Dell Remote Access Controller 5 Firmware Version 1.30 User’s Guide w w w. d e l l . c o m | s u p p o r t . d e l l .
Notes and Notices NOTE: A NOTE indicates important information that helps you make better use of your computer. NOTICE: A NOTICE indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. ____________________ Information in this document is subject to change without notice. © 2007 Dell Inc. All rights reserved. Reproduction in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden.
Contents 1 DRAC 5 Overview . . . . . . . . . . . . . . . . . . What’s New in DRAC 5 in this Release? . . . . . . . . 21 . . . . . . . . . . . . . . . 22 . . . . . . . . . . . . . . . . 22 . . . . . . . . . . . . . . . 22 . . . . . . . . . . . . . . . . . . . . . 23 DRAC 5 Hardware Features Hardware Specifications Power Specifications Connectors DRAC 5 Ports . . . . . . . . . . . . . . . . . . . . 24 . . . . . . . . . . . . . . . . 25 . . . . . . . . . . . . . . . . . .
2 Installing and Setting Up the DRAC 5 . . . . . . . . . . . . . . . . . . Before You Begin . . . . . . . . . 35 . . . . . . . . . . . . . . . . . . . . 35 Installing the DRAC 5 Hardware . . . . . . . . . . . . Configuring Your System to Use a DRAC 5 . . . . . . . Software Installation and Configuration Overview . . . 37 37 . . . . . . . . . . . . . . 38 Installing the Software on the Managed System Configuring the Managed System to Capture the Last Crash Screen . . . 38 . . . . . . . .
Configuring the DRAC 5 Network Settings . . . . . . . 45 . . . . . . . . . 46 . . . . . . . . . . . . . 46 . . . . . . . . . . . . . . . . . 46 Adding and Configuring DRAC 5 Users Updating the DRAC 5 Firmware Before You Begin . Downloading the DRAC 5 Firmware . . . . . . . . Updating the DRAC 5 Firmware Using the Web-Based Interface . . . . . . . . . . Clearing the Browser Cache . . . . . 47 . . . . . . . . . . . . 48 . . . . . . 48 . . . . . . . . . . . . . . . . . . . .
Enabling Login to the Console After Boot Enabling the DRAC 5 Serial/Telnet/SSH Console . . . . . . 70 . . . . . . . . 73 Using the RACADM Command to Configure the Settings for the Serial and Telnet Console . . . Using the Secure Shell (SSH) . . 74 . . . . . . . . . . . . . . 76 Enabling Additional DRAC 5 Security Options . . . 83 Connecting the DB-9 Cable for the Serial Console . . . 84 . . . . . . . . . 85 Configuring Linux Minicom for Serial Console Emulation . . . . . . . . . . . . . .
Configuring the DRAC 5 NIC . . . . . . . . . . . . . . . Configuring the Network and IPMI LAN Settings . . . . . . . . . . . . . . . . . Configuring the Network Security Settings Adding and Configuring DRAC 5 Users 96 . . . . . . . . . 98 . . . . . . . Configuring Active Directory (Standard Schema and Extended Schema) . . . . Uploading an Active Directory CA Certificate Downloading a DRAC Server Certificate 103 . . . 106 107 . . . . 107 . . . . . . . . . . . 108 . . . . . . . . . . . .
5 Recovering and Troubleshooting the Managed System . . . . . . . . . . . . . . . . First Steps to Troubleshoot a Remote System . 127 . . . . . . . . . 128 . . . . . . . . . 128 . . . . . . . . . . . . . . 129 . . . . . . . . . . . . . . . 129 Selecting Power Control Actions Main System Chassis . Remote Access Controller . . . . . . . . . . . . . Using the System Event Log (SEL) . . . . . . . . . . . . Viewing the Last System Crash Screen Using the RAC Log . . . . . . . . . . . . . . . . .
Installing the Dell Extension to the Active Directory Users and Computers Snap-In . . . . . . . . . 150 . . . . . . Configuring the DRAC 5 With Extended Schema Active Directory and Web-Based Interface . . . . 152 Configuring the DRAC 5 With Extended Schema Active Directory and RACADM . . . . . . . . . . 154 Standard Schema Active Directory Overview . . . . . 156 Configuring Standard Schema Active Directory to Access Your DRAC 5 . . . . .
Using Console Redirection . . . . . . . . . . . . . . . Supported Screen Resolutions Refresh Rates on the Managed System . . . . . . 170 Configuring Your Management Station . . . . . . 170 . . . . . . . . . 170 Configuring Console Redirection . Opening a Console Redirection Session . . . . . . 172 . . . . . . . . . 173 . . . . . . . . . . . . . . . . . 174 Disabling or Enabling Local Video Using the Video Viewer . . . . . . . . . 175 . . . . . . . . . . . .
Using Virtual Flash Enabling Virtual Flash . . . . . . . . . . . . . . . 195 Disabling Virtual Flash . . . . . . . . . . . . . . . 196 Storing Images in a Virtual Flash . . . . . . . . 196 . . . . . . . . . . . . . 197 . . . . . . . . . . . . . . . . . 198 Using the Virtual Media Command Line Interface Utility Utility Installation . Command Line Options . VM-CLI Parameters . . . . . . . . . . . . . . 198 . . . . . . . . . . . . . . . .
Using the RACADM Utility to Configure the DRAC 5 . . . . Before You Begin . . . . . . . . . . . . . . 221 . . . . . . . . . . . . . . . . . . 221 Adding a DRAC 5 User . . . . . . . . . . . . . . . Removing a DRAC 5 User . Testing e-mail Alerting . . . . . . . . . . . . . 223 . . . . . . . . . . . . . . . 223 Testing the RAC SNMP Trap Alert Feature . . . . . 223 Enabling a DRAC 5 User With Permissions . . . . 224 . . . . . 224 . . . . . . . . . . . . . .
SM-CLP Features SM-CLP Management Operations and Targets . . . . . . . . . . . . . . . . . Options . . . . . . 232 . . . . . . . . . . . . . . . . . . . . . . . 233 DRAC 5 SM-CLP Examples . 12 Troubleshooting 243 243 . . . . . . . . . . . . . . A RACADM Subcommand Overview . arp 233 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting the DRAC 5 help 231 . . . . . . . . . . . . . . . . . . . . . . . . 245 . . . . . . . . . . . . . . . . . . . . . . . . . . .
ping . . . . . . . . . . . . . . . . . . . . . . . . . . . setniccfg . . . . . . . . . . . . . . . . . . . . . . . . . 263 getniccfg . . . . . . . . . . . . . . . . . . . . . . . . . 265 getsvctag . . . . . . . . . . . . . . . . . . . . . . . . . 266 racdump . . . . . . . . . . . . . . . . . . . . . . . . . 267 racreset . . . . . . . . . . . . . . . . . . . . . . . . . 268 racresetcfg . . . . . . . . . . . . . . . . . . . . . . . . 269 serveraction . . . . . . . . . . . . . . . . . . .
vmkey 288 . . . . . . . . . . . . . . . . . . . . . . . . . . usercertupload usercertview . . . . . . . . . . . . . . . . . . . . . 288 . . . . . . . . . . . . . . . . . . . . . . 290 localConRedirDisable . B DRAC 5 Property Database Group and Object Definitions . . . . . . . . . . . . . . . . Displayable Characters idRacInfo 291 . . . . . . . . . . . . . . . . . . 293 . . . . . . . . . . . . . . . . . 293 . . . . . . . . . . . . . . . . . . . . . . . . 293 idRacProductInfo (Read Only) .
cfgNicSelection (Read/Write) . . . . . . . . . . . cfgNicMacAddress (Read Only) . . . . . . . . . . 302 cfgNicVLanEnable (Read/Write) . . . . . . . . . . 302 . . . . . . . . . . . . 302 cfgNicVLanId (Read/Write) . cfgNicVLanPriority (Read/Write) cfgRemoteHosts . . . . . . . . . . 303 . . . . . . . . . . . . . . . . . . . . . 303 cfgRhostsSmtpServerIpAddr (Read/Write) . . . . cfgRhostsFwUpdateTftpEnable (Read/Write) cfgRhostsFwUpdateIpAddr (Read/Write) cfgUserAdmin 304 304 . . . . . . .
cfgSerial . . . . . . . . . . . . . . . . . . . . . . . . . cfgSerialBaudRate (Read/Write) . . . . . . . . . cfgSerialConsoleEnable (Read/Write) 313 314 . . . . . . . 314 . . . . . . 314 cfgSerialConsoleQuitKey (Read/Write) cfgSerialConsoleIdleTimeout (Read/Write) cfgSerialConsoleNoAuth (Read/Write) . . . . 315 . . . . . . 316 cfgSerialConsoleCommand (Read/Write) . . . . . 316 cfgSerialHistorySize (Read/Write) . . . . . . . . . 316 cfgSerialSshEnable (Read/Write) . . . . . . . . .
cfgRacTuneTelnetPort (Read/Write) . . . . . . . . 325 cfgRacTuneRemoteRacadmEnable (Read/Write) . . . . . . . . . . . . . . . . . . . . 325 cfgRacTuneConRedirEncryptEnable (Read/Write) . . . . . . . . . . . . . . . . . . . . 326 cfgRacTuneConRedirPort (Read/Write) . . . . . . cfgRacTuneConRedirVideoPort (Read/Write) cfgRacTuneAsrEnable (Read/Write) . . . 326 . . . . . . . . 327 cfgRacTuneDaylightOffset (Read/Write) . . . . . . cfgRacTuneTimezoneOffset (Read/Write) . . . . . 328 . . . .
cfgVirMediaBootOnce (Read/Write) . . . . . . . . 336 . . . . . . . . . 336 . . . . . . . . . . . . . . . . . . . 337 cfgFloppyEmulation (Read/Write) cfgActiveDirectory . . . . . . . . . . 337 . . . . . . . . . . . 337 . . . . . . . . . . . . . 337 cfgADRacDomain (Read/Write) cfgADRacName (Read/Write) cfgADEnable (Read/Write) cfgADAuthTimeout (Read/Write) . . . . . . . . . . 340 . . . . . . . . . . 340 . . . . . . . . . . . . . . 341 . . . . . . . . . . . . . . . . . .
cfgIpmiSolAccumulateInterval (Read/Write) . . . 349 . . . . . . 349 . . . . . . . . . . . . . . . . . . . . . . . . 349 cfgIpmiSolSendThreshold (Read/Write) cfgIpmiLan cfgIpmiLanEnable (Read/Write) . . . . . . . . . . cfgIpmiLanPrivLimit (Read/Write) . . . . . . . . . cfgIpmiLanAlertEnable (Read/Write) . cfgIpmiEncryptionKey (Read/Write) 350 . . . . . . . 350 . . . . . . . . 351 . . . . . 351 . . . . . . . . . . . . . . . . . . . . . . . .
1 DRAC 5 Overview The Dell™ Remote Access Controller 5 (DRAC 5) is a systems management hardware and software solution designed to provide remote management capabilities, crashed system recovery, and power control functions for Dell systems. By communicating with the system’s baseboard management controller (BMC), the DRAC 5 (when installed) can be configured to send you e-mail alerts for warnings or errors related to voltages, temperatures, intrusion, and fan speeds.
NOTE: You must keep the key pressed during the additional keystrokes. • Supports an option to allow users to specify LDAP or Global Catalog servers to handle user authentication. • Provides the ability to specify a list of LDAP servers and Global Catalog servers. • Removed support for SSL version 2.0. DRAC 5 Hardware Features Figure 1-1 shows the DRAC 5 hardware. Figure 1-1.
Table 1-1. DRAC 5 Power Specifications System Power 1.2 A on +3.3 V AUX (maximum) 550 mA on +3.3 V main (maximum) 0 mA on +5V main (maximum) Connectors NOTE: The DRAC 5 hardware installation instructions can be found in the Installing a Remote Access Card document or the Installation and Troubleshooting Guide included with your system. The DRAC 5 includes one onboard 10/100 Mbps RJ-45 NIC, a 50-pin management cable, and a 44-pin MII cable. See Figure 1-1 for the DRAC 5 cable connectors.
Table 1-2. DRAC 5 Server Listening Ports (continued) Port Number Function 80* HTTP 161 SNMP Agent 443* HTTPS 623 RMCP/RMCP+ 3668* Virtual Media server 3669* Virtual Media Secure Service 5900* Console Redirection keyboard/mouse 5901* Console Redirection video * Configurable port Table 1-3.
Table 1-4.
• User authentication through Microsoft Active Directory (optional) or hardware-stored user IDs and passwords • Role-based authority, which enables an administrator to configure specific privileges for each user • User ID and password configuration through the Web-based interface or RACADM CLI • RACADM CLI and Web-based interface operation, which supports 128bit SSL encryption and 40-bit SSL encryption (for countries where 128 bit is not acceptable) NOTE: Telnet does not support SSL encryption.
• R805 • R900 • R905 • T300 • PowerVault™ 500 • PowerVault 600 NOTE: The PowerEdge R805 is scheduled to be available in Q4 CY07–Q1 CY08. See the Dell Systems Software Support Matrix located on the Dell Support website at support.dell.com for the latest supported platforms. Supported Operating Systems Table 1-5 lists the operating systems that support the DRAC 5. See the Dell Systems Software Support Matrix located on the Dell Support website at support.dell.com for the latest information.
Table 1-5.
Table 1-5. Supported Operating Systems (continued) Operating System Operating System Family Red Hat® Linux Enterprise Linux® WS, ES, and AS (version 3) (x86 and x86_64) Enterprise Linux WS, ES, and AS (version 4) (ia32 and x86_64) Enterprise Linux WS, ES, and AS (version 4) (x86 and x86_64) Enterprise Linux WS, ES, and AS (Version 4.5) (x86) Enterprise Linux WS, ES, and AS (Version 4.5) (x86_64) Enterprise Linux WS and AS (Version 4.
Table 1-6. Supported Web Browsers Operating System Supported Web Browser Windows Internet Explorer 6.0 (32-bit) with Service Pack 2 (SP2) for Windows XP and Windows 2003 R2 SP2 only. Internet Explorer 7.0 for Windows Vista, Windows XP, and Windows 2003 R2 SP2 only. To view localized versions of the DRAC 5 Web-based interface: 1 Open the Windows Control Panel. 2 Double-click the Regional Options icon. 3 Select the desired locale from the Your locale (location) drop-down menu.
3 In the Preference Name column, locate and double-click xpinstall.whitelist.required. The values for Preference Name, Status, Type, and Value change to bold text. The Status value changes to user set and the Value value changes to false. 4 In the Preferences Name column, locate xpinstall.enabled. Ensure that Value is true. If not, double-click xpinstall.enabled to set Value to true.
• Remote power management — Provides remote power management functions from a management console, such as shutdown and reset. • IPMI support. • Secure Sockets Layer (SSL) encryption — Provides secure remote system management through the Web-based interface. • Password-level security management — Prevents unauthorized access to a remote system. • Role-based authority — Provides assignable permissions for different systems management tasks.
The following system documents are also available to provide more information about the system in which your DRAC 5 is installed: • The Product Information Guide provides important safety and regulatory information. Warranty information may be included within this document or as a separate document. • The Rack Installation Guide and Rack Installation Instructions included with your rack solution describes how to install your system into a rack.
DRAC 5 Overview
Installing and Setting Up the DRAC 5 2 This section provides information about how to install and setup your DRAC 5 hardware and software.
Configuring Your System to Use a DRAC 5 To configure your system to use a DRAC 5, use the Dell™ Remote Access Configuration Utility (formerly known as the BMC Setup Module). To run the Dell Remote Access Configuration Utility, perform the following steps: 1 Turn on or restart your system. 2 Press when prompted during POST. If your operating system begins to load before you press , allow the system to finish booting, and then restart your system and try again. 3 Configure the NIC.
4 Configure the network controller LAN parameters to use DHCP or a Static IP address source. a Using the down-arrow key, select LAN Parameters, and press . b Using the up-arrow and down-arrow keys, select IP Address Source. c Using the right-arrow and left-arrow keys, select DHCP or Static. d If you selected Static, configure the Ethernet IP Address, Subnet Mask, and Default Gateway settings. e Press . 5 Press . 6 Select Save Changes and Exit. The system automatically reboots.
Configuring Your DRAC 5 To configure your DRAC 5, perform the following steps in order: 1 Select one of the following configuration tools: • Web-based interface • RACADM CLI • Serial/Telnet/SSH console NOTICE: Using more than one DRAC 5 configuration tool at the same time may generate unexpected results. 2 Configure the DRAC 5 network settings. See "Configuring the DRAC 5 Network Settings" on page 45. 3 Add and configure DRAC 5 users. See "Adding and Configuring DRAC 5 Users" on page 46.
If Server Administrator is not installed on the managed system, you cannot view the system’s last crash screen or use the Auto Recovery feature. For more information about the last crash screen, see "Viewing the Last System Crash Screen" on page 132. Configuring the Managed System to Capture the Last Crash Screen Before the DRAC 5 can capture the last crash screen, you must configure the managed system with the following prerequisites. 1 Install the managed system software.
Disabling the Automatic Reboot Option in Windows Server 2003 1 Open the Windows Control Panel and double-click the System icon. 2 Click the Advanced tab. 3 Under Startup and Recovery, click Settings. 4 Deselect the Automatically Reboot check box. 5 Click OK twice. Disabling the Automatic Reboot Option in Windows 2000 Server 1 Open the Windows Control Panel and double-click the System icon. 2 Click the Advanced tab. 3 Click the Startup and Recovery... button. 4 Deselect the Automatically Reboot check box.
For information about installing Server Administrator software, see your Server Administrator User's Guide. Configuring Your Red Hat Enterprise Linux (Version 4) Management Station The Dell Digital KVM Viewer requires additional configuration to run on a Red Hat Enterprise Linux (version 4) management station.
For help with the RACADM command, type racadm help after issuing the previous commands. For more information about RACADM, see "Using the RACADM Command Line Interface" on page 209. Uninstalling RACADM To uninstall RACADM, open a command prompt and type: rpm -e where is the rpm package that was used to install the RAC software.
List of Trusted Domains When you access the DRAC 5 Web-based interface through the Web browser, you are prompted to add the DRAC 5 IP address to the list of trusted domains if the IP address is missing from the list. When completed, click Refresh or relaunch the Web browser to reestablish a connection to the DRAC 5 Web-based interface. 32-bit and 64-bit Web Browsers The DRAC 5 Web-based interface is not supported on 64-bit Web browsers.
4 In the Add Language window, select a supported language. To select more than one language, press . 5 Select your preferred language and click Move Up to move the language to the top of the list. 6 Click OK. 7 In the Language Preference window, click OK. Linux If you are running Console Redirection on a Red Hat Enterprise Linux (version 4) client with a Simplified Chinese GUI, the viewer menu and title may appear in random characters.
5 In the file, apply the following changes: Current entry: LANG="zh_CN.GB18030" SUPPORTED="zh_CN.GB18030:zh_CH.GB2312:zh_CN:zh" Updated entry: LANG="zh_CN.UTF-8" SUPPORTED="zh_CN.UTF8:zh_CN.GB18030:zh_CH.GB2312:zh_CN:zh" 6 Log out and then login to the operating system. 7 Relaunch the DRAC 5. When you switch from any other language to the Simplified Chinese language, ensure that this fix is still valid. If not, repeat this procedure.
Adding and Configuring DRAC 5 Users Use one of the following tools to add and configure DRAC 5 users: • Web-based interface — See "Adding and Configuring DRAC 5 Users" on page 98. • RACADM CLI — See "cfgUserAdmin" on page 305. Updating the DRAC 5 Firmware Use one of the following methods to update your DRAC 5 firmware. • Web-based Interface — See "Updating the DRAC 5 Firmware Using the Web-Based Interface" on page 47. • RACADM CLI — See "fwupdate" on page 253.
Downloading the DRAC 5 Firmware To update your DRAC 5 firmware, download the latest firmware from the Dell Support website located at support.dell.com and save the file to your local system.
Clearing the Browser Cache After the firmware upgrade, clear the Web browser cache. See your Web browser’s online help for more information. Accessing the DRAC 5 Through a Network After you configure the DRAC 5, you can remotely access the managed system using one of the following interfaces: • Web-based interface • RACADM • Telnet Console • SSH • IPMI Table 2-1 describes each DRAC 5 interface. Table 2-1.
Table 2-1. DRAC 5 Interfaces (continued) Interface Description RACADM Provides remote access to the DRAC 5 using a command line interface. RACADM uses the managed system’s IP address to execute RACADM commands (racadm remote capability option [-r]). NOTE: The racadm remote capability is supported only on management stations. For more information, see "Supported Web Browsers" on page 29.
You can access the DRAC 5 Web-based interface through the DRAC 5 NIC by using a supported Web browser, or through Server Administrator or IT Assistant. See "Supported Web Browsers" on page 29 for a list of supported Web browsers. To access the DRAC 5 using a supported Web browser, see "Accessing the Web-Based Interface" on page 91. To access the DRAC 5 remote access interface using Server Administrator, launch Server Administrator.
Configuring IPMI Using the Web-Based Interface 1 Login to the remote system using a supported Web browser. See "Accessing the Web-Based Interface" on page 91. 2 Configure IPMI over LAN. a In the System tree, click Remote Access. b Click the Configuration tab and click Network. c In the Network Configuration page under IPMI LAN Settings, select Enable IPMI Over LAN and click Apply Changes. d Update the IPMI LAN channel privileges, if required.
f Update the Minimum Required Privilege. This property defines the minimum user privilege that is required to use the Serial Over LAN feature. Click the Channel Privilege Level Limit drop-down menu, select User, Operator, or Administrator. g Click Apply Changes. 4 Configure IPMI Serial. a In the Configuration tab, click Serial. b In the Serial Configuration menu, change the IPMI serial connection mode to the appropriate setting.
If IPMI serial is in terminal mode, you can configure the following additional settings: • Delete control • Echo control • Line edit • New line sequences • Input new line sequences For more information about these properties, see the IPMI 2.0 specification. Configuring IPMI Using the RACADM CLI 1 Login to the remote system using any of the RACADM interfaces. See "Using RACADM" on page 210. 2 Configure IPMI over LAN.
For example, to set the IPMI LAN channel privilege to 2 (User), type the following command: racadm config -g cfgIpmiLan -o cfgIpmiLanPrivilegeLimit 2 b Set the IPMI LAN channel encryption key, if required. NOTE: The DRAC 5 IPMI supports the RMCP+ protocol. See the IPMI 2.0 specifications for more information.
For example, to configure the IPMI privileges to 2 (User), type the following command: racadm config -g cfgIpmiSol -o cfgIpmiSolMinPrivilege 2 b Update the IPMI SOL baud rate. NOTE: To redirect the serial console over LAN, ensure that the SOL baud rate is identical to your managed system’s baud rate. At the command prompt, type the following command and press : racadm config -g cfgIpmiSol -o cfgIpmiSolBaudRate where is 9600, 19200, 57600, or 115200 bps.
Open a command prompt, type the following command, and press : racadm config -g cfgIpmiSerial -o cfgIpmiSerialBaudRate where is 9600, 19200, 57600, or 115200 bps. For example: racadm config -g cfgIpmiSerial -o cfgIpmiSerialBaudRate 57600 c Enable the IPMI serial hardware flow control. At the command prompt, type the following command and press : racadm config -g cfgIpmiSerial -o cfgIpmiSerialFlowControl 1 d Set the IPMI serial channel minimum privilege level.
e Ensure that the serial MUX is set correctly in the BIOS Setup program. • Restart your system. • During POST, press to enter the BIOS Setup program. • Navigate to Serial Communication. • In the Serial Connection menu, ensure that External Serial Connector is set to Remote Access Device. • Save and exit the BIOS Setup program. • Restart your system. The IPMI configuration is complete.
• Temperature Probe Failure • Chassis Intrusion Detected • Redundancy Degraded • Redundancy Lost • Processor Warning • Processor Failure • Processor Absent • PS/VRM/D2D Warning • PS/VRM/D2D Failure • Power Supply Absent • Hardware Log Failure • Automatic System Recovery When a platform event occurs (for example, a fan probe failure), a system event is generated and recorded in the System Event Log (SEL).
4 Under Platform Events Filters Configuration, select the Enable Platform Event Filter alerts check box and then click Apply Changes. 5 Under Platform Event Filters List, double-click a filter that you wish to configure. 6 In the Set Platform Events page, make the appropriate selections and then click Apply Changes. NOTE: Generate Alert must be enabled for an alert to be sent to any valid, configured destination (PET or e-mail). Configuring PEF Using the RACADM CLI 1 Enable PEF.
For example, to enable PEF to reboot the system, type the following command: racadm config -g cfgIpmiPef -o cfgIpmiPefAction -i 1 2 where 1 is the PEF index and 2 is the PEF action to reboot. Configuring PET Configuring PET Using the Web User Interface 1 Login to the remote system using a supported Web browser. See "Accessing the Web-Based Interface" on page 91. 2 Ensure that you followed the procedures in "Configuring PEF Using the Web User Interface" on page 58. 3 Configure your PET policy.
Configuring PET Using RACADM CLI 1 Enable your global alerts. Open a command prompt, type the following command, and press : racadm config -g cfgIpmiLan -o cfgIpmiLanAlertEnable 1 2 Enable PET. At the command prompt, type the following commands and press after each command: racadm config -g cfgIpmiPet -o cfgIpmiPetAlertEnable -i 1 1 where 1 and 1 are the PET destination index and the enable/disable selection, respectively. The PET destination index can be a value from 1 through 4.
Configuring E-Mail Alerts Configuring E-mail Alerts Using the Web User Interface 1 Login to the remote system using a supported Web browser. See "Accessing the Web-Based Interface" on page 91. 2 Ensure that you followed the procedures in "Configuring PEF Using the Web User Interface" on page 58. 3 Configure your e-mail alert settings. a In the Alert Management tab, click Email Alert Settings.
Configuring E-Mail Alerts Using RACADM CLI 1 Enable your global alerts. Open a command prompt, type the following command, and press : racadm config -g cfgIpmiLan -o cfgIpmiLanAlertEnable 1 2 Enable e-mail alerts. At the command prompt, type the following commands and press after each command: racadm config -g cfgEmailAlert -o cfgEmailAlertEnable -i 1 1 where 1 and 1 are the e-mail destination index and the enable/disable selection, respectively.
Installing and Setting Up the DRAC 5
3 Configuring and Using the DRAC 5 Command Line Console This section provides information about the DRAC 5 command line console (or serial/telnet/ssh console) features, and explains how to set up your system so you can perform systems management actions through the console.
Enabling and Configuring the Managed System to Use a Serial or Telnet Console The following subsections provide information about how to enable and configure a serial/telnet/ssh console on the managed system. Using the connect com2 Serial Command When using the connect com2 serial command, the following must be configured properly: • The Serial Communication→Serial Port setting in the BIOS Setup program. • The DRAC configuration settings.
Using the Remote Access Serial Interface When establishing a serial connection to the RAC device, the following interfaces are available: • IPMI serial interface • RAC serial interface IPMI Serial Interface In the IPMI serial interface, the following modes are available: • IPMI terminal mode — Supports ASCII commands that are submitted from a serial terminal.
To enable the RAC serial terminal interface, set the cfgSerialConsoleEnable property to 1 (TRUE). For example: racadm config -g cfgSerial -o cfgSerialConsoleEnable 1 See "cfgSerialConsoleEnable (Read/Write)" on page 314 for more information. Table 3-1 provides the serial interface settings. Table 3-1.
Table 3-2. Sample File: /etc/grub.conf # grub.conf generated by anaconda # # Note that you do not have to rerun grub after making changes # to this file # NOTICE: You do not have a /boot partition. This means that # all kernel and initrd paths are relative to /, e.g. # root (hd0,0) # kernel /boot/vmlinuz-version ro root= /dev/sdal # initrd /boot/initrd-version.img # #boot=/dev/sda default=0 timeout=10 #splashimage=(hd0,2)/grub/splash.xpm.
When you edit the /etc/grub.conf file, use the following guidelines: 1 Disable GRUB's graphical interface and use the text-based interface; otherwise, the GRUB screen will not be displayed in RAC console redirection. To disable the graphical interface, comment out the line starting with splashimage.
Table 3-3. Sample File: /etc/innitab # # inittab This file describes how the INIT process should set up # the system in a certain run-level. # # Author: Miquel van Smoorenburg # Modified for RHS Linux by Marc Ewing and Donnie Barnes # # Default runlevel.
Table 3-3. Sample File: /etc/innitab (continued) # Things to run in every runlevel. ud::once:/sbin/update # Trap CTRL-ALT-DELETE ca::ctrlaltdel:/sbin/shutdown -t3 -r now # When our UPS tells us power has failed, assume we have a few # minutes of power left. Schedule a shutdown for 2 minutes from now. # This does, of course, assume you have power installed and your # UPS is connected and working correctly.
Table 3-4 shows a sample file with the new line. Table 3-4. Sample File: /etc/securetty vc/1 vc/2 vc/3 vc/4 vc/5 vc/6 vc/7 vc/8 vc/9 vc/10 vc/11 tty1 tty2 tty3 tty4 tty5 tty6 tty7 tty8 tty9 tty10 tty11 ttyS1 Enabling the DRAC 5 Serial/Telnet/SSH Console The serial/telnet/ssh console can be enabled locally or remotely. Enabling the Serial/Telnet/SSH Console Locally NOTE: You (the current user) must have Configure DRAC 5 permission in order to perform the steps in this section.
For detailed information about how to use RACADM, serial/telnet/ssh, and RACADM commands, see "Using the RACADM Command Line Interface" on page 209.
Using RACADM Remotely To use RACADM commands remotely, type the following command from a command prompt on a management station: racadm -u -p -r config -g -o Ensure that your web server is configured with a DRAC 5 card before you use RACADM remotely. Otherwise, RACADM times out and the following message appears: Unable to connect to RAC at specified IP address.
Configuring the Telnet Port Number Type the following command to change the telnet port number on the DRAC 5. racadm config -g cfgRacTuning -o cfgRacTuneTelnetPort Using the Secure Shell (SSH) It is critical that your system’s devices and device management is secure. Embedded connected devices are the core of many business processes.
The DRAC 5 SSH implementation supports multiple cryptography schemes, as shown in Table 3-6. Table 3-6.
These features are disabled in the DRAC 5 default configuration. Use the following subcommand or the Web-based interface to enable these features. racadm config -g cfgRacTuning -o Additionally, use these features in conjunction with the appropriate session idle time-out values and a defined security plan for your network. The following subsections provide additional information about these features.
Table 3-7. IP Address Filtering (IpRange) Properties Property Description cfgRacTuneIpRangeEnable Enables the IP range checking feature. cfgRacTuneIpRangeAddr Determines the acceptable IP address bit pattern, depending on the 1’s in the subnet mask. This property is bitwise AND’d with cfgRacTuneIpRangeMask to determine the upper portion of the allowed IP address. Any IP address that contains this bit pattern in its upper bits is allowed to establish a DRAC 5 session.
To restrict logins to a small set of four adjacent IP addresses (for example, 192.168.0.212 through 192.168.0.215), select all but the lowest two bits in the mask, as shown below: racadm config -g cfgRacTuning -o cfgRacTuneIpRangeEnable 1 racadm config -g cfgRacTuning -o cfgRacTuneIpRangeAddr 192.168.0.212 racadm config -g cfgRacTuning -o cfgRacTuneIpRangeMask 255.255.255.
As login failures accumulate from a specific IP address, they are "aged" by an internal counter. When the user logs in successfully, the failure history is cleared and the internal counter is reset. NOTE: When login attempts are refused from the client IP address, some SSH clients may display the following message: ssh exchange identification: Connection closed by remote host. See "DRAC 5 Property Database Group and Object Definitions" on page 293 for a complete list of cfgRacTune properties.
racadm config -g cfgRacTuning -o cfgRacTuneIpBlkFailCount 5 racadm config -g cfgRacTuning -o cfgRacTuneIpBlkFailWindows 60 racadm config -g cfgRacTuning -o cfgRacTuneIpBlkPenaltyTime 300 The following example prevents more than three failed attempts within one minute, and prevents additional login attempts for an hour.
Disabling Local Configuration From Local racadm This feature disables the ability of the managed system’s user to configure the DRAC 5 using the local racadm or the Dell OpenManage Server Administrator utilities. racadm config -g cfgRacTune -o cfgRacTuneLocalConfigDisable 1 NOTICE: Use these features discreetly as they severely limit the ability of the local user to configure the DRAC 5 from the local system, including performing a reset to default of the configuration.
The serial console is available on the DRAC 5 through the managed system external serial connector. Only one serial client system (management station) may be active at any given time. The telnet and SSH consoles are available on the DRAC 5 through the DRAC modes (see "DRAC Modes" on page 225). Up to four telnet client systems and four SSH clients may connect at any given time.
Configuring the Management Station Terminal Emulation Software Your DRAC 5 supports a serial or telnet text console from a management station running one of the following types of terminal emulation software: • Linux Minicom in an Xterm • Hilgraeve’s HyperTerminal Private Edition (version 6.3) • Linux Telnet in an Xterm • Microsoft® Telnet Perform the steps in the following subsections to configure your type of terminal software. If you are using Microsoft Telnet, configuration is not required.
7 Press and set the Bps/Par/Bits option to 57600 8N1. 8 Press and set Hardware Flow Control to Yes and set Software Flow Control to No. 9 To exit the Serial Port Setup menu, press . 10 Select Modem and Dialing and press . 11 In the Modem Dialing and Parameter Setup menu, press to clear the init, reset, connect, and hangup settings so that they are blank. 12 Press to save each blank value.
Table 3-10. Minicom Settings for Serial Console Emulation (continued) Setting Description Required Setting Terminal emulation ANSI Modem dialing and parameter settings Clear the init, reset, connect, and hangup settings so that they are blank Window size 80 x 25 (to resize, drag the corner of the window) Configuring HyperTerminal for Serial Console Redirection HyperTerminal is the Microsoft Windows serial port access utility.
The HyperTerminal window displays a command prompt such as [DRAC 5\root]#. When the command prompt appears, your connection is successful and you are ready to connect to the managed system console using the connect com2 serial command.
Configuring the Backspace Key For Your Telnet Session Depending on the telnet client, using the key may produce unexpected results. For example, the session may echo ^h. However, most Microsoft and Linux telnet clients can be configured to use the key. To configure Microsoft telnet clients to use the key, perform the following steps: 1 Open a command prompt window (if required).
Using a Serial or Telnet Console Serial and telnet commands, and RACADM CLI can be typed in a serial or telnet console and executed on the server locally or remotely. The local RACADM CLI is installed for use by a root user only. For more information about the serial/telnet/ssh commands and RACADM CLI, see "Using the RACADM Command Line Interface" on page 209.
4 Configuring the DRAC 5 Using the Web User Interface The DRAC 5 provides a Web-based interface and RACADM (a commandline interface) that enables you to configure the DRAC 5 properties and users, perform remote management tasks, and troubleshoot a remote (managed) system for problems. For everyday systems management, use the DRAC 5 Web-based interface.
Logging In You can log in as either a DRAC 5 user or as a Microsoft® Active Directory® user. The default user name and password are root and calvin, respectively. Before you log in to the DRAC 5, verify that you have Log In to DRAC 5 permission. To log in, perform the following steps: 1 In the User Name field, type one of the following: • Your DRAC 5 user name. For example, The DRAC 5 user name for local users is case sensitive • Your Active Directory user name.
Logging Out 1 In the upper-right corner of the DRAC 5 Web-based interface window, click Log Out to close the session. 2 Close the browser window. NOTE: The Log Out button does not appear until you log in. NOTE: Closing the browser without gracefully logging out causes the session to remain open until it times out. It is strongly recommended that you click the logout button to end the session; otherwise, the session remains active until the session timeout is reached.
Table 4-1. Network Settings Setting Description NIC Selection Displays the selected NIC mode (Dedicated, Shared with Failover, or Shared). The default setting is Dedicated. MAC Address Displays the DRAC 5 MAC address. Enable NIC Enables the DRAC 5 NIC and activates the remaining controls in this group. The default setting is Enabled.
Table 4-1. Network Settings (continued) Setting Description DNS DRAC Name Displays the DRAC 5 name only when Register DRAC 5 on DNS is selected. The default DRAC 5 name is RAC-service tag, where service tag is the service tag number of the Dell server (for example, RAC-EK00002). Use DHCP for DNS Domain Name Uses the default DNS domain name. When the box is not selected and the Register DRAC 5 on DNS option is selected, you can modify the DNS domain name in the DNS Domain Name field.
Table 4-2. IPMI LAN Settings (continued) Setting Description Enable VLAN ID Enables the VLAN ID. If enabled, only matched VLAN ID traffic is accepted. VLAN ID The VLAN ID field of 802.1g fields. Priority The Priority field of 802.1g fields. Table 4-3. Network Configuration Page Buttons Button Description Print Prints the Network Configuration page Refresh Reloads the Network Configuration page Advanced Settings Displays the Network Security page.
Table 4-4. Network Security Page Settings Settings Description IP Range Enabled Enables the IP Range checking feature, which defines a specific range of IP addresses that can access the DRAC 5. IP Range Address Determines the acceptable IP subnet address. IP Range Subnet Mask Defines the significant bit positions in the IP address. The subnet mask should be in the form of a netmask, where the more significant bits are all 1's with a single transition to all zeros in the lower-order bits.
Adding and Configuring DRAC 5 Users To manage your system with the DRAC 5 and maintain system security, create unique users with specific administrative permissions (or role-based authority). For additional security, you can also configure alerts that are e-mailed to specific users when a specific system event occurs. To add and configure DRAC 5 users, perform the following steps: NOTE: You must have Configure DRAC 5 permission to perform the following steps.
Table 4-6. Options in the Smart Card Configuration section Option Description Upload User Certificate Enables you to upload the user certificate to DRAC and import it to the user profile. View User Certificate Displays the user certificate page that has been uploaded to the DRAC. Upload Trusted CA Certificate Enables you to upload the trusted CA certificate to DRAC and import it to the user profile. View Trusted CA Certificate Displays the trusted CA certificate that has been uploaded to the DRAC.
Table 4-8. IPMI User Privileges Property Description Maximum LAN User Privilege Granted Specifies the user’s maximum privilege on the IPMI LAN channel to one of the following user groups: Administrator, Operator, User, or None. Maximum Serial Port User Privilege Granted Specifies the user’s maximum privilege on the IPMI Serial channel to one of the following: Administrator, Operator, User, or None. Enable Serial Over LAN Allows user to use IPMI Serial Over LAN. When checked, this privilege is enabled.
Table 4-10.
Configuring and Managing Active Directory Certificates (Standard Schema and Extended Schema) NOTE: You must have Configure DRAC 5 permission to configure Active Directory and upload, download, and view an Active Directory certificate. NOTE: For more information about Active Directory configuration and how to configure Active Directory with Standard Schema or Extended Schema, see "Using the DRAC 5 With Microsoft Active Directory" on page 137.
Table 4-13. Active Directory Main Menu Page Buttons Button Definition Print Prints the contents of the open window to your default printer Next Go to the next selected Option page. Configuring Active Directory (Standard Schema and Extended Schema) 1 In the Active Directory Main Menu page, select Configure Active Directory and click Next. 2 In the Active Directory Configuration and Management page, enter the Active Directory settings.
Table 4-14. Active Directory Configuration and Management Page Settings (continued) Setting Description Timeout The time in seconds to wait for Active Directory queries to complete. Minimum value is equal to or greater than 15 seconds. The default value is 120 seconds. Use Standard Schema Uses Standard Schema with Active Directory Use Extended Schema Uses Extended Schema with Active Directory DRAC Name The name that uniquely identifies the DRAC 5 card in Active Directory. This value is NULL by default.
Table 4-15. Active Directory Configuration and Management Page Buttons Button Description Print Prints the Active Directory Configuration and Management page. Apply Saves the changes made to the Active Directory Configuration and Management page. Go Back to Active Directory Main Menu Returns to the Active Directory Main Menu page. Table 4-16.
Table 4-17.
Table 4-18. Certificate Upload Page Buttons Button Description Print Print the Certificate Upload page. Go Back to Active Return to the Active Directory Main Menu page. Directory Main Menu Apply Apply the certificate to the DRAC 5 firmware. Downloading a DRAC Server Certificate 1 In the Active Directory Main Menu page, select Download DRAC Server Certificate and click Next. 2 In the File Download window, click Save and save the file to a directory on your system.
Table 4-20. View Active Directory CA Certificate Page Buttons Button Description Print Prints the Active Directory CA Certificate. Go Back to Active Returns to the Active Directory Main Menu page.
The DRAC Web server includes a Dell self-signed SSL digital certificate (Server ID). To ensure high security over the Internet, replace the Web server SSL certificate by submitting a request to the DRAC to generate a new Certificate Signing Request (CSR). Certificate Signing Request (CSR) A CSR is a digital request to a Certificate Authority (CA) for a secure server certificate.
Table 4-21. SSL Main Menu Options Field Description Generate a New Certificate Signing Request (CSR) Click Next to open the Certificate Signing Request Generation page that enables you to generate a CSR to send to a CA to request a secure Web certificate. NOTICE: Each new CSR overwrites any pervious CSR on the firmware. For a CA to accept your CSR, the CSR in the firmware must match the certificate returned from the CA.
3 Click Generate to save or view the CSR. 4 Click the appropriate Generate Certificate Signing Request (CSR) page button to continue. See Table 4-24. Table 4-23. Generate Certificate Signing Request (CSR) Page Options Field Description Common Name The exact name being certified (usually the Web server's domain name, for example, www.xyzcompany.com). Only alphanumeric characters, hyphens, underscores, and periods are valid. Spaces are not valid.
Table 4-24. Generate Certificate Signing Request (CSR) Page Buttons Button Description Print Print the Generate Certificate Signing Request (CSR) page. Go Back to Security Main Menu Return to the SSL Main Menu page. Generate Generate a CSR. Uploading a Server Certificate 1 In the SSL Main Menu page, select Upload Server Certificate and click Next. The Certificate Upload page appears.
Table 4-26. Certificate Information Field Description Serial Number Certificate serial number Subject Information Certificate attributes entered by the subject Issuer Information Certificate attributes returned by the issuer Valid From Issue date of the certificate Valid To Expiration date of the certificate Table 4-27. View Server Certificate Page Buttons Button Description Print Print the View Server Certificate page. Go Back to SSL Main Menu Return to the SSL Main Menu page.
Table 4-28. IPMI Serial Settings Setting Description Connection Mode Setting • Direct Connect Basic Mode - IPMI Serial Basic Mode Baud Rate Sets the data speed rate. Select 9600 bps, 19.2 kbps, 57.6 kbps, or 115.2 kbps. Flow Control • None — Hardware Flow Control Off • Direct Connect Terminal Mode - IPMI Serial Terminal Mode • RTS/CTS — Hardware Flow Control On Channel Privilege Level Limit • Administrator • Operator • User Table 4-29.
Table 4-29. RAC Serial Settings (continued) Setting Description History Buffer Size The size of the serial history buffer, which holds the last characters written to the console. The maximum and default = 8192 characters. Login Command The DRAC command line to be executed upon valid login. Table 4-30. Serial Configuration Page Settings Button Description Print Print the Serial Configuration page. Refresh Refresh the Serial Configuration page.
Table 4-31. Terminal Mode Settings Setting Description Line Editing Enables or disables line editing. Delete Control Select one of the following: • BMC outputs a character when or is received — • BMC outputs a character when or is received — Echo Control Enables or disables echo. Handshaking Control Enables or disables handshaking. New Line Sequence Select None, , , , , or . Input New Line Sequence Select or .
4 Click Apply Changes. 5 Configure the advanced settings, if required. Otherwise, click the appropriate Serial Over LAN Configuration page button to continue (see Table 4-34). To configure the advanced settings, perform the following steps: a Click Advanced Settings. b In the Serial Over LAN Configuration Advanced Settings page, configure the advanced settings as required. See Table 4-35. c Click Apply Changes.
Table 4-35. Serial Over LAN Configuration Advanced Settings Page Settings Setting Description Character Accumulate The amount of time that the BMC will wait before Interval transmitting a partial SOL character data package. 1-based 5ms increments. Character Send Threshold The BMC will send an SOL character data package containing the characters as soon as this number of characters (or greater) has been accepted. 1-based units. Table 4-36.
• Remote RACADM (Table 4-41) • SNMP agent (Table 4-42) • Automated System Recovery Agent (Table 4-43) Use the Automated Systems Recovery Agent to enable the Last Crash Screen functionality of the DRAC 5. NOTE: Server Administrator must be installed with its Auto Recovery feature activated by setting the Action to either: Reboot System, Power Off System, or Power Cycle System, for the Last Crash Screen to function in the DRAC 5. 4 Click Apply Changes.
Table 4-38. Web Server Settings (continued) Setting Description HTTP Port Number The port used by the DRAC that listens for a server connection. The default setting is 80. HTTPS Port Number The port used by the DRAC that listens for a server connection. The default setting is 443. Table 4-39. SSH Settings Setting Description Enabled Enables or disables SSH. Checked=Enabled; Unchecked=Disabled. Max Sessions The maximum number of simultaneous sessions allowed for this system.
Table 4-41. Remote RACADM Settings Setting Description Enabled Enables or disables remote RACADM. Checked= Enabled; Unchecked=Disabled. Max Sessions The maximum number of simultaneous sessions allowed for this system. Up to four sessions are supported. Active Sessions The number of current sessions on the system, less than or equal to the Max Sessions. Table 4-42. SNMP Agent Settings Setting Description Enabled Enables or disables the SNMP agent. Checked=Enabled; Unchecked=Disabled.
Configuring Smart Card NOTE: To modify these settings, you must have Configure DRAC 5 permission. NOTE: For more information about the Smart Card, see the white paper on the Dell website at www.dell.com/openmanage. 1 Expand the System tree and click Remote Access. 2 Click the Configuration tab and then click Smart Card. 3 Configure the Smart Card logon settings. Table 4-45 provides information about the Smart Card page settings. 4 Click Apply Changes. Table 4-45.
Table 4-45. Smart Card Settings (continued) Setting Description Enable CRL check for Smart Card Logon This check is available only for Active Directory login users. Select this option if you want the DRAC 5 to check the Certificate Revocation List (CRL) for revocation of the user's Smart Card certificate. The user will not be able to login if: • The user certificate is listed as revoked in the CRL file. • DRAC is not able to communicate with the CRL distribution server.
Table 4-46. Managing and Recovering a Remote System: Frequently Asked Questions Question Answer When accessing the DRAC 5 Webbased interface, I get a security warning stating the hostname of the SSL certificate does not match the hostname of the DRAC 5. The DRAC 5 includes a default DRAC 5 server certificate to ensure network security for the Web-based interface and remote racadm features.
Table 4-46. Managing and Recovering a Remote System: Frequently Asked Questions (continued) Question Answer Why are the remote racadm and It may take a minute for the remote Web-based services unavailable after RACADM services and the Web-based a property change? interface to become available after the DRAC 5 Web server resets.
Table 4-46. Managing and Recovering a Remote System: Frequently Asked Questions (continued) Question Answer The following message is displayed for unknown reasons: As part of discovery, IT Assistant attempts to verify the device’s get and set community names. In IT Assistant, you have the get Remote Access: SNMP community name = public and the set Authentication Failure community name = private. By default, the community name for the DRAC 5 agent is Why does this happen? public.
5 Recovering and Troubleshooting the Managed System This section explains how to perform tasks related to recovering and troubleshooting a crashed remote system using the DRAC 5 Web-based interface. For information about troubleshooting your DRAC 5, see "Deploying Your Operating System Using VM-CLI" on page 227.
Managing Power on a Remote System The DRAC 5 enables you to remotely perform several power management actions on the managed system so you can recover after a system crash or other system event. Use the Power Management page to do the following: • Perform an orderly shutdown through the operating system when rebooting, and power the system on or off. • View the system’s current Power Status—either ON or OFF.
Viewing System Information The System Summary page displays information about the following system components: • Main System Chassis • Remote Access Controller • Baseboard Management Controller To access the system information, expand the System tree and click Properties. Main System Chassis Table 5-2 and Table 5-3 describes the main system chassis properties. NOTE: To receive Host Name and OS Name information, you must have DRAC 5 services installed on the managed system. Table 5-2.
Remote Access Controller Table 5-4 describes the Remote Access Controller properties. Table 5-4. RAC Information Fields Field Description Name Short name. Product Information Verbose Name. Hardware Version Remote Access Controller card version, or "unknown". Firmware Version DRAC 5 current firmware version level. Firmware Updated Date and time that the firmware was last updated. RAC Time System clock setting.
To view the System Event Log, perform the following steps: 1 In the System tree, click System. 2 Click the Logs tab and then click System Event Log. The System Event Log page displays the event severity and provides other information as shown in Table 5-6. 3 Click the appropriate System Event Log page button to continue (see Table 5-7). Table 5-6. Status Indicator Icons Icon/Category Description A green check mark indicates a healthy (normal) status condition.
Viewing the Last System Crash Screen NOTICE: The last crash screen feature requires the managed system with the Auto Recovery feature configured in Server Administrator. In addition, ensure that the Automated System Recovery feature is enabled using the DRAC. Navigate to the Services page under the Configuration tab in the Remote Access section to enable this feature.
Using the RAC Log The RAC Log is a persistent log maintained in the DRAC 5 firmware. The log contains a list of user actions (such as log in, log out, and security policy changes) and alerts issued by the DRAC 5. The oldest entries are overwritten when the log becomes full. To access the RAC Log, perform the following steps: 1 In the System tree, click Remote Access. 2 Click the Logs tab and then click RAC Log. The RAC Log provides the information in Table 5-9. Table 5-9.
Table 5-10. RAC Log Buttons (continued) Button Action Save As Opens a pop-up window that enables you to save the RAC Log to a directory of your choice. NOTE: If you are using Internet Explorer and encounter a problem when saving, be sure to download the Cumulative Security Update for Internet Explorer, located on the Microsoft Support website at support.microsoft.com. Refresh Reloads the RAC Log page.
Table 5-11. Diagnostic Commands (continued) Command Description netstat Prints the content of the routing table. If the optional interface number is provided in the text field to the right of the netstat option, then netstat prints additional information regarding the traffic across the interface, buffer usage, and other network interface information. ping Verifies that the destination IP address is reachable from the DRAC 5 with the current routing-table contents.
Troubleshooting Alerting Problems Use logged SNMP trap information to troubleshoot a particular type of DRAC 5 alert. SNMP trap deliveries are logged in the Trace Log by default. However, since SNMP does not confirm delivery of traps, use a network analyzer or a tool such as Microsoft’s snmputil to trace the packets on the managed system.
6 Using the DRAC 5 With Microsoft Active Directory A directory service maintains a common database of all information needed for controlling users, computers, printers, etc. on a network. If your company uses the Microsoft® Active Directory® service software, you can configure the software to provide access to the DRAC 5, allowing you to add and control DRAC 5 user privileges to your existing users in your Active Directory software.
Extended Schema Active Directory Overview There are two ways to enable Extended Schema Active Directory: • With the DRAC 5 web-based user interface. See "Configuring the DRAC 5 With Extended Schema Active Directory and Web-Based Interface" on page 152. • With the RACADM CLI tool. See "Configuring the DRAC 5 With Extended Schema Active Directory and RACADM" on page 154. Active Directory Schema Extensions The Active Directory data is a distributed database of Attributes and Classes.
Overview of the RAC Schema Extensions To provide the greatest flexibility in the multitude of customer environments, Dell provides a group of properties that can be configured by the user depending on the desired results. Dell has extended the schema to include an Association, Device, and Privilege property. The Association property is used to link together the users or groups with a specific set of privileges to one or more RAC devices.
Figure 6-1. Typical Setup for Active Directory Objects Association Object User(s) Group(s) Privilege Object RAC Device Object(s) RAC4 Privilege Object NOTE: The RAC privilege object applies to both DRAC 4 and DRAC 5. You can create as many or as few association objects as required.
When adding Universal Groups from separate domains, create an Association Object with Universal Scope. The Default Association objects created by the Dell Schema Extender Utility are Domain Local Groups and will not work with Universal Groups from other domains. Figure 6-2.
See "Adding DRAC 5 Users and Privileges to Active Directory" on page 150 for detailed instructions. Figure 6-3 provides an example of Active Directory objects in multiple domains. In this scenario, you have two DRAC 5 cards (RAC1 and RAC2) and three existing Active Directory users (user1, user2, and user3). User1 is in Domain1, and user2 and user 3 are in Domain2.
4 Create two Privilege Objects, Priv1 and Priv2, in which Priv1 has all privileges (administrator) and Priv2 has login privileges. 5 Group user1 and user2 into Group1. The group scope of Group1 must be Universal. 6 Add Group1 as Members in Association Object 1 (AO1), Priv1 as Privilege Objects in AO1, and RAC1, RAC2 as RAC Devices in AO1. 7 Add User3 as Members in Association Object 2 (AO2), Priv2 as Privilege Objects in AO2, and RAC2 as RAC Devices in AO2.
You can extend your schema using one of the following methods: • Dell Schema Extender utility • LDIF script file If you use the LDIF script file, the Dell organizational unit will not be added to the schema.
Table 6-1. Class Definitions for Classes Added to the Active Directory Schema Class Name Assigned Object Identification Number (OID) dellRacDevice 1.2.840.113556.1.8000.1280.1.1.1.1 dellAssociationObject 1.2.840.113556.1.8000.1280.1.1.1.2 dellRACPrivileges 1.2.840.113556.1.8000.1280.1.1.1.3 dellPrivileges 1.2.840.113556.1.8000.1280.1.1.1.4 dellProduct 1.2.840.113556.1.8000.1280.1.1.1.5 Table 6-2. dellRacDevice Class OID 1.2.840.113556.1.8000.1280.1.1.1.
Table 6-4. dellRAC4Privileges Class OID 1.2.840.113556.1.8000.1280.1.1.1.3 Description Used to define the privileges (Authorization Rights) for the DRAC 5 device. Class Type Auxiliary Class SuperClasses None Attributes dellIsLoginUser dellIsCardConfigAdmin dellIsUserConfigAdmin dellIsLogClearAdmin dellIsServerResetUser dellIsConsoleRedirectUser dellIsVirtualMediaUser dellIsTestAlertUser dellIsDebugCommandAdmin Table 6-5. dellPrivileges Class OID 1.2.840.113556.1.8000.1280.1.1.1.
Table 6-7. List of Attributes Added to the Active Directory Schema Attribute Name/Description Assigned OID/Syntax Object Identifier Single Valued dellPrivilegeMember 1.2.840.113556.1.8000.1280.1.1.2.1 FALSE List of dellPrivilege Objects that belong to this Attribute. Distinguished Name (LDAPTYPE_DN 1.3.6.1.4.1.1466.115.121.1.12) dellProductMembers 1.2.840.113556.1.8000.1280.1.1.2.2 FALSE List of dellRacDevices Objects Distinguished Name (LDAPTYPE_DN that belong to this role. This 1.3.6.1.4.1.
Table 6-7. List of Attributes Added to the Active Directory Schema (continued) Attribute Name/Description Assigned OID/Syntax Object Identifier Single Valued dellIsVirtualMediaUser 1.2.840.113556.1.8000.1280.1.1.2.9 TRUE TRUE if the user has Virtual Media rights on the device. Boolean (LDAPTYPE_BOOLEAN 1.3.6.1.4.1.1466.115.121.1.7) dellIsTestAlertUser 1.2.840.113556.1.8000.1280.1.1.2.10 TRUE if the user has Test Alert User rights on the device. Boolean (LDAPTYPE_BOOLEAN 1.3.6.1.4.1.1466.115.121.
Installing the Dell Extension to the Active Directory Users and Computers Snap-In When you extend the schema in Active Directory, you must also extend the Active Directory Users and Computers snap-in so the administrator can manage RAC (DRAC 5) devices, Users and User Groups, RAC Associations, and RAC Privileges.
4 Select the Active Directory Users and Computers snap-in and click Add. 5 Click Close and click OK. Adding DRAC 5 Users and Privileges to Active Directory Using the Dell-extended Active Directory Users and Computers snap-in, you can add DRAC 5 users and privileges by creating RAC, Association, and Privilege objects.
6 Right-click the privilege object that you created, and select Properties. 7 Click the RAC Privileges tab and select the privileges that you want the user to have (for more information, see Table 4-9). Creating an Association Object The Association Object is derived from a Group and must contain a Group Type. The Association Scope specifies the Security Group Type for the Association Object.
Click the Privilege Object tab to add the privilege object to the association that defines the user’s or user group’s privileges when authenticating to a RAC device. Only one privilege object can be added to an Association Object. Adding Privileges 1 Select the Privileges Object tab and click Add. 2 Type the Privilege Object name and click OK. Click the Products tab to add one or more RAC devices to the association.
8 In the Extended Schema Settings section: a Type the DRAC Name. This name must be the same as the common name of the new RAC object you created in your Domain Controller (see step 3 of "Creating a RAC Device Object" on page 150). b Type the DRAC Domain Name (for example, drac5.com). Do not use the NetBIOS name. The DRAC Domain Name is the fully qualified domain name of the sub-domain where the RAC Device Object is located. 9 Click Apply to save the Active Directory settings.
15 If Use DHCP (for NIC IP Address) is selected under Network Settings, then select Use DHCP to obtain DNS server address. To manually input a DNS server IP address, deselect Use DHCP to obtain DNS server addresses and type your primary and alternate DNS server IP addresses. 16 Click Apply Changes. The DRAC 5 Extended Schema Active Directory feature configuration is complete.
NOTE: If you use this option, the hostname in the CA certificate is not matched against the name of the specified server. This is particularly useful if you are a DRAC administrator because it enables you to enter a hostname as well as an IP address. After the Specify Server option is enabled, you can specify an LDAP server with an IP address or a fully qualified domain name of the server (FQDN). The FQDN consists of the hostname and the domain name of the server.
4 If DHCP is disabled on the DRAC 5 or you want manually to input your DNS IP address, type following racadm commands: racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 0 racadm config -g cfgLanNetworking -o cfgDNSServer1 racadm config -g cfgLanNetworking -o cfgDNSServer2 5 Press Enter to complete the DRAC 5 Active Directory feature configuration.
Figure 6-4. Configuration of DRAC 5 with Microsoft Active Directory and Standard Schema Configuration on DRAC 5 Side Configuration on Active Directory Side Role Group Name and Domain Name Role Group Role Definition User Table 6-8.
Table 6-8. Default Role Group Privileges (continued) Role Groups Default Permissions Granted Privilege Level Bit Mask Role Group 3 Guest User Login to DRAC 0x00000001 Role Group 4 None No assigned permissions 0x00000000 Role Group 5 None No assigned permissions 0x00000000 NOTE: The Bit Mask values are used only when setting Standard Schema with the RACADM. There are two ways to enable Standard Schema Active Directory: • With the DRAC 5 web-based user interface.
Configuring the DRAC 5 With Standard Schema Active Directory and Web-Based Interface 1 Open a supported Web browser window. 2 Log in to the DRAC 5 Web-based interface. 3 Expand the System tree and click Remote Access. 4 Click the Configuration tab and select Active Directory. 5 On the Active Directory Main Menu page, select Configure Active Directory and click Next. 6 In the Common Settings section: a Select the Enable Active Directory check box. b Type the Root Domain Name.
14 Click Go Back To Active Directory Configuration and Management. 15 Click Go Back To Active Directory Main Menu. 16 Upload your domain forest Root CA certificate into the DRAC 5. a Select the Upload Active Directory CA Certificate check-box and then click Next. b In the Certificate Upload page, type the file path of the certificate or browse to the certificate file. NOTE: The File Path value displays the relative file path of the certificate you are uploading.
Configuring the DRAC 5 With Standard Schema Active Directory and RACADM Using the following commands to configure the DRAC 5 Active Directory Feature with Standard Schema using the RACADM CLI instead of the Web-based interface.
Enabling SSL on a Domain Controller If you are using Microsoft Enterprise Root CA to automatically assign all your domain controllers to an SSL certificate, perform the following steps to enable SSL on each domain controller. 1 Install a Microsoft Enterprise Root CA on a Domain Controller. a Select Start→Control Panel→Add or Remove Programs. b Select Add/Remove Windows Components. c In the Windows Components Wizard, select the Certificate Services check box.
7 Select Computer account and click Next. 8 Select Local Computer and click Finish. 9 Click OK. 10 In the Console 1 window, expand the Certificates folder, expand the Personal folder, and click the Certificates folder. 11 Locate and right-click the root CA certificate, select All Tasks, and click Export... . 12 In the Certificate Export Wizard, click Next, and select No do not export the private key. 13 Click Next and select Base-64 encoded X.509 (.cer) as the format.
Importing the DRAC 5 Firmware SSL Certificate Use the following procedure to import the DRAC 5 firmware SSL certificate to all domain controller trusted certificate lists. NOTE: If your system is running Windows 2000, the following steps may vary. NOTE: If the DRAC 5 firmware SSL certificate is signed by a well-known CA, you are not required to perform the steps in this section. The DRAC 5 SSL certificate is the identical certificate used for the DRAC 5 Web server.
The login syntax is consistent for all three methods: or \ or / where username is an ASCII string of 1–256 bytes. White space and special characters (such as \, /, or @) cannot be used in the user name or the domain name. NOTE: You cannot specify NetBIOS domain names, such as Americas, as these names cannot be resolved. Frequently Asked Questions Table 6-9 lists frequently asked questions and answers. Table 6-9.
Table 6-9. Using DRAC 5 With Active Directory: Frequently Asked Questions (continued) Question Answer Can these Dell-extended objects (Dell Association Object, Dell RAC Device, and Dell Privilege Object) be in different domains? The Association Object and the Privilege Object must be in the same domain. The Dellextended Active Directory Users and Computers snap-in forces you to create these two objects in the same domain. Other objects can be in different domains.
Table 6-9. Using DRAC 5 With Active Directory: Frequently Asked Questions (continued) Question Answer What can I do if I cannot log into the DRAC 5 using Active Directory authentication? How do I troubleshoot the issue? 1 Ensure that you use the correct user domain name during a login and not the NetBIOS name. 2 If you have a local DRAC user account, log into the DRAC 5 using your local credentials.
Using the DRAC 5 With Microsoft Active Directory
Using GUI Console Redirection 7 This section provides information about using the DRAC 5 console redirection feature. Overview The DRAC 5 console redirection feature enables you to access the local console remotely in either graphic or text mode. Using console redirection, you can control one or more DRAC 5-enabled systems from one location. Today with the power of networking and the Internet, you do not have to sit in front of each server to perform all the routine maintenance.
Supported Screen Resolutions Refresh Rates on the Managed System Table 7-1 lists the supported screen resolutions and corresponding refresh rates for a console redirection session that is running on the managed system. Table 7-1.
3 Click the Console tab and then click Configuration. 4 In the Console Redirect Configuration page, use the information in Table 7-2 to configure your console redirection session and then click Apply Changes. Table 7-2. Console Redirection Configuration Page Information Information Description Enabled Checked = Enabled; Unchecked=Disabled Max Sessions Displays the number of console redirection sessions that are available. Active Sessions Displays the number of active console redirection sessions.
Opening a Console Redirection Session When you open a console redirection session, the Dell Virtual KVM Viewer Application starts and the remote system's desktop appears in the viewer. Using the Virtual KVM Viewer Application, you can control the system's mouse and keyboard functions from a local or remote management station. To open a console redirection session, perform the following steps: 1 On your management station, open a supported Web browser and log into the DRAC 5.
The buttons in Table 7-5 are available on the Console Redirection page. Table 7-5. Console Redirection Page Buttons Button Definition Refresh Reloads the Console Redirection Configuration page Connect Opens a console redirection session on the targeted remote system. Print Prints the Console Redirection Configuration page. 4 If a console redirection session is available, click Connect. NOTE: Multiple message boxes may appear after you launch the application.
4 If you want to enable (turn ON) local video on the server, in the Console Redirect Configuration page, select the Local Server Video Enabled check-box and then click Apply Changes. The default value is ON. 5 If you want to disable (turn OFF) local video on the server, in the Console Redirect Configuration page, deselect the Local Server Video Enabled checkbox and then click Apply Changes. The Console Redirection page displays the status of the Local Server Video.
Accessing the Viewer Menu Bar The viewer menu bar is a hidden menu bar. To access the menu bar, move your cursor near the top-center edge of the Viewer’s desktop window. Also, the menu bar can be activated by pressing the default function key . To reassign this function key to a new function, perform the following steps: 1 Press or move your mouse cursor to the top of the Video Viewer. 2 Press the "push pin" to lock the viewer menu bar.
Table 7-6. Viewer Menu Bar Selections (continued) Menu Item Item Description Macros Various keyboard shortcuts Executes a keystroke combination on the remote system. To connect your management station’s keyboard to the remote system and run a macro, perform the following steps: 1 Click Tools. 2 In the Session Options window, click the General tab. 3 Select Pass all keystrokes to target. 4 Click OK. 5 Click Macros. 6 In the Macros menu, click a keystroke combination to execute on the target system.
Table 7-6. Viewer Menu Bar Selections (continued) Menu Item Item Description Tools Automatic Video Adjust Recalibrates the session viewer video output. Manual Video Adjust Provides individual controls to manually adjust the session viewer video output. NOTE: Adjusting the horizontal position off-center desynchronizes the mouse pointers. Session Options Provides additional session viewer control adjustments.
Adjusting the Video Quality The Video Viewer provides video adjustments that allow you to optimize the video for the best possible view. Click Help for more information. To automatically adjust the video quality, perform the following steps: 1 Access the Viewer Menu Bar. See "Accessing the Viewer Menu Bar" on page 175. 2 Click Tools and select Automatic Video Adjust. The video quality is recalibrated, and the session viewer reappears.
3 Click the Mouse tab, select your management station’s operating system, and click OK. 4 Click Tools and select Manual Video Adjust. 5 Adjust the horizontal controls so the remote system’s desktop appears in the center of the session window. 6 Click OK. When using Linux (Red Hat® or Novell®), the operating system’s default mouse settings are used to control the mouse arrow in the DRAC 5 Console Redirection screen.
Table 7-7. Using Console Redirection: Frequently Asked Questions (continued) Question Answer Can the local user also turn ON the video? Yes, the user should have racadm CLI installed on the server and only if the user is able to get to the server over an RDP connection, like terminal services, telnet, or SSH. The user can then log on to the server and can run racadm (local) to turn ON the video.
Table 7-7. Using Console Redirection: Frequently Asked Questions (continued) Question Answer Why is it that sometimes I do not see the “Video OFF” or “Video OFF in 15” status on the server LCD screen? The local video status is a low-priority message and will get masked if a high priority server event has occurred. The LCD messages are based on priority; you must resolve any high-priority LCD messages and once that event is cleared or resolved, the next low priority message is displayed.
Table 7-7. Using Console Redirection: Frequently Asked Questions (continued) Question Answer During Console Redirection, the mouse became locked after coming back from hibernation on a Windows Server 2003 system. Why did this happen? To resolve this issue, select a different operating system than Windows for mouse acceleration from the virtual KVM (vKVM) window pull-down menu, wait 5 to 10 seconds, and then select Windows again.
Table 7-7. Using Console Redirection: Frequently Asked Questions (continued) Question Answer Why do I get a blank screen on the managed system in the Windows full screen DOS window? The managed system does not have the correct ATI video driver. You must update the video driver by using the Dell Systems Build and Update Utility CD or the Dell Systems Management Tools and Documentation DVD. Why can’t I enter BIOS setup by pressing the key? This behavior is typical in a Windows environment.
Table 7-7. Using Console Redirection: Frequently Asked Questions (continued) Question Answer Why doesn’t the mouse sync in DOS when performing Console Redirection? The Dell BIOS is emulating the mouse driver as a PS/2 mouse. By design, the PS/2 mouse uses relative position for the mouse pointer, which causes the lag in syncing. DRAC 5 has a USB mouse driver, which allows absolute position and closer tracking of the mouse pointer.
Table 7-7. Using Console Redirection: Frequently Asked Questions (continued) Question Answer Why can't I use a keyboard or mouse while installing a Microsoft® operating system remotely by using DRAC5 Console Redirection? When you remotely install a supported Microsoft operating system on a system with Console Redirection enabled in the BIOS, you receive an EMS Connection Message that requires that you select OK before you can continue. You cannot use the mouse to select OK remotely.
Table 7-7. Using Console Redirection: Frequently Asked Questions (continued) Question Answer If I am running a console redirection session and a local user accesses the remote system, do I receive a warning message? No. If a local user accesses the system, he/she can override your actions with no warning. How much Dell recommends a 5 MB/sec connection for good bandwidth do I need performance. A 1 MB/sec connection is required for to run a console minimal performance.
Using and Configuring Virtual Media 8 Overview The Virtual Media feature provides the managed system with a virtual CD drive, which can use standard media from anywhere on the network. Figure 8-1 shows the overall architecture of virtual media. Figure 8-1.
The managed system is configured with a DRAC 5 card. The virtual CD and floppy drives are two electronic devices embedded in the DRAC 5 that are controlled by the DRAC 5 firmware. These two devices are present on the managed system’s operating system and BIOS at all times, whether virtual media is connected or disconnected. The management station provides the physical media or image file across the network.
Installing the Virtual Media Plug-In The virtual media browser plug-in must be installed on your management station to use the virtual media feature. After you open the DRAC 5 user interface and launch the Virtual Media page, the browser automatically downloads the plug-in, if required. If the plug-in is successfully installed, the Virtual Media page displays a list of floppy diskettes and optical disks that connect to the virtual drive.
Running Virtual Media NOTICE: Do not issue a racreset command when running a Virtual Media session. Otherwise, undesired results may occur, including loss of data. Using Virtual Media, you can "virtualize" a diskette image or drive, enabling a floppy image, floppy drive, or optical drive on your management console to become an available drive on the remote system. Supported Virtual Media Configurations You can enable Virtual Media for one floppy drive and one optical drive.
4 If prompted, follow the on-screen instructions to install the virtual media plug-in. 5 In the Attribute box, perform the following steps: a In the Value column, ensure that the Attach/Detach status value is Attached. If the value is Detached, perform the following steps: • In the Media tab, click Configuration. • In the Value column, ensure that the Attach Virtual Media checkbox is selected. • Click Apply Changes. • In the Virtual Media tab, click Virtual Media.
6 If you are virtualizing a floppy image or ISO image, select Floppy Image File or ISO Image File and enter or browse to the image file you want to virtualize. If you are virtualizing a floppy drive or an optical drive, select the button next to the drives that you want to virtualize. 7 Click Connect. If the connection is authenticated, the connection status becomes Connected and a list of all connected drives is displayed.
also specify the Virtual Media Port Number and the Virtual Media SSL Port Number. In addition, you can enable or disable the Virtual Flash and the Boot Once feature.
4 Ensure that the virtual drive is enabled and listed as the first device with bootable media. If required, follow the on-screen instructions to modify the boot order. 5 Save the changes and exit. The managed system reboots. The managed system attempts to boot from a bootable device based on the boot order. If virtual device is connected and a bootable media is present, the system boots to the virtual device. Otherwise, the system overlooks the device—similar to a physical device without bootable media.
Linux-Based Systems On Linux systems, the virtual media drives are not configured with a drive letter. Depending on the software installed on your system, the virtual media drives may not be automounted. If your drives are not automounted, manually mount the drives. Using Virtual Flash The DRAC 5 provides persistent Virtual Flash—16 MB of flash memory that resides in the DRAC 5 file system that can be used for persistent storage and accessed by the system.
Disabling Virtual Flash To disable Virtual Flash, open a command prompt, type the following command, and press : racadm config -gcfgRacVirtual -o cfgVirMediaKeyEnable 0 Storing Images in a Virtual Flash The Virtual Flash can be formatted from the managed host. If you are running the Windows operating system, right-click the drive icon and select Format. If you are running Linux, system tools such as format and fdisk allow you to partition and format the USB.
Using the Virtual Media Command Line Interface Utility The Virtual Media Command Line Interface (VM-CLI) utility is a scriptable command-line interface that provides virtual media features from the management station to the DRAC 5 in the remote system. The VM-CLI utility provides the following features: • Supports multiple, simultaneously-active sessions. NOTE: When virtualizing read-only image files, multiple sessions may share the same image media.
Utility Installation The VM-CLI utility is located on the Dell Systems Console and Agent CD, which is included with your Dell OpenManage System Management Software Kit. To install the utility, insert the Systems Console and Agent CD into your system’s CD drive and follow the on-screen instructions. The Systems Console and Agent CD contains the latest systems management software products, including diagnostics, storage management, remote access service, and the RACADM utility.
VM-CLI Parameters DRAC 5 IP Address -r [:] where is a valid, unique IP address or the DRAC 5 Dynamic Domain Naming System (DDNS) name (if supported). This parameter provides the DRAC 5 IP address and SSL port. The VM-CLI utility needs this information to establish a Virtual Media connection with the target DRAC 5. If you enter an invalid IP address or DDNS name, an error message appears and the command is terminated.
where is a valid drive letter (for Windows systems) or a valid device file name, including the mountable file system partition number, if applicable (for Linux systems); and is the filename and path of a valid image file. This parameter specifies the device or file to supply the virtual floppy/disk media. For example, an image file is specified as: -f c:\temp\myfloppy.img (Windows system) -f /tmp/myfloppy.
For example, a device is specified as: -c d:\ (Windows systems) -c /dev/cdrom (Linux systems) Additionally, omit this parameter from the command line if you are not virtualizing CD/DVD media. If an invalid value is detected, an error message is listed and the command terminates. Specify at least one media type (floppy or CD/DVD drive) with the command, unless only switch options are provided. Otherwise, an error message displays and the command terminates and generates an error.
VM-CLI Operating System Shell Options The following operating system features can be used in the VM-CLI command line: • stderr/stdout redirection — Redirects any printed utility output to a file. For example, using the greater-than character (>) followed by a filename overwrites the specified file with the printed output of the VM-CLI utility. NOTE: The VM-CLI utility does not read from standard input (stdin). As a result, stdin redirection is not required.
Frequently Asked Questions Table 8-2 lists frequently asked questions and answers. Table 8-2. Using Virtual Media: Frequently Asked Questions Question Answer Sometimes, I notice my Virtual Media client connection drop. Why? When a network time-out occurs, the DRAC 5 firmware drops the connection, disconnecting the link between the server and the Virtual Drive. To reconnect to the Virtual Drive, use the Virtual Media feature.
Table 8-2. Using Virtual Media: Frequently Asked Questions (continued) Question Answer What do I do if Windows 2000 with Service Pack 4 fails to install properly? If you use Virtual Media and the Windows 2000 operating system CD to install Windows 2000 with Service Pack 4, your system may momentarily lose its connection to the CD drive during the installation procedure, and the operating system may fail to install properly. To fix this issue, download the file usbstor.
Table 8-2. Using Virtual Media: Frequently Asked Questions (continued) Question Answer An installation of the Windows If you are installing the Windows operating operating system seems to take too system using the Dell Systems Build and long. Why? Update Utility CD or the Dell Systems Management Tools and Documentation DVD and have a slow network connection, the installation procedure may require an extended amount of time to access the DRAC 5 Web-based interface due to network latency.
Table 8-2. Using Virtual Media: Frequently Asked Questions (continued) Question Answer How can I make my USB key bootable? Only USB keys with Windows 98 DOS can boot from the Virtual Floppy. To configure your own bootable USB key, boot to a Windows 98 startup disk and copy system files from the startup disk to your USB key. For example, from the DOS prompt, type the following command: sys a: x: /s where "x:" is the USB key you want to make bootable.
Table 8-2. Using Virtual Media: Frequently Asked Questions (continued) Question Answer I cannot locate my Virtual Floppy device on a system running Red Hat Enterprise Linux or the SUSE Linux operating System. My Virtual Media is attached and I am connected to my remote floppy. What should I do? Some Linux versions do not automount the Virtual Floppy Drive and the Virtual CD drive in a similar manner.
Table 8-2. Using Virtual Media: Frequently Asked Questions (continued) Question Answer What file system types are supported on my Virtual Floppy Drive or Virtual Flash? Your Virtual Floppy Drive or Virtual Flash supports FAT16 or FAT32 file systems. When I performed a firmware update remotely using the DRAC 5 Web-based interface, my virtual drives at the server were removed. Why? Firmware updates cause the DRAC 5 to reset, drop the remote connection, and unmount the virtual drives.
9 Using the RACADM Command Line Interface The serial/telnet/ssh console provides a set of racadm commands. The racadm commands provide access to the text-based features supported by the DRAC 5 Web-based interface. RACADM enables you to locally or remotely configure and manage your DRAC 5. RACADM runs on the management station and the managed system. RACADM is included on the Dell Systems Console and Agent CD. You can use RACADM to write scripts to automatically configure multiple DRAC 5s.
Starting a Text Console After you have logged into the DRAC 5 through your management station terminal software with telnet or SSH, you can redirect the managed system text console by using connect com2, which is a telnet/SSH command. Only one connect com2 client is supported at a time.
Without options, the racadm command displays general use information. Type racadm help to display a list of all available subcommands. Type racadm help to list any syntax and command-line options for the subcommand. The following sections provide information about how to use the racadm commands. Using RACADM Remotely NOTE: Configure the IP address on your DRAC 5 before using the racadm remote capability.
RACADM Synopsis racadm -r -u -p racadm -i -r For example: racadm -r 192.168.0.120 -u root -p calvin getsysinfo racadm -i -r 192.168.0.
Enabling and Disabling the racadm Remote Capability NOTE: It is recommended that you run these commands on your local system. The racadm remote capability is enabled by default. If disabled, type the following racadm command to enable: racadm config -g cfgRacTuning -o cfgRacTuneRemoteRacadmEnable 1 To disable the remote capability, type: racadm config -g cfgRacTuning -o cfgRacTuneRemoteRacadmEnable 0 RACADM Subcommands Table 9-2 provides a description of each racadm subcommand that you can run in RACADM.
Table 9-2. RACADM Subcommands (continued) Command Description fwupdate Executes or displays status on DRAC 5 firmware updates. getssninfo Displays information about active sessions. getsysinfo Displays general DRAC 5 and system information. getractime Displays the DRAC 5 time. ifconfig Displays the current RAC IP configuration. netstat Displays the routing table and the current connections.
RACADM Error Messages For information about racadm CLI error messages, see "Frequently Asked Questions" on page 226. Configuring Multiple DRAC 5 Cards Using RACADM, you can configure one or more DRAC 5 cards with identical properties. When you query a specific DRAC 5 card using its group ID and object ID, RACADM creates the racadm.cfg configuration file from the retrieved information.
The getconfig -f racadm.cfg subcommand requests the DRAC 5 configuration and generates the racadm.cfg file. If required, you can configure the file with another name. You can use the getconfig command to enable you to perform the following actions: • Display all configuration properties in a group (specified by group name and index) • Display all configuration properties for a user by user name The config subcommand loads the information into other DRAC 5s.
The .cfg file is first parsed to verify that valid group and object names are present and that some simple syntax rules are being followed. Errors are flagged with the line number that detected the error, and a simple message explains the problem. The entire file is parsed for correctness, and all errors are displayed. Write commands are not transmitted to the DRAC 5 if an error is found in the .cfg file. The user must correct all errors before any configuration can take place.
Parsing Rules • All lines that start with '#' are treated as comments. A comment line must start in column one. A '#' character in any other column is treated as a # character. Some modem parameters may include # characters in its string. An escape character is not required. You may want to generate a .cfg from a racadm getconfig -f .cfg command, and then perform a racadm config -f .cfg command to a different DRAC 5, without adding escape characters.
'=' is taken as is (for example, a second '=', or a '#', '[', ']', and so forth). These characters are valid modem chat script characters. See the example in the previous bullet. • The .cfg parser ignores an index object entry. The user cannot specify which index is used. If the index already exists, it is either used or the new entry is created in the first available index for that group. The racadm getconfig -f .
Modifying the DRAC 5 IP Address When you modify the DRAC 5 IP address in the configuration file, remove all unnecessary =value entries. Only the actual variable group’s label with "[" and "]" remains, including the two =value entries pertaining to the IP address change. For example: # # Object Group "cfgLanNetworking" # [cfgLanNetworking] cfgNicIpAddress=10.35.10.110 cfgNicGateway=10.35.10.
Using the RACADM Utility to Configure the DRAC 5 NOTE: You must be logged in as user root to execute RACADM commands on a remote Linux system. The DRAC 5 Web-based interface is the quickest way to configure a DRAC 5. If you prefer command-line or script configuration or need to configure multiple DRAC 5s, use RACADM, which is installed with the DRAC 5 agents on the managed system.
NOTE: You can also type racadm getconfig -f and view or edit the myfile.cfg file, which includes all DRAC 5 configuration parameters. Several parameters and object IDs are displayed with their current values. Two objects of interest are: # cfgUserAdminIndex=XX cfgUserAdminUserName= If the cfgUserAdminUserName object has no value, that index number, which is indicated by the cfgUserAdminIndex object, is available for use. If a name appears after the "=", that index is taken by that user name.
racadm config -g cfgUserAdmin -i 2 -o cfgUserAdminEnable 1 To verify, use one of the following commands: racadm getconfig -u john racadm getconfig –g cfgUserAdmin –i 2 Removing a DRAC 5 User When using RACADM, users must be disabled manually and on an individual basis. Users cannot be deleted by using a configuration file.
Before you test the RAC SNMP trap alerting feature, ensure that the SNMP and trap settings are configured correctly. See "testtrap" on page 285 and "testemail" on page 284 subcommand descriptions to configure these settings. Enabling a DRAC 5 User With Permissions To enable a user with specific administrative permissions (role-based authority), first locate an available user index by performing the steps in "Before You Begin" on page 221.
racadm config -g cfgLanNetworking -o cfgNicGateway 192.168.0.120 racadm config -g cfgLanNetworking -o cfgNicUseDHCP 0 racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 0 racadm config -g cfgLanNetworking -o cfgDNSServer1 192.168.0.5 racadm config -g cfgLanNetworking -o cfgDNSServer2 192.168.0.
Table 9-3. DRAC 5 NIC Configurations Mode Description Dedicated The DRAC uses its own NIC (RJ-45 connector) and the BMC MAC address for network traffic. Shared The DRAC uses Broadcom LOM1 on the planar. Shared with failover The DRAC uses Broadcom LOM1 and LOM2 as a team for failover. The team uses the BMC MAC address. Frequently Asked Questions Table 9-4 lists the frequently asked questions and answers. Table 9-4.
10 Deploying Your Operating System Using VM-CLI The Virtual Media Command Line Interface (VM-CLI) utility is a command-line interface that provides Virtual Media features from the management station to the DRAC 5 in the remote system. Using VM-CLI and scripted methods, you can deploy your operating system on multiple remote systems in your network. This section provides information on integrating the VM-CLI utility into your corporate network.
Network Requirements A network share must contain the following components: • Operating system files • Required drivers • Operating system boot image file(s) The image file must be a floppy image or CD/DVD ISO image with an industry-standard, bootable format. Creating a Bootable Image File Before you deploy your image file to the remote systems, ensure that a supported system can boot from the file.
Preparing for Deployment Configuring the Remote Systems 1 Create a network share that can be accessed by the management station. 2 Copy the operating system files to the network share. 3 If you have a bootable, preconfigured deployment image file to deploy the operating system to the remote systems, skip this step. If you do not have a bootable, preconfigured deployment image file, create the file.
The following procedure provides a high-level overview for deploying the operating system on targeted remote systems. 1 Identify the remote systems that will be deployed. 2 Record the DRAC 5 names and IP addresses of the targeted remote systems.
Using the DRAC 5 SM-CLP Command Line Interface 11 This section provides information about the Server Management Workgroup (SMWG) Server Management-Command Line Protocol (SM-CLP) that is incorporated in the DRAC 5. NOTE: This section assumes that you are familiar with the Systems Management Architecture for Server Hardware (SMASH) Initiative and the SMWG SM-CLP specifications. For more information on these specifications, see the Distributed Management Task Force (DMTF) website at www.dmtf.org.
Table 11-1. Supported CLI Verbs Verb Definition cd Navigates through the MAP using the shell. delete Deletes an object instance. help Displays help for a specific target. reset Resets the target. show Displays the target properties, verbs, and subtargets. start Turns on a target. stop Shuts down a target. exit Exits from the SM-CLP shell session. version Displays the version attributes of a target.
Table 11-2. SM-CLP Targets Target Definition /system1 The managed system target. /system1/logs1 The log collections target /system1/logs1/log1 The System Event Log (SEL) target on the managed system. /system1/logs1/log1/ record1 An individual SEL record instance on the managed system. Options Table 11-3 lists the supported SM-CLP options. Table 11-3. Supported SM-CLP Options SM-CLP Option Description -all Instructs the verb to perform all possible functions.
Server Power Management Table 11-4 provides examples of using SM-CLP to perform power management operations on a managed system. Table 11-4. Server Power Management Operations Operation Syntax Logging into the RAC using the telnet/SSH interface >ssh 192.168.0.120 >login: root >password: Starting the SMCLP management shell >smclp DRAC5 SM-CLP System Management Shell, version 1.0 Copyright (c) 2004-2006 Dell, Inc.
Table 11-5.
Table 11-5. SEL Management Operations (continued) Operation Syntax Viewing the SEL record ->show /system1/logs1/log1/record4 /system1/logs1/log1/record4 Properties: LogCreationClassName CreationClassName LogName RecordID MessageTimeStamp 000 Description detected a failure ElementName = = = = = CIM_RecordLog CIM_LogRecord IPMI SEL 1 20050620100512.
Table 11-6. Map Target Navigation Operations (continued) Operation Syntax Navigate to the SEL ->cd system1 target and display the ->cd logs1/log1 log records ->show ->cd system1/logs1/log1 ->show Display current target ->cd . Move up one level ->cd ..
Table 11-7. System Properties (continued) Object Property Description NameFormat Identifies the method by which the Name is generated. Values: Other, IP, Dial, HID, NWA, HWA, X25, ISDN, IPX, DCC, ICD, E.164, SNA, OID/OSI, WWN, NAA Dedicated Enumeration indicating whether the system is a special-purpose system or general-purpose system.
Table 11-7. Object System Properties (continued) Property Description 16=File Server 17=Mobile User Device, 18=Repeater 19=Bridge/Extender 20=Gateway 21=Storage Virtualizer 22=Media Library 23=Extender Node 24=NAS Head 25=Self-Contained NAS 26=UPS 27=IP Phone 28=Management Controller 29=Chassis Manager ResetCapability Defines the reset methods available on the system Values: 1=Other 2=Unknown 3=Disabled 4=Enabled 5=Not Implemented CreationClassName The superclass from which this instance is derived.
Table 11-7. System Properties (continued) Object Property Description EnabledState Indicates the enabled/disabled states of the system. Values: 0=Unknown 1=Other 2=Enabled 3=Disabled 4=Shutting Down 5=Not Applicable 6=Enabled but Offline 7=In Test 8=Deferred 9=Quiesce 10=Starting EnabledDefault Indicates the default startup configuration for the enabled state of the system. By default, the system is "Enabled" (value= 2).
Table 11-7. Object System Properties (continued) Property Description RequestedState Indicates the last requested or desired state for the system. Values: 2=Enabled 3=Disabled 4=Shut Down 5=No Change 6=Offline 7=Test 8=Deferred 9=Quiesce 10=Reboot 11=Reset 12=Not Applicable HealthState Indicates the current health of the system.
Table 11-7. System Properties (continued) Object Property Description OperationalStatus Indicates the current status of the system. Values: 0=Unknown 1=Other 2=OK 3=Degraded 4=Stressed 5=Predictive Failure 6=Error 7=Non-Recoverable Error 8=Starting 9=Stopping 10=Stopped 11=In Service 12=No Contact 13=Lost Communication 14=Aborted 15=Dormant 16=Supporting Entity in Error 17=Completed 18=Power Mode Description 242 A text-based description of the system.
Troubleshooting 12 Troubleshooting the DRAC 5 See the following tables for help with troubleshooting the DRAC 5 and the RACADM: Table 6-9, "Using DRAC 5 With Active Directory: Frequently Asked Questions" on page 165 Table 7-7, "Using Console Redirection: Frequently Asked Questions" on page 179 Table 8-2, "Using Virtual Media: Frequently Asked Questions" on page 203 Table 9-4, "Using the serial and racadm Commands: Frequently Asked Questions" on page 226 Troubleshooting 243
Troubleshooting
A RACADM Subcommand Overview This section provides descriptions of the subcommands that are available in the RACADM command line interface. help NOTE: To use this command, you must have Log In DRAC 5 permission. Table A-1 describes the help command. Table A-1. Help Command Command Definition help Lists all of the subcommands available to use with racadm and provides a short description for each.
arp NOTE: To use this command, you must have Execute Diagnostic Commands permission. Table A-2 describes the arp command. Table A-2. arp Command Command Definition arp Displays the contents of the ARP table. ARP table entries may not be added or deleted. Synopsis racadm arp Supported Interfaces • Remote RACADM • telnet/ssh/serial RACADM clearasrscreen NOTE: To use this command, you must have Clear Logs permission. Table A-3 describes the clearasrscreen subcommand. Table A-3.
config NOTE: To use the getconfig command, you must have Log In DRAC 5 permission. Table A-4 describes the config and getconfig subcommands. Table A-4. config/getconfig Subcommand Definition config Configures the DRAC 5. getconfig Gets the DRAC 5 configuration data.
Table A-5. config Subcommand Options and Descriptions Option Description -f The -f option causes config to read the contents of the file specified by and configure the DRAC 5. The file must contain data in the format specified in "Parsing Rules" on page 218. -p The -p, or password option, directs config to delete the password entries contained in the config file -f after the configuration is complete.
Examples • racadm config -g cfgLanNetworking -o cfgNicIpAddress 10.35.10.100 Sets the cfgNicIpAddress configuration parameter (object) to the value 10.35.10.110. This IP address object is contained in the group cfgLanNetworking. • racadm config -f myrac.cfg Configures or reconfigures the DRAC 5. The myrac.cfg file may be created from the getconfig command. The myrac.cfg file may also be edited manually as long as the parsing rules are followed. NOTE: The myrac.
Table A-6. getconfig Subcommand Options Option Description -f The -f option directs getconfig to write the entire RAC configuration to a configuration file. This file can be used for batch configuration operations using the config subcommand. NOTE: The -f option does not create entries for the cfgIpmiPet and cfgIpmiPef groups. You must set at least one trap destination to capture the cfgIpmiPet group to the file.
If errors are not encountered, this subcommand displays the contents of the specified configuration. Examples • racadm getconfig -g cfgLanNetworking Displays all of the configuration properties (objects) that are contained in the group cfgLanNetworking. • racadm getconfig -f myrac.cfg Saves all group configuration objects from the RAC to myrac.cfg. • racadm getconfig -h Displays a list of the available configuration groups on the DRAC 5.
Table A-7 describes the coredump subcommand. Table A-7. coredump Subcommand Definition coredump Displays the last DRAC 5 core dump. Synopsis racadm coredump Description The coredump subcommand displays detailed information related to any recent critical issues that have occurred with the RAC. The coredump information can be used to diagnose these critical issues.
Table A-8. coredumpdelete Subcommand Definition coredumpdelete Deletes the core dump stored in the DRAC 5. Synopsis racadm coredumpdelete Description The coredumpdelete subcommand can be used to clear any currently resident coredump data stored in the RAC. NOTE: If a coredumpdelete command is issued and a coredump is not currently stored in the RAC, the command will display a success message. This behavior is expected. See the coredump subcommand for more information on viewing a coredump.
Synopsis racadm fwupdate -s racadm fwupdate -g -u -a -d racadm fwupdate -p -u -d Description The fwupdate subcommand allows users to update the firmware on the DRAC 5.
Table A-10. fwupdate Subcommand Options (continued) Option Description -g The get option instructs the firmware to get the firmware update file from the TFTP server. The user must also specify the -a and -d options. In the absence of the -a option, the defaults are read from properties contained in the group cfgRemoteHosts, using properties cfgRhostsFwUpdateIpAddr and cfgRhostsFwUpdatePath. -a The IP Address option specifies the IP address of the TFTP server.
• racadm fwupdate -p -u -d c:\ In this example, the firmware image for the update is provided by the host’s file system. • racadm -r 192.168.0.120 -u root -p racpassword fwupdate -g -u -a 192.168.0.120 -d In this example, RACADM is used to remotely update the firmware of a specified DRAC using the provided DRAC username and password. The image is retrieved from a TFTP server. NOTE: The -p option is not supported in the Remote RACADM interface for the fwupdate subcommand.
Supported Interfaces • Local RACADM • Remote RACADM • telnet/ssh/serial RACADM Input Table A-12 describes the getssninfo subcommand options. Table A-12. getssninfo Subcommand Options Option Description -A The -A option eliminates the printing of data headers. -u The -u user name option limits the printed output to only the detail session records for the given user name. If an "*" symbol is given as the user name, all users are listed.
getsysinfo NOTE: To use this command, you must have Log In To DRAC 5 permission. Table A-14 describes the racadm getsysinfo subcommand. Table A-14. getsysinfo Command Definition getsysinfo Displays DRAC 5 information, system information, and watchdog status information. Synopsis racadm getsysinfo [-d] [-s] [-w] [-A] Description The getsysinfo subcommand displays information related to the RAC, managed system, and watchdog configuration.
Output The getsysinfo subcommand displays information related to the RAC, managed system, and watchdog configuration. Sample Output RAC Information: RAC Date/Time Firmware Version Firmware Build Last Firmware Update = = = = Thu Dec 8 20:01:33 2005 1.0 05.12.
Watchdog Information: Recovery Action Present countdown value Initial countdown value = None = 0 seconds = 0 seconds Examples • racadm getsysinfo -A -s "System Information:" "PowerEdge 2900" "A08" "1.0" "EF23VQ-0023" "Hostname" "Microsoft Windows 2000 version 5.0, Build Number 2195, Service Pack 2" "ON" • racadm getsysinfo -w -s System Information: System Model System BIOS Version BMC Firmware Version Service Tag Host Name OS Name 2003 Power Status = = = = = = PowerEdge 2900 0.2.3 0.
getractime NOTE: To use this command, you must have Log In DRAC 5 permission. Table A-16 describes the getractime subcommand. Table A-16. getractime Subcommand Definition getractime Displays the current time from the remote access controller. Synopsis racadm getractime [-d] Description With no options, the getractime subcommand displays the time in a common readable format. With the -d option, getractime displays the time in the format, yyyymmddhhmmss.
ifconfig NOTE: To use this command, you must have Execute Diagnostic Commands or Configure DRAC 5 permission. Table A-17 describes the ifconfig subcommand. Table A-17. ifconfig Subcommand Definition ifconfig Displays the contents of the network interface table. Synopsis racadm ifconfig netstat NOTE: To use this command, you must have Execute Diagnostic Commands permission. Table A-18 describes the netstat subcommand. Table A-18.
ping NOTE: To use this command, you must have Execute Diagnostic Commands or Configure DRAC 5 permission. Table A-19 describes the ping subcommand. Table A-19. ping Subcommand Definition ping Verifies that the destination IP address is reachable from the DRAC 5 with the current routing-table contents. A destination IP address is required. An ICMP echo packet is sent to the destination IP address based on the current routing-table contents.
Synopsis racadm setniccfg -d racadm setniccfg -s [ ] racadm setniccfg -o [ ] Description The setniccfg subcommand sets the controller IP address. • The -d option enables DHCP for the Ethernet management port (default is DHCP enabled). • The -s option enables static IP settings. The IP address, netmask, and gateway can be specified. Otherwise, the existing static settings are used.
getniccfg NOTE: To use the getniccfg command, you must have Log In To DRAC 5 permission. Table A-21 describes the setniccfg and getniccfg subcommands. Table A-21. setniccfg/getniccfg Subcommand Definition getniccfg Displays the current IP configuration for the controller. Synopsis racadm getniccfg Description The getniccfg subcommand displays the current Ethernet management port settings.
getsvctag NOTE: To use this command, you must have Log In To DRAC 5 permission. Table A-22 describes the getsvctag subcommand. Table A-22. getsvctag Subcommand Definition getsvctag Displays a service tag. Synopsis racadm getsvctag Description The getsvctag subcommand displays the service tag of the host system. Example Type getsvctag at the command prompt. The output is displayed as follows: Y76TP0G The command returns 0 on success and nonzero on errors.
racdump NOTE: To use this command, you must have Debug permission. Table A-23 describes the racdump subcommand. Table A-23. racdump Subcommand Definition racdump Displays status and general DRAC 5 information. Synopsis racadm racdump Description The racdump subcommand provides a single command to get dump, status, and general DRAC 5 board information.
racreset NOTE: To use this command, you must have Configure DRAC 5 permission. Table A-24 describes the racreset subcommand. Table A-24. racreset Subcommand Definition racreset Resets the DRAC 5. NOTICE: When you issue a racreset subcommand, the DRAC may require up to one minute to return to a usable state. Synopsis racadm racreset [hard | soft] Description The racreset subcommand issues a reset to the DRAC 5. The reset event is written into the DRAC 5 log.
Examples • racadm racreset Start the DRAC 5 soft reset sequence. • racadm racreset hard Start the DRAC 5 hard reset sequence. Supported Interfaces • Local RACADM • Remote RACADM • telnet/ssh/serial RACADM racresetcfg NOTE: To use this command, you must have Configure DRAC 5 permission. Table A-26 describes the racresetcfg subcommand. Table A-26. racresetcfg Subcommand Definition racresetcfg Resets the entire RAC configuration to factory default values.
Description The racresetcfg command removes all database property entries that have been configured by the user. The database has default properties for all entries that are used to restore the card back to its original default settings. After resetting the database properties, the DRAC 5 resets automatically. NOTICE: This command deletes your current RAC configuration and resets the RAC and serial configuration to the original default settings.
Table A-28. serveraction Subcommand Options String Definition Specifies the action. The options for the string are: • powerdown — Powers down the managed system. • powerup — Powers up the managed system. • powercycle — Issues a power-cycle operation on the managed system. This action is similar to pressing the power button on the system’s front panel to power down and then power up the system.
Synopsis racadm getraclog -i racadm getraclog [-A] [-o] [-c count] [-s startrecord] [-m] Description The getraclog -i command displays the number of entries in the DRAC 5 log. The following options allow the getraclog command to read entries: • -A — Displays the output with no headers or labels. • -c — Provides the maximum count of entries to be returned. • -m — Displays one screen of information at a time and prompts the user to continue (similar to the UNIX more command).
clrraclog NOTE: To use this command, you must have Clear Logs permission. Synopsis racadm clrraclog Description The clrraclog subcommand removes all existing records from the RAC log. A new single record is created to record the date and time when the log was cleared. getsel NOTE: To use this command, you must have Log In To DRAC 5 permission. Table A-30 describes the getsel command. Table A-30. getsel Command Definition getsel -i Displays the number of entries in the System Event Log.
-s — Specifies the starting record used for the display -E — Places the 16 bytes of raw SEL at the end of each line of output as a sequence of hex values. -R — Only the raw data is printed. -m — Displays one screen at a time and prompts the user to continue (similar to the UNIX more command). NOTE: If no arguments are specified, the entire log is displayed. Output The default output display shows the record number, timestamp, severity, and description.
Supported Interfaces • Local RACADM • Remote RACADM • telnet/ssh/serial RACADM gettracelog NOTE: To use this command, you must have Log In To DRAC 5 permission. Table A-31 describes the gettracelog subcommand. Table A-31. gettracelog Command Definition gettracelog -i Displays the number of entries in the DRAC 5 trace log. gettracelog Displays the DRAC 5 trace log.
Output The default output display shows the record number, timestamp, source, and description. The timestamp begins at midnight, January 1 and increases until the system boots. After the system boots, the system’s timestamp is used. For example: Record: 1 Date/Time: Dec Source: ssnmgrd[175] 8 08:21:30 Description: root from 143.166.157.
Description The sslcsrgen subcommand can be used to generate a CSR and download the file to the client’s local file system. The CSR can be used for creating a custom SSL certificate that can be used for SSL transactions on the RAC. Options NOTE: The -f option is not supported for the serial/telnet/ssh console. Table A-33 describes the sslcsrgen subcommand options. Table A-33. sslcsrgen Subcommand Options Option Description -g Generates a new CSR.
Examples racadm sslcsrgen -s or racadm sslcsrgen -g -f c:\csr\csrtest.txt Supported Interfaces • Local RACADM • Remote RACADM • telnet/ssh/serial RACADM sslcertupload NOTE: To use this command, you must have Configure DRAC 5 permission. Table A-34 describes the sslcertupload subcommand. Table A-34. sslcertupload Subcommand Description sslcertupload Uploads a custom SSL server or CA certificate from the client to the RAC.
The sslcertupload command returns 0 when successful and returns a nonzero number when unsuccessful. Restrictions The sslcertupload subcommand can only be executed from a local or remote RACADM client. The sslcsrgen subcommand cannot be used in the serial, telnet, or SSH interface. Example racadm sslcertupload -t 1 -f c:\cert\cert.txt Supported Interfaces • Local RACADM • Remote RACADM sslcertdownload NOTE: To use this command, you must have Configure DRAC 5 permission.
Options Table A-37 describes the sslcertdownload subcommand options. Table A-37. sslcertdownload Subcommand Options Option Description -t Specifies the type of certificate to download, either the Microsoft® Active Directory® certificate or server certificate. 1 = server certificate 2 = Microsoft Active Directory certificate -f Specifies the file name of the certificate to be uploaded. If the -f option or the filename is not specified, the sslcert file in the current directory is selected.
sslcertview NOTE: To use this command, you must have Configure DRAC 5 permission. Table A-38 describes the sslcertview subcommand. Table A-38. sslcertview Subcommand Description sslcertview Displays the SSL server or CA certificate that exists on the RAC. Synopsis racadm sslcertview -t [-A] Options Table A-39 describes the sslcertview subcommand options. Table A-39.
Organizational Unit (OU) Common Name (CN) : Remote Access Group : DRAC5 default certificate Issuer Information: Country Code (CC) State (S) Locality (L) Organization (O) Organizational Unit (OU) Common Name (CN) : : : : : : Valid From Valid To : Jul : Jul racadm sslcertview -t 1 -A 00 US Texas Round Rock Dell Inc. Remote Access Group DRAC5 default certificate US Texas Round Rock Dell Inc.
sslkeyupload NOTE: To use this command, you must have Configure DRAC 5 permission. Table A-40 describes the sslkeyupload subcommand. Table A-40. sslkeyupload Subcommand Description sslkeyupload Uploads SSL key from the client to the DRAC 5. Synopsis racadm sslkeyupload -t [-f ] Options Table A-41 describes the sslkeyupload subcommand options. Table A-41. sslkeyupload Subcommand Options Option Description -t Specifies the key to upload.
Supported Interfaces • Local RACADM • Remote RACADM testemail Table A-42 describes the testemail subcommand. Table A-42. testemail configuration Subcommand Description testemail Tests the RAC’s e-mail alerting feature. Synopsis racadm testemail -i Description Sends a test e-mail from the RAC to a specified destination. Prior to executing the test e-mail command, ensure that the specified index in the RACADM cfgEmailAlert group is enabled and configured properly.
Table A-43. testemail Configuration Action Command Ensure the SNMP IP address is configured properly racadm config -g cfgRemoteHosts -o cfgRhostsSmptServerIpAddr -i 192.168.0.152 View the current e-mail racadm getconfig -g cfgEmailAlert -i alert settings where is a number from 1 to 4 Options Table A-44 describes the testemail subcommand options. Table A-44. testemail Subcommands Option Description -i Specifies the index of the e-mail alert to test. Output None.
Synopsis racadm testtrap -i Description The testtrap subcommand tests the RAC’s SNMP trap alerting feature by sending a test trap from the RAC to a specified destination trap listener on the network. Before you execute the testtrap subcommand, ensure that the specified index in the RACADM cfgIpmiPet group is configured properly. Table Table A-43 provides a list and associated commands for the cfgIpmiPet group. Table A-46.
Supported Interfaces • Local RACADM • Remote RACADM • telnet/ssh/serial RACADM vmdisconnect NOTE: To use this command, you must have Access Virtual Media permission. Table A-48 describes the vmdisconnect subcommand. Table A-48. vmdisconnect Subcommand Description vmdisconnect Closes all open RAC virtual media connections from remote clients. Synopsis racadm vmdisconnect Description The vmdisconnect subcommand allows a user to disconnect another user's virtual media session.
vmkey NOTE: To use this command, you must have Access Virtual Media permission. Table A-49 describes the vmkey subcommand. Table A-49. vmkey Subcommand Description vmkey Performs virtual media key-related operations. Synopsis racadm vmkey If is configured as reset, the virtual flash memory is reset to the default size of 16 MB. Description When a custom virtual media key image is uploaded to the RAC, the key size becomes the image size.
Synopsis racadm usercertupload -t [-f ] -i Options Table A-51 describes the usercertupload subcommand options. Table A-51. usercertupload Subcommand Options Option Description -t Specifies the type of certificate to upload, either the CA certificate or server certificate. 1 = user certificate 2 = user CA certificate -f Specifies the file name of the certificate to be uploaded. If the file is not specified, the sslcert file in the current directory is selected.
usercertview NOTE: To use this command, you must have Configure DRAC 5 permission. Table A-52 describes the usercertview subcommand. Table A-52. usercertview Subcommand Description usercertview Displays the user certificate or user CA certificate that exists on the DRAC. Synopsis racadm sslcertview -t [-A] -i Options Table A-53 describes the sslcertview subcommand options. Table A-53.
localConRedirDisable NOTE: Only a local racadm user can execute this command. Table A-54 describes the localConRedirDisable subcommand. Table A-54. localConRedirDisable Subcommand Description localConRedirDisable Disables console redirection to the management station. Synopsis racadm localConRedirDisable
RACADM Subcommand Overview
B DRAC 5 Property Database Group and Object Definitions The DRAC 5 property database contains the configuration information for the DRAC 5. Data is organized by associated object, and objects are organized by object group. The IDs for the groups and objects that the property database supports are listed in this section. Use the group and object IDs with the racadm utility to configure the DRAC 5. The following sections describe each object and indicate whether the object is readable, writable, or both.
Default "Dell Remote Access Controller 5" Description Uses a text string to identify the product. idRacDescriptionInfo (Read Only) Legal Values String of up to 255 ASCII characters. Default "This system component provides a complete set of remote management functions for Dell PowerEdge servers." Description A text description of the RAC type. idRacVersionInfo (Read Only) Legal Values String of up to 63 ASCII characters. Default "1.
Default The current RAC firmware build version. For example, "05.12.06". Description A string containing the current product build version. idRacName (Read Only) Legal Values String of up to 15 ASCII characters. Default DRAC 5 Description A user assigned name to identify this controller. idRacType (Read Only) Default 6 Description Identifies the remote access controller type as the DRAC 5. cfgLanNetworking This group contains parameters to configure the DRAC 5 NIC.
cfgDNSDomainNameFromDHCP (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1 (TRUE) 0 (FALSE) Default 1 Description Specifies that the RAC DNS Domain Name should be assigned from the network DHCP server. cfgDNSDomainName (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values String of up to 254 ASCII characters. At least one of the characters must be alphabetic.
Legal Values String of up to 63 ASCII characters. At least one character must be alphabetic. NOTE: Some DNS servers only register names of 31 characters or fewer. Default rac-service tag Description Displays the RAC name, which is rac-service tag (by default). This parameter is only valid if cfgDNSRegisterRac is set to 1 (TRUE). cfgDNSRegisterRac (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
Description Specifies that the DNS server IP addresses should be assigned from the DHCP server on the network. cfgDNSServer1 (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values A string representing a valid IP address. For example: "192.168.0.20". Description Specifies the IP address for DNS server 1. This property is only valid if cfgDNSServersFromDHCP is set to 0 (FALSE).
Legal Values 1 (TRUE) 0 (FALSE) Default 0 Description Enables or disables the RAC network interface controller. If the NIC is disabled, the remote network interfaces to the RAC will no longer be accessible, and the RAC will only be available through the serial or local RACADM interfaces. cfgNicIpAddress (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. This parameter is only configurable if the cfgNicUseDhcp parameter is set to 0 (FALSE).
Default 255.255.255.0 Description The subnet mask used for static assignment of the RAC IP address. This property is only valid if cfgNicUseDhcp is set to 0 (FALSE). cfgNicGateway (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. This parameter is only configurable if the cfgNicUseDhcp parameter is set to 0 (FALSE). Legal Values A string representing a valid gateway IP address. For example: "192.168.0.1". Default 192.168.0.
Description Specifies whether DHCP is used to assign the RAC IP address. If this property is set to 1 (TRUE), then the RAC IP address, subnet mask, and gateway are assigned from the DHCP server on the network. If this property is set to 0 (FALSE), the static IP address, subnet mask, and gateway is assigned from the cfgNicIpAddress, cfgNicNetmask, and cfgNicGateway properties. NOTE: If you are updating your system remotely, use the setniccfg command.
cfgNicMacAddress (Read Only) Legal Values A string representing the RAC NIC MAC address. Default The current MAC address of the RAC NIC. For example, "00:12:67:52:51:A3". Description The RAC NIC MAC address. cfgNicVLanEnable (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1 (TRUE) 0 (FALSE) Default 0 Description Enables or disables the VLAN capabilities of the RAC/BMC.
Description Specifies the VLAN ID for the network VLAN configuration. This property is only valid if cfgNicVLanEnable is set to 1 (enabled). cfgNicVLanPriority (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 0–7 Default 0 Description Specifies the VLAN Priority for the network VLAN configuration. This property is only valid if cfgNicVLanEnable is set to 1 (enabled).
cfgRhostsFwUpdateTftpEnable (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1 (TRUE) 0 (FALSE) Default 1 Description Enables or disables the RAC firmware update from a network TFTP server. cfgRhostsFwUpdateIpAddr (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values A string representing a valid TFTP server IP address. For example, 192.168.0.61. Default 0.0.0.
Default "" Description Specifies TFTP path where the RAC firmware image file exists on the TFTP server. The TFTP path is relative to the TFTP root path on the TFTP server. NOTE: The server may still require you to specify the drive (for example, C). cfgUserAdmin This group provides configuration information about the users who are allowed to access the RAC through the available remote interfaces. Up to 16 instances of the user group are allowed.
Legal Values 2 (User) 3 (Operator) 4 (Administrator) 15 (No access) Default 4 (User 2) 15 (All others) Description The maximum privilege on the IPMI serial channel. cfgUserAdminPrivilege (Read/Write) NOTE: To modify this property, you must have Configure Users permission. Legal Values 0x0000000 to 0x00001ff, and 0x0 Default 0x0000000 Description This property specifies the allowed role-based authority privileges allowed for the user.
Table B-2. Bit Masks for User Privileges (continued) User Privilege Privilege Bit Mask Clear Logs 0x0000008 Execute Server Control Commands 0x0000010 Access Console Redirection 0x0000020 Access Virtual Media 0x0000040 Test Alerts 0x0000080 Execute Debug Commands 0x0000100 Examples Table B-3 provides sample privilege bit masks for users with one or more privileges. Table B-3.
Default "" Description The name of the user for this index. The user index is created by writing a string into this name field if the index is empty. Writing a string of double quotes ("") deletes the user at that index. You cannot change the name. You must delete and then recreate the name. The string must not contain "/" (forward slash, "\" (backslash), "." (period), "@" ("at" symbol) or quotations marks. NOTE: This property value MUST be unique from other user instances.
Description Enables or disables an individual user. cfgUserAdminSolEnable NOTE: To modify this property, you must have Config Users permission. Legal Values 1 (TRUE) 0 (FALSE) Default 0 Description Enables or disables Serial Over LAN (SOL) user access. cfgEmailAlert This group contains parameters to configure the RAC e-mail alerting capabilities. The following subsections describe the objects in this group. Up to four instances of this group are allowed.
cfgEmailAlertEnable (Read/Write) Legal Values 1 (TRUE) 0 (FALSE) Default 0 Description Specifies the destination e-mail address for e-mail alerts. For example, user1@company.com. cfgEmailAlertAddress (Read Only) Legal Values E-mail address format, with a maximum length of 64 ASCII characters. Default "" Description The e-mail address of the alert source. cfgEmailAlertCustomMsg (Read Only) Legal Values String. Maximum Length = 32.
cfgSessionManagement This group contains parameters to configure the number of sessions that can connect to the DRAC 5. One instance of the group is allowed. The following subsections describe the objects in this group. cfgSsnMgtConsRedirMaxSessions (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1–2 Default 2 Description Specifies the maximum number of console redirection sessions allowed on the RAC.
cfgSsnMgtWebserverTimeout (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 60 – 1920 Default 300 Description Defines the Web server time-out. This property sets the amount of time in seconds that a connection is allowed to remain idle (there is no user input). The session is cancelled if the time limit set by this property is reached.
An expired Secure Shell session displays the following error message only after you press : Warning: Session no longer valid, may have timed out After the message appears, the system returns you to the shell that generated the Secure Shell session. cfgSsnMgtTelnetTimeout (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 0 (No timeout) 60 – 1920 Default 0 Description Defines the Telnet idle time-out.
cfgSerialBaudRate (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 9600, 28800, 57600, 115200 Default 57600 Description Sets the baud rate on the DRAC 5 serial port. cfgSerialConsoleEnable (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1 (TRUE) 0 (FALSE) Default 0 Description Enables or disables the RAC serial console interface.
Default ^\ (<\>) NOTE: The "^" is the key. Description This key or key combination terminates text console redirection when using the connect com2 command.
cfgSerialConsoleNoAuth (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 0 (enables serial login authentication) 1 (disables serial login authentication) Default 0 Description Enables or disables the RAC serial console login authentication. cfgSerialConsoleCommand (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
Description Specifies the maximum size of the serial history buffer. cfgSerialSshEnable (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1 (TRUE) 0 (FALSE) Default 1 Description Enables or disables the secure shell (SSH) interface on the DRAC 5. cfgSerialTelnetEnable (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
Legal Values 1 (TRUE) 0 (FALSE) Description Enables or disables the console for COM 2 port redirection. cfgNetTuning This group enables users to configure the advanced network interface parameters for the RAC NIC. When configured, the updated settings may take up to a minute to become active. NOTICE: Use extra precaution when modifying properties in this group. Inappropriate modification of the properties in this group can result in your RAC NIC become inoperable.
cfgNetTuningNic100MB (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 0 (10 MBit) 1 (100 MBit) Default 1 Description Specifies the speed to use for the RAC NIC. This property is not used if the cfgNetTuningNicAutoNeg is set to 1 (enabled). cfgNetTuningNicFullDuplex (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
Default 1500 Description The size in bytes of the maximum transmission unit used by the DRAC 5 NIC. cfgNetTuningTcpSrttDflt (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 6 – 384 Default 6 Description The smoothed round trip time-out base default value for TCP retransmission round trip time in ½ second units. (Type hexadecimal values.) cfgOobSnmp The group contains parameters to configure the SNMP agent and trap capabilities of the DRAC 5.
Description Specifies the SNMP Community Name used for SNMP Traps. cfgOobSnmpAgentEnable (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1 (TRUE) 0 (FALSE) Default 0 Description Enables or disables the SNMP agent in the RAC. cfgRacTuning This group is used to configure various RAC configuration properties, such as valid ports and security port restrictions.
cfgRacTuneHttpsPort (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 10 – 65535 Default 443 Description Specifies the port number to use for HTTPS network communication with the RAC. cfgRacTuneIpRangeEnable NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1 (TRUE) 0 (FALSE) Default 0 Description Enables or disables the IP Address Range validation feature of the RAC.
Description Specifies the acceptable IP address bit pattern in positions determined by the 1's in the range mask property (cfgRacTuneIpRangeMask). cfgRacTuneIpRangeMask NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values Standard IP mask values with left-justified bits Default 255.255.255.0 Description String, IP-address formatted. For example, 255.255.255.0. cfgRacTuneIpBlkEnable NOTE: To modify this property, you must have Configure DRAC 5 permission.
Default 5 Description The maximum number of login failure to occur within the window before the login attempts from the IP address are rejected. cfgRacTuneIpBlkFailWindow NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 2 – 65535 Default 60 Description Defines the timespan in seconds that the failed attempts are counted. When the failure attempts age to this limit, the failures are dropped from the count.
cfgRacTuneSshPort (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1 – 65535 Default 22 Description Specifies the port number used for the RAC SSH interface. cfgRacTuneTelnetPort (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1 – 65535 Default 23 Description Specifies the port number used for the RAC telnet interface.
Description Enables or disables the Remote RACADM interface in the RAC. cfgRacTuneConRedirEncryptEnable (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1 (TRUE) 0 (FALSE) Default 0 Description Encrypts the video in a console redirection session. cfgRacTuneConRedirPort (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
Legal Values 1 – 65535 Default 5901 Description Specifies the port to be used for video traffic during Console Redirection activity with the RAC. NOTE: This object requires a DRAC 5 reset before it becomes active. cfgRacTuneAsrEnable (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 0 (FALSE) 1 (TRUE) Default 1 Description Enables or disables the crash screen capture feature of the RAC.
Description Specifies the daylight savings offset (in minutes) to use for the RAC Time. cfgRacTuneTimezoneOffset (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values -720 – 780 Default 0 Description Specifies the timezone offset (in minutes) from GMT/UTC to use for the RAC Time.
Description Enables and disables the RAC webserver. If this property is disabled, the RAC will not be accessible using client web browsers or remote RACADM. This property has no effect on the telnet/ssh/serial or local RACADM interfaces. cfgRacTuneLocalServerVideo (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1 (Enables) 0 (Disables) Default 1 Description Enables (switches ON) or disables (switches OFF) the local server video.
Legal Values 1 (TRUE) 0 (FALSE) Default 0 Description Enables or disables the ability to disable the ability of the local user to configure the DRAC 5 from the BIOS POST option-ROM. ifcRacManagedNodeOs This group contains properties that describe the Managed Server operating system. One instance of the group is allowed. The following subsections describe the objects in this group. ifcRacMnOsHostname (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
Default "" Description The operating system name of the managed system. cfgRacSecurity This group is used to configure settings related to the RAC SSL certificate signing request (CSR) feature. The properties in this group MUST be configured prior to generating a CSR from the RAC. See the RACADM sslcsrgen subcommand details for more information on generating certificate signing requests. cfgRacSecCsrCommonName (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
Description Specifies the CSR Organization Name (O). cfgRacSecCsrOrganizationUnit (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values String. Maximum Length = 254. Default "" Description Specifies the CSR Organization Unit (OU). cfgRacSecCsrLocalityName (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values String. Maximum Length = 254. Default "" Description Specifies the CSR Locality (L).
Description Specifies the CSR State Name (S). cfgRacSecCsrCountryCode (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values String. Maximum Length = 2. Default "" Description Specifies the CSR Country Code (CC) cfgRacSecCsrEmailAddr (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values String. Maximum Length = 254. Default "" Description Specifies the CSR e-mail Address.
Default 1024 Description Specifies the SSL asymmetric key size for the CSR. cfgRacVirtual This group contains parameters to configure the DRAC 5 Virtual Media feature. One instance of the group is allowed. The following subsections describe the objects in this group. cfgVirMediaAttached (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
cfgVirAtapiSrvPort (Read/Write) NOTE: To modify this property, you must have Access Virtual Media permission. Legal Values 1 – 65535 Default 3669 Description Specifies the port number used for encrypted virtual media connections to the RAC. cfgVirAtapiSrvPortSsl (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values Any unused port number between 0 and 65535 decimal. Default 3669 Description Sets the port used for SSL Virtual Media connections.
Description Enables or disables the virtual media key feature of the RAC. cfgVirMediaBootOnce (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1 (Enabled) 0 (Disabled) Default 0 Description Enables or disables the virtual media boot-once feature of the RAC. If this property is enabled when the host server is rebooted, this feature will attempt to boot from the virtual media devices—if the appropriate media is installed in the device.
cfgActiveDirectory This group contains parameters to configure the DRAC 5 Active Directory feature. cfgADRacDomain (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values Any printable text string with no white space. Length is limited to 254 characters. Default "" Description Active Directory Domain in which the DRAC resides. cfgADRacName (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
Legal Values 1 (TRUE) 0 (FALSE) Default 0 Description Enables or disables Active Directory user authentication on the RAC. If this property is disabled, local RAC authentication is used for user logins instead. cfgADSpecifyServerEnable (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1 or 0 (True or False) Default 0 Description 1 (True) enables you to specify an LDAP or a Global Catalog server. 0 (False) disables this option.
cfgADGlobalCatalog (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values Valid IP address or FQDN Default No default values Description DRAC 5 uses the value you specify, to search the Global Catalog server for user names. cfgADSmartCardLogonEnable (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1 (TRUE) 0 (FALSE) Default 0 Description Enables or disables the Smart Card logon on DRAC 5.
Default 0 Description Enables or disables the Certificate Revocation List (CRL) check for Active Directory-based Smart Card users. cfgADAuthTimeout (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 15 – 300 Default 120 Description Specifies the number of seconds to wait for Active Directory authentication requests to complete before timing out. cfgADRootDomain (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
cfgADType (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1 = Enables Extended Schema with Active Directory. 2 = Enables Standard Schema with Active Directory. Default 1 = Extended Schema Description Determines the schema type to use with Active Directory. cfgStandardSchema This group contains parameters to configure the Standard Schema settings. cfgSSADRoleGroupIndex (Read Only) Legal Values Integer from 1 to 5.
Description Name of the Role Group as recorded in the Active Directory forest. cfgSSADRoleGroupDomain (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values Any printable text string with no white space. Length is limited to 254 characters. Default (blank) Description Active Directory Domain in which the Role Group resides. cfgSSADRoleGroupPrivilege (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
Table B-4. Bit Masks for Role Group Privileges (continued) Role Group Privilege Bit Mask Clear Logs 0x00000008 Execute Server Control Commands 0x00000010 Access Console Redirection 0x00000020 Access Virtual Media 0x00000040 Test Alerts 0x00000080 Execute Debug Commands 0x00000100 cfgIpmiSerial This group specifies properties used to configure the IPMI serial interface of the BMC. cfgIpmiSerialConnectionMode (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
cfgIpmiSerialBaudRate (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 9600, 19200, 57600, 115200 Default 57600 Description Specifies the baud rate for a serial connection over IPMI. cfgIpmiSerialChanPrivLimit (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 2 (User) 3 (Operator) 4 (Administrator) Default 4 Description Specifies the maximum privilege level allowed on the IPMI serial channel.
Default 1 Description Specifies the flow control setting for the IPMI serial port. cfgIpmiSerialHandshakeControl (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 0 (FALSE) 1 (TRUE) Default 1 Description Enables or disables he IPMI terminal mode handshake control. cfgIpmiSerialLineEdit (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
cfgIpmiSerialEchoControl (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 0 (FALSE) 1 (TRUE) Default 1 Description Enables or disables echo control on the IPMI serial interface. cfgIpmiSerialDeleteControl (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 0 (FALSE) 1 (TRUE) Default 0 Description Enables or disables delete control on the IPMI serial interface.
3 () 4 () 5 () Default 1 Description Specifies the newline sequence specification for the IPMI serial interface. cfgIpmiSerialInputNewLineSequence (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 0 () 1 (NULL) Default 1 Description Specifies the input newline sequence specification for the IPMI serial interface. cfgIpmiSol This group is used to configure the Serial-Over-LAN capabilities of the system.
Default 1 Description Enables or disables Serial Over LAN (SOL). cfgIpmiSolBaudRate (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 9600, 19200, 57600, 115200 Default 57600 Description The baud rate for serial communication over LAN. cfgIpmiSolMinPrivilege (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
cfgIpmiSolAccumulateInterval (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1 – 255. Default 10 Description Specifies the typical amount of time that the BMC waits before transmitting a partial SOL character data packet. This value is 1-based 5ms increments. cfgIpmiSolSendThreshold (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 1 – 255 Default 255 Description The SOL threshold limit value.
Legal Values 0 (FALSE) 1 (TRUE) Default 1 Description Enables or disables the IPMI-Over-LAN interface. cfgIpmiLanPrivLimit (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 2 (User) 3 (Operator) 4 (Administrator) Default 0 Description Specifies the maximum privilege level allowed for IPMI over LAN access. cfgIpmiLanAlertEnable (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
Description Enables or disables global e-mail alerting. This property overrides all individual e-mail alerting enable/disable properties. cfgIpmiEncryptionKey (Read/Write) NOTE: To view or modify this property, you must have Configure DRAC 5 permission and administrator privileges. Legal Values A string of hexadecimal digits from 0 to 20 characters with no spaces. Default "00000000000000000000" Description The IPMI encryption key.
cfgIpmiPefName (Read Only) Legal Values String. Maximum Length = 255. Default The name of the index filter. Description Specifies the name of the platform event filter. cfgIpmiPefIndex (Read Only) Legal Values 1 – 17 Default The index value of a platform event filter object. Description Specifies the index of a specific platform event filter. cfgIpmiPefAction (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
Description Specifies the action that is performed on the managed system when the alert is triggered. cfgIpmiPefEnable (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values 0 (FALSE) 1 (TRUE) Default 1 Description Enables or disables a specific platform event filter. cfgIpmiPet This group is used to configure platform event traps on the managed system. cfgIpmiPetIndex (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
cfgIpmiPetAlertDestIpAddr (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission. Legal Values String representing a valid IP address. For example, 192.168.0.67. Default 0.0.0.0 Description Specifies the destination IP address for the trap receiver on the network. The trap receiver receives an SNMP trap when an event is triggered on the managed system. cfgIpmiPetAlertEnable (Read/Write) NOTE: To modify this property, you must have Configure DRAC 5 permission.
Supported RACADM Interfaces C The following table provides an overview of RACADM subcommands and their corresponding interface support. Table C-1.
Table C-1.
Browser Pre-installation D If you are running Linux and your management station has a read-only file system, a browser can be installed on a client system without requiring a connection to a DRAC 5. By using the native plug-in installation package, the browser can be manually installed during the client setup phase. NOTICE: In a read-only client environment, if the DRAC 5 firmware is updated to a newer version of the plug-in, then the installed VM plug-in will become inoperative.
Plug-in Installation To install the plug-in installation package: 1 Copy the installation package to the client's native file system share that is accessible by the client. 2 Open an instance of the browser on the client system. 3 Enter the file-path to the plug-in installation package in the browser's address bar. For example: file:///tmp/rac5vm.xpi 4 The browser guides the user through plug-in installation.
Glossary Active Directory Active Directory is a centralized and standardized system that automates network management of user data, security, and distributed resources, and enables interoperation with other directories. Active Directory is designed especially for distributed networking environments. AGP Abbreviation for accelerated graphics port, which is a bus specification that allows graphics cards faster access to main system memory.
CA A certificate authority is a business entity that is recognized in the IT industry for meeting high standards of reliable screening, identification, and other important security criteria. Examples of CAs include Thawte and VeriSign. After the CA receives your CSR, they review and verify the information the CSR contains.
DLL Abbreviation for Dynamic Link Library, which is a library of small programs, any of which can be called when needed by a larger program that is running in the system. The small program that lets the larger program communicate with a specific device such as a printer or scanner is often packaged as a DLL program (or file). DDNS Abbreviation for Dynamic Domain Name System. DMTF Abbreviation for Distributed Management Task Force. DNS Abbreviation for Domain Name System.
GPIO Abbreviation for general purpose input/output. GRUB Acronym for GRand Unified Bootloader, a new and commonly-used Linux loader. GUI Abbreviation for graphical user interface, which refers to a computer display interface that uses elements such as windows, dialog boxes, and buttons as opposed to a command prompt interface, in which all user interaction is displayed and typed in text. hardware log Records events generated by the DRAC 5 and the BMC.
LAN Abbreviation for local area network. LDAP Abbreviation for Lightweight Directory Access Protocol. LED Abbreviation for light-emitting diode. LOM Abbreviation for Local area network On Motherboard. MAC Acronym for media access control, which is a network sublayer between a network node and the network physical layer. MAC address Acronym for media access control address, which is a unique address embedded in the physical components of a NIC.
NIC Abbreviation for network interface card. An adapter circuit board installed in a computer to provide a physical connection to a network. OID Abbreviation for Object Identifiers. PCI Abbreviation for Peripheral Component Interconnect, which is a standard interface and bus technology for connecting peripherals to a system and for communicating with those peripherals.
SAC Acronym for Microsoft’s Special Administration Console. SAP Abbreviation for Service Access Point. SEL Acronym for system event log. SMI Abbreviation for systems management interrupt. SMTP Abbreviation for Simple Mail Transfer Protocol, which is a protocol used to transfer electronic mail between systems, usually over an Ethernet. SMWG Abbreviation for Systems Management Working Group.
TAP Abbreviation for Telelocator Alphanumeric Protocol, which is a protocol used for submitting requests to a pager service. TCP/IP Abbreviation for Transmission Control Protocol/Internet Protocol, which represents the set of standard Ethernet protocols that includes the network layer and transport layer protocols. TFTP Abbreviation for Trivial File Transfer Protocol, which is a simple file transfer protocol used for downloading boot code to diskless devices or systems.
Index A C Active Directory adding DRAC 5 users, 150 configuring access to the DRAC 5, 143 configuring and managing certificates, 102 extending schemas, 143 logging in to the DRAC 5, 164 objects, 139 schema extensions, 138 using with extended schema, 138 using with standard schema, 156 using with the DRAC 5, 137 Certificate Signing Request (CSR) about, 109 generating a new certificate, 110 alerts troubleshooting, 136 B BIOS setup configuring on a managed system, 66 bootable image file creating, 228 cer
D DRAC 5 accessing through a network, 48 adding and configuring users, 98 adding users, 46 configuring, 38, 152, 159 configuring network settings, 45 configuring properties, 45 configuring the NIC, 93 creating a configuration file, 216 downloading firmware, 47 enabling security options, 77 enabling serial/telnet/ssh console, 73 securing communications, 108 updating the firmware, 46 E e-mail alerts configuring, 62 configuring using RACADM CLI, 63 configuring using the web user interface, 62 extended schema
IpRange about, 78 enabling, 79 L last crash screen capturing on the managed system, 39 Linux XTerm configuring for telnet console redirection, 88 M managed system accessing through the local serial port, 83 capturing the last crash screen, 39 configuring BIOS setup, 66 enabling serial or telnet console, 66 installing software, 38 management station configuring, 170 configuring a Red Hat Enterprise Linux management station, 41 configuring terminal emulation, 85 installing and removing RACADM, 41 installing
PET configuring, 60 configuring using RACADM CLI, 61 configuring using the web user interface, 60 R platform events configuring, 57 RACADM attaching virtual media, 193 configuring serial and telnet, 74 installing and removing, 41 supported interfaces, 355, 357 platforms supported, 26 property database groups cfcRacManagedNodesOs, 330 cfgActiveDirectory, 337 cfgEmailAlert, 309 cfgIpmiLan, 349 cfgIpmiPef, 351 cfgIpmiPet, 353 cfgIpmiSerial, 343 cfgIpmiSol, 347 cfgLanNetworking, 295 cfgNetTuning, 318 cfgOob
localConRedirDisable, 291 netstat, 262 ping, 263 racdump, 267 racreset, 268 racresetcfg, 269 serveraction, 270 setniccfg, 263 sslcertupload, 278, 283 sslcertview, 281 sslcsrgen, 276 testemail, 284 testtrap, 285 usercertupload, 288 userertview, 290 vmdisconnect, 287 vmkey, 288 racadm utility configuring network properties, 224 parsing rules, 218 subcommands, 245 reboot option disabling, 39 Red Hat Enterprise Linux configuring for serial console redirection, 68 remote access connections supported, 24 S Secur
snap-in installing the Dell extension, 149 software configuring, 37 installing, 37 sslcertdownload, 279 standard schema using with Active Directory, 156 system configuring to use a DRAC 5, 36 T telnet console using, 90 terminal mode configuring, 113, 115 troubleshooting, 243 basic, 243 virtual flash configuring, 196 disabling, 196 enabling, 195 using, 195 virtual media about, 187 attaching, 192 booting, 193 detaching, 192 installing the operating system, 194 installing the plug-in, 189 running, 190 suppor
