iDRAC 8/7 v2.40.40.40 User’s Guide June 2017 Rev.
Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your product. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. Copyright © 2017 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries.
Contents Chapter 1: Overview.....................................................................................................................14 Benefits of using iDRAC with Lifecycle Controller.................................................................................................... 14 Key features........................................................................................................................................................................ 15 New in this release........
Setting up iDRAC IP using iDRAC settings utility................................................................................................ 39 Setting up iDRAC IP using CMC web interface................................................................................................... 42 Enabling provisioning server.....................................................................................................................................
Modifying network settings............................................................................................................................................ 78 Modifying network settings using web interface.................................................................................................79 Modifying network settings using local RACADM............................................................................................... 79 Configuring IP filtering............................
Monitoring performance index of CPU, memory, and I/O modules....................................................................102 Monitoring performance index for of CPU, memory, and I/O modules using web interface..................103 Monitoring performance index for of CPU, memory, and I/O modules using RACADM..........................103 Checking the system for fresh air compliance.........................................................................................................
Supported Active Directory authentication mechanisms.................................................................................130 Standard schema Active Directory overview......................................................................................................130 Configuring Standard schema Active Directory................................................................................................. 132 Extended schema Active Directory overview.........................................
Configuring Redfish Eventing.......................................................................................................................................159 Monitoring chassis events.............................................................................................................................................160 Monitoring chassis events using the iDRAC web interface............................................................................ 160 Monitoring chassis events using RACADM.
Supported NIC firmware versions for I/O Identity Optimization................................................................... 176 Virtual/Flex Address and Persistence Policy behavior when iDRAC is set to Flex Address mode or Console mode......................................................................................................................................................... 176 System behavior for FlexAddress and I/O Identity..................................................................
Viewing universal slots..............................................................................................................................................218 Setting SGPIO mode................................................................................................................................................. 218 Choosing operation mode to apply settings..............................................................................................................
Running VMCLI utility.................................................................................................................................................... 240 VMCLI syntax...................................................................................................................................................................240 VMCLI commands to access virtual media .........................................................................................................
Chapter 21: Using iDRAC Quick Sync......................................................................................... 275 Configuring iDRAC Quick Sync....................................................................................................................................275 Configuring iDRAC Quick Sync settings using web interface........................................................................ 276 Configuring iDRAC Quick Sync settings using RACADM....................................
Smart card login.............................................................................................................................................................. 294 Virtual console................................................................................................................................................................. 295 Virtual media...........................................................................................................................................
1 Overview The Integrated Dell Remote Access Controller (iDRAC) is designed to make server administrators more productive and improve the overall availability of Dell servers. iDRAC alerts administrators to server issues, helps them perform remote server management, and reduces the need for physical access to the server. iDRAC with Lifecycle Controller technology is part of a larger data center solution that helps keep business critical applications and workloads available always.
For more information on Lifecycle Controller GUI, see Lifecycle Controller User’s Guide and for remote services, see Lifecycle Controller Remote Services User’s Guide available at dell.com/idracmanuals. Key features The key features in iDRAC include: NOTE: Some of the features are available only with iDRAC Enterprise license. For information on the features available for a license, see Managing licenses. Inventory and Monitoring ● View managed server health.
■ Securely erase the data. ○ Set the backplane mode (unified or split mode). ○ Blink or unblink component LEDs. ○ Apply the device settings immediately, at next system reboot, at a scheduled time, or as a pending operation to be applied as a batch as part of the single job. Update ● Manage iDRAC licenses. ● Update BIOS and device firmware for devices supported by Lifecycle Controller. ● Update or rollback iDRAC firmware and Lifecycle Controller firmware using a single firmware image.
● ● ● ● ● ● User ID and password configuration. Default login password modification. Set user passwords and BIOS passwords using one-way hash format for improved security. FIPS 140-2 Level 1 capability. Support for TLS 1.2, 1.1, and 1.0. To enhance security, default setting is TLS 1.1 and higher. SMCLP and web interfaces that support 128 bit and 40-bit encryption (for countries where 128 bit is not acceptable), using the TLS 1.2 standard. NOTE: To ensure a secure connection, Dell recommends using TLS 1.
Managing licenses iDRAC features are available based on the purchased license (Basic Management, iDRAC Express, or iDRAC Enterprise). Only licensed features are available in the interfaces that allow you to configure or use iDRAC. For example, iDRAC Web interface, RACADM, WS-MAN, OpenManage Server Administrator, and so on. Some features, such as dedicated NIC or vFlash requires iDRAC ports card. This is optional on 200-500 series servers.
Importing license after replacing motherboard You can use the Local iDRAC Enterprise License Installation Tool if you have recently replaced the motherboard and need to reinstall the iDRAC Enterprise license locally (with no network connectivity) and activate the dedicated NIC. This utility installs a 30-day trial iDRAC Enterprise license and allows you to reset the iDRAC to change from shared NIC to dedicated NIC.
Table 2.
Table 2.
Table 2.
Table 2.
Table 2.
Table 3. Interfaces and protocols to access iDRAC (continued) Interface or Protocol Description operating system to run this utility. A user must have a full administrator privilege or be a root user to use this utility. ● Remote RACADM is a client utility that runs on a management station. It uses the out-of-band network interface to run RACADM commands on the managed system and uses the HTTPs channel. The –r option runs the RACADM command over a network.
Table 3. Interfaces and protocols to access iDRAC (continued) Interface or Protocol Description WS-MAN The LC-Remote Service is based on the WS-Management protocol to do one-to-many systems management tasks. You must use WS-MAN client such as WinRM client (Windows) or the OpenWSMAN client (Linux) to use the LC-Remote Services functionality. You can also use Power Shell and Python to script to the WS-MAN interface.
Table 5. Ports iDRAC uses as client Port Number Function 25* SMTP 53 DNS 68 DHCP-assigned IP address 69 TFTP 162* SNMP trap 445 Common Internet File System (CIFS) 636 LDAP Over SSL (LDAPS) 2049 Network File System (NFS) 123 Network Time Protocol (NTP) 3269 LDAPS for global catalog (GC) * Configurable port Other documents you may need In addition to this guide, the following documents available on the Dell Support website at dell.
The following system documents are available to provide more information: ● The safety instructions that came with your system provide important safety and regulatory information. For additional regulatory information, see the Regulatory Compliance home page at dell.com/regulatory_compliance. Warranty information may be included within this document or as a separate document. ● The Rack Installation Instructions included with your rack solution describe how to install your system into a rack.
Using search engines, type the name and version of the document in the search box.
2 Logging in to iDRAC You can log in to iDRAC as an iDRAC user, as a Microsoft Active Directory user, or as a Lightweight Directory Access Protocol (LDAP) user. The default user name is root and the default password is calvin. You can also log in using Single Sign-On or Smart Card. NOTE: ● You must have Login to iDRAC privilege to log in to iDRAC. ● iDRAC GUI does not support browser buttons such as Back, Forward, or Refresh.
NOTE: If the default HTTPS port number (port 443) was changed, enter: https://[iDRAC-IP-address]:[portnumber] where, [iDRAC-IP-address] is the iDRAC IPv4 or IPv6 address and [port-number] is the HTTPS port number. The Login page is displayed. 3. For a local user: ● In the Username and Password fields, enter your iDRAC user name and password. ● From the Domain drop-down menu, select This iDRAC. 4.
NOTE: If the default HTTPS port number (port 443) has been changed, type: https://[IP address]:[port number] where, [IP address] is the IP address for the iDRAC and [port number] is the HTTPS port number. 2. Insert the Smart Card into the reader and click Login. A prompt is displayed for the Smart Card’s PIN. A password in not required. 3. Enter the Smart Card PIN for local Smart Card users. You are logged in to the iDRAC.
Logging in to iDRAC SSO using iDRAC web interface Before logging in to iDRAC using Single Sign-On, make sure that: ● You have logged in to your system using a valid Active Directory user account. ● Single Sign-On option is enabled during Active Directory configuration. To log in to iDRAC using web interface: 1. Log in to your management station using a valid Active Directory account. 2.
3. Append the PEM formatted CA certificate to the management station CA certificate. For example, use the cat command: cat testcacert.pem >> cert.pem 4. Generate and upload the server certificate to iDRAC. Accessing iDRAC using local RACADM For information to access iDRAC using local RACADM, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
Table 6. Multiple iDRAC sessions Interface Number of Sessions iDRAC Web Interface 6 Remote RACADM 4 Firmware RACADM / SMCLP SSH - 2 Telnet - 2 Serial - 1 Changing default login password The warning message that allows you to change the default password is displayed if: ● You log in to iDRAC with Configure User privilege. ● Default password warning feature is enabled. ● Credentials for any currently enabled account are root/calvin.
Changing default login password using iDRAC settings utility To change the default login password using iDRAC Settings Utility: 1. In the iDRAC Settings utility, go to User Configuration. The iDRAC Settings.User Configuration page is displayed. 2. In the Change Password field, enter the new password. NOTE: For information on recommended characters for user names and passwords, see Recommended characters in user names and passwords on page 125. 3. Click Back, click Finish, and then click Yes.
Table 7. iDRAC web interface behavior with incorrect login attempts Login attempts Blocking (seconds) Error logged (USR0003 4) GUI display message SNMP alert (if enabled) First incorrect login 0 No None No Second incorrect login 30 Yes ● RAC0212: Login failed. Verify that username and password is correct. Login delayed for 30 seconds. Yes ● Try again button is disabled for 30 seconds. Third incorrect login 60 Yes ● RAC0212: Login failed. Verify that username and password is correct.
3 Setting up managed system and management station To perform out-of-band systems management using iDRAC, you must configure iDRAC for remote accessibility, set up the management station and managed system, and configure the supported web browsers. NOTE: In case of blade servers, install CMC and I/O modules in the chassis and physically install the system in the chassis before performing the configurations. Both iDRAC Express and iDRAC Enterprise ship from the factory with a default static IP address.
● Dell Deployment Toolkit (see Dell Deployment Toolkit User’s Guide) ● Chassis or Server LCD panel (see the system’s Hardware Owner’s Manual) NOTE: In case of blade servers, you can configure the network setting using the Chassis LCD panel only during initial configuration of CMC. After the chassis is deployed, you cannot reconfigure iDRAC using the Chassis LCD panel.
Network settings To configure the Network Settings: NOTE: For information about the options, see the iDRAC Settings Utility Online Help. 1. Under Enable NIC, select the Enabled option. 2. From the NIC Selection drop-down menu, select one of the following ports based on the network requirement: ● Dedicated — Enables the remote access device to use the dedicated network interface available on the Remote Access Controller (RAC).
4. Under Auto Negotiation, select On if iDRAC must automatically set the duplex mode and network speed. This option is available only for dedicated mode. If enabled, iDRAC sets the network speed to 10, 100, or 1000 Mbps based on the network speed. 5. Under Network Speed, select either 10 Mbps or 100 Mbps. NOTE: You cannot manually set the Network Speed to 1000 Mbps. This option is available only if Auto Negotiation option is enabled. 6. Under Duplex Mode, select Half Duplex or Full Duplex option.
● In the Static Alternate DNS Server box, enter the static alternate DNS server. IPMI settings To enable the IPMI Settings: 1. Under Enable IPMI Over LAN, select Enabled. 2. Under Channel Privilege Limit, select Administrator, Operator, or User. 3. In the Encryption Key box, enter the encryption key in the format 0 to 40 hexadecimal characters (without any blanks characters.) The default value is all zeros. VLAN settings You can configure iDRAC into the VLAN infrastructure.
Provisioning server works with a static IP address. DHCP, DNS server, or the default DNS host name discovers the provisioning server. If DNS is specified, the provisioning server IP is retrieved from DNS and the DHCP settings are not required. If the provisioning server is specified, discovery is skipped so neither DHCP nor DNS is required. You can enable the Provisioning Server feature using iDRAC Settings Utility or using Lifecycle Controller.
The iDRAC server configuration agent uses the rules in the following sequence to determine which SCP file on the file share to apply for each iDRAC: 1. The filename specified in DHCP option 60. 2. -config.xml — If a filename is not specified in DHCP option 60, use the system Service Tag to uniquely identify the SCP file for the system. For example, CDVH7R1-config.xml 3. -config.xml — If the option 60 filename is not specified and the -config.
The DHCP Option 60 identifies and associates a DHCP client with a particular vendor. Any DHCP server configured to take action based on a client’s vendor ID should have Option 60 and Option 43 configured. With Dell PowerEdge servers, the iDRAC identifies itself with vendor ID: iDRAC. Therefore, you must add a new ‘Vendor Class’ and create a ‘scope option’ under it for ‘code 60,’ and then enable the new scope option for the DHCP server.
● Filename (–f) — Indicates the name of the exported Server Configuration Profile XML file. Specifying this filename is optional with iDRAC version 2.20.20.20 or later. NOTE: For more information on file naming rules, see Configuring servers and server components using Auto Config. ● Sharename (-n) — Indicates the name of the network share. ● ShareType (-s) — Indicates the share type. 0 indicates NFS and 2 indicates CIFS. ● IPAddress (-i) — Indicates the IP address of the file share.
● Password (-p) — Indicates the password required to access the network share. This information is required only for CIFS. NOTE: Example for Linux NFS and CIFS share: ○ NFS: -f system_config.xml -i 192.168.0.130 -n /nfs -s 0 -d 0 -t 500 ○ CIFS: -f system_config.xml -i 192.168.0.130 -n sambashare/config_files -s 2 -u user -p password -d 1 -t 400 Ensure that you use NFS2 or NFS3 for NFS network share ● ShutdownType (-d) — Indicates the mode of shutdown.
For more information on the Auto Config feature, see the Zero-Touch Bare Metal Server Provisioning using Dell iDRAC with Lifecycle Controller Auto Config white paper available at the delltechcenter.com/idrac. Using hash passwords for improved security On PowerEdge servers with version 2.xx.xx.xx, you can set user passwords and BIOS passwords using a one-way hash format. The user authentication mechanism is not affected (except for SNMPv3 and IPMI) and you can provide the password in plain text format.
3. After setting the password, the normal plain text password authentication works except that SNMP v3 and IPMI authentication fails for iDRAC user accounts that had passwords updated with hash. Setting up management station A management station is a computer used for accessing iDRAC interfaces to remotely monitor and manage the PowerEdge server(s). To set up the management station: 1. Install a supported operating system. For more information, see the release notes. 2.
For more information about Server Administrator, see Dell OpenManage Server Administrator User’s Guide available at dell.com/support/manuals. Related tasks Modifying local administrator account settings on page 50 Modifying local administrator account settings After setting the iDRAC IP address, you can modify the local administrator account settings (that is, user 2) using the iDRAC Settings utility. To do this: 1. In the iDRAC Settings utility, go to User Configuration.
Using the iDRAC Web interface, RACADM, or the iDRAC Settings Utility, you can change the following thermal settings: ● Optimize for performance ● Optimize for minimum power ● Set the maximum air exhaust temperature ● Increase airflow through a fan offset, if required ● Increase airflow through increasing minimum fan speed Modifying thermal settings using iDRAC web interface To modify the thermal settings: 1. In the iDRAC Web interface, go to Overview > Hardware > Fans > Setup.
● Minimum Fan Speed in PWM (% of Max) — Select this option to fine tune the fan speed. Using this option, you can set a higher baseline system fan speed or increase the system fan speed if other custom fan speed options are not resulting in the required higher fan speeds. ○ Default — Sets minimum fan speed to default value as determined by the system cooling algorithm. ○ Custom — Enter the percentage value. The allowable range for minimum fan speed PWM is dynamic based on the system configuration.
Table 8. Thermal Settings (continued) Object Description Usage Example If a system does not support a particular air exhaust temperature limit, then when you run the following command: racadm set system.thermalsetti ngs.AirExhaustTemp 0 The following error message is displayed: ERROR: RAC947: Invalid object value specified. Make sure to specify the value depending on the type of object. For more information, see RACADM help. To set the limit to the default value: racadm set system.thermalsetti ngs.
Table 8. Thermal Settings (continued) Object Description Usage Example command, it applies a fan speed offset of Low (23% PWM) over baseline fan speed racadm set system.thermalsetti ngs FanSpeedOffset 0 FanSpeedMaxOffsetVal ● Getting this variable reads Values from 0-100 the fan speed offset value in %PWM for Max Fan Speed Offset setting. ● This value depends on the system. ● Use FanSpeedOffset to set this value using index value 3 racadm get system.
Table 8. Thermal Settings (continued) Object Description Usage and the FanSpeedLowOffsetVa l, FanSpeedMaxOffsetVa l, FanSpeedHighOffsetV al, and FanSpeedMediumOffse tVal objects (defined earlier) are the values at which the offsets are applied. MFSMaximumLimit Read Maximum limit for MFS Example To set the fan speed offset to High value (as defined in FanSpeedHighOffsetVal) racadm set system.thermalsetti ngs.
Table 8. Thermal Settings (continued) Object Description Usage ThirdPartyPCIFanRespo nse Values: ● Thermal overrides for third-party PCI cards. ● 1 — Enabled ● Allows you to disable or ● 0 — Disabled enable the default system NOTE: The default value fan response for detected is 1. third-party PCI cards. ● You can confirm the presence of third-party PCI card by viewing the message ID PCI3018 in the Lifecycle Controller log.
Configuring Internet Explorer This section provides details about configuring Internet Explorer (IE) to ensure you can access and use all features of the iDRAC web interface. These settings include: ● Resetting security settings ● Adding iDRAC IP to trusted sites ● Configuring IE to enable Active Directory SSO Resetting Internet Explorer security settings Ensure that Internet Explorer (IE) settings are set to Microsoft-recommended defaults and customize the settings as described in this section. 1.
Disabling whitelist feature in Firefox Firefox has a "whitelist" security feature that requires user permission to install plug-ins for each distinct site that hosts a plug-in. If enabled, the whitelist feature requires you to install a Virtual Console viewer for each iDRAC you visit, even though the viewer versions are identical. To disable the whitelist feature and avoid unnecessary plug-in installations, perform the following steps: 1. Open a Firefox Web browser window. 2.
● Compatibility is based on browser and is not based on the operating system or installed components. ● Compatible with most of the desktops and mobile platforms. ● Quick deployment and the client is downloaded as part of a web page. You must configure Internet Explorer (IE) settings before you launch and run HTML5 based virtual console and virtual media applications. To configure the browser settings: 1. Disable pop-up blocker.
4. Enable the browser to download encrypted content and to enable third-party browser extensions. To do this, go to Tools > Internet Options > Advanced, clear the Do not save encrypted pages to disk option, and select the Enable thirdparty browser extensions option. NOTE: Restart Internet Explorer for the Enable third-party browser extension setting to take effect. 5. Go to Tools > Internet Options > Security and select the zone you want to run the application. 6. Click Custom level.
The Java Cache viewer is displayed. 2. Delete the items titled iDRAC Virtual Console Client. Importing CA certificates to management station When you launch Virtual Console or Virtual Media, prompts are displayed to verify the certificates. If you have custom Web server certificates, you can avoid these prompts by importing the CA certificates to the Java or ActiveX trusted certificate store.
iDRAC Web interface is designed to work with localized keyboards for the supported language variants. Some features of iDRAC Web interface, such as Virtual Console, may require additional steps to access certain functions or letters. Other keyboards are not supported and may cause unexpected problems. NOTE: See the browser documentation on how to configure or setup different languages and view localized versions of iDRAC Web interface.
Table 9. Image file types and dependencies .D7 Image Interface Supported iDRAC DUP Requires LC enabled Supported Requires LC enabled BMCFW64.
When you check for updates, the version marked as Available does not always indicate that it is the latest version available. Before you install the update, ensure that the version you choose to install is newer than the version currently installed. If you want to control the version that iDRAC detects, create a custom repository using Dell Repository Manager (DRM) and configure iDRAC to use that repository to check for updates.
Updating firmware using repository Dell Repository Manager (DRM) enables you to create a repository that iDRAC can check for updates. DRM can use the following to creating the repository: ● New Dell online catalog ● Previous Dell catalog that you have used ● Local source repository ● A custom repository NOTE: For more information about DRM, see delltechcenter.com/repositorymanager.
For information about the fields, see the iDRAC Online Help. 4. Click Check for Update. 5. After the upload is complete, the Update Details section displays a comparison report showing the current firmware versions and the firmware versions available in the repository. NOTE: Updates that are unsupported or not applicable to the system or installed hardware are not included in the comparison report. 6.
Related concepts Updating device firmware on page 62 Viewing and managing staged updates on page 70 Scheduling automatic firmware update using web interface To schedule automatic firmware update using web Interface: NOTE: Do not create the next scheduled occurrence of an automatic update job if a job is already Scheduled. It overwrites the current scheduled job. 1. In the iDRAC web interface, go to Overview > iDRAC Settings > Update and Rollback. The Firmware Update page is displayed. 2.
○ To automatically update firmware using FTP: racadm AutoUpdateScheduler create -u admin -p pwd -l ftp.mytest.com -pu puser –pp puser –po 8080 –pt http –f cat.xml -time 14:30 -wom 1 -dow sun -rp 5 -a 1 ● To view the current firmware update schedule: racadm AutoUpdateScheduler view ● To disable automatic firmware update: racadm set lifecycleController.lcattributes.AutoUpdate.
the location on the TFTP server where firmimg.d7 is stored. ● Using update command: racadm -r -u -p update —f FTP server: ● Using fwupdate command: racadm -r -u -p fwupdate –f –d path the location on the FTP server where firmimg.d7 is stored.
Viewing and managing staged updates You can view and delete the scheduled jobs including configuration and update jobs. This is a licensed feature. All jobs queued to run during the next reboot can be deleted. Related tasks Updating device firmware on page 62 Viewing and managing staged updates using iDRAC web interface To view the list of scheduled jobs using iDRAC web interface, go to Overview > Server > Job Queue. The Job Queue page displays the status of jobs in the Lifecycle Controller job queue.
● Change the NIC mode to Dedicated if the mode is set as Shared LOM.
For the device for which you want to rollback the firmware, the Rollback Version must be Available. Also, note the FQDD. 2. Rollback the device firmware using: racadm rollback For more information, see iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals. Rollback firmware using Lifecycle Controller For information, see Lifecycle Controller User’s Guide available at dell.com/idracmanuals.
Before performing a backup operation, make sure that: ● Collect System Inventory On Reboot (CSIOR) option is enabled. If you initiate a back operation while CSIOR is disabled, the following message is displayed: System Inventory with iDRAC may be stale,start CSIOR for updated inventory ● To perform backup on a vFlash SD card: ○ vFlash SD card is inserted, enabled, and initialized. ○ vFlash SD card has at least 100 MB free space to store the backup file.
Scheduling automatic backup server profile using web interface To schedule automatic backup server profile: 1. In the iDRAC Web interface, go to Overview > iDRAC Settings > Server Profile. The Backup and Export Server Profile page is displayed. 2. Click the Automatic Backup tab. 3. Select the Enable Automatic Backup option. 4. Select one of the following to save the backup file image: ● Network to save the backup file image on a CIFS or NFS share. ● vFlash to save the backup file image on the vFlash card.
backup file. If components are different or not in the same location, they are not modified and restore failures is logged to the Lifecycle Log. Before performing an import operation, make sure that Lifecycle Controller is enabled. If Lifecycle Controller is disabled, and if you initiate the import operation, the following message is displayed: Lifecycle Controller is not enabled, cannot create Configuration job.
● Delete and Replace - Deletes and replaces the RAID level, virtual disk, controller attributes, and hard disk configuration information in the system with the data from the backup image file. 6. Click Import. The import server profile operation is initiated. Importing server profile using RACADM To import the server profile using RACADM, use the systemconfig restore command. For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
4 Configuring iDRAC iDRAC enables you to configure iDRAC properties, set up users, and set up alerts to perform remote management tasks. Before you configure iDRAC, make sure that the iDRAC network settings and a supported browser is configured, and the required licenses are updated. For more information about the licensable feature in iDRAC, see Managing licenses.
Managing virtual media on page 233 Managing vFlash SD card on page 243 Setting first boot device on page 86 Enabling or disabling OS to iDRAC Pass-through on page 88 Related tasks Configuring iDRAC to send alerts on page 152 Topics: • • • • • • • • • • • • Viewing iDRAC information Modifying network settings FIPS mode Configuring services Using VNC client to manage remote server Configuring front panel display Configuring time zone and NTP Setting first boot device Enabling or disabling OS to iDRAC Pass-t
Modifying network settings using web interface To modify the iDRAC network settings: 1. In the iDRAC Web interface, go to Overview > iDRAC Settings > Network. The Network page is displayed. 2. Specify the network settings, common settings, IPv4, IPv6, IPMI, and/or VLAN settings as per your requirement and click Apply.
Configure IP filtering using iDRAC web interface You must have Configure privilege to perform these steps. To configure IP filtering: 1. In iDRAC Web interface, go to Overview > iDRAC Settings > Network > Network. The Network page is displayed. 2. Click Advanced Settings. The Network Security page is displayed. 3. Specify the IP filtering settings. For more information about the options, see iDRAC Online Help. 4. Click Apply to save the settings.
Difference between FIPS-mode supported and FIPS-validated Software that has been validated by completing the Cryptographic Module Validation Program is referred to as FIPS-validated. Because of the time it takes to complete FIPS-validation, not all versions of iDRAC are validated. For information about the latest status of FIPS-validation for iDRAC, see the Cryptographic Module Validation Program page on the NIST website.
SNMP Agent Enables support for SNMP queries (GET, GETNEXT, and GETBULK operations) in iDRAC. Automated Enable Last System Crash Screen. System Recovery Agent VNC Server Enable VNC server with or without SSL encryption. Configuring services using web interface To configure the services using iDRAC Web interface: 1. In the iDRAC Web interface, go to Overview > iDRAC Settings > Network > Services. The Services page is displayed. 2. Specify the required information and click Apply.
Configuring TLS By ● ● ● default, iDRAC is configured to use TLS 1.1 and higher. You can configure iDRAC to use any of the following: TLS 1.0 and higher TLS 1.1 and higher TLS 1.2 only NOTE: To ensure a secure connection, Dell recommends using TLS 1.1 and higher. Configuring TLS using web interface 1. Go to Overview > iDRAC Settings > Network. 2. Click the Services tab and then click Web Server. 3. In the TLS Protocol drop-down, select the TLS version and click Apply.
wait for timeout (value configured for the VNC Server settings in the Services page in iDRAC Web interface) and then re-establish the VNC connection. ● If the VNC client window is minimized for more than 60 seconds, the client window closes. You must open a new VNC session. If you maximize the VNC client window within 60 seconds, you can continue to use it. Configuring VNC server using iDRAC web interface To configure the VNC server settings: 1.
For blade servers, only the System ID LED is available on the server front panel since the blade chassis has the LCD. Related concepts Configuring LCD setting on page 85 Configuring system ID LED setting on page 86 Configuring LCD setting You can set and display a default string such as iDRAC name, IP, and so on or a user-defined string on the LCD front panel of the managed system. Configuring LCD setting using web interface To configure the server LCD front panel display: 1.
5. Click Back, click Finish, and then click Yes. Configuring system ID LED setting To identify a server, enable or disable System ID LED blinking on the managed system. Configuring system ID LED setting using web interface To configure the System ID LED display: 1. In iDRAC Web interface, go to Overview > Hardware > Front Panel. The Front Panel page is displayed. 2.
You can set the first boot device to one of the following: ● Normal Boot ● PXE ● BIOS Setup ● Local Floppy/Primary Removable Media ● Local CD/DVD ● Hard Drive ● Virtual Floppy ● Virtual CD/DVD/ISO ● Local SD Card ● vFlash ● Lifecycle Controller ● BIOS Boot Manager ● UEFI Device Path NOTE: ● BIOS Setup (F2), Lifecycle Controller (F10), and BIOS Boot Manager (F11) cannot be set as permanent boot device. ● The first boot device setting in iDRAC Web Interface overrides the System BIOS boot settings.
1. From the Dell Systems Management Tools and Documentation DVD or from the Dell Support website, install Server Administrator or iDRAC Service Module (iSM) on the managed system. 2. In the Windows startup and recovery window, make sure that the automatic reboot option is not selected. For more information, see Windows documentation. 3.
Related references Supported cards for OS to iDRAC Pass-through on page 89 Supported operating systems for USB NIC on page 89 Enabling or disabling OS to iDRAC Pass-through using web interface on page 91 Enabling or disabling OS to iDRAC Pass-through using RACADM on page 91 Enabling or disabling OS to iDRAC Pass-through using iDRAC settings utility on page 91 Supported cards for OS to iDRAC Pass-through The following table provides a list of cards that support the OS to iDRAC Pass-through feature using LOM
● ● ● ● Ubuntu 14.04.1 LTS Ubuntu 12.04.04 LTS Debian 7.6 (Wheezy) Debian 8.0 On servers with Windows 2008 SP2 64-bit operating system, the iDRAC Virtual CD USB Device is not discovered automatically (or enabled). You must enable this manually. For more information, see steps recommended by Microsoft to manually update the Remote Network Driver Interface Specification (RNDIS) driver for this device.
The output is: Message: The update completed successfully, but the system needs to be rebooted for the changes to be effective. Reboot Required: true VIBs Installed: Dell_bootbank_iDRAC_USB_NIC_1.0.0-799733X03 VIBs Removed: VIBs Skipped: 3. Reboot the server. 4. At the ESXi prompt, run the command: esxcfg-vmknic –l. The output displays the usb0 entry. Enabling or disabling OS to iDRAC Pass-through using web interface To enable OS to iDRAC Pass-through using Web interface: 1.
● USB NIC — The OS to iDRAC pass-through link between the iDRAC and the host operating system is established through the internal USB bus. To disable this feature, select Disabled. NOTE: The LOM option can be selected only of the card supports OS to iDRAC pass-through capability. Else, this option is grayed-out. 3. If you select LOM as the pass-through configuration, and if the server is connected using dedicated mode, enter the IPv4 address of the operating system.
SSL server certificates iDRAC includes a web server that is configured to use the industry-standard SSL security protocol to transfer encrypted data over a network. An SSL encryption option is provided to disable weak ciphers. Built upon asymmetric encryption technology, SSL is widely accepted for providing authenticated and encrypted communication between clients and servers to prevent eavesdropping across a network.
After the CA approves the CSR and issues the SSL server certificate, it can be uploaded to iDRAC. The information used to generate the CSR, stored on the iDRAC firmware, must match the information contained in the SSL server certificate, that is, the certificate must have been generated using the CSR created by iDRAC. Related concepts SSL server certificates on page 93 Generating CSR using web interface To generate a new CSR: NOTE: Each new CSR overwrites any previous CSR data stored in the firmware.
Uploading server certificate using RACADM To upload the SSL server certificate, use the sslcertupload command. For more information, see the RACADM Command Line Reference Guide for iDRAC available at dell.com/idracmanuals. If the CSR is generated outside of iDRAC with a private key available, then to upload the certificate to iDRAC: 1. Send the CSR to a well-known root CA. CA signs the CSR and the CSR becomes a valid certificate. 2. Upload the private key using the remote racadm sslkeyupload command. 3.
Uploading custom SSL certificate signing certificate using RACADM To upload the custom SSL certificate signing certificate using RACADM, use the sslcertupload command, and then use the racreset command to reset iDRAC. For more information, see the iDRAC RACADM Command Line Reference Guide available at www.dell.com/idracmanuals. Downloading custom SSL certificate signing certificate You can download the custom signing certificate using iDRAC Web interface or RACADM.
● The configuration file contains information that is applicable for the particular server. The information is organized under various object groups. ● Some configuration files contain unique iDRAC information, such as the static IP address, that you must modify before you import the file into other iDRACs. You can also use the System Configuration Profile to configure multiple iDRACs using RACADM. System configuration XML file contains the component configuration information.
Disabling access to modify iDRAC configuration settings on host system You can disable access to modify the iDRAC configuration settings through Local RACADM or iDRAC Settings utility. However, you can view these configuration settings. To do this: 1. In iDRAC Web interface, go to Overview > iDRAC Settings > Network > Services. 2. Select one or both of the following: ● Disable the iDRAC Local Configuration using iDRAC Settings — Disables access to modify the configuration settings in iDRAC Settings utility.
5 Viewing iDRAC and managed system information You can view iDRAC and managed system’s health and properties, hardware and firmware inventory, sensor health, storage devices, network devices, and view and terminate user sessions. For blade servers, you can also view the flex address information.
The Hardware Inventory section displays the information for the following components available on the managed system: ● iDRAC ● RAID controller ● Batteries ● CPUs ● DIMMs ● HDDs ● Backplanes ● Network Interface Cards (integrated and embedded) ● Video card ● SD card ● Power Supply Units (PSUs) ● Fans ● Fibre Channel HBAs ● USB ● NVMe PCIe SSD devices The Firmware Inventory section displays the firmware version for the following components: ● BIOS ● Lifecycle Controller ● iDRAC ● OS driver pack ● 32-bit diagn
● Fan (available only for rack and tower servers) — Provides information about the system fans — fan redundancy and fans list that display fan speed and threshold values. ● CPU — Indicates the health and state of the CPUs in the managed system. It also reports processor automatic throttling and predictive failure. ● Memory — Indicates the health and state of the Dual In-line Memory Modules (DIMMs) present in the managed system. ● Intrusion — Provides information about the chassis.
Table 13. Sensor information using web interface and RACADM (continued) View sensor information For Using web interface Removable Flash Media Overview > Hardware > Removable Flash Media Temperature Overview > Server > Power/Thermal > Temperatures Voltage Overview > Server > Power/Thermal > Voltages Using RACADM Monitoring performance index of CPU, memory, and I/O modules In Dell’s 13 th generation Dell PowerEdge servers, Intel ME supports Compute Usage Per Second (CUPS) functionality.
● Login privilege is required to monitor performance data. ● Configure privilege is required for setting warning thresholds and reset historical peaks. ● Login privilege and Enterprise license are required to read historical statics data. Monitoring performance index for of CPU, memory, and I/O modules using web interface To monitor the performance index of CPU, memory, and I/O modules, in the iDRAC web interface, go to Overview > Hardware.
NOTE: You can track the temperature history even for systems that are not fresh air compliant. However, the threshold limits and fresh air related warnings generated are based on fresh air supported limits. The limits are 42ºC for warning and 47ºC for critical. These values correspond to 40ºC and 45ºC fresh air limits with 2ºC margin for accuracy.
2. In the Temperature Probes section, for the System Board Inlet Temp, enter the minimum and maximum values for the Warning Threshold in Centigrade or Fahrenheit. If you enter the value in centigrade, the system automatically calculates and displays the Fahrenheit value. Similarly, if you enter Fahrenheit, the value for Centigrade is displayed. 3. Click Apply. The values are configured.
Viewing FlexAddress mezzanine card fabric connections In blade servers, FlexAddress allows the use of persistent, chassis-assigned World Wide Names and MAC addresses (WWN/ MAC) for each managed server port connection. You can view the following information for each installed embedded Ethernet and optional mezzanine card port: ● Fabrics to which the cards are connected. ● Type of fabric. ● Server-assigned, chassis-assigned, or remotely assigned MAC addresses.
6 Setting up iDRAC communication You can communicate with iDRAC using any of the following modes: ● iDRAC Web Interface ● Serial connection using DB9 cable (RAC serial or IPMI serial) — For rack and tower servers only ● IPMI Serial Over LAN ● IPMI Over LAN ● Remote RACADM ● Local RACADM ● Remote Services NOTE: To ensure that Local RACADM import or export commands work properly, ensure that the USB mass-storage host is enabled in the operating system.
Related concepts Communicating with iDRAC through serial connection using DB9 cable on page 108 Switching between RAC serial and serial console while using DB9 cable on page 111 Communicating with iDRAC using IPMI SOL on page 111 Communicating with iDRAC using IPMI over LAN on page 117 Enabling or disabling remote RACADM on page 118 Disabling local RACADM on page 118 Enabling IPMI on managed system on page 118 Configuring Linux for serial console during boot on page 119 Supported SSH cryptography schemes on
NOTE: This is applicable only for iDRAC on rack and tower servers. 1. Turn on or restart the system. 2. Press F2. 3. Go to System BIOS Settings > Serial Communication. 4. Select External Serial Connector to Remote Access device. 5. Click Back, click Finish, and then click Yes. 6. Press Esc to exit System Setup. Enabling RAC serial connection After configuring serial connection in BIOS, enable RAC serial in iDRAC. NOTE: This is applicable only for iDRAC on rack and tower servers.
3. Click Apply. Enabling serial connection IPMI mode using RACADM To configure the IPMI mode, disable the RAC serial interface and then enable the IPMI mode. racadm set iDRAC.Serial.Enable 0 racadm set iDRAC.IPMISerial.ConnectionMode n=0 — Terminal Mode n=1 — Basic Mode Enabling serial connection IPMI serial settings using RACADM 1. Change the IPMI serial-connection mode to the appropriate setting using the command. racadm set iDRAC.Serial.Enable 0 2. Set the IPMI Serial baud rate using the command.
The Terminal Mode Settings page is displayed. 4. Specify the following values: ● ● ● ● ● ● Line editing Delete control Echo Control Handshaking control New line sequence Input new line sequences For information about the options, see the iDRAC Online Help. 5. Click Apply. The terminal mode settings are configured. 6. Make sure that the serial MUX (external serial connector) is set correctly to the remote access device in the BIOS Setup program to configure BIOS for serial connection.
Related concepts Configuring BIOS for serial connection on page 112 Configuring iDRAC to use SOL on page 112 Enabling supported protocol on page 113 Configuring BIOS for serial connection NOTE: This is applicable only for iDRAC on rack and tower servers. 1. Turn on or restart the system. 2. Press F2. 3. Go to System BIOS Settings > Serial Communication. 4. Specify the following values: ● Serial Communication — On With Console Redirection ● Serial Port Address — COM2.
1. Enable IPMI Serial over LAN using the command. racadm set iDRAC.IPMISol.Enable 1 2. Update the IPMI SOL minimum privilege level using the command. racadm set iDRAC.IPMISol.MinPrivilege Parameter Privilege level = 2 User = 3 Operator = 4 Administrator NOTE: The IPMI SOL minimum privilege level determines the minimum privilege to activate IPMI SOL. For more information, see the IPMI 2.0 specification. 3. Update the IPMI SOL baud rate using the command.
● Telnet racadm set iDRAC.Telnet.Enable 1 ● SSH racadm set iDRAC.SSH.Enable 1 To change the SSH port racadm set iDRAC.SSH.Port You can use tools such as: ● IPMItool for using IPMI protocol ● Putty/OpenSSH for using SSH or Telnet protocol Related tasks SOL using IPMI protocol on page 114 SOL using SSH or Telnet protocol on page 114 SOL using IPMI protocol The IPMI-based SOL utility and IPMItool uses RMCP+ delivered using UDP datagrams to port 623.
Before using SSH or Telnet to communicate with iDRAC, make sure to: 1. Configure BIOS to enable Serial Console. 2. Configure SOL in iDRAC. 3. Enable SSH or Telnet using iDRAC Web interface or RACADM. Telnet (port 23)/ SSH (port 22) client <−−> WAN connection <−−> iDRAC The IPMI-based SOL that uses SSH or Telnet protocol eliminates the need for an additional utility because the serial to network translation happens within iDRAC.
● console com2 This connects iDRAC to the managed system’s SOL port. Once a SOL session is established, iDRAC command line console is not available. Follow the escape sequence correctly to open the iDRAC command line console. The escape sequence is also printed on the screen as soon as a SOL session is connected. When the managed system is off, it takes sometime to establish the SOL session. NOTE: You can use console com1 or console com2 to start SOL. Reboot the server to establish the connection.
Disconnecting SOL session in iDRAC command line console The commands to disconnect a SOL session are based on the utility. You can exit the utility only when a SOL session is completely terminated. To disconnect a SOL session, terminate the SOL session from the iDRAC command line console. ● To quit SOL redirection, press Enter, Esc, T. The SOL session closes. ● To quit a SOL session from Telnet on Linux, press and hold Ctrl+]. A Telnet prompt is displayed. Type quit to exit Telnet.
Parameter Privilege level = 2 User = 3 Operator = 4 Administrator 3. Set the IPMI LAN channel encryption key ,if required. racadm set iDRAC.IPMILan.EncryptionKey Parameter Description 20-character encryption key in a valid hexadecimal format. NOTE: The iDRAC IPMI supports the RMCP+ protocol. For more information, see the IPMI 2.0 specifications at intel.com.
Configuring Linux for serial console during boot The following steps are specific to the Linux GRand Unified Bootloader (GRUB). Similar changes are required if a different boot loader is used. NOTE: When you configure the client VT100 emulation window, set the window or application that is displaying the redirected Virtual Console to 25 rows x 80 columns to make sure the correct text displays. Else, some text screens may be garbled. Edit the /etc/grub.conf file as follows: 1.
The following example shows a sample file with the new line. #inittab This file describes how the INIT process should set up #the system in a certain run-level. #Author:Miquel van Smoorenburg #Modified for RHS Linux by Marc Ewing and Donnie Barnes #Default runlevel.
tty1 tty2 tty3 tty4 tty5 tty6 tty7 tty8 tty9 tty10 tty11 ttyS1 Supported SSH cryptography schemes To communicate with iDRAC using SSH protocol, it supports multiple cryptography schemes listed in the following table. Table 15. SSH cryptography schemes Scheme Type Algorithms Asymmetric Cryptography Public key ssh-rsa ecdsa-sha2-nistp256 Symmetric Cryptography Key Exchange curve25519-sha256@libssh.
perform various functions. The uploaded keys must be in RFC 4716 or OpenSSH format. Else, you must convert the keys into that format. NOTE: If you enable OpenSSH 7.0 or later, DSA public key support is disabled. To ensure better security for iDRAC, Dell recommends not enabling DSA public key support. In any scenario, a pair of private and public key must be generated on the management station.
When adding new public keys, make sure that the existing keys are not at the index where the new key is added. iDRAC does not perform checks to make sure previous key(s) are deleted before a new key(s) are added. When a new key is added, it is usable if the SSH interface is enabled. Uploading SSH keys using web interface To upload the SSH keys: 1. In the iDRAC Web interface, go to Overview > iDRAC Settings > Network > User Authentication > Local Users. The Users page is displayed. 2.
Deleting SSH keys Before deleting the public keys, make sure that you view the keys if they are set up, so that a key is not accidentally deleted. Deleting SSH keys using web interface To delete the SSH key(s): 1. In Web interface, go to Overview > iDRAC Settings > Network > User Authentication > Local Users. The Users page is displayed. 2. In the User ID column, click a user ID number. The Users Main Menu page is displayed. 3. Under SSH Key Configurations, select View/Remove SSH Key(s) and click Next.
7 Configuring user accounts and privileges You can setup user accounts with specific privileges (role-based authority) to manage your system using iDRAC and maintain system security. By default iDRAC is configured with a local administrator account. This default user name is root and the password is calvin. As an administrator, you can setup user accounts to allow other users to access iDRAC.
NOTE: The characters allowed in user names and passwords for network shares are determined by the network-share type. iDRAC supports valid characters for network share credentials as defined by the share type, except <, >, and , (comma). NOTE: To improve security, it is recommended to use complex passwords that have eight or more characters and include lowercase alphabets, uppercase alphabets, numbers, and special characters. It is also recommended to regularly change the passwords, if possible.
To enable SNMP v3 authentication for a user, use SNMPv3AuthenticationType, SNMPv3Enable, SNMPv3PrivacyType objects. For more information, see the RACADM Command Line Interface Guide available at dell.com/idracmanuals. If you use the configuration XML file, use the AuthenticationProtocol, ProtocolEnable, and PrivacyProtocol attributes to enable SNMPv3 authentication. Adding iDRAC user using RACADM 1. Set the index and user name. racadm set idrac.users..
You can configure user authentication through Active Directory to log in to the iDRAC. You can also provide role-based authority, which enables an administrator to configure specific privileges for each user. The iDRAC role and privilege names have changed from earlier generation of servers. The role names are: Table 18.
Related tasks Enabling SSL on domain controller on page 129 Enabling SSL on domain controller When iDRAC authenticates users with an Active Directory domain controller, it starts an SSL session with the domain controller. At this time, the domain controller must publish a certificate signed by the Certificate Authority (CA)—the root certificate of which is also uploaded into iDRAC.
Importing iDRAC firmware SSL certificate iDRAC SSL certificate is the identical certificate used for iDRAC Web server. All iDRAC controllers are shipped with a default self-signed certificate. If the Active Directory Server is set to authenticate the client during an SSL session initialization phase, you need to upload iDRAC Server certificate to the Active Directory Domain controller.
Figure 1. Configuration of iDRAC with active directory standard schema In Active Directory, a standard group object is used as a role group. A user who has iDRAC access is a member of the role group. To give this user access to a specific iDRAC, the role group name and its domain name need to be configured on the specific iDRAC. The role and the privilege level are defined on each iDRAC and not in the Active Directory. You can configure up to five role groups in each iDRAC.
Configuring Standard schema Active Directory To configure iDRAC for an Active Directory login access: 1. On an Active Directory server (domain controller), open the Active Directory Users and Computers Snap-in. 2. Create a group or select an existing group. Add the Active Directory user as a member of the Active Directory group to access iDRAC. 3. Configure the group name, domain name, and the role privileges on iDRAC using the iDRAC web interface or RACADM.
racadm set address of racadm set address of racadm set address of racadm set address of racadm set address of iDRAC.ActiveDirectory.DomainController2 iDRAC.ActiveDirectory.DomainController3 iDRAC.ActiveDirectory.GlobalCatalog1 iDRAC.ActiveDirectory.GlobalCatalog2 iDRAC.ActiveDirectory.
Best practices for extended schema The extended schema uses Dell association objects to join iDRAC and permission. This allows you to use iDRAC based on the overall permissions granted. The default Access Control List (ACL) of Dell Association objects allows Self and Domain Administrators to manage the permissions and scope of iDRAC objects. By default, the Dell Association objects do not inherit all permissions from the parent Active Directory objects.
Figure 2. Typical setup for active directory objects You can create as many or as few association objects as required. However, you must create at least one Association Object, and you must have one iDRAC Device Object for each iDRAC device on the network that you want to integrate with Active Directory for Authentication and Authorization with iDRAC. The Association Object allows for as many or as few users and/or groups as well as iDRAC Device Objects.
The figure shows two Association Objects—A01 and A02. User1 is associated to iDRAC2 through both association objects. Extended Schema Authentication accumulates privileges to allow the user the maximum set of privileges possible considering the assigned privileges of the different privilege objects associated to the same user. In this example, User1 has both Priv1 and Priv2 privileges on iDRAC2. User1 has Priv1 privileges on iDRAC1 only. User2 has Priv1 privileges on both iDRAC1 and iDRAC2.
1. In the Welcome screen, click Next. 2. Read and understand the warning and click Next. 3. Select Use Current Log In Credentials or enter a user name and password with schema administrator rights. 4. Click Next to run the Dell Schema Extender. 5. Click Finish. The schema is extended. To verify the schema extension, use the MMC and the Active Directory Schema Snap-in to verify that the classes and attributes classes and attributes exist.
Table 24. dellRAC4Privileges class OID 1.2.840.113556.1.8000.1280.1.1.1.3 Description Defines the privileges (Authorization Rights) for iDRAC Class Type Auxiliary Class SuperClasses None Attributes dellIsLoginUser dellIsCardConfigAdmin dellIsUserConfigAdmin dellIsLogClearAdmin dellIsServerResetUser dellIsConsoleRedirectUser dellIsVirtualMediaUser dellIsTestAlertUser dellIsDebugCommandAdmin Table 25. dellPrivileges class OID 1.2.840.113556.1.8000.1280.1.1.1.
Table 27. List of attributes added to the active directory schema (continued) Attribute Name/Description Assigned OID/Syntax Object Identifier Single Valued attribute is the forward link to the dellAssociationMembers backward link. Link ID: 12070 dellIsLoginUser 1.2.840.113556.1.8000.1280.1.1.2.3 TRUE TRUE if the user has Login rights on the device. Boolean (LDAPTYPE_BOOLEAN 1.3.6.1.4.1.1466.115.121.1.7) dellIsCardConfigAdmin 1.2.840.113556.1.8000.1280.1.1.2.
Table 27. List of attributes added to the active directory schema (continued) Attribute Name/Description Assigned OID/Syntax Object Identifier Single Valued dellAssociationMembers 1.2.840.113556.1.8000.1280.1.1.2.14 List of dellAssociationObjectMembers that belong to this Product. This attribute is the backward link to the dellProductMembers linked attribute. Distinguished Name (LDAPTYPE_DN 1.3.6.1.4.1.1466.115.121.1.
1. In the Console Root (MMC) window, right-click a container. 2. Select New > Dell Remote Management Object Advanced. The New Object window is displayed. 3. Enter a name for the new object. 4. Select Privilege Object and click OK. 5. Right-click the privilege object that you created, and select Properties. 6. Click the Remote Management Privileges tab and assign the privileges for the user or group.
Adding privileges To add privileges: Click the Privilege Object tab to add the privilege object to the association that defines the user’s or user group’s privileges when authenticating to an iDRAC device. Only one privilege object can be added to an Association Object. 1. Select the Privileges Object tab and click Add. 2. Enter the privilege object name and click OK. 3.
1. Use the following commands: racadm set racadm set racadm set racadm set racadm set address of racadm set address of racadm set address of iDRAC.ActiveDirectory.Enable 1 iDRAC.ActiveDirectory.Schema 2 iDRAC.ActiveDirectory.RacName iDRAC.ActiveDirectory.RacDomain iDRAC.ActiveDirectory.DomainController1 iDRAC.ActiveDirectory.
Testing Active Directory settings using iDRAC web interface To test the Active Directory settings: 1. In iDRAC Web Interface, go to Overview > iDRAC Settings > User Authentication > Directory Services > Microsoft Active Directory. The Active Directory summary page is displayed. 2. Click Test Settings. 3. Enter a test user's name (for example, username@domain.com) and password and click Start Test. A detailed test results and the test log displays.
NOTE: If certificate validation is enabled, specify the LDAP Server’s FQDN and make sure that DNS is configured correctly under Overview > iDRAC Settings > Network. NOTE: In this release, nested group is not supported. The firmware searches for the direct member of the group to match the user DN. Also, only single domain is supported. Cross domain is not supported. 6. Click Next. The Generic LDAP Configuration and Management Step 3a of 3 page is displayed. 7. Click Role Group.
8 Configuring iDRAC for Single Sign-On or smart card login This section provides information to configure iDRAC for Smart Card login (for local users and Active Directory users), and Single Sign-On (SSO) login (for Active Directory users.) SSO and smart card login are licensed features. iDRAC supports Kerberos based Active Directory authentication to support Smart Card and SSO logins. For information on Kerberos, see the Microsoft website.
Registering iDRAC as a computer in Active Directory root domain To register iDRAC in Active Directory root domain: 1. Click Overview > iDRAC Settings > Network > Network. The Network page is displayed. 2. Provide a valid Preferred/Alternate DNS Server IP address. This value is a valid DNS server IP address that is part of the root domain. 3. Select Register iDRAC on DNS. 4. Provide a valid DNS Domain Name. 5. Verify that network DNS configuration matches with the Active Directory DNS information.
3. Associate the device object and privilege object using the association object. 4. Add the preceding SSO user (login user) to the device object. 5. Provide access privilege to Authenticated Users for accessing the created association object. Related concepts Adding iDRAC users and privileges to Active Directory on page 140 Configuring iDRAC SSO login for Active Directory users Before configuring iDRAC for Active Directory SSO login, make sure that you have completed all the prerequisites.
Related concepts Obtaining certificates on page 92 Uploading smart card user certificate on page 149 Enabling or disabling smart card login on page 150 Uploading smart card user certificate Before you upload the user certificate, make sure that the user certificate from the smart card vendor is exported in Base64 format. SHA-2 certificates are also supported.
Configuring iDRAC smart card login for Active Directory users Before configuring iDRAC Smart Card login for Active Directory users, make sure that you have completed the required prerequisites. To configure iDRAC for smart card login: 1. In iDRAC Web interface, while configuring Active Directory to set up an user account based on standard schema or extended schema, on the Active Directory Configuration and Management Step 1 of 4 page: ● Enable certificate validation.
For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals. Enabling or disabling smart card login using iDRAC settings utility To enable or disable the Smart Card logon feature: 1. In the iDRAC Settings utility, go to Smart Card. The iDRAC Settings Smart Card page is displayed. 2. Select Enabled to enable smart card logon. Else, select Disabled. For more information about the options, see iDRAC Settings Utility Online Help. 3.
9 Configuring iDRAC to send alerts You can set alerts and actions for certain events that occur on the managed system. An event occurs when the status of a system component is greater than the pre-defined condition. If an event matches an event filter and you have configured this filter to generate an alert (e-mail, SNMP trap, IPMI alert, remote system logs, Redfish event, or WS events), then an alert is sent to one or more configured destinations.
Enabling or disabling alerts using web interface To enable or disable generating alerts: 1. In iDRAC Web interface, go to Overview > Server > Alerts. The Alerts page is displayed. 2. Under Alerts section: ● Select Enable to enable alert generation or perform an event action. ● Select Disable to disable alert generation or disable an event action. 3. Click Apply to save the setting. Enabling or disabling alerts using RACADM Use the following command: racadm set iDRAC.IPMILan.
● Warning ● Critical 4. Click Apply. The Alert Results section displays the results based on the selected category and severity. Filtering alerts using RACADM To filter the alerts, use the eventfilters command. For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
Setting alert recurrence event You can configure iDRAC to generate additional events at specific intervals if the system continues to operate at a temperature which is greater than the inlet temperature threshold limit. The default interval is 30 days. The valid range is 0 to 366 days. A value of ‘0’ indicates no event recurrence. NOTE: You must have Configure iDRAC privilege to set the alert recurrence value. Setting alert recurrence events using iDRAC web interface To set the alert recurrence value: 1.
Configuring email alert, SNMP trap, or IPMI trap settings The management station uses Simple Network Management Protocol (SNMP) and Intelligent Platform Management Interface (IPMI) traps to receive data from iDRAC. For systems with large number of nodes, it may not be efficient for a management station to poll each iDRAC for every condition that may occur. For example, event traps can help a management station with load balancing between nodes or by issuing an alert if an authentication failure occurs.
1. To enable traps: racadm set idrac.SNMP.Alert..Enable Parameter Description Destination index. Allowed values are 1 through 8. =0 Disable the trap =1 Enable the trap 2. To configure the trap destination address: racadm set idrac.SNMP.Alert..DestAddr Parameter Description Destination index. Allowed values are 1 through 8. A valid IPv4, IPv6, or FQDN address 3. Configure the SNMP community name string: racadm set idrac.ipmilan.
Configuring email alert settings You can configure the email address to receive the email alerts. Also, configure the SMTP server address settings. NOTE: If your mail server is Microsoft Exchange Server 2007, make sure that iDRAC domain name is configured for the mail server to receive the email alerts from iDRAC. NOTE: Email alerts support both IPv4 and IPv6 addresses. The DRAC DNS Domain Name must be specified when using IPv6.
4. To test the configured email alert, if required: racadm testemail -i [index] Parameter Description index Email destination index to be tested. Allowed values are 1 through 4. For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/ idracmanuals. Configuring SMTP email server address settings You must configure the SMTP server address for email alerts to be sent to specified destinations.
Monitoring chassis events On the PowerEdge FX2/FX2s chassis, you can enable the Chassis Management and Monitoring setting in iDRAC to perform chassis management and monitoring tasks such as monitoring chassis components, configuring alerts, using iDRAC RACADM to pass CMC RACADM commands, and updating the chassis management firmware. This setting allows you to manage the servers in the chassis even if the CMC is not on the network. You can set the value to Disabled to forward the chassis events.
Table 28.
Table 28.
Table 28.
10 Managing logs iDRAC provides Lifecycle log that contains events related to system, storage devices, network devices, firmware updates, configuration changes, license messages, and so on. However, the system events are also available as a separate log called System Event Log (SEL). The lifecycle log is accessible through iDRAC Web interface, RACADM, and WS-MAN interface. When the size of the lifecycle log reaches 800 KB, the logs are compressed and archived.
If no arguments are specified, the entire log is displayed. To display the number of SEL entries: racadm getsel -i To clear the SEL entries: racadm clrsel For more information, see iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals. Viewing System Event Log using iDRAC settings utility You can view the total number of records in the System Event Log (SEL) using the iDRAC Settings Utility and clear the logs. To do this: 1.
Filtering Lifecycle logs You can filter logs based on category, severity, keyword, or date range. To filter the lifecycle logs: 1. In the Lifecycle Log page, under the Log Filter section, do any or all of the following: ● ● ● ● Select the Log Type from the drop-down list. Select the severity level from the Severity drop-down list. Enter a keyword. Specify the date range. 2. Click Apply. The filtered log entries are displayed in Log Results.
Adding work notes Each user who logs in to iDRAC can add work notes and this is stored in the lifecycle log as an event. You must have iDRAC logs privilege to add work notes. A maximum of 255 characters are supported for each new work note. NOTE: You cannot delete a work note. To add a work note: 1. In the iDRAC Web interface, go to Overview > Server > Properties > Summary. The System Summary page is displayed. 2. Under Work Notes, enter the text in the blank text box.
11 Monitoring and managing power You can use iDRAC to monitor and manage the power requirements of the managed system. This helps to protect the system from power outages by appropriately distributing and regulating the power consumption on the system. The key features are: ● Power Monitoring — View the power status, history of power measurements, the current averages, peaks, and so on for the managed system.
Monitoring power using RACADM To view the power-monitoring information, use the get command with the objects in the System.Power group. For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals. Setting warning threshold for power consumption You can set the warning threshold value for the power consumption sensor in the rack and tower systems.
● Power Cycle System (cold boot) 3. Click Apply. For more information, see the iDRAC Online Help. Executing power control operations using RACADM To perform power actions, use the serveraction command. For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals. Power capping You can view the power threshold limits that covers the range of AC and DC power consumption that a system under heavy workload presents to the datacenter.
The Power Configuration page is displayed. The current power policy limit is displayed under the Currently Active Power Cap Policy section. 2. Select Enable under iDRAC Power Cap Policy. 3. Under User-Defined Limits section, enter the maximum power limit in Watts and BTU/hr or the maximum % of recommended system limit. 4. Click Apply to apply the values.
2. Under Power Supply Options, select the required options. For more information, see iDRAC Online Help. 3. Click Apply. The power supply options are configured. Configuring power supply options using RACADM To ● ● ● ● configure the power supply options, use the following objects with the set command: System.Power.RedundancyPolicy System.Power.Hotspare.Enable System.Power.Hotspare.PrimaryPSU System.Power.PFC.
12 Inventorying, monitoring, and configuring network devices You can inventory, monitor, and configure the following network devices: ● Network Interface Cards (NICs) ● Converged Network Adapters (CNAs) ● LAN On Motherboards (LOMs) ● Network Daughter Cards (NDCs) ● Mezzanine cards (only for blade servers) Before you disable NPAR or an individual partition on CNA devices, ensure that you clear all I/O identity attributes (Example: IP address, virtual addresses, initiator, and storage targets) and partition-l
NOTE: If the OS Driver State displays the state as Operational, it indicates the operating system driver state or the UEFI driver state. Monitoring network devices using RACADM To view information about network devices, use the hwinventory and nicstatistics commands. For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
NOTE: Some cards with the virtual FIP, virtual WWN, and virtual WWPN MAC attributes, the virtual WWN and virtual WWPN MAC attributes are automatically configured when you configure virtual FIP. Using the IO Identity feature, you can: ● View and configure the virtual addresses for network and fibre channel devices (for example, NIC, CNA, FC HBA). ● Configure the initiator (for iSCSI and FCoE) and storage target settings (for iSCSI, FCoE, and FC).
Table 29.
Table 30.
Server with VAM Persistence Policy Feature FlexAddress Feature State in CMC IO Identity Feature State in iDRAC Enabled Disabled Enabled Enabled Disabled Disabled Enabled Availability of VA Programming Remote Agent VA Source for the Reboot Cycle Reboot Cycle VA Persistence Behavior FlexAddress from CMC Per FlexAddress spec Yes — New or Persisted Remote Agent Virtual Address Per Remote Agent Policy Setting No FlexAddress from CMC Per FlexAddress spec Yes — New or Persisted Remote Agent Vi
To view the I/O Identity Optimization setting, use the command: racadm get iDRAC.IOIDOpt Configuring persistence policy settings Using IO identity, you can configure policies specifying the system reset and power cycle behaviors that determine the persistence or clearance of the virtual address, initiator, and storage target settings. Each individual persistence policy attribute applies to all ports and partitions of all applicable devices in the system.
Configuring persistence policy settings using iDRAC web interface To configure the persistence policy: 1. In the iDRAC Web interface, go to Overview > Hardware > Network Devices. The Network Devices page is displayed. 2. Click I/O Identity Optimization tab. 3. In the Persistence Policy section, select one or more of the following for each persistence policy: ● A/C Power Loss - The virtual address or target settings persist when AC power loss conditions occur.
Table 31. iSCSI initiator —default values (continued) iSCSI Initiator Default Values in IPv4 mode Default Values in IscsiInitiatorName Value Cleared Value Cleared IscsiInitiatorChapId Value Cleared Value Cleared IscsiInitiatorChapPwd Value Cleared Value Cleared IPVer Ipv4 Table 32. Iscsi storage target attributes — default values iSCSI Storage Target Attributes Default Values in IPv4 mode Default Values in ConnectFirstTgt Disabled Disabled FirstTgtIpAddress 0.0.0.
13 Managing storage devices Beginning with iDRAC 2.00.00.00 release, iDRAC expands its agent-free management to include direct configuration of the new PERC9 controllers. It enables you to remotely configure the storage components attached to your system at run-time. These components include RAID and non-RAID controllers and the channels, ports, enclosures, and disks attached to them.
PERC Capability CEM configuration Capable Controller (PERC 9.1 or later) CEM configuration Non-capable Controller (PERC 9.0 and lower) the configuration at run-time. Run-time or real-time means, a reboot is not required. Staged If all the set operations are staged, the configuration is staged and applied after reboot or it is applied at real-time.
used to restore data in the event of a disk failure. RAID uses different techniques, such as striping, mirroring, and parity, to store and reconstruct data. There are different RAID levels that use different methods for storing and reconstructing data. The RAID levels have different characteristics in terms of read/write performance, data protection, and storage capacity. Not all RAID levels maintain redundant data, which means for some RAID levels lost data cannot be restored.
Maintaining redundant data requires the use of additional physical disks. The possibility of a disk failure increases with an increase in the number of disks. Since the differences in I/O performance and redundancy, one RAID level may be more appropriate than another based on the applications in the operating environment and the nature of the data being stored.
RAID 0 characteristics: ● ● ● ● Groups n disks as one large virtual disk with a capacity of (smallest disk size) *n disks. Data is stored to the disks alternately. No redundant data is stored. When a disk fails, the large virtual disk fails with no means of rebuilding the data. Better read and write performance. RAID level 1 (mirroring) RAID 1 is the simplest form of maintaining redundant data. In RAID 1, data is mirrored or duplicated on one or more physical disks.
● Redundancy for protection of data. ● RAID 1 is more expensive in terms of disk space since twice the number of disks are used than required to store the data without redundancy. RAID level 5 (striping with distributed parity) RAID 5 provides data redundancy by using data striping in combination with parity information. Rather than dedicating a physical disk to parity, the parity information is striped across all physical disks in the disk group.
RAID 6 characteristics: ● ● ● ● ● ● Groups n disks as one large virtual disk with a capacity of (n-2) disks. Redundant information (parity) is alternately stored on all disks. The virtual disk remains functional with up to two disk failures. The data is reconstructed from the surviving disks. Better read performance, but slower write performance. Increased redundancy for protection of data. Two disks per span are required for parity. RAID 6 is more expensive in terms of disk space.
RAID 50 characteristics: ● Groups n*s disks as one large virtual disk with a capacity of s*(n-1) disks, where s is the number of spans and n is the number of disks within each span. ● Redundant information (parity) is alternately stored on all disks of each RAID 5 span. ● Better read performance, but slower write performance. ● Requires as much parity information as standard RAID 5. ● Data is striped across all spans. RAID 50 is more expensive in terms of disk space.
RAID 60 characteristics: ● Groups n*s disks as one large virtual disk with a capacity of s*(n-2) disks, where s is the number of spans and n is the number of disks within each span. ● Redundant information (parity) is alternately stored on all disks of each RAID 6 span. ● Better read performance, but slower write performance. ● Increased redundancy provides greater data protection than a RAID 50. ● Requires proportionally as much parity information as RAID 6. ● Two disks per span are required for parity.
RAID 10 characteristics: ● ● ● ● ● Groups n disks as one large virtual disk with a capacity of (n/2) disks, where n is an even integer. Mirror images of the data are striped across sets of physical disks. This level provides redundancy through mirroring. When a disk fails, the virtual disk still works. The data is read from the surviving mirrored disk. Improved read performance and write performance. Redundancy for protection of data.
Table 33. RAID level performance comparison (continued) RAID Level Data Availability Read Performance Write Performance Rebuild Performance Minimum Disks Required Suggested Uses RAID 50 Good Very Good Fair Fair N + 2 (N = at least 4) Medium sized transactional or data intensive uses. RAID 6 Excellent Sequential reads: good. Transactional reads: Very good Fair, unless using writeback cache Poor N + 2 (N = at least two disks) Critical information.
Supported enclosures iDRAC supports MD1200, MD1220, MD1400, and MD1420 enclosures. NOTE: Redundant Array of Inexpensive Disks (RBODS) that are connected to HBA controllers are not supported. Summary of supported features for storage devices The following table provides the features supported by the storage devices through iDRAC. NOTE: Features such as prepare to remove and blink or unblink component LED are not applicable for HHHL PCIe SSD cards.
Feature Name PERC 9 Controllers PERC 8 Controllers H830 H730 P H730 H810 H710P H710 H310 interf ace) interf ace) interfac interfac interfac interfac e) e) e) e) Check Consistency Mode Realtime Realtime Realtime Realtime Realtime Realtime Staged Staged Staged Staged Not applicabl e Copyback Mode Realtime Realtime Realtime Realtime Realtime Realtime Staged Staged Staged Staged Not applicabl e Load Balance Mode Realtime Realtime Realtime Realtime Realtime Realtime Sta
Feature Name PERC 9 Controllers PERC 8 Controllers H710P H710 H830 H730 P H730 H330 FD33x S FD33x D H810 Configure Backplane mode Realtime Realtime Realtime Realtime Realtime Realtime Not Not Not Not Not applicab applicable applicab applicab applicabl le le le e Blink or unblink component LEDs Realtime Realtime Realtime Realtime Realtime Realtime Realtime Switch controller mode Stage Stage Staged d d Staged Staged Staged Not Not Not Not Not applicab applicable applicab applica
Monitoring backplane using iDRAC settings utility In the iDRAC Settings utility, go to System Summary. The iDRAC Settings.System Summary page is displayed. The Backplane Inventory section displays the backplane information. For information about the fields, see the iDRAC Settings Utility Online Help.
If you have assigned a physical disk as a global hot spare in Add to Pending Operation mode, the pending operation is created but a job is not created. Then, if you try to unassign the same disk as global hot spare, the assign global hot spare pending operation is cleared. If you have unassigned a physical disk as a global hot spare in Add to Pending Operation mode, the pending operation is created but a job is not created.
The Setup page is displayed. 2. From the Controller drop-down menu, select a controller. The physical disks associated with the selected controller are displayed. 3. From the Action — Assign to All drop-down box, select the required option (Convert to RAID or Convert to Non-RAID) for all the disks, or select the option for specific disks from the Action drop-down menu. 4. From the Apply Operation Mode drop-down menu, select when you want to apply the settings. 5. Click Apply.
You cannot create a virtual disk if: ● Physical disk drives are not available for virtual disk creation. Install additional physical disk drives. ● Maximum number of virtual disks that can be created on the controller has been reached. You must delete at least one virtual disk and then create a new virtual disk. ● Maximum number of virtual disks supported by a drive group has been reached. You must delete one virtual disk from the selected group and then create a new virtual disk.
Based on the selected Apply Operation Mode, the settings are applied. Creating virtual disks using RACADM Use the racadm storage createvd command. For more information, see the iDRAC RACADM Command Line Reference Guide available at dell.com/idracmanuals. Editing virtual disk cache policies You can change the read, write, or disk cache policy of a virtual disk. NOTE: Some of the controllers do not support all read or write policies. Therefore, when a policy is applied, an error message is displayed.
unassigned when the last virtual disk associated with the controller is deleted. When deleting the last virtual disk of a disk group, all assigned dedicated hot spares automatically become global hot spares. You must have the Login and Server Control privilege to perform delete virtual disks. When this operation is allowed, you can delete a boot virtual drive. It is done from sideband and the independent of the operating system. Hence, a warning message appears before you delete the virtual drive.
If full initialization of a virtual disk is performed, background initialization is not required. During full initialization, the host is not able to access the virtual disk. If the system reboots during a full initialization, the operation terminates and a background initialization process starts on the virtual disk. It is always recommended to do a full initialization on drives that previously contained data. Full initialization can take up to 1-2 minutes per GB.
● ● ● ● interfaces and PERC 8 and 9 controllers still allow setting the read policy to Adaptive Read Ahead. While it is possible to set Read Ahead or Adaptive Read Ahead on PERC 8 or PERC 9, there is no functional difference.
Assign hot spare
○ A background initialization ○ A check consistency In addition, the Patrol Read operation suspends during heavy I/O activity and resumes when the I/O is complete. NOTE: For more information on how often the Patrol Read operation runs when in auto mode, see the respective controller documentation. NOTE: Patrol read mode operations such as Start and Stop are not supported if there are no virtual disks available in the controller.
Configuring controller properties using web interface 1. In the iDRAC web interface, go to Overview > Storage > Controllers > Setup. The Setup Controllers page is displayed. 2. In the Configure Controller Properties section, from the Controller drop-down menu, select the controller that you want to configure. 3. Specify the required information for the various properties. The Current Value column displays the existing values for each property.
You can import foreign configurations so that virtual disks are not lost after moving Physical Disks. A foreign configuration can be imported only if it contains a virtual disk that is in either Ready or Degraded state or a hotspare that is dedicated to a virtual disk which can be imported or is already present. All of the virtual disk data must be present, but if the virtual disk is using a redundant RAID level, the additional redundant data is not required.
To automatically import foreign configurations, in the Configure Controller Properties section, enable the Enhanced Auto Import Foreign Config option, select the Apply Operation Mode and click Apply. NOTE: You must reboot the system after enabling Enhanced Auto Import Foreign Config option for the foreign configurations to be imported.
Resetting controller configuration using web interface To reset the controller configuration: 1. In the iDRAC Web interface, go to Overview > Storage > Controllers > Troubleshooting. The Controllers Troubleshooting page is displayed. 2. From the Actions drop-down menu, select Reset Configuration for one or more controllers. 3. For each controller, from the Apply Operation Mode drop-down menu, select when you want to apply the settings. 4. Click Apply.
● Server Configuration Profile feature allows you to configure multiple RAID operations along with setting the controller mode. For example, if the PERC controller is in HBA mode, you can edit the export xml to change the controller mode to RAID, convert drives to ready and create a virtual disk. ● While changing the mode from RAID to HBA, the RAIDaction pseudo attribute is set to update (default behavior). The attribute runs and creates a virtual disk which fails.
Related concepts Inventorying and monitoring storage devices on page 195 Viewing system inventory on page 99 Updating device firmware on page 62 Monitoring predictive failure analysis on drives on page 211 Blinking or unblinking component LEDs on page 222 Monitoring predictive failure analysis on drives Storage management supports Self Monitoring Analysis and Reporting Technology (SMART) on physical disks that are SMARTenabled.
with a high-speed PCIe 2.0 or PCIe 3.0 compliant interface. iDRAC 2.20.20.20 and later versions support Half-Height HalfLength (HHHL) PCIe SSD cards on Dell’s 13th generation of PowerEdge rack and tower servers and Dell PowerEdge R920 servers. The HHHL SSD card can be directly plugged in to the PCI slot in the servers that do not have PCIe SSD supported backplanes. You can also use these cards on servers with supported backplanes. Using iDRAC interfaces, you can view and configure NVMe PCIe SSDs.
To view PCIe extender cards: racadm storage get controllers To view PCIe SSD backplane information: racadm storage get enclosures NOTE: For all the mentioned commands, PERC devices are also displayed. For more information, see the iDRAC RACADM Command Line Reference Guide available at dell.com/idracmanuals. Preparing to remove PCIe SSD PCIe SSDs support orderly hot swap allowing you to add or remove a device without halting or rebooting the system in which the devices are installed.
If pending operation is not created, an error message is displayed. If pending operation is successful and job creation is not successful, then an error message is displayed.
■ Graceful Shutdown ■ Force Shutdown ■ Power Cycle System (cold boot) NOTE: For PERC 8 or earlier controllers, Graceful Shutdown is the default option. For PERC 9 controllers, No Reboot (Manually Reboot System) is the default option. 5. Click Apply. If the job is not created, a message indicating that the job creation was not successful is displayed. Also, the message ID and the recommended response action is displayed.
● Unified mode —This is the default mode. The primary PERC controller has access to all the drives connected to the backplane even if a second PERC controller is installed. ● Split mode — One controller has access to the first 12 drives and the second controller has access to the last 12 drives. The drives connected to the first controller are numbered 0-11 while the drives connected to the second controller are numbered 12-23.
6. Power cycle the system for the setting to take effect. Configuring enclosure using RACADM To configure the enclosure or backplane, use the set command with the objects in BackplaneMode. For example, to set the BackplaneMode attribute to split mode: 1. Run the following command to view the current backplane mode: racadm get storage.enclosure.1.backplanecurrentmode The output is: BackplaneCurrentMode=UnifiedMode 2. Run the following command to view the requested mode: racadm get storage.enclosure.1.
9. Run the following command to cold reboot the server: racadm serveraction powercycle 10. After the system completes POST and CSIOR, type the following command to verify the backplanerequestedmode: racadm get storage.enclosure.1.backplanerequestedmode The output is: BackplaneRequestedMode=None 11. Run the following to verify is the backplane mode is set to split mode: racadm get storage.enclosure.1.backplanecurrentmode The output is: BackplaneCurrentMode=SplitMode 12.
You must have Server Control privilege to modify this setting. NOTE: You cannot set the SGPIO mode using iDRAC Web interface. Setting SGPIO mode using RACADM To configure the SGPIO mode, use the set command with the objects in the SGPIOMode group. If it is set to disabled, it is I2C mode. If enabled, it is set to SGPIO mode. For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
Based on the operation mode selected, the settings are applied. Choosing operation mode using RACADM To select the operation mode, use the jobqueue command. For more information, see the iDRAC RACADM Command Line Reference Guide available at dell.com/idracmanuals. Viewing and applying pending operations You can view and commit all pending operations for the storage controller. All the settings are either applied at once, during the next reboot, or at a scheduled time based on the selected options.
If the clear foreign configuration, import foreign configuration, security key operations, or encrypt virtual disk operations are in pending state, and if these are the only operations pending, then you cannot create a job from the Pending Operations page. You must perform any other storage configuration operation or use RACADM or WSMAN to create the required configuration job on the required controller. You cannot view or clear pending operations for PCIe SSDs in the Pending Operations page.
Case 4: selected add to pending operations and there are prior existing pending operations If you have selected Add to Pending Operations and then clicked Apply, first the pending operation is created for the selected storage configuration operation. ● If the pending operation is created successfully and if there are existing pending operations, then an information message is displayed: ○ Click OK to remain on the page to perform more storage configuration operations.
If the blink or unblink operation is not successful, error messages are displayed. Blinking or unblinking component LEDs using RACADM To blink or unblink component LEDs, use the following commands: racadm storage blink: racadm storage unblink: For more information, see the iDRAC RACADM Command Line Reference Guide available at dell.com/idracmanuals.
14 Configuring and using virtual console You can use the virtual console to manage a remote system using the keyboard, video, and mouse on your management station to control the corresponding devices on a managed server. This is a licensed feature for rack and tower servers. It is available by default in blade servers. The key features are: ● A maximum of six simultaneous Virtual Console sessions are supported. All the sessions view the same managed server console simultaneously.
Table 34. Supported screen resolutions and refresh rates (continued) Screen Resolution Refresh Rate (Hz) 1280x1024 60 It is recommended that you configure your monitor display resolution to 1280x1024 pixels or higher. NOTE: If you have an active Virtual Console session and a lower resolution monitor is connected to the Virtual Console, the server console resolution may reset if the server is selected on the local console.
● Web browser is configured to use HTML5, Java, or ActiveX plug-ins. ● Minimum network bandwidth of one MB/sec is available. NOTE: If the embedded video controller is disabled in BIOS and if you launch the Virtual Console, the Virtual Console Viewer is blank. While launching Virtual Console using 32-bit or 64-bit IE browsers, use HTML5, or use the required plug-in (Java or ActiveX) that is available in the respective browser. The Internet Options settings are common for all browsers.
NOTE: If you do not have Access Virtual Console privilege but have Access Virtual Media privilege, then using this URL launches the Virtual Media instead of the Virtual Console. Disabling warning messages while launching virtual console or virtual media using Java or ActiveX plug-in You can disable the warning messages while launching the Virtual Console or Virtual Media using Java plug-in. 1.
To launch the HTML5 virtual console, you must enable the virtual console feature from the iDRAC Virtual Console page and set the Virtual Console Type option to HTML5. You can launch virtual console as a pop-up window by using one of the following methods: ● From iDRAC Home page, click the Launch link available in the Console Preview session ● From iDRAC Virtual Console page, click Launch Virtual Console. ● From iDRAC login page, type https///console. This method is called as Direct Launch.
● Mouse Acceleration — Select the mouse acceleration based on the operating system. The following configuration options are displayed as a drop-down list: ○ Absolute (Windows, latest versions of Linux, Mac OS-X) ○ Relative, no acceleration ○ Relative (RHEL, earlier versions of Linux) ○ Linux RHEL 6.x and SUSE Linux Enterprise Server 11 or later Click Apply to apply the selected settings on the server. ● Virtual Media — Click Connect Virtual Media option to start the virtual media session.
Passing all keystrokes through virtual console for Java or ActiveX plug-in You can enable the Pass all keystrokes to server option and send all keystrokes and key combinations from the management station to the managed system through the Virtual Console Viewer. If it is disabled, it directs all the key combinations to the management station where the Virtual Console session is running.
● All the individual keys (not a combination of different keys, but a single key stroke) are always sent to the managed system. This includes all the Function keys, Shift, Alt, Ctrl key and Menu keys. Some of these keys affect both management station and managed system.
Using SSH/Telnet or external serial connector (directly connecting through serial cable) 1. For telnet/SSH sessions, after logging in using the iDRAC username and password, at the /admin> prompt, run the command console com2. The localhost.localdomain prompt appears. 2. For console redirection using external serial connector directly connected to the system through a serial cable, the localhost.localdomain login prompt appears after the server boots to the operating system. 3.
15 Managing virtual media Virtual media allows the managed server to access media devices on the management station or ISO CD/DVD images on a network share as if they were devices on the managed server. Using the Virtual Media feature, you can: ● Remotely access media connected to a remote system over the network ● Install applications ● Update drivers ● Install an operating system on the managed system This is a licensed feature for rack and tower servers. It is available by default for blade servers.
Table 35. Supported drives and devices Drive Supported Storage Media Virtual Optical Drives ● ● ● ● ● Virtual floppy drives ● CD-ROM/DVD image file in the ISO9660 format ● Floppy image file in the ISO9660 format USB flash drives ● USB CD-ROM drive with CD-ROM media ● USB Key image in the ISO9660 format Legacy 1.44 floppy drive with a 1.
Table 36. Attached media state and system response Attached Media State System Response Detach Cannot map an image to the system. Attach Media is mapped even when Client View is closed. Auto-attach Media is mapped when Client View is opened and unmapped when Client View is closed. Server settings for viewing virtual devices in virtual media You must configure the following settings in the management station to allow visibility of empty drives.
Launching virtual media without using virtual console Before you launch Virtual Media when the Virtual Console is disabled, make sure that ● Virtual Media is in Attach state. ● System is configured to unhide empty drives. To do this, in Windows Explorer, navigate to Folder Options, clear the Hide empty drives in the Computer folder option, and click OK. To launch Virtual Media when Virtual Console is disabled: 1. In the iDRAC web Interface, go to Overview > Server > Virtual Console.
Viewing virtual device details To view the virtual device details, in the Virtual Console Viewer, click Tools > Stats. In the Stats window, the Virtual Media section displays the mapped virtual devices and the read/write activity for each device. If Virtual Media is connected, this information is displayed. If Virtual Media is not connected, the “Virtual Media is not connected” message is displayed.
For CD/DVD devices, this option is enabled by default and you cannot disable it. NOTE: The ISO and IMG files map as read-only files if you map these files by using the HTML5 virtual console. 5. Click Map Device to map the device to the host server. After the device/file is mapped, the name of its Virtual Media menu item changes to indicate the device name. For example, if the CD/DVD device is mapped to an image file named foo.iso, then the CD/DVD menu item on the Virtual Media menu is named foo.
6. Click Yes to save the changes and exit. The managed system reboots. The managed system attempts to boot from a bootable device based on the boot order. If the virtual device is connected and a bootable media is present, the system boots to the virtual device. Otherwise, the system overlooks the device—similar to a physical device without bootable media. Enabling boot once for virtual media You can change the boot order only once when you boot after attaching remote Virtual Media device.
16 Installing and using VMCLI utility The Virtual Media Command Line Interface (VMCLI) utility is an interface that provides virtual media features from the management station to iDRAC on the managed system. Using this utility you can access virtual media features, including image files and physical drives, to deploy an operating system on multiple remote systems in a network. NOTE: VMCLI supports only the TLS 1.0 security protocol.
NOTE: VMCLI syntax is case-sensitive. To ensure security, it is recommended to use the following VMCLI parameters: ● vmcli -i — Enables an interactive method of starting VMCLI. It ensures that the user name and password are not visible when processes are examined by other users. ● vmcli -r -S -u -p -c {< device-name > | < image-file >} — Indicates whether the iDRAC CA certificate is valid.
NOTE: The VMCLI utility does not read from standard input (stdin). Hence, stdin redirection is not required. ● Background execution — By default, the VMCLI utility runs in the foreground. Use the operating system's command shell features for the utility to run in the background. For example, under a Linux operating system, the ampersand character (&) following the command causes the program to be spawned as a new background process.
17 Managing vFlash SD card The vFlash SD card is a Secure Digital (SD) card that plugs into the vFlash SD card slot in the system. You can use a card with a maximum of 16 GB capacity. After you insert the card, you must enable vFlash functionality to create and manage partitions. vFlash is a licensed feature. If the card is not available in the system's vFlash SD card slot, the following error message is displayed in the iDRAC Web interface at Overview > Server > vFlash: SD card not detected.
Viewing vFlash SD card properties using RACADM To ● ● ● ● ● view the vFlash SD card properties using RACADM, use the get command with the following objects: iDRAC.vflashsd.AvailableSize iDRAC.vflashsd.Health iDRAC.vflashsd.Licensed iDRAC.vflashsd.Size iDRAC.vflashsd.WriteProtect For more information about these objects, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
3. Click Back, click Finish, and then click Yes. The vFlash functionality is enabled or disabled based on the selection. Initializing vFlash SD card The initialize operation reformats the SD card and configures the initial vFlash system information on the card. NOTE: If the SD card is write-protected, then the Initialize option is disabled. Initializing vFlash SD card using web interface To initialize the vFlash SD card: 1. In the iDRAC Web interface, go to Overview > Server > vFlash.
Managing vFlash partitions You can perform the following using the iDRAC Web interface or RACADM: NOTE: An administrator can perform all operations on the vFlash partitions. Else, you must have Access Virtual Media privilege to create, delete, format, attach, detach, or copy the contents for the partition.
2. Enter the command: racadm vflashpartition create -i 1 -o drive1 -t empty -e HDD -f fat16 -s [n] where [n] is the partition size. By default, an empty partition is created as read-write. Creating a partition using an image file You can create a new partition on the vFlash SD card using an image file (available in the .img or .iso format.) The partitions are of emulation types: Floppy (.img), Hard Disk (.img), or CD (.iso). The created partition size is equal to the image file size.
NOTE: Creating vFlash partition from an image file located on the CFS or NFS IPv6 enabled network share is not supported. Formatting a partition You can format an existing partition on the vFlash SD card based on the type of file system. The supported file system types are EXT2, EXT3, FAT16, and FAT32. You can only format partitions of type Hard Disk or Floppy, and not CD. You cannot format read-only partitions.
Modifying a partition You can change a read-only partition to read-write or vice-versa. Before modifying the partition, make sure that: ● The vFlash functionality is enabled. ● You have Access Virtual Media privileges. NOTE: By default, a read-only partition is created. Modifying a partition using web interface To modify a partition: 1. In the iDRAC Web interface, go to Overview > Server > vFlash > Manage. The Manage Partitions page is displayed. 2.
Attaching or detaching partitions using web interface To attach or detach partitions: 1. In the iDRAC Web interface, go to Overview > Server > vFlash > Manage. The Manage Partitions page is displayed. 2. In the Attached column: ● Select the checkbox for the partition(s) and click Apply to attach the partition(s). ● Clear the checkbox for the partition(s) and click Apply to detach the partition(s). The partitions are attached or detached, based on the selections.
Deleting existing partitions using RACADM To delete partitions: 1. Open a telnet, SSH, or Serial console to the system and log in. 2. Enter the following commands: ● To delete a partition: racadm vflashpartition delete -i 1 ● To delete all partitions, re-initialize the vFlash SD card. Downloading partition contents You can download the contents of a vFlash partition in the .img or .iso format to the: ● Managed system (where iDRAC is operated from) ● Network location mapped to a management station.
NOTE: When you run this command, the vFlash partition label is automatically set to boot once (iDRAC.ServerBoot.BootOnce is set to 1.) Boot once boots the device to the partition only once and does not keep it persistently first in the boot order.
18 Using SMCLP The Server Management Command Line Protocol (SMCLP) specification enables CLI-based systems management. It defines a protocol for management commands transmitted over standard character oriented streams. This protocol accesses a Common Information Model Object Manager (CIMOM) using a human-oriented command set. The SMCLP is a sub-component of the Distributed Management Task Force (DMTF) SMASH initiative to streamline systems management across multiple platforms.
NOTE: Scripts using -$ can use these for yx1x systems, but starting with yx2x systems one script with admin-> can be used for blade, rack, and tower servers. iDRAC SMCLP syntax The iDRAC SMCLP uses the concept of verbs and targets to provide systems management capabilities through the CLI. The verb indicates the operation to perform, and the target determines the entity (or object) that runs the operation.
Table 39.
Table 39.
Table 39.
Using the -level option The show -level option executes show over additional levels beneath the specified target. To see all targets and properties in the address space, use the -l all option. Using the -output option The -output option specifies one of four formats for the output of SM-CLP verbs: text, clpcsv, keyword, and clpxml. The default format is text, and is the most readable output. The clpcsv format is a comma-separated values format suitable for loading into a spreadsheet program.
Targets: Record1 Record2 Record3 Record4 Record5 Properties: InstanceID = IPMI:BMC1 SEL Log MaxNumberOfRecords = 512 CurrentNumberOfRecords = 5 Name = IPMI SEL EnabledState = 2 OperationalState = 2 HealthState = 2 Caption = IPMI SEL Description = IPMI SEL ElementName = IPMI SEL Commands: cd show help exit version ● To view the SEL record: show/system1/logs1/log1 The following output is displayed: /system1/logs1/log1/record4 Properties: LogCreationClassName= CIM_RecordLog CreationClassName= CIM_LogRecord Log
delete /system1/logs1/log1/record* The following output is displayed: All records deleted successfully Map target navigation The following examples show how to use the cd verb to navigate the MAP. In all examples, the initial default target is assumed to be /. Type the following commands at the SMCLP command prompt: ● To navigate to the system target and reboot: cd system1 reset The current default target is /.
19 Using iDRAC Service Module The iDRAC Service Module is a software application that is recommended to be installed on the server (it is not installed by default). It complements iDRAC with monitoring information from the operating system. It complements iDRAC by providing additional data to work with iDRAC interfaces such as the Web interface, RACADM, and WSMAN. You can configure the features monitored by the iDRAC Service Module to control the CPU and memory consumed on the server’s operating system.
● ● ● ● ● ● In-band iDRAC SNMP alerts View operating system (OS) information Replicate Lifecycle Controller logs to operating system logs Perform automatic system recovery options Populate Windows Management Instrumentation (WMI) Management Providers Integrate with SupportAssist Collection. This is applicable only if iDRAC Service Module version 2.0 or later is installed. For more information, see Generating SupportAssist Collection. ● Prepare to Remove NVMe PCIe SSD.
You can perform automatic system recovery operations such as reboot, power cycle, or power off the server after a specified time interval. This feature is enabled only if the operating system watchdog timer is disabled. If OpenManage Server Administrator is installed, this monitoring feature is disabled to avoid duplicate watchdog timers.
CIM Interface WinRM WMIC s.1+SystemCreationC lassName=DCIM_SPCom puterSystem+SystemN ame=systemmc} PowerShell Name='systemmc'}" namespace root/ cimv2/dcim Remote iDRAC Hard Reset By using iDRAC, you can monitor the supported servers for critical system hardware, firmware, or software issues. Sometimes, iDRAC may become unresponsive due to various reasons. During such scenarios, you must turn off the server and reset iDRAC.
iSM provides an executable command on all iSM supported Linux operating system. You can run this command by logging into the operating system by using SSH or equivalent. Invoke-iDRACHardReset Invoke-iDRACHardReset –f ● ESXi On all iSM supported ESXi operating systems, the iSM v2.3 supports a Common Management Programming Interface (CMPI) method provider to perform the iDRAC reset remotely by using the WinRM remote commands. winrm i iDRACHardReset http://schemas.dell.
○ Using the remote WMI interface: winrm i EnableInBandSNMPTraps wmi/root/cimv2/dcim/DCIM_iSMService? InstanceID="iSMExportedFunctions" @{state="[0/1]"} -u: -p: -r:http:///wsman a:Basic -encoding:utf-8 -skipCACheck –skipCNCheck - ● Linux operating system On all iSM supported Linux operating system, iSM provides an executable command. You can run this command by logging into the operating system by using SSH or equivalent. Beginning with iSM 2.4.
● Configure using iSM PowerShell script Installation by using MSI You can install this feature by using the web-pack. This feature is disabled on a typical iSM installation. If enabled, the default listening port number is 1266. You can modify this port number within the range 1024 through 65535. iSM redirects the connection to the iDRAC. iSM then creates an inbound firewall rule, OS2iDRAC.
is required and is optional. IP range in format. Example: 10.95.146.98/24 Coexistence of OpenManage Server Administrator and iDRAC Service Module In a system, both OpenManage Server Administrator and the iDRAC Service Module can co-exist and continue to function correctly and independently.
You can view the replicated Lifecycle logs using the WMI or Windows PowerShell query: GetCimInstance –Namespace root/cimv2 – className win32_NTLogEvent By default, the logs are available at Event viewer > Applications and Services Logs > System.
20 Using USB port for server management In Dell PowerEdge 12 th generation servers, all USB ports are dedicated to the server. With the 13 th generation of servers, one of the front panel USB port is used by iDRAC for management purposes such as pre-provisioning and troubleshooting. The port has an icon to indicate that it is a management port. All 13 th generation servers with LCD panel support this feature. This port is not available in a few of the 200-500 model variations without the LCD panel.
7. After using, disconnect the cable. The LED turns off. Configuring iDRAC using server configuration profile on USB device With the new iDRAC Direct feature, you can configure iDRAC at-the-server. First configure the USB Management port settings in iDRAC, insert the USB device that has the server configuration profile, and then import the server configuration profile from the USB device to iDRAC.
Configuring USB management port using web interface To configure the USB port: 1. In the iDRAC Web interface, go to Overview > Hardware > USB Management Port. The Configure USB Management Port page is displayed. 2. From the USB Management Port Mode drop-down menu, select any of the following options: ● Automatic — USB Port is used by iDRAC or the server’s operating system. ● Standard OS Use — USB port is used by the server OS. ● iDRAC Direct only — USB pot is used by iDRAC. 3.
● Enabled For information about the fields, see the iDRAC Settings Utility Online Help. 4. Click Back, click Finish and then click Yes to apply the settings. Importing server configuration profile from USB device Make sure to create a directory in root of the USB device called System_Configuration_XML which contains both the config.xml and control.xml files: ● Server Configuration Profile is in the System_Configuration_XML sub-directory under the USB device root directory.
7. After the import job is complete, the LCD/LED indicates that the job is complete. If a reboot is required, LCD displays the job status as “Paused waiting on reboot”. 8. If the USB device is left inserted on the server, the result of the import operation is recorded in the results.xml file in the USB device. LCD messages If the LCD panel is available, it displays the following messages in a sequence: 1. Importing – When the server configuration profile is being copied from the USB device. 2.
21 Using iDRAC Quick Sync A few Dell 13 th generation PowerEdge servers have the Quick Sync bezel that supports the Quick Sync feature. This feature enables at-the-server management with a mobile device. This allows you to view inventory and monitoring information and configure basic iDRAC settings (such as root credential setup and configuration of the first boot device) using the mobile device. You can configure iDRAC Quick Sync access for your mobile device (example, OpenManage Mobile) in iDRAC.
You must have Server Control privilege to configure the settings. A server reboot is not required for the settings to take effect. An entry is logged to the Lifecycle Controller log when the configuration is modified. Configuring iDRAC Quick Sync settings using web interface To configure iDRAC Quick Sync: 1. In the iDRAC web interface, go to Overview > Hardware > Front Panel. 2.
22 Deploying operating systems You can use any of the following utilities to deploy operating systems to managed systems: ● Remote File Share ● Virtual Media Console Related tasks Deploying operating system using remote file share on page 277 Deploying operating system using virtual media on page 279 Topics: • • • Deploying operating system using remote file share Deploying operating system using virtual media Deploying embedded operating system on SD card Deploying operating system using remote file sha
NOTE: If ESXi is running on the managed system and if you mount a floppy image (.img) using RFS, the connected floppy image is not available to the ESXi operating system. RFS and Virtual Media features are mutually exclusive. ● If the Virtual Media client is not active, and you attempt to establish an RFS connection, the connection is established and the remote image is available to the host operating system.
For SLES, the CD device is /dev/sr0 and the floppy device is /dev/sdc. To make sure that the correct device is used (for either SLES or RHEL), when you connect the virtual device, on the Linux OS you must immediately run the command: tail /var/log/messages | grep SCSI This displays the text that identifies the device (example, SCSI device sdc). This procedure also applies to Virtual Media when you are using Linux distributions in runlevel init 3. By default, the virtual media is not auto-mounted in init 3.
Installing operating system from multiple disks 1. Unmap the existing CD/DVD. 2. Insert the next CD/DVD into the remote optical drive. 3. Remap the CD/DVD drive. Deploying embedded operating system on SD card To install an embedded hypervisor on an SD card: 1. Insert the two SD cards in the Internal Dual SD Module (IDSDM) slots on the system. 2. Enable SD module and redundancy (if required) in BIOS. 3. Verify if the SD card is available on one of the drives when you during boot. 4.
23 Troubleshooting managed system using iDRAC You can diagnose and troubleshoot a remote managed system using: ● Diagnostic console ● Post code ● Boot and crash capture videos ● Last system crash screen ● System event logs ● Lifecycle logs ● Front panel status ● Trouble indicators ● System health Related tasks Using diagnostic console on page 281 Scheduling remote automated diagnostics on page 282 Viewing post codes on page 283 Viewing boot and crash capture videos on page 283 Viewing logs on page 283 Viewi
2. In the Command text box, enter a command and click Submit. For information about the commands, see the iDRAC Online Help. The results are displayed on the same page. Scheduling remote automated diagnostics You can remotely invoke automated offline diagnostics on a server as a one-time event and return the results. If the diagnostics require a reboot, you can reboot immediately or stage it for a subsequent reboot or maintenance cycle (similar to updates).
Viewing post codes Post codes are progress indicators from the system BIOS, indicating various stages of the boot sequence from power-on-reset, and allows you to diagnose any faults related to system boot-up. The Post Codes page displays the last system post code prior to booting the operating system. To view the Post Codes, go to Overview > Server > Troubleshooting > Post Code. The Post Code page displays the system health indicator, a hexadecimal code, and a description of the code.
2. In iDRAC Web interface, go to Overview > Server > Troubleshooting > Last Crash Screen. The Last Crash Screen page displays the last saved crash screen from the managed system. Click Clear to delete the last crash screen.
Hardware trouble indicators The hardware related problems are: ● Failure to power up ● Noisy fans ● Loss of network connectivity ● Hard drive failure ● USB media failure ● Physical damage Based on the problem, use the following methods to correct the problem: ● Reseat the module or component and restart the system ● In case of a blade server, insert the module into a different bay in the chassis ● Replace hard drives or USB flash drives ● Reconnect or replace the power and network cables If problem persists
You can generate a health report of the server and then export the report to a location on the management station (local) or to a shared network location such as Common Internet File System (CIFS) or Network File Share (NFS). You can then share this report directly with the Tech Support. To export to a network share such as CIFS or NFS, direct network connectivity to the iDRAC shared or dedicated network port is required. The report is generated in the standard ZIP format.
NOTE: While specifying the network share settings, it is recommended to avoid special characters for user name and password or percent encode the special characters. ● Click Advanced Export Options to select the following additional options: ○ RAID Controller Log ○ Enable Report Filtering under OS and Application Data Based on the options selected, the time taken to collect the data is displayed next to these options. 3. Select the I agree to allow SupportAssist to use this data option and click Export. 4.
Generating SupportAssist Collection manually using iDRAC web interface To generate the SupportAssist collection manually: 1. In the iDRAC Web interface, go to Overview > Server > Troubleshooting > SupportAssist. The SupportAssist page is displayed. 2. Select options for which you want to collect the data: ● Hardware to export the report to a location on the local system ● OS and Application Data to export the report to a network share and specify the network settings.
Resetting iDRAC using iDRAC web interface To restart iDRAC, do one of the following in the iDRAC Web interface: ● Go to Overview > Server > Summary. Under Quick Launch Tasks, click Reset iDRAC. ● Go to Overview > Server > Troubleshooting > Diagnostics. Click Reset iDRAC. Resetting iDRAC using RACADM To restart iDRAC, use the racreset command. For more information, see the RACADM Reference Guide for iDRAC and CMC available at dell.com/support/manuals.
Resetting iDRAC to factory default settings using iDRAC web interface To reset iDRAC to factory default settings using the iDRAC Web interface: 1. Go to Overview > Server > Troubleshooting > Diagnostics. The Diagnostics Console page is displayed. 2. Click Reset iDRAC to Default Settings. The completion status is displayed in percentage. iDRAC reboots and is restored to factory defaults. The iDRAC IP is reset and is not accessible. You can configure the IP using the front panel or BIOS.
24 Frequently asked questions This section lists the frequently asked questions for the following: ● System Event Log ● Network security ● Active Directory ● Single Sign On ● Smart card login ● Virtual console ● Virtual media ● vFlash SD card ● SNMP authentication ● Storage devices ● iDRAC Service Module ● RACADM ● Miscellaneous Topics: • • • • • • • • • • • • • System Event Log Network security Active Directory Single Sign-On Smart card login Virtual console Virtual media vFlash SD card SNMP authenticati
iDRAC includes a default iDRAC server certificate to ensure network security while accessing through the Web-based interface and remote RACADM. This certificate is not issued by a trusted CA. To resolve this, upload a iDRAC server certificate issued by a trusted CA (for example, Microsoft Certificate Authority, Thawte or Verisign). Why the DNS server not registering iDRAC? Some DNS servers register iDRAC names that contain only up to 31 characters.
Certificate validation fails even if IP address is used as the domain controller address. How to resolve this? Check the Subject or Subject Alternative Name field of your domain controller certificate. Normally, Active Directory uses the host name and not the IP address of the domain controller in the Subject or Subject Alternative Name field of the domain controller certificate.
1. Run the technet.microsoft.com/en-us/library/dd560670(WS.10).aspx for the domain controller and domain policy. 2. Configure the computers to use the DES-CBC-MD5 cipher suite. These settings may affect compatibility with client computers or services and applications in your environment. The Configure encryption types allowed for Kerberos policy setting is located at Computer Configuration > Security Settings > Local Policies > Security Options. 3. 4. 5. 6.
Virtual console Virtual Console session is active even if you have logged out of iDRAC web interface. Is this the expected behavior? Yes. Close the Virtual Console Viewer window to log out of the corresponding session. Can a new remote console video session be started when the local video on the server is turned off? Yes.
This message is generated by Microsoft to alert the user that Virtual Console is enabled. To make sure that this message does not appear, always turn off Virtual Console in the iDRAC Settings utility before remotely installing an operating system.
When launching both the GUI and Virtual Console to the same iDRAC system on a management station, a session time-out for the iDRAC GUI occurs if the GUI is launched before the popup closes. If the iDRAC GUI is launched from the CMC web interface after the popup with the Virtual Console closed, this issue does not appear. Why does Linux SysRq key not work with Internet Explorer? The Linux SysRq key behavior is different when using Virtual Console from Internet Explorer.
You can also boot with a Windows 98 startup disk and copy system files from the startup disk to the USB key. For example, from the DOS prompt, type the following command: sys a: x: /s where, x: is the USB key that is required to be set as a bootable device. The Virtual Media is attached and connected to the remote floppy. But, cannot locate the Virtual Floppy/Virtual CD device on a system running Red Hat Enterprise Linux or the SUSE Linux operating system.
To maximize Virtual Media performance, launch the Virtual Media with the Virtual Console disabled or do one of the following: ● Change the performance slider to Maximum Speed. ● Disable encryption for both Virtual Media and Virtual Console. NOTE: In this case, the data transfer between managed server and iDRAC for Virtual Media and Virtual Console will not be secured. ● If you are using any Windows server operating systems, stop the Windows service named Windows Event Collector.
Open the Control Panel, verify if iDRAC Service Module is listed in the list of installed programs displayed. ● On systems running Linux: Run the command rpm —qi dcism. If the iDRAC Service Module is installed, the status displayed is installed. NOTE: To check if the iDRAC Service Module is installed on Red Hat Enterprise Linux 7, use the systemctl status dcismeng.service command instead of the init.d command.
Where is the Replicated Lifecycle log available on the operating system? To view the replicated Lifecycle logs: Operating System Microsoft Windows Location Event viewer > Windows Logs > System. All the iDRAC Service Module Lifecycle logs are replicated under the source name iDRAC Service Module. NOTE: In iSM version 2.1 and later, Lifecycle logs are replicated under the Lifecycle Controller Log source name. In iSM version 2.0 and earlier, the logs are replicated under iDRAC Service Module source name.
The iDRAC Web server is reset when: ● The network configuration or network security properties are changed using the iDRAC web user interface. ● The iDRAC.Webserver.HttpsPort property is changed, including when a racadm set -f changes it. ● The racresetcfg command is used. ● iDRAC is reset. ● A new SSL server certificate is uploaded.
Speed Duplex = Autonegotiate = Autonegotiate NOTE: You can also perform this using remote RACADM. For more information on CMC RACADM commands, see the CMC RACADM Command Line Interface Reference Guide available at dell.com/esmmanuals. For more information on iDRAC RACADM commands, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals. How to find iDRAC IP address for rack and tower server? ● From iDRAC web Interface: Go to Overview > Server > Properties > Summary.
iDRAC on blade server is not responding during boot. Remove and reinsert the server. Check CMC web interface to see if iDRAC is displayed as an upgradable component. If it does, follow the instructions in Updating firmware using CMC web interface. If the problem persists, contact technical support. When attempting to boot the managed server, the power indicator is green, but there is no POST or no video. This happens due to any of the following conditions: ● Memory is not installed or is inaccessible.
25 Use case scenarios This section helps you in navigating to specific sections in the guide to perform typical use case scenarios.
Generating SupportAssist Collection on page 285 Inventorying and monitoring storage devices on page 195 Using iDRAC Service Module on page 261 Obtaining system information and assess system health To obtain system information and assess system health: ● In iDRAC Web interface, go to Overview > Server > System Summary to view the system information and access various links on this page to asses system health. For example, you can check the health of the chassis fan.
● Dell Remote Access Configuration Tool (DRACT) Performing graceful shutdown To perform graceful shutdown, in iDRAC Web interface, go to one of the following locations: ● Overview > Server > Power/Thermal > Power Configuration > Power Control. The Power Control page is displayed. Select Graceful Shutdown and click Apply. ● Overview > Server > Power/Thermal > Power Monitoring. From the Power Control drop-down menu, select Graceful Shutdown and click Apply.
2. Based on the data, power infrastructure and cooling system limitations, enable the power cap policy and set the power cap values. NOTE: It is recommended that you set a cap close to the peak, and then use that capped level to determine how much capacity is remaining in the rack for adding more servers. Installing new electronic license See License operations for more information.
