Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC7 with Lifecycle Controller Version 2.40.40.40
41424344454647484950
The network page automatically refreshes.
Enabling Auto Cong using RACADM
To enable Auto Cong feature using RACADM, use the iDRAC.NIC.AutoConfig object.
For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
For more information on the Auto Cong feature, see the Zero-Touch Bare Metal Server Provisioning using Dell iDRAC with Lifecycle
Controller Auto Cong white paper available at the delltechcenter.com/idrac.
Using hash passwords for improved security
On PowerEdge servers with version 2.xx.xx.xx, you can set user passwords and BIOS passwords using a one-way hash format. The
user authentication mechanism is not aected (except for SNMPv3 and IPMI) and you can provide the password in plain text
format.
With the new password hash feature:
You can generate your own SHA256 hashes to set iDRAC user passwords and BIOS passwords. This allows you to have the
SHA256 values in the server conguration prole, RACADM, and WSMAN. When you provide the SHA256 password values, you
cannot authenticate through SNMPv3 and IPMI.
You can set up a template server including all the iDRAC user accounts and BIOS passwords using the current plain text
mechanism. After the server is set up, you can export the server conguration prole with the password hash values. The export
includes the hash values required for SNMPv3 authentication. Importing this prole results in losing the IPMI authentication for
users who have the hashed password values set and the F2 IDRAC interface shows that the user account is disabled.
The other interfaces such as IDRAC GUI will show the user accounts enabled.
NOTE: When downgrading a Dell 12th generation PowerEdge server from version 2.xx.xx.xx to 1.xx.xx, if the server is set
with hash authentication, then you will not be able to log in to any interface unless the password is set to default.
You can generate the hash password with and without Salt using SHA256.
You must have Server Control privileges to include and export hash passwords.
If access to all accounts is lost, use iDRAC Settings Utility or local RACADM and perform reset iDRAC to default task.
If the password of the iDRAC user account is set with the SHA256 password hash only and not the other hashes (SHA1v3Key or
MD5v3Key), then authentication through SNMP v3 is not available.
Hash password using RACADM
To set hash passwords, use the following objects with the set command:
iDRAC.Users.SHA256Password
iDRAC.Users.SHA256PasswordSalt
Use the following command to include the hash password in the exported server conguration prole:
racadm get -f <file name> -l <NFS / CIFS share> -u <username> -p <password> -t <filetype>
--includePH
You must set the Salt attribute when the associated hash is set.
NOTE: The attributes are not applicable to the INI conguration le.
Hash password in server conguration prole
The new hash passwords can be optionally exported in the server conguration prole.
48