manage servers through the iKVM. You can view the servers by name or by slot. The slot number is the chassis slot number the server occupies. The Slot column indicates the slot number in which a server is installed. NOTE: The Dell CMC command line occupies Slot 17.
Related tasks Configuring Soft Switching Soft Switching to a Server Configuring Soft Switching To configure OSCAR for soft switching: 1. Press to launch the OSCAR interface. The Main dialog box appears. 2. Click Setup and then Menu. The Menu dialog box appears. 3. Select Name or Slot for the Display/Sort Key. 4. Type the desired delay time in seconds in the Screen Delay Time field. 5. Click OK.
Setting Console Security OSCAR enables you to configure security settings on the iKVM console. You can setup a screen saver mode that engages after the console remains unused for a specified delay time. Once engaged, the console remains locked until you press any key or move the mouse. Enter the screen saver password to continue. Use the Security dialog box to lock the console with a password, set or change the password, or enable the screen saver.
Setting Automatic Logout You can set OSCAR to automatically log out of a server after a period of inactivity. 1. In the Main dialog box, click Setup and then Security. 2. In the Inactivity Time field, enter the length of time you want to stay connected to a server before it automatically disconnects you. 3. Click OK. Removing Password Protection From the Console To remove password protection from your console: 1. In the Main dialog box, click Setup and then Security. 2.
Changing the Language Use the Language dialog box to change the OSCAR text to display in any of the supported languages. The text immediately changes to the selected language on all of the OSCAR screens. To change the OSCAR language: 1. Press . The Main dialog box appears. 2. Click Setup and then Language. The Language dialog box appears. 3. Select the required language and click OK.
• • Double-click the server name or slot. Click Clear to remove all servers from the Scan list. 2. Click Add/Remove, and then click OK. Starting the Scan Mode To start the scan mode: 1. Press . The Main dialog box is displayed. 2. Click Commands. The Command dialog box is displayed. 3. Select the Scan Enable option. 4. Click OK. A message is displayed indicating that the mouse and keyboard have been reset. 5. Click to close the message box. Cancelling Scan Mode To cancel the scan mode: 1.
The Commands dialog box is displayed. 7. Click the Broadcast Enable box to activate broadcasting. The Broadcast Warning dialog box is displayed. 8. Click OK to enable the broadcast. To cancel and return to the Commands dialog box, click or press 9. If broadcasting is enabled, type the information and/or perform the mouse movements you want to broadcast from the management station. Only servers in the list are accessible.
Enabling Access to iKVM from the Dell CMC Console To enable access to the CMC CLI from iKVM using the CMC Web interface, in the system tree, go to Chassis Overview > iKVM and click Setup tab. Select the Allow access to CMC CLI from iKVM option, and click Apply to save the setting.
15 Managing and Monitoring Power The Dell PowerEdge M1000e server enclosure is the most power-efficient modular server enclosure. It is designed to include highlyefficient power supplies and fans, has an optimized layout for the air to flow more easily through the system, and contains poweroptimized components throughout the enclosure.
• • • • • • • Power Budgeting For Hardware Modules Server Slot Power Priority Settings Viewing Power Consumption Status Viewing Power Budget Status Redundancy Status and Overall Power Health Configuring power budget and redundancy Executing Power Control Operations Redundancy Policies Redundancy policy is a configurable set of properties that determine how CMC manages power to the chassis.
Power Supply Redundancy Policy The power supply redundancy policy is useful when redundant power grids are not available, but you may want to be protected against a single PSU failure bringing down your servers in a modular enclosure. The highest capacity PSU is kept in online reserve for this purpose. This forms a Power Supply redundancy pool. The figure below illustrates power supply redundancy mode.
Extended Power Performance Extended Power Performance (EPP) mode enables allocation of 30% additional power in a configuration of six Power Supply Units (PSUs), to the M1000e chassis, than the redundant power in a Grid Redundancy configuration using 3000 W AC PSUs. However, the power allocated to servers is automatically reduced in the event of an AC grid failure or a PSU failure, so that the servers are not powered off.
• • • Enables delivery of the total power allocation of the chassis through fewer PSUs. Increases the efficiency of the online PSUs as they run at higher utilization. Improves the efficiency and durability of the standby PSUs. To operate remaining PSUs at their maximum efficiency: • • • • No Redundancy mode with DPSE is highly power efficient, with optimal PSUs online. PSUs that are not needed are placed in standby mode. PSU Redundancy mode with DPSE also provides power efficiency.
CAUTION: In Grid redundancy mode, you must have balanced sets of PSUs (at least one PSU in each grid). If this condition is not met, Grid redundancy may not be possible. Power Supply Redundancy When power supply redundancy is enabled, a PSU in the chassis is kept as a spare, ensuring that the failure of any one PSU does not cause the servers or chassis to power-down. Power Supply Redundancy mode requires up to four PSUs.
power requirements, the iDRAC power envelope may change over time. iDRAC requests a power step-up only if the servers are fully consuming the allocated power. Under heavy load the performance of the server’s processors may be degraded to ensure power consumption stays lower than the userconfigured System Input Power Cap.
Assigning Priority Levels to Servers Using CMC Web Interface To assign priority levels using the CMC Web interface: 1. In the system tree go to Server Overview, and then click Power > Priority. The Server Priority page lists all the servers in the chassis. 2. Select a priority level (1–9, where 1 is the highest priority) for one, multiple, or all servers. The default value is 1. You can assign the same priority level to multiple servers. 3. Click Apply to save your changes.
Viewing Power Budget Status Using RACADM Open a serial/Telnet/SSH text console to CMC, log in, and type: racadm getpbinfo For more information about getpbinfo, including output details, see the getpbinfo command section in the Chassis Management Controller for Dell PowerEdge M1000e RACADM Command Line Reference Guide. Redundancy Status and Overall Power Health The redundancy status is a factor in determining the overall power health.
New Server Engagement Policy If a new server that is turned on exceeds the power available for the chassis, CMC may decrease the power to the low-priority servers. This allows more power for the new server. This happens if: • • The administrator had configured a power limit for the chassis that is below the power required for full power allocation to the servers. Insufficient power is available for the worst-case power requirement of all servers in the chassis.
Table 48. SEL Events for Power Supply Changes Power Supply Event System Event Log (SEL) Entry Insertion Power supply is present. Removal Power supply is absent. Grid or Power Supply Redundancy lost Power supply redundancy is lost. Grid or Power Supply Redundancy regained The power supplies are redundant. Input power received The input power for power supply has been restored. Input power lost The input power for power supply has been lost.
• • • • • • • • • • • • System Input Power Cap Redundancy Policy Extended Power Performance Server Performance Over Power Redundancy Dynamic Power Supply Engagement Disable Chassis Power Button Allow 110 VAC Operation Max Power Conservation Mode Remote Power Logging Remote Power Logging Interval Server Based Power Management Disable AC Power Recovery Related concepts Power Conservation and Power Budget Maximum Power Conservation Mode Server Power Reduction to Maintain Power Budget 110V PSUs AC Operation S
Server Power Reduction to Maintain Power Budget CMC reduces power allocations of lower priority servers when additional power is needed to maintain the system power consumption within the user-configured System Input Power Cap. For example, Managing and Monitoring Power 297 when a new server is engaged, CMC may decrease power to low priority servers to allow more power for the new server.
• • Dynamic Power Supply Engagement Server Power of 11th generation and earlier servers Dell OpenManage Power Center then manages prioritization and power of supported M1000e servers and later blade servers in the chassis from the budget available after allocation of power to chassis infrastructure and prior generation blade servers. Remote power logging is unaffected by external power management.
For example, the following command enables Grid Redundancy mode: racadm config -g cfgChassisPower -o cfgChassisRedundancyPolicy 1 • To enable or disable Extended Power Performance mode, type: racadm config -g cfgChassisPower -o cfgChassisEPPEnable • where is 0 (disable), 1 (enable).
• The power remote logging feature is dependent on remote syslog hosts having been previously configured. Logging to one or more remote syslog hosts must be enabled, otherwise power consumption is logged. This can be done either through the Web interface or the RACADM CLI. For more information, see the remote syslog configuration instructions in the Chassis Management Controller for Dell PowerEdge M1000e RACADM Command Line Reference Guide at dell.com/support/manuals.
AC Power Recovery If the AC power supply of a system is disrupted, the chassis is restored to the previous power state before the AC power loss. The restoration to the previous power state is the default behavior.
Executing Power Control Operations on a Server Using RACADM To execute power control operations on a server using RACADM, open a serial/Telnet/SSH text console to CMC, log in, and type: racadm serveraction -m where specifies the server by its slot number (server-1 through server-16) in the chassis, and is the operation you want to execute: powerup, powerdown, powercycle, graceshutdown, or hardreset.
16 Troubleshooting and Recovery This section explains how to perform tasks related to recovering and troubleshooting problems on the remote system using the CMC Web interface. • • • • • • • • • • • • • Viewing chassis information. Viewing the event logs. Gathering configuration information, error status, and error logs. Using the Diagnostic Console. Managing power on a remote system. Managing Lifecycle Controller jobs on a remote system. Resetting components.
• • Remote RACADM Telnet RACADM Racdump includes the following subsystems and aggregates the following RACADM commands. For more information on racdump, see the Chassis Management Controller for Dell PowerEdge M1000e RACADM Command Line Reference Guide. Table 50.
• • Resolution B: Ensure that all power supplies are properly connected to the two AC grids. Power supplies in side 1 need to be connected to one AC grid, those in side 2 need to be connected to the other AC grid, and both AC grids must be working. Grid Redundancy is lost when one of the AC grids is not functioning. Problem: The PSU state is displayed as Failed (No AC), even when an AC cable is connected and the power distribution unit is producing good AC output.
Viewing Event Logs You can view hardware and CMC logs for information on system-critical events that occur on the managed system. Related concepts Viewing Hardware Log Viewing CMC Log and Enhanced Chassis Log Viewing Hardware Log CMC generates a hardware log of events that occur on the chassis. You can view the hardware log using the Web interface and remote RACADM. NOTE: To clear the hardware log, you must have Clear Logs Administrator privilege.
Viewing CMC Log and Enhanced Chassis Log CMC generates a log of the chassis-related events and enhanced logging of the chassis when the Enable Enhanced Logging and Events option is enabled. To view enhanced logging of the chassis in the Chassis Log page, select the Enable Enhanced Logging and Events option in the General Settings page. To enable or disable the feature using RACADM, use the cfgRacTuneEnhancedLog object.
1. In the system tree, go to Chassis Overview and click Troubleshooting > Diagnostics. The Diagnostic Console page is displayed. 2. In the Command text box, enter a command and click Submit. For information about the commands, see the CMC Online Help. A diagnostic results page is displayed. Resetting Components You can reset the active CMC, reset iDRAC without rebooting the operating system, or to virtually reseat servers causing them to behave as if they were removed and reinserted.
• • • • Problem with the NTP Server 1, NTP Server 2, and NTP Server 3 settings. Invalid host name or IP address may have been accidentally entered. Network connectivity problem that prevents CMC from communicating with any of the configured NTP servers. DNS problem, preventing any of the NTP server host names from being resolved. To troubleshoot NTP related problems, check the CMC Trace Log. This log contains error messages for NTP related failures.
Table 51.
Component Fan PSU LED Color, Blinking Pattern Status Blue, dark No fault Green, glowing steadily Fan working Green, blinking Not used Green, dark Powered off Amber, glowing steadily Fan type not recognized, update CMC firmware Amber, blinking Fan fault; tachometer out of range Amber, dark Not used (Oval) Green, glowing steadily AC OK (Oval) Green, blinking Not used (Oval) Green, dark AC Not OK Amber, glowing steadily Not used Amber, blinking Fault Amber, dark No fault (Circle)
• Configuration changes to the network interfaces. The trace log may also contain CMC firmware-specific error codes that are related to the internal CMC firmware, not the managed system’s operating system. Resetting Administrator Password CAUTION: Many repairs may only be done by a certified service technician. You should only perform troubleshooting and simple repairs as authorized in your product documentation, or as directed by the online or telephone service and support team.
Figure 18. Password Reset Jumper Location Table 52. CMC Password Jumper Settings Jumper command Jumper image PASSWORD_RSET Jumper state Jumper reset status (default) The password reset feature is disabled. The password reset feature is enabled. 3. Slide the CMC module into the enclosure. Reattach any cables that were disconnected. NOTE: Make sure that the CMC module becomes the active CMC, and remains the active CMC until the remaining steps are completed. 4.
17 Using LCD Panel Interface You can use the LCD panel on the chassis to perform configuration and diagnostics, and to obtain status information about the chassis and its contents. The following figure illustrates the LCD panel. The LCD screen displays menus, icons, pictures, and messages. Figure 19. LCD Display Table 53.
LCD Navigation The right side of the LCD panel contains five buttons: four arrow buttons (up, down, left, and right) and a center button. • • • To move between screens, use the right (next) and left (previous) arrow buttons. At any time while using the panel, you can return to a previous screen. To scroll through options on a screen, use the down and up arrow buttons. To select and save an item on a screen and move to the next screen, use the center button.
IP Summary Screen Main Menu From the Main menu, you can navigate to one of the following screens: • • • LCD Setup Menu — select the language to use and the LCD screen that displays when no one is using the LCD. Server — displays status information for servers. Enclosure — displays status information for the chassis. Use the up and down arrow buttons to highlight an item. Press the center button to activate your selection.
• • • Yellow — server has one or more non-critical errors Red — server has one or more critical errors Black — server is not present A blinking light blue rectangle around a server icon indicates that the server is highlighted. To view the Graphical Module Status screen, highlight the rotate icon, and press the center button. To view the status screen for a server, use the arrow buttons to highlight the desired server, and press the center button. The Server Status screen displays.
IP Summary Screen The IP Summary screen shows IP information for CMC and iDRAC of each installed server. Use the up and down arrow buttons to scroll through the list. Use the left and right arrow buttons to scroll selected messages that are longer than the screen. Use the up and down arrow buttons to select the Back icon and press the center button to return to the Enclosure menu. Diagnostics The LCD panel helps you to diagnose problems with any server or module in the chassis.
Component number Component name 5 screws (2) Component number Component name Table 56. LCD Hardware Troubleshooting Items Symptom Issue Recovery Action Alert screen message CMC Not Loss of communication from CMC to the Check that CMC is booting; then, reset CMC using GUI or RACADM commands. Responding and LED is blinking amber. LCD front panel. Alert screen message CMC Not LCD module communications is stuck Responding and LED is solid amber or during a CMC fail-over or reboots. is off.
Table 58. Enclosure/Chassis Status Screen Severity Message Cause Critical Fan is removed. This fan is required for proper cooling of the enclosure/ chassis. Warning Power supply redundancy is degraded. One or more PSU have failed or removed and the system can no longer support full PSU redundancy. Critical Power supply redundancy is lost. One or more PSU have failed or removed and the system is no longer redundant. Critical The power supplies are not redundant.
Table 62. PSU Status Screens Severity Message Cause Critical Power supply failed. The PSU has failed. Critical The power input for power supply is lost. Loss of AC power or AC cord unplugged. Warning Power supply is operating at 110 volts, and could cause a circuit breaker fault. Power supply is plug into a 110 volt source. Table 63. Server Status Screen Severity Message Cause Warning The system board ambient temperature is less than the lower warning threshold.
Severity Message Cause Critical The watchdog timer powered off the system. The iDRAC watchdog detected that the system has crashed (timer expired because no response was received from Host) and the action is set to power off. Critical The watchdog timer power cycled the system. The iDRAC watchdog detected that the system has crashed (timer expired because no response was received from Host) and the action is set to power cycle. Critical Log is full.
NOTE: For information on other server related LCD messages, see "Server User Guide". LCD Module and Server Status Information The tables in this section describe status items that are displayed on the front panel LCD for each type of component in the chassis. Table 64. CMC Status Item Description Example: CMC1, CMC2 Name or Location. No Errors If there are no errors then the message “No Errors” is displayed, else error messages are listed. Critical errors are listed first, followed by warnings.
Table 67. PSU Status Item Description Name/Location Example: PSU1, PSU2, and so on. Error Messages If there are no errors then the message “No Errors” is displayed, else error messages are listed. Critical errors are listed first, followed by warnings. Status Offline, Online, or Standby. Maximum Wattage Maximum Wattage that PSU can supply to the system. Table 68. IOM Status Item Description Name/ Location Example: IOM A1, IOM B1. and so on.
Item Description Model Number Displays if iDRAC finished booting. Service Tag Displays if iDRAC finished booting. BIOS Version Server BIOS firmware version. iDRAC DNS Name Displays the DNS name of the iDRAC server. Last POST Code Displays the last server BIOS POST code messages string. iDRAC Firmware Version Displays if iDRAC finished booting. NOTE: iDRAC version 1.01 is displayed as 1.1. There is no iDRAC version 1.10. IP4 Displays the current IPv4 enabled state.
18 Frequently Asked Questions This section lists the frequently asked questions for the following: • • • • • • RACADM Managing and Recovering a Remote System Active Directory FlexAddress and FlexAddressPlus iKVM IOM Topics: • • • • • • • RACADM Managing and Recovering a Remote System Active Directory FlexAddress and FlexAddressPlus iKVM IOM Single Sign On RACADM After performing a CMC reset (using the RACADM racreset subcommand), when a command is entered, the following message is displayed: racadm
To address this security concern, upload a CMC server certificate issued to the IP address of CMC. When generating the certificate signing request (CSR) to be used for issuing the certificate, ensure that the common name (CN) of the CSR matches the IP address of CMC (for example, 192.168.0.120) or the registered DNS CMC name. To ensure that the CSR matches the registered DNS CMC name: 1. In the CMC Web interface, go to the System tree, click Chassis Overview. 2.
Yes. The domain forest function level must be in Native mode or Windows 2003 mode. In addition, the groups among Association Object, RAC user objects, and RAC Device Objects (including Association Object) must be universal groups. Can these Dell-extended objects (Dell Association Object, Dell RAC Device, and Dell Privilege Object) be in different domains? The Association Object and the Privilege Object must be in the same domain.
Yes it does. Before installing the SD card into the CMC module, verify the write protection latch is in the unlock position. The FlexAddress feature cannot be activated if the SD card is write protected. In this situation, the $racadm feature -s command returns this message: No features active on the chassis. ERROR: read only file system What happens if there is no SD card in the active CMC module? The $racadm featurecard -s command returns this message: No feature card inserted.
Only one connection is allowed at a time. The front panel connection has precedence over ACI and the rear panel. For more information about connection precedence, see iKVM Connection Precedences. The message "User has been disabled as another appliance is currently tiered" appears on the monitor connected to the rear panel. Why? A network cable is connected to the iKVM ACI port connector and to a secondary KVM appliance. Only one connection is allowed at a time.
Single Sign On Though CMC is setup to allow Single Sign-On (SSO), the browser displays a blank page. Only Mozilla Firefox and Internet Explorer browsers are supported at this time for SSO. Check the browser settings for the correct setup. For more information, see the Configuring Browser for SSO Login section. If the browsers are configured correctly, both browsers must allow you to log in without entering the name and password. Use the Fully Qualified Domain Name (FQDN) for the CMC. For example, myCMC.
19 Use Case Scenarios This section helps you in navigating to specific sections in the guide to perform typical use case scenarios. Topics: • • • • • Chassis Basic Configuration and Firmware Update Backup the CMC Configurations and Server Configurations.
For information, see the Adding or Saving Profile section. 4. Apply the configurations saved on the external storage card to the required server, using the CMC Web interface . For information, see the Applying Profile section. Update Firmware for Management Consoles Without Servers Downtime You can update firmware for management consoles for CMC, iDRAC and Lifecycle Controller without downtime on the servers: 1.
• Selecting the check box to enable Max Power Conservation Mode (MPCM), displays the following message: Enabling Max Power Conservation Mode option will force servers into a low power, limited performance mode and disable server power up. Press OK to continue.
• Changing Power Redundancy Policy from Grid Redundancy Policy to No Redundancy Policy on a 3000W AC PSU racadm config -g cfgChassisPower -o cfgChassisRedundancyPolicy 0 This feature is not supported while Extended Power Performance is enabled. • Changing System Input Power Cap value to less than or equal to 13300 W racadm config –g cfgChassisPower -o cfgChassisPowerCap 12500 System Input Power Cap cannot be set to less than or equal to while Extended Power Performance is enabled.
