Users Guide
Single sign-on (SSO) to iDRAC GUI from Host OS
administrators desktop
Overview
Starting iSM 3.4, host administrators will have an option to launch iDRAC from within the host OS. iDRAC SSO launcher requires a
desktop environment of the host OS.
NOTE: Non-administrators cannot access this feature on the host OS.
The single sign-on (SSO) feature enables an authenticated OS administrator to directly access the iDRAC web interface without requiring
login of separate iDRAC administrator credentials. On installing this feature, a
Program Menu shortcut that is called Invoke-
iDRACLauncher on Microsoft Windows operating systems is created. On the Linux operating system, iSM creates a shortcut under
Applications, where the user can double-click and launch the iDRAC dashboard. iSM provides a command-line interface that is called
Invoke-iDRACLauncher on Microsoft Windows operating systems and Invoke-iDRACLauncher.sh on Linux operating systems.
Users can choose from two types of privileges to login to iDRAC.
• As a Readonly user: An express or typical install of iSM installs iDRAC SSO launcher enabling the administrator to log in to iDRAC as
a ReadOnly user. Besides the ability to view component health status, logs, and inventory, this enables few additional SupportAssist
operations required by the service personnel
• As an Administrative user: Installing this feature by selecting the Administrator privilege enables the Host OS administrator to log in
to iDRAC as an Operator user. The user will be able to perform all the operations as that of an iDRAC root user except configuring or
deleting iDRAC users or clearing the Lifecycle Log.
NOTE:
See the
iDRAC 9 User's Guide
for specific privileges granted to a
Readonly
or
Operator
user account.
Disable Single Sign-On into iDRAC from Host OS: The user can also opt to Disable this feature completely. When iSM is installed by
disabling this feature, launching
iDRAC GUI launcher launches the iDRAC login page with the default browser.
NOTE:
Invoke-iDRACLauncher
is independent of the iSM service and can be invoked even if iSM service is stopped.
NOTE: When browsers are not installed on the Host OS or
Invoke-iDRACLauncher
is not able to launch iDRAC due to
browser issue, a session is created in iDRAC already. An iDRAC admin user can log in to iDRAC and delete the sessions.
Following are the iDRAC GUI Launcher behavior with different OS-to-iDRAC Passthrustates:
• When OS-to-iDRAC Passthru setting in iDRAC is disabled, Invoke-iDRACLauncher prompts if you want to enable OSBMC-Passthru
in USBNIC mode.
• When OS-to-iDRAC Passthru setting is already configured in LOM mode, the iDRAC Launcher does not launch the iDRAC GUI.
• When OS-to-iDRAC Passthru setting is disabled in iDRAC and Disable iDRAC Local Configuration using Settings is also
disabled or lockdown mode is enabled in iDRAC, iDRAC GUI is not launched.
NOTE:
When
Local Configuration using Settings
or
Local Configuration using RACADM
is disabled in iDRAC, iDRAC
login screen is displayed.
NOTE: When an iDRAC SSO session is active on the Host OS, closing the related terminal closes the browser with SSO
session as well.
NOTE: Ensure to invoke
iDRAC GUI Launcher
from a GUI supported and capable interface.
NOTE: iDRAC GUI Launcher does not open the iDRAC UI when the USBNIC interface on the Host OS is configured with
IPv6 address.
Prerequisites
Linux packages:
1. Browser such as Mozilla firefox.
2. Sudo.
3. yx4x and later servers.
iDRAC Service Module monitoring features
33