Users Guide
214 Configuring Security Features
at a time to help avoid losing login privileges altogether. For example,
if administrators have disabled all local DRAC 5 users and allow only
Microsoft Active Directory directory service users to log in to the DRAC 5,
and the Active Directory authentication infrastructure subsequently fails,
the administrators may be unable to log in. Similarly, if administrators have
disabled all local configuration and place a DRAC 5 with a static IP address
on a network that already includes a Dynamic Host Configuration Protocol
(DHCP) server, and the DHCP server subsequently assigns the DRAC 5
IP address to another device on the network, the resulting conflict may
disable the out-of-band connectivity of the DRAC, requiring administrators
to reset the firmware to its default settings through a serial connection.
Disabling DRAC 5 Remote Virtual KVM
Administrators can selectively disable the DRAC 5 remote KVM, providing
a flexible, secure mechanism for a local user to work on the system without
someone else viewing the user’s actions through console redirection.
Using this feature requires installing the DRAC managed node software on
the server. Administrators can disable remote vKVM using the following
command:
racadm LocalConRedirDisable 1
The command LocalConRedirDisable disables existing remote vKVM session
windows when executed with the argument 1
To help prevent a remote user from overriding the local user's settings,
this command is available only to local racadm. Administrators can use this
command in operating systems that support local racadm, including
Microsoft Windows Server 2003 and SUSE Linux Enterprise Server 10.
Because this command persists across system reboots, administrators must
specifically reverse it to re-enable remote vKVM. They can do so by using
the argument 0:
racadm LocalConRedirDisable 0