Integrated Dell Remote Access Controller 8 (iDRAC8) Version 2.05.05.
Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your computer. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. Copyright © 2014 Dell Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws.
Contents 1 Overview...............................................................................................................16 Benefits of Using iDRAC With Lifecycle Controller............................................................................16 Key Features......................................................................................................................................... 17 New In This Release...............................................................................
Enabling or Disabling Default Password Warning Message Using Web Interface...................... 41 Enabling or Disabling Warning Message to Change Default Login Password Using RACADM.........................................................................................................................................41 3 Setting Up Managed System and Management Station..............................42 Setting Up iDRAC IP Address..............................................................................
Backing Up Server Profile....................................................................................................................76 Backing Up Server Profile Using iDRAC Web Interface................................................................77 Backing Up Server Profile Using RACADM................................................................................... 77 Scheduling Automatic Backup Server Profile...............................................................................
Enabling or Disabling OS to iDRAC Pass-through Using RACADM............................................ 97 Enabling or Disabling OS to iDRAC Pass-through Using iDRAC Settings Utility........................ 97 Obtaining Certificates......................................................................................................................... 97 SSL Server Certificates..................................................................................................................
Switching Between RAC Serial and Serial Console While Using DB9 Cable.................................. 123 Switching From Serial Console to RAC Serial............................................................................ 123 Switching From RAC Serial to Serial Console............................................................................ 123 Communicating With iDRAC Using IPMI SOL..................................................................................
Creating Active Directory Objects and Providing Privileges......................................................167 Configuring Browser to Enable Active Directory SSO............................................................... 167 Configuring iDRAC SSO Login for Active Directory Users.............................................................. 168 Configuring iDRAC SSO Login for Active Directory Users Using Web Interface......................
Viewing Lifecycle Log ...................................................................................................................... 185 Viewing Lifecycle Log Using Web Interface...............................................................................186 Viewing Lifecycle Log Using RACADM.......................................................................................186 Exporting Lifecycle Controller Logs...................................................................................
Configuring Persistence Policy Settings.................................................................................... 200 13 Managing Storage Devices........................................................................... 204 Understanding RAID Concepts........................................................................................................ 205 What Is RAID?..............................................................................................................................
Inventory and Monitoring PCIe SSDs......................................................................................... 237 Preparing to Remove PCIe SSD..................................................................................................238 Erasing PCIe SSD Device Data....................................................................................................239 Managing Enclosures or Backplanes.........................................................................................
15 Managing Virtual Media................................................................................ 263 Supported Drives and Devices......................................................................................................... 264 Configuring Virtual Media.................................................................................................................264 Configuring Virtual Media Using iDRAC Web Interface............................................................
18 Using SMCLP................................................................................................... 286 System Management Capabilities Using SMCLP.............................................................................286 Running SMCLP Commands............................................................................................................ 287 iDRAC SMCLP Syntax......................................................................................................................
Deploying Operating System Using Remote File Share.................................................................. 310 Managing Remote File Share.......................................................................................................311 Configuring Remote File Share Using Web Interface................................................................ 312 Configuring Remote File Share Using RACADM........................................................................
Virtual Media..................................................................................................................................... 336 vFlash SD Card.................................................................................................................................. 339 SNMP Authentication........................................................................................................................339 Storage Devices......................................................
Overview 1 The Integrated Dell Remote Access Controller (iDRAC) is designed to make server administrators more productive and improve the overall availability of Dell servers. iDRAC alerts administrators to server issues, helps them perform remote server management, and reduces the need for physical access to the server. iDRAC with Lifecycle controller technology is part of a larger datacenter solution that helps keep business critical applications and workloads available at all times.
• Secure Environment — By providing secure access to remote servers, administrators can perform critical management functions while maintaining server and network security. • Enhanced Embedded Management through Lifecycle Controller – Lifecycle Controller provides deployment and simplified serviceability through Lifecycle Controller GUI for local deployment and Remote Services (WS-Management) interfaces for remote deployment integrated with Dell OpenManage Essentials and partner consoles.
• Perform the following operations for storage devices: – Physical disks: Assign or unassign physical disk as a global hot spare. – Virtual disks: * Create virtual disks. * Edit virtual disks cache policies. * Check virtual disk consistency. * Initialize virtual disks. * Encrypt virtual disks. * Assign or unassign dedicated hot spare. * Delete virtual disks. – Controllers: * Configure controller properties. * Import or auto-import foreign configuration. * Clear foreign configuration.
• View boot and crash capture videos. • Out-of-band monitor and alert the performance index of CPU, memory, and I/O modules. • Configure warning threshold for inlet temperature and power consumption. • Use iDRAC Service Module to: – View Operating System (OS) information. – Replicate Lifecycle Controller logs to operating system logs. – Automatic system recovery options. – Populate Windows Management Instrumentation (WMI) information. – Integrate with Technical Support Report.
New In This Release • Support for the following PowerEdge systems: – PowerEdge T430 – PowerEdge R530 – PowerEdge R430 – PowerEdge M630 – PowerEdge FC630 • Configure CMC firmware update settings to perform firmware update for CMC and its shared components from iDRAC. This is applicable for FX2/FX2s chassis • Update to the list of licensable features. • Support for DNS domain name in SNMP traps.
iDRAC license management and firmware update functionality is available through iDRAC Web interface and RACADM. Types of Licenses The types of licenses offered are: • 30 day evaluation and extension — The license expires after 30 days and can be extended for 30 days. Evaluation licenses are duration based, and the timer runs when power is applied to the system. • Perpetual — The license is bound to the service tag and is permanent.
NOTE: For the Learn More option to display the correct page, make sure that *.dell.com is added to the list of Trusted Sites in the Security Settings. For more information, see the Internet Explorer help documentation. For one-to-many license deployment, you can use Dell License Manager. For more information, see the Dell License Manager User’s Guide available at dell.com/support/manuals.
Licensable Features In iDRAC8 The following table provides the iDRAC8 features that are enabled based on the license purchased. Feature iDRAC8 Basic iDRAC8 Express iDRAC8 Express for Blades iDRAC8 Enterprise IPMI 2.0 Yes Yes Yes Yes DCMI 1.
Feature iDRAC8 Basic iDRAC8 Express iDRAC8 Express for Blades iDRAC8 Enterprise Local users Yes Yes Yes Yes SSL encryption Yes Yes Yes Yes IP blocking No Yes Yes Yes Directory services (AD, LDAP) No No No Yes Two-factor authentication (smart card) No No No Yes Single sign-on (kerberos) No No No Yes PK authentication (for SSH) No Yes Yes Yes Power control Yes Yes Yes Yes Boot control Yes Yes Yes Yes Serial-over-LAN Yes Yes Yes Yes Virtual Media No No Y
Feature iDRAC8 Basic iDRAC8 Express iDRAC8 Express for Blades iDRAC8 Enterprise Automatic power on after Yes loss Yes Yes Yes Real-time power meter Yes Yes Yes Yes Power thresholds and alerts (includes headroom) No Yes Yes Yes Real-time power graphing No Yes Yes Yes Historical power counters No Yes Yes Yes Power capping No No No Yes Power Center integration No No No Yes Temperature monitoring Yes Yes Yes Yes Temperature graphing No Yes Yes Yes Full agent-free m
Feature iDRAC8 Basic iDRAC8 Express iDRAC8 Express for Blades iDRAC8 Enterprise HD monitoring (enclosure) Yes Yes Yes Yes Out of Band Performance No Monitoring No No Yes Update Remote agent-free update Yes Yes Yes Yes Embedded update tools Yes Yes Yes Yes Sync with repository (scheduled updates) No No No Yes Auto-update No No No Yes Deployment and Configuration Embedded OS deployment tools Yes Yes Yes Yes Embedded configuration tools (iDRAC Settings Utility) Yes Yes
Feature iDRAC8 Basic iDRAC8 Express iDRAC8 Express for Blades iDRAC8 Enterprise Embedded diagnostic tools Yes Yes Yes Yes Part Replacement No Yes Yes Yes Server Configuration Backup No No No Yes Server Configuration Restore Yes Yes Yes Yes Easy Restore (system configuration) Yes Yes Yes Yes Health LED / LCD Yes Yes Yes Yes Quick Sync (require NFC bezel) Yes Yes N/A Yes iDRAC Direct (front USB management port) Yes Yes Yes Yes iDRAC Service Module (iSM) Yes Yes Y
Feature iDRAC8 Basic iDRAC8 Express iDRAC8 Express for Blades iDRAC8 Enterprise License management Yes Yes Yes Yes [1] Not available with blade servers. [2] 500 series and lower rack and tower servers require a hardware card to enable this feature; this hardware is offered at additional cost. [3] Requires vFlash SD card media. Interfaces and Protocols to Access iDRAC The following table lists the interfaces to access iDRAC.
Interface or Protocol Description Server LCD Panel/ Chassis LCD Panel Use the LCD on the server front panel to: • View alerts, iDRAC IP or MAC address, user programmable strings. • Set DHCP • Configure iDRAC static IP settings. For blade servers, the LCD is on the chassis front panel and is shared between all the blades. To reset iDRAC without rebooting the server, press and hold the System Identification CMC Web Interface button for 16 seconds.
Interface or Protocol Description VMCLI Use the Virtual Media Command Line Interface (VMCLI) to access a remote media through the management station and deploy operating systems on multiple managed systems. SMCLP Use Server Management Workgroup Server Management-Command Line Protocol (SMCLP) to perform systems management tasks. This is available through SSH or Telnet. For more information about SMCLP, see Using SMCLP.
Port Number Function 623 RMCP/RMCP+ 161* SNMP 5900* Virtual Console keyboard and mouse redirection, Virtual Media, Virtual Folders, and Remote File Share 5901 VNC When VNC feature is enabled, the port 5901 opens. * Configurable port The following table lists the ports that iDRAC uses as a client. Table 4.
• The iDRAC8 RACADM Command Line Interface Reference Guide provides information about the RACADM sub-commands, supported interfaces, and iDRAC property database groups and object definitions. • The iDRAC RACADM Support Matrix provides the list of sub commands and objects that are applicable for a particular iDRAC version. • The Systems Management Overview Guide provides brief information about the various software available to perform systems management tasks.
Social Media Reference To know more about the product, best practices, and information about Dell solutions and services, you can access the social media platforms such as Dell TechCenter. You can access blogs, forums, whitepapers, how-to videos, and so on from the iDRAC wiki page at www.delltechcenter.com/idrac. For iDRAC and other related firmware documents, see www.dell.com/esmmanuals.
– Client Systems Management – Connections Client Systems Management d. • To view a document, click the required product version. Using search engines: – Type the name and version of the document in the search box.
Logging into iDRAC 2 You can log in to iDRAC as an iDRAC user, as a Microsoft Active Directory user, or as a Lightweight Directory Access Protocol (LDAP) user. The default user name and password is root and calvin, respectively. You can also log in using Single Sign-On or Smart Card. NOTE: You must have Login to iDRAC privilege to log in to iDRAC.
If the domain is not specified in the user name, select the Active Directory domain from the Domain drop-down menu. 5. For an LDAP user, in the Username and Password fields, enter your LDAP user name and password. Domain name is not required for LDAP login. By default, This iDRAC is selected in the drop-down menu. 6. Click Submit. You are logged into iDRAC with the required user privileges.
3. Enter the Smart Card PIN for local Smart Card users. You are logged into the iDRAC. NOTE: If you are a local user for whom Enable CRL check for Smart Card Logon is enabled, iDRAC attempts to download the CRL and checks the CRL for the user's certificate. The login fails if the certificate is listed as revoked in the CRL or if the CRL cannot be downloaded for some reason.
• You have logged into your system using a valid Active Directory user account. • Single Sign-On option is enabled during Active Directory configuration. To login to iDRAC using Web interface: 1. Log in to your management station using a valid Active Directory account. 2. In a Web browser, type https://[FQDN address] NOTE: If the default HTTPS port number (port 443) has been changed, type: https://[FQDN address]:[port number] where, [FQDN address] is the iDRAC FQDN (iDRACdnsname.domain.
To validate the certificate for using remote RACADM: 1. Convert the certificate in DER format to PEM format (using openssl command line tool): openssl x509 -inform pem -in [yourdownloadedderformatcert.crt] –outform pem -out [outcertfileinpemformat.pem] –text 2. Find the location of the default CA certificate bundle on the management station. For example, for RHEL5 64-bit, it is /etc/pki/tls/cert.pem. 3. Append the PEM formatted CA certificate to the management station CA certificate.
Multiple iDRAC Sessions The following table provides the list of multiple iDRAC sessions that are possible using the various interfaces. Table 5. Multiple iDRAC Sessions Interface Number of Sessions iDRAC Web Interface 6 Remote RACADM 4 Firmware RACADM / SMCLP SSH - 2 Telnet - 2 Serial - 1 Changing Default Login Password The warning message that allows you to change the default password is displayed if: • You log in to iDRAC with Configure User privilege.
NOTE: Continue is enabled only if the passwords entered in the New Password and Confirm Password fields match. For information about the other fields, see the iDRAC Online Help. Changing Default Login Password Using RACADM To change the password, run the following RACADM command: racadm set iDRAC.Users..Password where, is a value from 1 to 16 (indicates the user account) and is the new user— defined password.
Setting Up Managed System and Management Station 3 To perform out-of-band systems management using iDRAC, you must configure iDRAC for remote accessibility, set up the management station and managed system, and configure the supported Web browsers. NOTE: In case of blade servers, install CMC and I/O modules in the chassis and physically install the system in the chassis before performing the configurations. Both iDRAC Express and iDRAC Enterprise ship from the factory with a default static IP address.
NOTE: In case of blade servers, you can configure the network setting using the Chassis LCD panel only during initial configuration of CMC. After the chassis is deployed, you cannot reconfigure iDRAC using the Chassis LCD panel. • CMC Web interface (see Dell Chassis Management Controller Firmware User’s Guide) In case of rack and tower servers, you can set up the IP address or use the default iDRAC IP address 192.168.0.
IPv4 Settings IPv6 Settings IPMI Settings VLAN Settings Network Settings To configure the Network Settings: NOTE: For information about the options, see the iDRAC Settings Utility Online Help. 1. Under Enable NIC, select the Enabled option. 2. From the NIC Selection drop-down menu, select one of the following ports based on the network requirement: • Dedicated — Enables the remote access device to use the dedicated network interface available on the Remote Access Controller (RAC).
Common Settings If network infrastructure has DNS server, register iDRAC on the DNS. These are the initial settings requirements for advanced features such as Directory services—–Active Directory or LDAP, Single Sign On, and smart card. To register iDRAC: 1. Enable Register DRAC on DNS. 2. Enter the DNS DRAC Name. 3. Select Auto Config Domain Name to automatically acquire domain name from DHCP. Else, provide the DNS Domain Name. IPv4 Settings To configure the IPv4 settings: 1.
VLAN Settings You can configure iDRAC into the VLAN infrastructure. To configure VLAN Settings: 1. Under Enable VLAN ID, select Enabled. 2. In the VLAN ID box, enter a valid number from 1 to 4094. 3. In the Priority box, enter a number from 0 to 7 to set the priority of the VLAN ID. NOTE: After enabling VLAN, the idrac IP is not accessible for sometime.
You can enable auto-discovery using iDRAC Settings Utility or using Lifecycle Controller. For information on using Lifecycle Controller, see Lifecycle Controller User’s Guide available at dell.com/support/ manuals. If auto-discovery feature is not enabled on the factory-shipped system, the default administrator account (user name as root and password as calvin) is enabled. Before enabling auto-discovery, make sure to disable this administrator account.
You can configure individual servers using different configuration files mapped using individual host names. In an environment that has different servers with specific requirements, you can use different XML filenames to distinguish each server. For example, if there are two servers – a PowerEdge R720 and a PowerEdge R520, you must use two XML files, R720-config.xml and R520-config.xml.
With Dell PowerEdge servers, the iDRAC identifies itself with vendor ID: iDRAC. Therefore, you must add a new ‘Vendor Class’ and create a ‘scope option’ under it for ‘code 60,’ and then enable the new scope option for the DHCP server. Related Links Configuring Option 43 on Windows Configuring Option 60 on Windows Configuring Option 43 and Option 60 on Linux Configuring Option 43 on Windows To configure option 43 on Windows: 1.
13. Select 060iDRAC option. 14. Enter the string value that must be sent to the iDRAC (along with a standard DHCP provided IP address). The string value will help in importing the correct XML configuration file. For the option’s DATA entry, String Value setting, use a text parameter that has the following letter options and values: • Filename – iDRAC_Config.XML or iDRAC_Config-.XML. (-f ) • Sharename – (-n) • ShareType – -s (0 = NFS, 2 = CIFS) • IPAddress – IP address of the file share.
To enable Auto Config: 1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network. The Network page is displayed. 2. In the Auto Config section, select one of the following options to enable Auto Config: • Enable Once — Configures the component only once using the XML file referenced by the DHCP server. After this, Auto Config is disabled. • Enable Once After Reset — After the iDRAC is reset, configures the components only once using the XML file referenced by the DHCP server.
NOTE: The attributes are not applicable to the INI configuration file. Hash Password in Server Configuration Profile The new hash passwords can be optionally exported in the server configuration profile. When importing server configuration profile, you can uncomment the existing password attribute or the new password hash attribute(s). If both are uncommented an error is generated and the password is not set. A commented attribute is not applied during an import.
• Blade servers — The management station must be on the same network as CMC. For more information on isolating CMC network from the managed system’s network, see Chassis Management Controller User’s Guide available at dell.com/support/manuals. • Rack and tower servers — Set the iDRAC NIC to Dedicated or LOM1 and make sure that the management station is on the same network as iDRAC. To access the managed system’s console from a management station, use Virtual Console through iDRAC Web interface.
For information about the options, see the iDRAC Online Help. 3. Click Apply. The system location details is saved in iDRAC. Setting Up Managed System Location Using RACADM To specify the system location details, use the System.Location group objects. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/ manuals. Setting Up Managed System Location Using iDRAC Settings Utility To specify the system location details: 1.
– Maximum Performance (Performance Optimized) : * Reduced probability of memory or CPU throttling. * Increased probability of turbo mode activation. * Generally, higher fan speeds at idle and stress loads. – Minimum Power (Performance per Watt Optimized): * Optimized for lowest system power consumption based on optimum fan power state. * Generally, lower fan speeds at idle and stress loads.
– Custom — Enter the percentage value. The allowable range for minimum fan speed PWM is dynamic based on the system configuration. The first value is the idle speed and the second value is the configuration max (which may or may not be 100% based on system configuration). System fans can run higher than this speed as per thermal requirements of the system but not lower than the defined minimum speed. For example, setting Minimum Fan Speed at 35% limits the fan speed to never go lower than 35% PWM.
Object Description Usage Example The output is: Object value modified successfully. If a system does not support a particular air exhaust temperature limit, then when you run the following command: racadm set system.thermalsettings.AirE xhaustTemp 0 The following error message is displayed: ERROR: RAC947: Invalid object value specified. Make sure to specify the value depending on the type of object. For more information, see RACADM help. To set the limit to the default value: racadm set system.
Object Description FanSpeedMax OffsetVal • • • FanSpeedMed iumOffsetVa l • • • FanSpeedOff set • • • MFSMaximumL imit Usage Example Getting this variable reads Values from 0-100 the fan speed offset value in %PWM for Max Fan Speed Offset setting. This value depends on the system. Use FanSpeedOffset to set this value using index value 3 racadm get system.
Object Description Usage MFSMinimumL imit Read Minimum limit for MFS Values from 0 to To display the lowest value that can MFSMaximumLimi be set using MinimumFanSpeed t option. MinimumFanS peed • • • ThermalProf ile • • Example Default is 255 (means None) racadm get system.thermalsettings.MFSM inimumLimit Allows configuring the Minimum Fan speed that is required for the system to operate.
The thermal settings are configured. Configuring Supported Web Browsers iDRAC is supported on Internet Explorer, Mozilla Firefox, Google Chrome, and Safari Web browsers. For information about the versions, see the Readme available at dell.com/support/manuals. If you are connecting to iDRAC Web interface from a management station that connects to the Internet through a proxy server, you must configure the Web browser to access the Internet from through this server.
• Scripting of Java applets: Enable 5. Go to Tools → Internet Options → Advanced. 6.
NOTE: When you log in to iDRAC Web interface using Internet Explorer 9.x, sometimes contents in few pages are not shown properly. To resolve this, press . In the Internet Explorer 9 Debug window, select Document Mode as Internet Explorer 7. The browser refreshes and the iDRAC Login page is displayed.
• Spanish (es) • Japanese (ja) • Simplified Chinese (zh-cn) The ISO identifiers in parentheses denote the supported language variants. For some supported languages, resizing the browser window to 1024 pixels wide is required to view all features. iDRAC Web interface is designed to work with localized keyboards for the supported language variants. Some features of iDRAC Web interface, such as Virtual Console, may require additional steps to access certain functions or letters.
• Repository Manager User's Guide. iDRAC automatically provides a difference between the BIOS and the firmware that is installed on the server and the repository location or FTP site. All applicable updates contained in the repository are applied to the system. This feature is available with iDRAC Enterprise license. Scheduling recurring automated firmware updates using the catalog file in the FTP site or the network repository location.
Scheduling Automatic Firmware Updates Updating Firmware Using CMC Web Interface Updating Firmware Using DUP Updating Firmware Using Remote RACADM Updating Firmware Using Lifecycle Controller Remote Services Downloading Device Firmware The image file format that you download depends on the method of update: • iDRAC Web interface — Download the binary image packaged as a self-extracting archive. The default firmware image file is firmimg.d7.
When you click Install, Install and Reboot or Install Next Reboot, the message Updating Job Queue is displayed. 6. Click Job Queue to display the Job Queue page, where you can view and manage the staged firmware updates or click OK to refresh the current page and view the status of the firmware update. NOTE: If you navigate away from the page without committing the updates, an error message is displayed and all the uploaded content is lost.
When you click Install, Install and Reboot or Install Next Reboot, the message Updating Job Queue is displayed. 6. Click Job Queue to display the Job Queue page, where you can view and manage the staged firmware updates or click OK to refresh the current page and view the status of the firmware update.
Updating Device Firmware Using TFTP You can directly connect to the TFTP site from iDRAC to perform the firmware updates. You can use the Windows based update packages (DUPs) and a catalog file available on the TFTP site instead of creating custom repositories. Before performing an update, make sure that: • Lifecycle Controller is enabled. • You have Server Control privilege to update firmware for devices other than iDRAC. To update device firmware using TFTP: 1.
• You have Server Control privilege to update firmware for devices other than iDRAC. To update device firmware using HTTP: 1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Update and Rollback . The Firmware Update page is displayed. 2. On the Update tab, select HTTP as the File Location. 3. In the HTTP Server Settings section, enter the HTTP details. For information about the fields, see the iDRAC Online Help. 4. Click Check for Update. 5.
Scheduling Automatic Firmware Updates You can create a periodic recurring schedule for iDRAC to check for new firmware updates. At the scheduled day and time, iDRAC connects to the specified network share (CIFS or NFS) or the FTP, checks for new updates and applies or stages all applicable updates. A log file on the remote server contains information about server access and staged firmware updates. Automatic updates is available only with the iDRAC Enterprise license.
Scheduling Automatic Firmware Update Using RACADM To schedule automatic firmware update, use the following commands: • To enable automatic firmware update: racadm set lifecycleController.lcattributes.AutoUpdate.Enable 1 • To view the status of automatic firmware update: racadm get lifecycleController.lcattributes.
NOTE: While updating the iDRAC firmware using the DUP utility in Linux, if you see error messages such as usb 5-2: device descriptor read/64, error -71 displayed on the console, ignore them. • If the system has ESX hypervisor installed, then for the DUP file to run, make sure that the "usbarbitrator" service is stopped using command: service usbarbitrator stop To update iDRAC using DUP: 1. Download the DUP based on the installed operating system and run it on the managed system. 2. Run the DUP.
• During the update, chassis action power commands are disabled. The updates for components such as Programmable System-on-Chip (PSoC) of IOM that requires all the servers to be idle, the update is applied on the next chassis power-up cycle. CMC Settings to Update CMC Firmware from iDRAC In FX2/FX2s chassis, before performing the firmware update from iDRAC for CMC and its shared components, do the following: 1. Launch the CMC Web interface 2. Navigate to Chassis Overview → Setup → General. 3.
Rolling Back Device Firmware You can rollback the firmware for iDRAC or any device that is supported by Lifecycle Controller even if the update was previously performed using another interface. For example, if the firmware was updated using the Lifecycle Controller GUI, you can rollback the firmware using the iDRAC Web interface. You can perform firmware rollback for multiple devices with one system reboot.
The Rollback page displays the devices for which you can rollback the firmware. You can view the device name, associated devices, currently installed firmware version, and the available firmware rollback version. 2. Select one or more devices for which you want to rollback the firmware. 3. Based on the selected devices, click Install and Reboot or Install Next Reboot. If only iDRAC is selected, then click Install.
For more information, see iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Rollback Firmware Using Lifecycle Controller For information, see Lifecycle Controller User’s Guide available at dell.com/support/manuals. Rollback Firmware Using Lifecycle Controller-Remote Services For information, see Lifecycle Controller Remote Services Quick Start Guide available at dell.com/ support/manuals.
Backup feature is licensed and is available with iDRAC Enterprise license. NOTE: In 13th generation servers, this feature is automatically enabled. Before performing a backup operation, make sure that: • • Collect System Inventory On Reboot (CSIOR) option is enabled.
Before scheduling automatic backup server profile operation, make sure that: • Lifecycle Controller and Collect System Inventory On Reboot (CSIOR) option is enabled. • Network Time Protocol (NTP) is enabled so that time drift does not affect the actual times of scheduled jobs running and when the next scheduled job is created. • To perform backup on a vFlash SD card: – A Dell supported vFlash SD card is inserted, enabled, and initialized. – vFlash SD card has enough space to store the backup file.
To disable automatic backup use the command: racadm set LifeCycleController.lcattributes.autobackup Disabled To clear the backup schedule: racadm systemconfig clearbackupscheduler For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Importing Server Profile You can use the back up image file to import (restore) the configuration and firmware for the same server without rebooting the server.
4. If Network is selected as the file location, enter the network settings. NOTE: While specifying the network share settings, it is recommended to avoid special characters for user name and password or percent encode the special characters. For information about the fields, see the iDRAC Online Help. 5.
Configuring iDRAC 4 iDRAC enables you to configure iDRAC properties, set up users, and set up alerts to perform remote management tasks. Before you configure iDRAC, make sure that the iDRAC network settings and a supported browser is configured, and the required licenses are updated. For more information about the licensable feature in iDRAC, see Managing Licenses.
Modifying Network Settings Configuring Services Configuring Front Panel Display Setting Up Managed System Location Configuring Time Zone and NTP Setting Up iDRAC Communication Configuring User Accounts and Privileges Monitoring and Managing Power Enabling Last Crash Screen Configuring and Using Virtual Console Managing Virtual Media Managing vFlash SD Card Setting First Boot Device Enabling or Disabling OS to iDRAC Pass-through Configuring iDRAC to Send Alerts Viewing iDRAC Information You can view the bas
NOTE: Changing the network settings may terminate the current network connections to iDRAC. Modifying Network Settings Using Web Interface To modify the iDRAC network settings: 1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network. The Network page is displayed. 2. Specify the network settings, common settings, IPv4, IPv6, IPMI, and/or VLAN settings as per your requirement and click Apply.
racadm racadm racadm racadm racadm racadm racadm racadm racadm racadm set set set set set set set set set set iDRAC.IPv4.Netmask 255.255.255.0 iDRAC.IPv4.Gateway 192.168.0.120 iDRAC.IPv4.DHCPEnable 0 iDRAC.IPv4.DNSFromDHCP 0 iDRAC.IPv4.DNS1 192.168.0.5 iDRAC.IPv4.DNS2 192.168.0.6 iDRAC.Nic.DNSRegister 1 iDRAC.Nic.DNSRacName RAC-EK00002 iDRAC.Nic.DNSDomainFromDHCP 0 iDRAC.Nic.DNSDomainName MYDOMAIN NOTE: If cfgNicEnable or iDRAC.Nic.Enable is set to 0, the iDRAC LAN is disabled even if DHCP is enabled.
– cfgRacTuneIpRangeEnable – cfgRacTuneIpRangeAddr – cfgRacTuneIpRangeMask • With set command, use the objects in the iDRAC.IPBlocking group: – RangeEnable – RangeAddr – RangeMask The cfgRacTuneIpRangeMask or the RangeMask property is applied to both the incoming IP address and to the cfgRacTuneIpRangeAddr or RangeAddr property. If the results are identical, the incoming login request is allowed to access iDRAC. Logging in from IP addresses outside this range results in an error.
• SSH — Access iDRAC through firmware RACADM. • Telnet — Access iDRAC through firmware RACADM • Remote RACADM — Remotely access iDRAC. • SNMP Agent — Enables support for SNMP queries (GET, GETNEXT, and GETBULK operations) in iDRAC. • Automated System Recovery Agent — Enable Last System Crash Screen. • VNC Server — Enable VNC server with or without SSL encryption. Configuring Services Using Web Interface To configure the services using iDRAC Web interface: 1.
– iDRAC.Racadm – iDRAC.SNMP For more information about these objects, see iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Enabling or Disabling HTTPs Redirection If you do not want automatic redirection from HTTP to HTTPs due to certificate warning issue with default iDRAC certificate or as a temporary setting for debugging purpose, you can configure iDRAC such that redirection from http port (default is 80) to https port (default is 443) is disabled.
VNC server disables Virtual Console and allows only Virtual Media. After termination of the VNC session, VNC server restores the original state of Virtual Console (enabled or disabled). NOTE: • When iDRAC NIC is in shared mode and the host system is power cycled, the network connection is lost for a few seconds. During this time, if you perform any action in the active VNC client, the VNC session may close.
disabled when configuring the VNC server settings in iDRAC, then to connect to the VNC Viewer do the following: In the VNC Viewer dialog box, enter the iDRAC IP address and the VNC port number in the VNC Server field. The format is For example, if the iDRAC IP address is 192.168.0.120 and VNC port number is 5901, then enter 192.168.0.120:5901. Configuring Front Panel Display You can configure the front panel LCD and LED display for the managed system.
If you select None, home message is not displayed on the server LCD front panel. 3. Enable Virtual Console indication (optional). If enabled, the Live Front Panel Feed section and the LCD panel on the server displays the Virtual console session active message when there is an active Virtual Console session. 4. Click Apply. The server LCD front panel displays the configured home message. Configuring LCD Setting Using RACADM To configure the server LCD front panel display, use the objects in the System.
Configuring System ID LED Setting Using RACADM To configure system ID LED, use the setled command. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Configuring Time Zone and NTP You can configure the time zone on iDRAC and synchronize the iDRAC time using Network Time Protocol (NTP) instead of BIOS or host system times. You must have Configure privilege to configure time zone or NTP settings.
• BIOS Boot Manager NOTE: • BIOS Setup (F2), Lifecycle Controller (F10), BIOS Boot Manager (F11) only support boot once enabled. • Virtual Console does not support permanent boot configuration. It is always boot once. • The first boot device setting in iDRAC Web Interface overrides the System BIOS boot settings. Setting First Boot Device Using Web Interface To set the first boot device using iDRAC Web interface: 1. Go to Overview → Server → Setup → First Boot Device.
For more information, see Windows documentation. 3. Use Server Administrator to enable the Auto Recovery timer, set the Auto Recovery action to Reset, Power Off, or Power Cycle, and set the timer in seconds (a value between 60 - 480). For more information, see the Dell OpenManage Server Administrator Installation Guide at dell.com/ support/manuals. 4.
• In shared mode, the host operating system's IP address is used. • In dedicated mode, you must provide a valid IP address of the host operating system. If more than one LOM is active, enter the first LOM’s IP address. After enabling OS to iDRAC Pass-through feature, if it is not working: • Check whether the iDRAC's dedicated NIC cable is connected properly. • Make sure that at least one LOM is active.
• Windows Server 2012 SP1 • SLES 10 SP4 (64-bit) • SLES 11 SP2 (64-bit) • RHEL 5.9 (32-bit and 64-bit) • RHEL 6.4 • vSphere v5.0 U2 ESXi • vSphere v5.1 U1 ESXi • vSphere v5.5 ESXi On servers with Windows 2008 SP2 64-bit operating system, the iDRAC Virtual CD USB Device is not discovered automatically (or enabled). You must enable this manually.
• Turn off and turn on the system. On systems with RHEL 5.9 operating system, if the USB NIC was disabled and if you turn off the system or vice-versa, when the system is turned on and if the USB NIC is enabled, the USB NIC device is not active automatically. To make it active, check if any ifcfg-ethX.bak file is available in the /etc/sysconfig/networkscript directory for the USB NIC interface. If it is available, rename it to ifcfg-ethX and then use the ifup ethX command.
Do not enter 169.254.0.3 and 169.254.0.4 IPs. These IPs are reserved for the USB NIC port on the front panel when a A/A cable is used. 5. Click Apply to apply the settings. 6. Click Test Network Configuration to check if the IP is accessible and the link is established between the iDRAC and the host operating system. Enabling or Disabling OS to iDRAC Pass-through Using RACADM To enable or disable OS to iDRAC Pass-through using RACADM, use the objects in the iDRAC.OS-BMC group.
Login Type Certificate Type How to Obtain SHA-2 certificates are also supported. Smart Card login as a local or Active Directory user • • User certificate Trusted CA certificate • • User Certificate — Export the smart card user certificate as Base64-encoded file using the card management software provided by the smart card vendor. Trusted CA certificate — This certificate is issued by a CA. SHA-2 certificates are also supported.
Authority is a business entity that is recognized in the Information Technology industry for meeting high standards of reliable screening, identification, and other important security criteria. Examples of CAs include Thawte and VeriSign. To initiate the process of obtaining a CA-signed certificate, use either iDRAC Web interface or RACADM interface to generate a Certificate Signing Request (CSR) with your company’s information. Then, submit the generated CSR to a CA such as VeriSign or Thawte.
After the CA approves the CSR and issues the SSL server certificate, it can be uploaded to iDRAC. The information used to generate the CSR, stored on the iDRAC firmware, must match the information contained in the SSL server certificate, that is, the certificate must have been generated using the CSR created by iDRAC. Related Links SSL Server Certificates Generating CSR Using Web Interface To generate a new CSR: NOTE: Each new CSR overwrites any previous CSR data stored in the firmware.
iDRAC resets and the new certificate is applied. The iDRAC is not available for a few minutes during the reset. NOTE: You must reset iDRAC to apply the new certificate. Until iDRAC is reset, the existing certificate is active. Uploading Server Certificate Using RACADM To upload the SSL server certificate, use the sslcertupload command. For more information, see the RACADM Command Line Reference Guide for iDRAC available at dell.com/support/manuals.
The Upload Custom SSL Certificate Signing Certificate page is displayed. 3. Click Browse and select the custom SSL certificate signing certificate file. Only Public-Key Cryptography Standards #12 (PKCS #12) compliant certificate is supported. 4. If the certificate is password protected, in the PKCS#12 Password field, enter the password. 5. Click Apply. The certificate is uploaded to iDRAC. 6. A pop-up message is displayed asking you to reset iDRAC immediately or at a later time.
3. A pop-up message is displayed asking you to reset iDRAC immediately or at a later time. Click Reset iDRAC or Reset iDRAC Later as required. After iDRAC resets, a new self-signed certificate is generated. Deleting Custom SSL Certificate Signing Certificate Using RACADM To delete the custom SSL certificate signing certificate using RACADM, use the sslcertdelete subcommand. Then, use the racreset command to reset iDRAC. For more information, see the iDRAC8 2.00.00.
Creating an iDRAC Configuration File The configuration file .cfg can be: • Created • Obtained from racadm getconfig -f .cfg command or racadm get -f .cfg • Obtained from racadm getconfig -f .cfg command or racadm get -f .cfg, and then edited For information about the getconfig and get commands, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals . The .
• Use the racresetcfg subcommand to reset the iDRAC to the default setting, and then run the racadm config -f .cfg or racadm set -f .cfg command. Make sure that the .cfg file includes all required objects, users, indexes, and other parameters. CAUTION: Use the racresetcfg subcommand to reset the database and the iDRAC NIC settings to the default settings and remove all users and user configurations.
Modifying the iDRAC IP Address When you modify the iDRAC IP address in the configuration file, remove all unnecessary =value entries. Only the actual variable group’s label with "[" and "]" remains, including the two =value entries pertaining to the IP address change. For example: # # Object Group "cfgLanNetworking" # [cfgLanNetworking] cfgNicIpAddress=10.35.10.110 cfgNicGateway=10.35.10.
• Disable the iDRAC Local Configuration using iDRAC Settings — Disables access to modify the configuration settings in iDRAC Settings utility. • 3. Disable the iDRAC Local Configuration using RACADM — Disables access to modify the configuration settings in Local RACADM. Click Apply. NOTE: If access is disabled, you cannot use Server Administrator or IPMITool to perform iDRAC configurations. However, you can use IPMI Over LAN.
Viewing iDRAC and Managed System Information 5 You can view iDRAC and managed system’s health and properties, hardware and firmware inventory, sensor health, storage devices, network devices, and view and terminate user sessions. For blade servers, you can also view the flex address information.
• RAID controller • Batteries • CPUs • DIMMs • HDDs • Backplanes • Network Interface Cards (integrated and embedded) • Video card • SD card • Power Supply Units (PSUs) • Fans • Fibre Channel HBAs • USB The Firmware Inventory section displays the firmware version for the following components: • BIOS • Lifecycle Controller • iDRAC • OS driver pack • 32-bit diagnostics • System CPLD • PERC controllers • Batteries • Physical disks • Power supply • NIC • Fibre Cha
NOTE: The Storage ROMB battery settings are available only if the system has a ROMB with a battery. • Fan (available only for rack and tower servers) — Provides information about the system fans —fan redundancy and fans list that display fan speed and threshold values. • CPU — Indicates the health and state of the CPUs in the managed system. It also reports processor automatic throttling and predictive failure.
View Sensor Information For Using Web Interface Using RACADM For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/ manuals.
The four system utilization parameters are: • CPU Utilization - There are individual Resource Monitoring counters (RMCs) for each CPU core which are aggregated to provide cumulative utilization of all the cores in the system. This utilization is based on time spent in active state and time spent in inactive state. Each sample of RMC is taken every six seconds.
– You can reset the peak utilization for a particular sensor. Click Reset Historical Peak. You must have Configure privilege to reset the peak value. • Performance Metrics section: – View status and present reading – View or specify the warning threshold utilization limit. You must have server configure privilege to set the threshold values. For information about the displayed properties, see the iDRAC Online Help.
The collected data is represented in a graphical format to track the 10% and 1% levels. The logged temperature data can be cleared only before shipping from the factory. An event is generated if the system continues to operate above the normally supported temperature threshold for a specified operational time. If the average temperature over the specified operational time is greater than or equal to the warning level (> = 8%) or the critical level (> = 0.
centigrade, the system automatically calculates and displays the Fahrenheit value. Similarly, if you enter Fahrenheit, the value for Centigrade is displayed. 3. Click Apply. The values are configured. NOTE: Changes to default thresholds are not reflected in the historical data chart since the chart limits are for fresh air limit values only. Warnings for exceeding the custom thresholds are different from warning associated to exceeding fresh air thresholds.
Viewing FlexAddress Mezzanine Card Fabric Connections In blade servers, FlexAddress allows the use of persistent, chassis-assigned World Wide Names and MAC addresses (WWN/MAC) for each managed server port connection. You can view the following information for each installed embedded Ethernet and optional mezzanine card port: • Fabrics to which the cards are connected. • Type of fabric. • Server-assigned, chassis-assigned, or remotely assigned MAC addresses.
The Sessions page displays the session ID, username, IP address, and session type. For more information about these properties, see the iDRAC Online Help. 2. To terminate the session, under the Terminate column, click the Trashcan icon for a session. Terminating iDRAC Sessions Using RACADM You must have administrator privileges to terminate iDRAC sessions using RACADM. To view the current user sessions, use the getssninfo command. To terminate a user session, use the closessn command.
Setting Up iDRAC Communication 6 You can communicate with iDRAC using any of the following modes: • iDRAC Web Interface • Serial connection using DB9 cable (RAC serial or IPMI serial) - For rack and tower servers only • IPMI Serial Over LAN • IPMI Over LAN • Remote RACADM • Local RACADM • Remote Services For an overview of the supported protocols, supported commands, and pre-requisites, see the following table. Table 10.
Mode of Communication Supported Protocol Supported Commands Prerequisite Firmware RACADM SSH Firmware RACADM Firmware RACADM is installed and enabled Telnet Local RACADM IPMI Local RACADM Local RACADM is installed. Remote Services [1] WS-MAN WinRM (Windows) WinRM is installed (Windows) or OpenWSMAN is installed (Linux). OpenWSMAN (Linux) [1] For more information, see the Lifecycle Controller Remote Services User’s Guide available at dell.com/support/manuals.
• Hilgraeve’s HyperTerminal Private Edition (version 6.3) Based on where the managed system is in its boot process, you can see either the POST screen or the operating system screen. This is based on the configuration: SAC for Windows and Linux text mode screens for Linux. 4. Enable RAC serial or IPMI serial connections in iDRAC.
NOTE: This is applicable only for iDRAC on rack and tower servers. • IPMI basic mode — Supports a binary interface for program access, such as the IPMI shell (ipmish) that is included with the Baseboard Management Utility (BMU). For example, to print the System Event Log using ipmish via IPMI Basic mode, run the following command: ipmish -com 1 -baud 57600 -flow cts -u root -p calvin sel get • IPMI terminal mode — Supports ASCII commands that are sent from a serial terminal.
• Using set command: racadm set iDRAC.IPMISerial.BaudRate where is 9600, 19200, 57600, or 115200 bps. 3. 4. Enable the IPMI serial hardware flow control: • Using config command: racadm config -g cfgIpmiSerial -o cfgIpmiSerialFlowControl 1 • Using set command: racadm set iDRAC.IPMISerial.
Switching Between RAC Serial and Serial Console While Using DB9 Cable iDRAC supports Escape key sequences that allow switching between RAC Serial Interface communication and Serial Console on rack and tower servers.
Enabling Supported Protocol Configuring BIOS For Serial Connection To configure BIOS for Serial Connection: NOTE: This is applicable only for iDRAC on rack and tower servers. 1. Turn on or restart the system. 2. Press . 3. Go to System BIOS Settings → Serial Communication. 4. Specify the following values: • Serial Communication — On With Console Redirection • Serial Port Address — COM2.
Configuring iDRAC to Use SOL Using RACADM To configure IPMI Serial over LAN (SOL): 1. 2. Enable IPMI Serial over LAN: • Using config command: racadm config -g cfgIpmiSol -o cfgIpmiSolEnable 1 • Using set command: racadm set iDRAC.IPMISol.Enable 1 Update the IPMI SOL minimum privilege level: • Using config command: racadm config -g cfgIpmiSol o cfgIpmiSolMinPrivilege • Using set command: racadm set iDRAC.IPMISol.MinPrivilege 1 where is 2 (User), 3 (Operator), 4 (Administrator).
– Using config command: racadm config -g cfgSerial -o cfgSerialTelnetEnable 1 – Using set command: racadm set iDRAC.Telnet.Enable 1 • SSH: – Using config command:racadm config -g cfgSerial -o cfgSerialSshEnable 1 – Using set command: racadm set iDRAC.SSH.Enable 1 To change the SSH port: – Using config command:racadm config -g cfgRacTuning -o cfgRacTuneSshPort – Using set command:racadm set iDRAC.SSH.
SOL Using SSH or Telnet Protocol Secure Shell (SSH) and Telnet are network protocols used to perform command line communications to iDRAC. You can parse remote RACADM and SMCLP commands through either of these interfaces. SSH has improved security over Telnet. iDRAC only supports SSH version 2 with password authentication, and is enabled by default. iDRAC supports up to two SSH sessions and two Telnet sessions at a time. It is recommended to use SSH as Telnet is not a secure protocol.
– ESC[n~ — F12 passes, but F2 cannot pass. • In Windows, if the Emergency Management System (EMS) console is opened immediately after a host reboot, the Special Admin Console (SAC) terminal may get corrupted. Quit the SOL session, close the terminal, open another terminal, and start the SOL session using the same command.
When you configure the client VT100 emulation window, set the window or application that is displaying the redirected Virtual Console to 25 rows x 80 columns to make sure correct text display. Else, some text screens may be garbled. To use Telnet virtual console: 1. Enable Telnet in Windows Component Services. 2.
For information about the options, see the iDRAC Online Help. The IPMI over LAN settings are configured. Configuring IPMI Over LAN Using iDRAC Settings Utility To configure IPMI over LAN: 1. In the iDRAC Settings Utility, go to Network. The iDRAC Settings Network page is displayed. 2. For IPMI Settings, specify the values. For information about the options, see the iDRAC Settings Utility Online Help. 3. Click Back, click Finish, and then click Yes. The IPMI over LAN settings are configured.
The Services page is displayed. 2. Under Remote RACADM, select Enabled. Else, select Disabled. 3. Click Apply. The remote RACADM is enabled or disabled based on the selection. Enabling or Disabling Remote RACADM Using RACADM The RACADM remote capability is enabled by default. If disabled, type one of the following command: • Using config command: racadm config -g cfgRacTuning -o cfgRacTuneRemoteRacadmEnable 1 • Using set command: racadm set iDRAC.Racadm.
The following example provides a sample /etc/grub.conf file that shows the changes described in this procedure. # grub.conf generated by anaconda # Note that you do not have to rerun grub after making changes to this file # NOTICE: You do not have a /boot partition. This means that all # kernel and initrd paths are relative to /, e.g. # root (hd0,0) # kernel /boot/vmlinuz-version ro root=/dev/sdal # initrd /boot/initrd-version.img #boot=/dev/sda default=0 timeout=10 #splashimage=(hd0,2)/grub/splash.xpm.
l5:5:wait:/etc/rc.d/rc 5 l6:6:wait:/etc/rc.d/rc 6 #Things to run in every runlevel. ud::once:/sbin/update ud::once:/sbin/update #Trap CTRL-ALT-DELETE ca::ctrlaltdel:/sbin/shutdown -t3 -r now #When our UPS tells us power has failed, assume we have a few #minutes of power left. Schedule a shutdown for 2 minutes from now. #This does, of course, assume you have power installed and your #UPS is connected and working correctly.
Supported SSH Cryptography Schemes To communicate with iDRAC using SSH protocol, it supports multiple cryptography schemes listed in the following table. Table 11.
CAUTION: This privilege is normally reserved for users who are members of the Administrator user group on iDRAC. However, users in the ‘Custom’ user group can be assigned this privilege. A user with this privilege can modify any user’s configuration. This includes creation or deletion of any user, SSH Key management for users, and so on. For these reasons, assign this privilege carefully. CAUTION: The capability to upload, view, and/ or delete SSH keys is based on the ’Configure Users’ user privilege.
Uploading SSH Keys Using Web Interface To upload the SSH keys: 1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network → User Authentication → Local Users. The Users page is displayed. 2. In the User ID column, click a user ID number. The Users Main Menu page is displayed. 3. Under SSH Key Configurations, select Upload SSH Key(s) and click Next. The Upload SSH Key(s) page is displayed. 4. Upload the SSH keys in one of the following ways: • Upload the key file.
• Specific key — racadm sshpkauth -i <2 to 16> -v -k <1 to 4> • All keys — racadm sshpkauth -i <2 to 16> -v -k all Deleting SSH Keys Before deleting the public keys, make sure that you view the keys if they are set up, so that a key is not accidentally deleted. Deleting SSH Keys Using Web Interface To delete the SSH key(s): 1. In Web interface, go to Overview → iDRAC Settings → Network → User Authentication → Local Users. The Users page is displayed. 2. In the User ID column, click a user ID number.
7 Configuring User Accounts and Privileges You can setup user accounts with specific privileges (role-based authority) to manage your system using iDRAC and maintain system security. By default iDRAC is configured with a local administrator account. This default user name is root and the password is calvin. As an administrator, you can setup user accounts to allow other users to access iDRAC.
The User Configuration page is displayed. 4. Enable the user ID and specify the user name, password, and access privileges for the user. You can also enable SNMPv3 authentication for the user. For more information about the options, see the iDRAC Online Help. 5. Click Apply. The user is created with the required privileges. Configuring Local Users Using RACADM NOTE: You must be logged in as user root to execute RACADM commands on a remote Linux system.
When you manually enable or disable a user with the racadm config subcommand, you must specify the index with the -i option. Observe that the cfgUserAdminIndex object displayed in the previous example contains a '#' character. It indicates that it is a read-only object. Also, if you use the racadm config -f racadm.cfg command to specify any number of groups/objects to write, the index cannot be specified. This behavior allows more flexibility in configuring multiple iDRAC with the same settings.
NOTE: You can use the getconfig and config commands or get and set commands. 1. 2. Locate an available user index using the command syntax: • Using getconfig command: racadm getconfig -g cfgUserAdmin -i • Using get command: racadm get iDRAC.Users Type the following commands with the new user name and password. • Using config command: racadm config -g cfgUserAdmin -o cfgUserAdminPrivilege -i • Using set command: racadm set iDRAC.Users..
Table 13. iDRAC User Privileges Current Generation Prior Generation Description Login Login to iDRAC Enables the user to log in to iDRAC. Configure Configure iDRAC Enables the user to configure iDRAC. Configure Users Configure Users Enables the user to allow specific users to access the system. Logs Clear Logs Enables the user to clear the System Event Log (SEL). System Control Execute Server Control Allows power cycling the host system.
Certificate Authority (CA)—the root certificate of which is also uploaded into iDRAC. For iDRAC to authenticate to any domain controller—whether it is the root or the child domain controller—that domain controller must have an SSL-enabled certificate signed by the domain’s CA. If you are using Microsoft Enterprise Root CA to automatically assign all your domain controllers to an SSL certificate, you must: 1. Install the SSL certificate on each domain controller. 2.
Importing iDRAC Firmware SSL Certificate iDRAC SSL certificate is the identical certificate used for iDRAC Web server. All iDRAC controllers are shipped with a default self-signed certificate. If the Active Directory Server is set to authenticate the client during an SSL session initialization phase, you need to upload iDRAC Server certificate to the Active Directory Domain controller.
Figure 1. Configuration of iDRAC with Active Directory Standard Schema In Active Directory, a standard group object is used as a role group. A user who has iDRAC access is a member of the role group. To give this user access to a specific iDRAC, the role group name and its domain name need to be configured on the specific iDRAC. The role and the privilege level is defined on each iDRACand not in the Active Directory. You can configure up to five role groups in each iDRAC.
NOTE: The Bit Mask values are used only when setting Standard Schema with the RACADM. Single Domain Versus Multiple Domain Scenarios If all the login users and role groups, including the nested groups, are in the same domain, then only the domain controllers’ addresses must be configured on iDRAC. In this single domain scenario, any group type is supported.
The Active Directory Configuration and Management Step 4a of 4 page is displayed. 8. Enter the location of Active Directory global catalog server(s) and specify privilege groups used to authorize users. 9. Click a Role Group to configure the control authorization policy for users under the standard schema mode. The Active Directory Configuration and Management Step 4b of 4 page is displayed. 10. Specify the privileges and click Apply.
For Bit Mask values for specific Role Group permissions, see Default Role Group Privileges. Enter the FQDN of the domain controller, not the FQDN of the domain. For example, enter servername.dell.com instead of dell.com. At least one of the three addresses is required to be configured. iDRAC attempts to connect to each of the configured addresses one-by-one until it makes a successful connection.
address> racadm config -g cfgLanNetworking -o cfgDNSServer2 • 4. Using set command: racadm set iDRAC.IPv4.DNSFromDHCP 0 racadm set iDRAC.IPv4.DNSFromDHCP.DNS1 racadm set iDRAC.IPv4.DNSFromDHCP.
groups of users, or iDRAC device objects as required. The users and iDRAC user groups can be members of any domain in the enterprise. However, each association object can be linked (or, may link users, groups of users, or iDRAC device objects) to only one privilege object. This example allows an administrator to control each user’s privileges on specific iDRAC devices. iDRAC device object is the link to iDRAC firmware for querying Active Directory for authentication and authorization.
Accumulating Privileges Using Extended Schema The Extended Schema Authentication mechanism supports Privilege Accumulation from different privilege objects associated with the same user through different Association Objects. In other words, Extended Schema Authentication accumulates privileges to allow the user the super set of all assigned privileges corresponding to the different privilege objects associated with the same user.
Configuring Active Directory With Extended Schema Using RACADM Extending Active Directory Schema Extending your Active Directory schema adds a Dell organizational unit, schema classes and attributes, and example privileges and association objects to the Active Directory schema. Before you extend the schema, make sure that you have Schema Admin privileges on the Schema Master Flexible Single Master Operation (FSMO) Role Owner of the domain forest.
Classes and Attributes Table 15. Class Definitions for Classes Added to the Active Directory Schema Class Name Assigned Object Identification Number (OID) delliDRACDevice 1.2.840.113556.1.8000.1280.1.7.1.1 delliDRACAssociation 1.2.840.113556.1.8000.1280.1.7.1.2 dellRAC4Privileges 1.2.840.113556.1.8000.1280.1.1.1.3 dellPrivileges 1.2.840.113556.1.8000.1280.1.1.1.4 dellProduct 1.2.840.113556.1.8000.1280.1.1.1.5 Table 16. dellRacDevice Class OID 1.2.840.113556.1.8000.1280.1.7.1.
Table 18. dellRAC4Privileges Class OID 1.2.840.113556.1.8000.1280.1.1.1.3 Description Defines the privileges (Authorization Rights) for iDRAC Class Type Auxiliary Class SuperClasses None Attributes dellIsLoginUser dellIsCardConfigAdmin dellIsUserConfigAdmin dellIsLogClearAdmin dellIsServerResetUser dellIsConsoleRedirectUser dellIsVirtualMediaUser dellIsTestAlertUser dellIsDebugCommandAdmin Table 19. dellPrivileges Class OID 1.2.840.113556.1.8000.1280.1.1.1.
Table 21. List of Attributes Added to the Active Directory Schema Attribute Name/Description Assigned OID/Syntax Object Identifier Single Valued dellPrivilegeMember 1.2.840.113556.1.8000.1280.1.1.2.1 FALSE List of dellPrivilege Objects that belong to this Attribute. Distinguished Name (LDAPTYPE_DN 1.3.6.1.4.1.1466.115.121.1.12) dellProductMembers 1.2.840.113556.1.8000.1280.1.1.2.2 FALSE List of dellRacDevice and DelliDRACDevice Objects that belong to this role.
Attribute Name/Description Assigned OID/Syntax Object Identifier Single Valued TRUE if the user has Virtual Media rights on the device. dellIsTestAlertUser TRUE if the user has Test Alert User rights on the device. dellIsDebugCommandAdmin TRUE if the user has Debug Command Admin rights on the device. dellSchemaVersion 1.2.840.113556.1.8000.1280.1.1.2.1 TRUE 0 Boolean (LDAPTYPE_BOOLEAN 1.3.6.1.4.1.1466.115.121.1.7) 1.2.840.113556.1.8000.1280.1.1.2.1 TRUE 1 Boolean (LDAPTYPE_BOOLEAN 1.3.6.1.4.1.1466.115.
:\SYSMGMT\ManagementStation\support\OMActiveDirectory_SnapIn64 For more information about the Active Directory Users and Computers Snap-in, see Microsoft documentation. Adding iDRAC Users and Privileges to Active Directory Using the Dell-extended Active Directory Users and Computers Snap-in, you can add iDRAC users and privileges by creating device, association, and privilege objects.
NOTE: iDRAC association object is derived from the group and its scope is set to Domain Local. 1. In the Console Root (MMC) window, right-click a container. 2. Select New → Dell Remote Management Object Advanced. This New Object window is displayed. 3. Enter a name for the new object and select Association Object. 4. Select the scope for the Association Object and click OK. 5. Provide access privileges to the authenticated users for accessing the created association objects.
3. Click the Privilege Object tab to add the privilege object to the association that defines the user’s or user group’s privileges when authenticating to an iDRAC device. Only one privilege object can be added to an Association Object. Adding iDRAC Devices or iDRAC Device Groups To add iDRAC devices or iDRAC device groups: 1. Select the Products tab and click Add. 2. Enter iDRAC devices or iDRAC device group name and click OK. 3. In the Properties window, click Apply and click OK. 4.
• • Using config command: racadm config -g cfgActiveDirectory racadm config -g cfgActiveDirectory racadm config -g cfgActiveDirectory racadm config -g cfgActiveDirectory rac domain name> racadm config -g cfgActiveDirectory qualified domain name or IP Address racadm config -g cfgActiveDirectory qualified domain name or IP Address racadm config -g cfgActiveDirectory qualified domain name or IP Address -o -o -o -o cfgADEnable 1 cfgADType 1 cfgADRacName cfgADRacDomain
3. 4. • Using config command: racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 1 • Using set command: racadm set iDRAC.IPv4.
Testing Active Directory Settings Using RACADM To test the Active Directory settings, use the testfeature command. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Configuring Generic LDAP Users iDRAC provides a generic solution to support Lightweight Directory Access Protocol (LDAP)-based authentication. This feature does not require any schema extension on your directory services.
7. Click Role Group. The Generic LDAP Configuration and Management Step 3b of 3 page is displayed. 8. Specify the group distinguished name, the privileges associated with the group, and click Apply. NOTE: If you are using Novell eDirectory and if you have used these characters—#(hash), "(double quotes), ;(semi colon), > (greater than), , (comma), or <(lesser than)—for the Group DN name, they must be escaped. The role group settings are saved.
8 Configuring iDRAC for Single Sign-On or Smart Card Login This section provides information to configure iDRAC for Smart Card login (for local users and Active Directory users), and Single Sign-On (SSO) login (for Active Directory users.) SSO and smart card login are licensed features. iDRAC supports Kerberos based Active Directory authentication to support Smart Card and SSO logins. For information on Kerberos, see the Microsoft website.
Registering iDRAC as a Computer in Active Directory Root Domain To register iDRAC in Active Directory root domain: 1. Click Overview → iDRAC Settings → Network → Network. The Network page is displayed. 2. Provide a valid Preferred/Alternate DNS Server IP address. This value is a valid DNS server IP address that is part of the root domain. 3. Select Register iDRAC on DNS. 4. Provide a valid DNS Domain Name. 5. Verify that network DNS configuration matches with the Active Directory DNS information.
A keytab file is generated. NOTE: If you find any issues with iDRAC user for which the keytab file is created, create a new user and a new keytab file. If the same keytab file which was initially created is again executed, it does not configure correctly. Creating Active Directory Objects and Providing Privileges Perform the following steps for Active Directory Extended schema based SSO login: 1. Create the device object, privilege object, and association object in the Active Directory server. 2.
Configuring iDRAC SSO Login for Active Directory Users Before configuring iDRAC for Active Directory SSO login, make sure that you have completed all the prerequisites. You can configure iDRAC for Active Directory SSO when you setup an user account based on Active Directory.
Enabling or Disabling Smart Card Login Uploading Smart Card User Certificate Before you upload the user certificate, make sure that the user certificate from the smart card vendor is exported in Base64 format. SHA-2 certificates are also supported. Related Links Obtaining Certificates Uploading Smart Card User Certificate Using Web Interface To upload smart card user certificate: 1. In iDRAC Web interface, go to Overview → iDRAC Settings → Network → User Authentication → Local Users.
Uploading Trusted CA Certificate For Smart Card Using RACADM To upload trusted CA certificate for smart card login, use the usercertupload object. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/ support/manuals. Configuring iDRAC Smart Card Login for Active Directory Users Before configuring iDRAC Smart Card login for Active Directory users, make sure that you have completed the required prerequisites. To configure iDRAC for smart card login: 1.
Enabling or Disabling Smart Card Login Using Web Interface To enable or disable the Smart Card logon feature: 1. In the iDRAC Web interface, go to Overview → iDRAC Settings → User Authentication → Smart Card . The Smart Card page is displayed. 2. From the Configure Smart Card Logon drop-down menu, select Enabled to enable smart card logon or select Enabled With Remote RACADM. Else, select Disabled. For more information about the options, see the iDRAC Online Help. 3. Click Apply to apply the settings.
Configuring iDRAC to Send Alerts 9 You can set alerts and actions for certain events that occur on the managed system. An event occurs when the status of a system component is greater than the pre-defined condition. If an event matches an event filter and you have configured this filter to generate an alert (e-mail, SNMP trap, IPMI alert, remote system logs, or WS events), then an alert is sent to one or more configured destinations.
Enabling or Disabling Alerts Using Web Interface To enable or disable generating alerts: 1. In iDRAC Web interface, go to Overview → Server → Alerts. The Alerts page is displayed. 2. Under Alerts section: • 3. Select Enable to enable alert generation or perform an event action. • Select Disable to disable alert generation or disable an event action. Click Apply to save the setting.
• 3. 4. Updates • Work Notes Select one or more of the following severity levels: • Informational • Warning • Critical Click Apply. The Alert Results section displays the results based on the selected category and severity. Filtering Alerts Using RACADM To filter the alerts, use the eventfilters command. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals.
Setting Event Alerts Using RACADM To set an event alert, use the eventfilters command. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Setting Alert Recurrence Event You can configure iDRAC to generate additional events at specific intervals if the system continues to operate at a temperature which is greater than the inlet temperature threshold limit. The default interval is 30 days. The valid range is 0 to 366 days.
• No Action Click Apply. 3. The setting is saved. Setting Event Actions Using RACADM To configure an event action, use one of the following: • eventfilters command. • cfgIpmiPefAction object with config command. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals.
For more information about the options, see the iDRAC Online Help. NOTE: The Community String value indicates the community string to use in a Simple Network Management Protocol (SNMP) alert trap sent from iDRAC. Make sure that the destination community string is the same as the iDRAC community string. The default value is Public. 5. To test whether the IP address is receiving the IPMI or SNMP traps, click Send under Test IPMI Trap and Test SNMP Trap respectively. 6. Click Apply.
• 5. To enable SNMPv3 for a user: racadm set idrac.users.2.SNMPv3Enable Enabled To test the trap, if required: racadm testtrap -i [index] where [index] is the trap destination index to test. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Configuring IP Alert Destinations Using iDRAC Settings Utility You can configure alert destinations (IPv4, IPv6, or FQDN) using the iDRAC Settings utility. To do this: 1.
• Using config command: racadm config -g cfgEmailAlert -o cfgEmailAlertEnable -i [index] [0|1] where [index] is the email destination index. 0 disables the email alert and 1 enables the alert. The email destination index can be a value from 1 through 4. For example, to enable email with index 4, enter the following command: racadm config -g cfgEmailAlert -o cfgEmailAlertEnable -i 4 1 • Using set command: racadm set iDRAC.EmailAlert.Enable.[index] 1 where [index] is the email destination index.
3. Select the Enable Authentication option and then provide the user name and password (of a user who has access to SMTP server). 4. Enter the SMTP port number. For more information about the fields, see the iDRAC Online Help. 5. Click Apply. The SMTP settings are configured. Configuring SMTP Email Server Address Settings Using RACADM To configure the SMTP email server, use one of the following: • Using set command: racadm set iDRAC.RemoteHosts.
Message ID Description CBL Cable CPU Processor CPUA Proc Absent CTL Storage Contr DH Cert Mgmt DIS Auto-Discovery ENC Storage Enclosr FAN Fan Event FSD Debug HWC Hardware Config IPA DRAC IP Change ITR Intrusion JCP Job Control LC Lifecycle Contr LIC Licensing LNK Link Status LOG Log event MEM Memory NDR NIC OS Driver NIC NIC Config OSD OS Deployment OSE OS Event PCI PCI Device PDR Physical Disk PR Part Exchange 181
Message ID Description PST BIOS POST PSU Power Supply PSUA PSU Absent PWR Power Usage RAC RAC Event RDU Redundancy RED FW Download RFL IDSDM Media RFLA IDSDM Absent RFM FlexAddress SD RRDU IDSDM Redundancy RSI Remote Service SEC Security Event SEL Sys Event Log SRD Software RAID SSD PCIe SSD STOR Storage SUP FW Update Job SWC Software Config SWU Software Change SYS System Info TMP Temperature TST Test Alert UEFI UEFI Event USR User Tracking 182
Message ID Description VDR Virtual Disk VF vFlash SD card VFL vFlash Event VFLA vFlash Absent VLT Voltage VME Virtual Media VRM Virtual Console WRK Work Note 183
Managing Logs 10 iDRAC provides Lifecycle log that contains events related to system, storage devices, network devices, firmware updates, configuration changes, license messages, and so on. However, the system events are also available as a separate log called System Event Log (SEL). The lifecycle log is accessible through iDRAC Web interface, RACADM, and WS-MAN interface. When the size of the lifecycle log reaches 800 KB, the logs are compressed and archived.
racadm getsel If no arguments are specified, the entire log is displayed. To display the number of SEL entries: racadm getsel -i To clear the SEL entries: racadm clrsel For more information, see iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Viewing System Event Log Using iDRAC Settings Utility You can view the total number of records in the System Event Log (SEL) using the iDRAC Settings Utility and clear the logs. To do this: 1.
You can filter logs based on the category and severity level, view, export, and add a work note to a log event. Related Links Filtering Lifecycle Logs Exporting Lifecycle Controller Logs Using Web Interface Adding Comments to Lifecycle Logs Viewing Lifecycle Log Using Web Interface To view the Lifecycle Logs, click Overview → Server → Logs → Lifecycle Log.The Lifecycle Log page is displayed. For more information about the options, see the iDRAC Online Help.
Exporting Lifecycle Controller Logs Using Web Interface To export the Lifecycle Controller logs using the Web interface: 1. In the Lifecycle Log page, click Export. 2. Select any of the following options: • Network — Export the Lifecycle Controller logs to a shared location on the network. • Local — Export the Lifecycle Controller logs to a location on the local system.
The Remote Syslog Settings page is displayed 2. Enable remote syslog, specify the server address, and the port number. For information about the options, see the iDRAC Online Help. 3. Click Apply. The settings are saved. All logs written to the lifecycle log are also simultaneously written to configured remote server(s). Configuring Remote System Logging Using RACADM To configure the remote syslog server settings, use one of the following: • Objects in the cfgRemoteHosts group with the config command.
Monitoring and Managing Power 11 You can use iDRAC to monitor and manage the power requirements of the managed system. This helps to protect the system from power outages by appropriately distributing and regulating the power consumption on the system. The key features are: • Power Monitoring — View the power status, history of power measurements, the current averages, peaks, and so on for the managed system.
Monitoring Power Using RACADM To view the power monitoring information, use the System.Power group objects with the get command or the cfgServerPower object with the getconfig command. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Setting Warning Threshold for Power Consumption You can set the warning threshold value for the power consumption sensor in the rack and tower systems.
3. • Power Off System • NMI (Non-Masking Interrupt) • Graceful Shutdown • Reset System (warm boot) • Power Cycle System (cold boot) Click Apply. For more information, see the iDRAC Online Help. Executing Power Control Operations Using RACADM To perform power actions, use the serveraction command. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals.
650W to 525W. From that point onwards, the system's performance is dynamically adjusted to maintain power consumption so as to not exceed the user-specified threshold of 525W. If the power cap value is set to be lower than the minimum recommended threshold, iDRAC may not be able maintain the requested power cap. You can specify the value in Watts, BTU/hr, or as a percentage (%) of the recommended maximum power limit.
NOTE: The Power Configuration link is available only if the server power supply unit supports power monitoring. The iDRAC Settings Power Configuration page is displayed. 2. Select Enabled to enable the Power Cap Policy Else, select Disabled. 3. Use the recommended settings, or under User Defined Power Cap Policy, enter the required limits. For more information about the options, see the iDRAC Settings Utility Online Help. 4. Click Back, click Finish, and then click Yes.
• System.Power.PFC.Enable For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. Configuring Power Supply Options Using iDRAC Settings Utility To configure the power supply options: 1. In iDRAC Settings utility, go to Power Configuration. NOTE: The Power Configuration link is available only if the server power supply unit supports power monitoring. The iDRAC Settings Power Configuration page is displayed. 2.
12 Inventory, Monitoring, and Configuring Network Devices You can inventory, monitor, and configure the following network devices: • • • • • Network Interface Cards (NICs) Converged Network Adapters (CNAs) LAN On Motherboards (LOMs) Network Daughter Cards (NDCs) Mezzanine cards (only for blade servers) Related Links Inventory and Monitoring FC HBA Devices Dynamic Configuration of Virtual Addresses, Initiator, and Storage Target Settings Inventory and Monitoring Network Devices You can remotely monitor t
Additional properties may be displayed when using RACADM or WS-MAN in addition to the properties displayed in the iDRAC Web interface. Inventory and Monitoring FC HBA Devices You can remotely monitor the health and view the inventory of the Fibre Channel Host Bus Adapters (FC HBA) devices in the managed system. The Emulex and QLogic (except FC8) FC HBAs are supported.
• • • View and configure the virtual addresses for network devices (for example, NIC, CNA, FC HBA) Configure the initiator (for iSCSI and FCoE) and storage target settings (for iSCSI, FCoE, and FC) Specify persistence or clearance of the configured values over a system AC power loss, cold, and warm system resets.
Manufacturer Emulex Type • QLE2662 PCIe FC16 • • • • • • • • LPM16002 Mezz FC16 LPe16000 PCIe FC16 LPe16002 PCIe FC16 LPM16002 Mezz FC16 OCm14104-UX-D rNDC 10Gb OCm14102-U2-D bNDC 10Gb OCm14102-U3-D Mezz 10Gb Ce14102-UX-D PCIe 10Gb NOTE: I/O Identity Optimization is not supported on the following cards: • Intel x520 Mezz 10 GB • Mellanox cards Supported BIOS Version for I/O Identity Optimization In 13th generation Dell PowerEdge servers, the required BIOS version is available by default.
System Behavior for FlexAddress and IO Identity Server with FAequivalent Persistence Server with VAM Persistence Policy Feature FlexAddress IO Identity Remote Agent VA Feature State in Feature State in VA Available for Programming CMC iDRAC this Reboot Source Cycle? Reboot Cycle VA Persistence Behavior Enabled Disabled FlexAddress from CMC Per FlexAddress spec N/A, Enabled, or Disabled Enabled Yes - New or Persisted Remote Agent Virtual Address Per FlexAddress spec No Virtual Address Cleared
NOTE: Do not modify non I/O Identity Optimization attributes. Enabling or Disabling I/O Identity Optimization Using Web Interface To enable or disable I/O Identity Optimization: 1. In the iDRAC Web interface, go to Overview → Hardware → Network Devices. 2. Click the I/O Identity Optimization tab, select the I/O Identity Optimization option to enable this feature. To disable, clear this option. 3. Click Apply to apply the setting. The Network Devices page is displayed.
Event actions are enabled for SNMP, email, or WS-eventing notifications. Logs are also included in the remote syslogs.
Table 23. iSCSI Initiator —Default Values iSCSI Initiator Default Values in IPv4 mode Default Values in IPv6 mode IscsiInitiatorIpAddr 0.0.0.0 :: IscsiInitiatorIpv4Addr 0.0.0.0 0.0.0.0 IscsiInitiatorIpv6Addr :: :: IscsiInitiatorSubnet 0.0.0.0 0.0.0.0 IscsiInitiatorSubnetPrefix 0 0 IscsiInitiatorGateway 0.0.0.0 :: IscsiInitiatorIpv4Gateway 0.0.0.0 0.0.0.0 IscsiInitiatorIpv6Gateway :: :: IscsiInitiatorPrimDns 0.0.0.0 :: IscsiInitiatorIpv4PrimDns 0.0.0.0 0.0.0.
iSCSI Storage Target Attributes Default Values in IPv4 mode Default Values in IPv6 mode FirstTgtChapId Value Cleared Value Cleared FirstTgtChapPwd Value Cleared Value Cleared FirstTgtIpVer Ipv4 ConnectSecondTgt Disabled Disabled SecondTgtIpAddress 0.0.0.
Managing Storage Devices 13 In the iDRAC 2.00.00.00 release, iDRAC expands its agent-free management to include direct configuration of the new PERC9 controllers. It enables you to remotely configure the storage components attached to your system at run-time. These components include RAID and non-RAID controllers and the channels, ports, enclosures, and disks attached to them.
alarms, and so on) associated with external enclosures. Physical disks can be contained in an enclosure or attached to the backplane of a system. In addition to managing the physical disks contained in the enclosure, you can monitor the status of the fans, power supply, and temperature probes in an enclosure. You can hot plug enclosures. Hot plugging is defined as adding of a component to a system while the operating system is still running.
concepts, as well as some familiarity with how the RAID controllers and operating system view disk space on your system. What Is RAID? RAID is a technology for managing the storage of data on the physical disks that reside or are attached to the system. A key aspect of RAID is the ability to span physical disks so that the combined storage capacity of multiple physical disks can be treated as a single, extended disk space.
• Stripe element size — The amount of disk space consumed by a stripe element. For example, consider a stripe that contains 64KB of disk space and has 16KB of data residing on each disk in the stripe. In this case, the stripe element size is 16KB and the stripe size is 64KB. • Parity — Parity refers to redundant data that is maintained using an algorithm in combination with striping. When one of the striped disks fails, the data can be reconstructed from the parity information using the algorithm.
• RAID Level 0 (Striping) • RAID Level 1 (Mirroring) • RAID Level 5 (Striping With Distributed Parity) • RAID Level 6 (Striping With Additional Distributed Parity) • RAID Level 50 (Striping Over RAID 5 Sets) • RAID Level 60 (Striping Over RAID 6 Sets) • RAID Level 10 (Striping Over Mirror Sets) RAID Level 0 (Striping) RAID 0 uses data striping, which is writing data in equal-sized segments across the physical disks. RAID 0 does not provide data redundancy.
RAID 1 characteristics: • Groups n + n disks as one virtual disk with the capacity of n disks. The controllers currently supported by Storage Management allow the selection of two disks when creating a RAID 1. Because these disks are mirrored, the total storage capacity is equal to one disk. • Data is replicated on both the disks. • When a disk fails, the virtual disk still works. The data is read from the mirror of the failed disk. • Better read performance, but slightly slower write performance.
RAID 5 characteristics: • Groups n disks as one large virtual disk with a capacity of (n-1) disks. • Redundant information (parity) is alternately stored on all disks. • When a disk fails, the virtual disk still works, but it is operating in a degraded state. The data is reconstructed from the surviving disks. • Better read performance, but slower write performance. • Redundancy for protection of data.
RAID 6 characteristics: • Groups n disks as one large virtual disk with a capacity of (n-2) disks. • Redundant information (parity) is alternately stored on all disks. • The virtual disk remains functional with up to two disk failures. The data is reconstructed from the surviving disks. • Better read performance, but slower write performance. • Increased redundancy for protection of data. • Two disks per span are required for parity. RAID 6 is more expensive in terms of disk space.
RAID 50 characteristics: • Groups n*s disks as one large virtual disk with a capacity of s*(n-1) disks, where s is the number of spans and n is the number of disks within each span. • Redundant information (parity) is alternately stored on all disks of each RAID 5 span. • Better read performance, but slower write performance. • Requires as much parity information as standard RAID 5. • Data is striped across all spans. RAID 50 is more expensive in terms of disk space.
RAID 60 characteristics: • Groups n*s disks as one large virtual disk with a capacity of s*(n-2) disks, where s is the number of spans and n is the number of disks within each span. • Redundant information (parity) is alternately stored on all disks of each RAID 6 span. • Better read performance, but slower write performance. • Increased redundancy provides greater data protection than a RAID 50. • Requires proportionally as much parity information as RAID 6.
RAID 10 characteristics: • Groups n disks as one large virtual disk with a capacity of (n/2) disks, where n is an even integer. • Mirror images of the data are striped across sets of physical disks. This level provides redundancy through mirroring. • When a disk fails, the virtual disk still works. The data is read from the surviving mirrored disk. • Improved read performance and write performance. • Redundancy for protection of data.
RAID Level Data Availability Read Performanc e Write Performanc e Rebuild Performanc e Minimum Disks Required Suggested Uses logs, and critical information. RAID 5 Good Sequential reads: good. Transactiona l reads: Very good Fair, unless using writeback cache Fair N + 1 (N = at least two disks) Databases and other read intensive transactional uses. RAID 10 Excellent Very Good Fair Good 2N x X Data intensive environment s (large records).
Supported Controllers Supported RAID Controllers The iDRAC interfaces support the following PERC9 controllers: • PERC H830 • PERC H730P • PERC H730 • PERC H330 The iDRAC interfaces support the following PERC8 controllers: • PERC H810 • PERC H710P • PERC H710 • PERC H310 Supported Non-RAID Controllers The iDRAC interfaces supports 12Gbps SAS HBA External Adapter. NOTE: iDRAC does not support software RAID.
Feature Name PERC 9 Controllers PERC 8 Controllers PCIe SSD H830 H730 H730 P H330 H810 H710P H710 H310 Check virtual disk consistency Real- Realtime time Realtime Realtime Staged Staged Staged Staged Not applica ble Cancel check consistency Real- Realtime time Realtime Realtime Not applica ble Not Not applicabl applica e ble Not applica ble Not applica ble Initialize virtual disks Real- Realtime time Realtime Realtime Staged Staged Staged Staged Not applica ble Cancel ini
Feature Name PERC 9 Controllers PERC 8 Controllers PCIe SSD H830 H730 H730 P H330 H810 H710P H710 H310 Check Consistency Rate Real- Realtime time Realtime Realtime Staged Staged Staged Staged Not applica ble Rebuild Rate Real- Realtime time Realtime Realtime Staged Staged Staged Staged Not applica ble BGI Rate Real- Realtime time Realtime Realtime Staged Staged Staged Staged Not applica ble Reconstruct Rate Real- Realtime time Realtime Realtime Staged Staged Staged
Feature Name PERC 9 Controllers PERC 8 Controllers H710 H830 H730 H730 P H330 H810 H710P Configure Backplane mode Real- Realtime time Realtime Realtime Not applica ble Not Not applicabl applica e ble Not applica ble Not applica ble Blink or unblink component LEDs Real- Realtime time Realtime Realtime Realtime Realtime Realtime Realtime Realtime H310 PCIe SSD Inventory and Monitoring Storage Devices You can remotely monitor the health and view the inventory of the following Comprehe
For more information on the displayed properties and to use the filter options, see iDRAC Online Help. Monitoring Storage Device Using RACADM To view the storage device information, use the raid or storage subcommand. For more information, see the iDRAC RACADM Command Line Reference Guideavailable at dell.com/support/manuals. Monitoring Backplane Using iDRAC Settings Utility In the iDRAC Settings utility, go to System Summary. The iDRAC Settings.System Summary page is displayed.
When deleting virtual disks, all assigned global hot spares may be automatically unassigned when the last virtual disk associated with the controller is deleted. If you reset the configuration, the virtual disks are deleted and all the hot spares are unassigned. You must be familiar with the size requirements and other considerations associated with hot spares. Before assigning a physical disk as a global hot spare: • Make sure that Lifecycle Controller is enabled.
1. Press while restarting the server, and then select the required controller. 2. Press and select the Convert to RAID capable option, and then complete the operation. NOTE: • This task is not supported on PERC hardware controllers running in HBA mode. • This task is only supported as a staged operation. Convert To Non-RAID Disk This task converts a disk to a Non-RAID disk.
Before creating a virtual disk, you should be familiar with the information in Considerations Before Creating Virtual Disks. You can create a Virtual Disk using the Physical Disks attached to the PERC controller. To create a Virtual Disk, you must have the Server Control user privilege. You can create a maximum of 64 virtual drives and a maximum of 16 virtual drives in the same drive group. You cannot create a virtual disk if: • Physical disk drives are not available for virtual disk creation.
b. From the Controller drop-down menu, select the controller for which you want to create the virtual disk. c. From the Layout drop-down menu, select the RAID level for the Virtual Disk. Only those RAID levels supported by the controller appear in the drop-down menu and it is based on the RAID levels are available based on the total number of physical disks available. d. Select the Media Type, Stripe Size, Read Policy, Write Policy, Disk Cache Policy, T10 PI Capability.
performance since subsequent read requests can retrieve data quickly from the cache then from the disk. However, data loss may occur in the event of a system failure which prevents that data from being written on a disk. Other applications may also experience problems when actions assume that the data is available on the disk. • Force Write Back — The write cache is enabled regardless of whether the controller has a battery.
Initializing Virtual Disks Initializing virtual disks erases the all the data on the disk but does not change the virtual disk configuration. You must initialize a virtual disk that is configured before it is used. NOTE: Do not initialize virtual disks when attempting to recreate an existing configuration. You can perform a fast initialization, a full Initialization, or cancel the initialization operation. NOTE: The cancel initialization is a real-time operation.
NOTE: Full initialize is supported only in real-time. Only few controllers support full initialization. Encrypting Virtual Disks When encryption is disabled on a controller (that is, the security key is deleted), manually enable encryption for virtual disks created using SED drives. If the virtual disk is created after encryption is enabled on a controller, the virtual disk is automatically encrypted.
– No Read Ahead – Read Ahead • Edit Policy: Write Cache — Change the write cache policy to one of the following options: – Write Through – Write Back – Force Write Back • Edit Policy: Disk Cache — Change the disk cache policy to one of the following options: – Default – Enabled – Disabled • Initialize: Fast — Updates the metadata on the physical disks so that all the disk space is available for future write operations.
• Create, change, or delete security keys Related Links Configuring Controller Properties Importing or Auto Importing Foreign Configuration Clearing Foreign Configuration Resetting Controller Configuration Supported Controllers Summary of Supported Features for Storage Devices Convert To RAID Capable Disk Convert To Non-RAID Disk Configuring Controller Properties You can configure the following properties for the controller: • Patrol read mode (auto or manual) • Start or stop patrol read if patrol rea
In addition, the Patrol Read operation suspends during heavy I/O activity and resumes when the I/O is complete. NOTE: For more information on how often the Patrol Read operation runs when in auto mode, see the respective controller documentation. Load Balance The Load Balance property provides the ability to automatically use both controller ports or connectors connected to the same enclosure to route I/O requests. This property is available only on SAS controllers.
each encryption-capable controller. The security key is managed using the Local Key Management (LKM) feature. LKM is used to generate the key ID and the password or key required to secure the virtual disk. If you are using LKM, you must create the encryption key by providing the Security Key Identifier and the Passphrase. This task is not supported on PERC hardware controllers running in HBA mode.
• To create, modify, or delete security key to encrypt virtual drives: racadm storage createsecuritykey: -key -passwd racadm storage modifysecuritykey: -key -oldpasswd -newpasswd racadm storage deletesecuritykey: Importing or Auto Importing Foreign Configuration A foreign configuration is data residing on physical disks that have been moved from one controller to another.
This task is not supported on PERC hardware controllers running in HBA mode. NOTE: It is not recommended to remove an external enclosure cable while the operating system is running on the system. Removing the cable could result in a foreign configuration when the connection is re-established. You can manage foreign configurations in the following cases: • All the physical disks in a configuration are removed and re-inserted. • Some of the physical disks in a configuration are removed and re-inserted.
physical disk contains a foreign configuration (virtual disk) by checking the physical disk state. If the physical disk state is Foreign, then the physical disk contains all or some portion of a virtual disk. You can clear or erase the virtual disk information from the newly attached physical disks. The Clear Foreign Configuration operation permanently erases all data residing on the physical disks that are added to the controller.
Based on the selected operation mode, the settings are applied. Resetting Controller Configuration Using RACADM To reset the controller configuration, use the following command: racadm storage resetconfig: For more information, see the iDRAC RACADM Command Line Reference Guide available at dell.com/ esmmanuals. 12Gbps SAS HBA Adapter Operations The non-RAID controllers are the HBAs that do not have few RAID capabilities. They do not support virtual disks.
SMART performs predictive failure analysis on each disk and sends alerts if a disk failure is predicted. The controllers check physical disks for failure predictions and, if found, pass this information to iDRAC. iDRAC immediately logs an alert. Controller Operations in Non-RAID (HBA) Mode If the controller is in non-RAID mode (HBA mode), then: • Virtual disks or hot spares are not available. • Security state of the controller is disabled. • All physical disks are in non-RAID mode.
Level Cell (SLC) and Multi-Level Cell (MLC) NAND flash technology with a high-speed PCIe 2.0 or PCIe 3.0 compliant interface. Using iDRAC interfaces, you can view and configure NVMe PCIe SSDs. The key features of PCIe SSD are: • Hot plug capability • High-performance device The PCIe SSD subsystem consists of the Backplane, PCIe Extender card which is attached to the backplane of the system and provides PCIe connectivity for up to four or eight PCIe SSDs at the front of the chassis and the PCIe SSDs.
To view PCIe SSD backplane information: racadm storage get enclosures NOTE: For all the mentioned commands, PERC devices are also displayed. For more information, see the iDRAC RACADM Command Line Reference Guide available at dell.com/ esmmanuals. Preparing to Remove PCIe SSD PCIe SSDs support orderly hot swap allowing you to add or remove a device without halting or rebooting the system in which the devices are installed.
If the job is not created, a message indicating that the job creation was not successful is displayed. Also, the message ID and the recommended response action is displayed. If the job is created successfully, a message indicating that the job ID is created for the selected controller is displayed. Click Job Queue to view the progress of the job in the Job Queue page. If pending operation is not created, an error message is displayed.
4. From the Apply Operation Mode drop-down menu, select one of the following options: • At Next Reboot — Select this option to apply the actions during the next system reboot. This is the default option for PERC 8 controllers. • At Scheduled Time — Select this option to apply the actions at a scheduled day and time: – Start Time and End Time — Click the calendar icons and select the days. From the drop-down menus, select the time. The action is applied between the start time and end time.
Viewing Universal Slots Setting SGPIO Mode Configuring Backplane Mode The 13th generation Dell PowerEdge servers supports a new internal storage topology, where two storage controllers (PERCs) can be connected to a set of internal drives through a single expander. This configuration is used for high performance mode with no failover or High Availability (HA) functionality. The expander splits the internal drive array between the two storage controllers.
4. • Split From the Apply Operation Mode drop-down menu, select Apply Now to apply the actions immediately, and then click Apply. 5. Go to the Job Queue page and verify that it displays the status as Completed for the job. 6. Power cycle the system for the setting to take affect. A job ID is created. Configuring Enclosure Using RACADM To configure the enclosure or backplane, use the BackplaneMode object with the set subcommand. For example, to set the BackplaneMode attribute to split mode: 1.
The output is: BackplaneRequestedMode=SplitMode 9. Run the following command to cold reboot the server: serveraction powercycle 10. After the system completes POST and CSIOR, type the following command to verify the backplanerequestedmode: get storage.enclosure.1.backplanerequestedmode The output is: BackplaneRequestedMode=None 11. Run the following to verify is the backplane mode is set to split mode: get storage.enclosure.1.backplanecurrentmode The output is: BackplaneCurrentMode=SplitMode 12.
Setting SGPIO Mode The storage controller can connect to the backplane in I2C mode (default setting for Dell backplanes) or Serial General Purpose Input/Output (SGPIO) mode. This connection is required for blinking LEDs on the drives. Dell PERC controllers and backplane support both these modes. To support certain channel adapters, the backplane mode must be changed SGPIO mode. The SGPIO mode is only supported for passive backplanes.
2. • Overview → Storage → Pending Operations Select one of the following from the Apply Operation Mode drop-down menu: • Apply Now — Select this option to apply the settings immediately. This option is available for PERC 9 controllers only. If there are jobs to be completed, then this option is grayed-out. This job take at least 2 minutes to complete. • At Next Reboot — Select this option to apply the settings during the next system reboot. This is the default option for PERC 8 controllers.
The Pending Operations page is displayed. 2. From the Component drop-down menu, select the controller for which you want to view, commit, or delete the pending operations. The list of pending operations is displayed for the selected controller. NOTE: • 3. 4. Pending operations are created for import foreign configuration, clear foreign configuration, security key operations, and encrypt virtual disks. But, they are not displayed in the Pending Operations page and in the Pending Operations pop-up message.
Storage Devices — Apply Operation Scenarios Case 1: Selected an Apply Operation (Apply Now, At Next Reboot, or At Scheduled Time) and there are no existing pending operations If you have selected Apply Now, At Next Reboot, or At Scheduled Time and then clicked Apply, first the pending operation is created for the selected storage configuration operation. • If the pending operation is successful and there are no prior existing pending operations, then the job is created.
– Click OK to remain on the page to perform more storage configuration operations. – Click Pending Operations to view the pending operations for the device. Until the job is created on the selected controller, these pending operations are not applied. • If the pending operation is not created successfully and if there are no existing pending operations, then an error message is displayed.
• 2. Overview → Storage → Virtual Disks → Identify- Displays the Identify Virtual Disks page where you can blink or unblink the virtual disks. If you are on the Identify Component LED page: • Select or deselect all component LEDs — Select the Select/Deselect All option and click Blink to start blinking the component LEDs. Similarly, click Unblink to stop blinking the component LEDs. • 3.
Configuring and Using Virtual Console 14 You can use the virtual console to manage a remote system using the keyboard, video, and mouse on your management station to control the corresponding devices on a managed server. This is a licensed feature for rack and tower servers. It is available by default in blade servers. The key features are: • A maximum of six simultaneous Virtual Console sessions are supported. All the sessions view the same managed server console simultaneously.
Screen Resolution Refresh Rate (Hz) 1024x768 60, 70, 72, 75, 85 1280x1024 60 It is recommended that you configure your monitor display resolution to 1280x1024 pixels or higher. NOTE: If you have an active Virtual Console session and a lower resolution monitor is connected to the Virtual Console, the server console resolution may reset if the server is selected on the local console. If the system is running a Linux operating system, an X11 console may not be viewable on the local monitor.
Related Links Configuring Virtual Console Configuring IE to Use ActiveX Plug-in You must configure the IE browser settings before you launch and run ActiveX based Virtual Console and Virtual Media applications. The ActiveX applications are delivered as signed CAB files from the iDRAC server. If the plug-in type is set to Native-ActiveX type in Virtual console, when you try to launch the Virtual Console, the CAB file is downloaded to the client system and ActiveX based Virtual Console is launched.
Additional Settings for Windows Vista or Newer Microsoft Operating Systems The Internet Explorer browsers in Windows Vista or newer operating systems have an additional security feature called Protected Mode. To launch and run ActiveX applications in Internet Explorer browsers with Protected Mode: 1. Run IE as an administrator. 2. Go to Tools → Internet Options → Security → Trusted Sites. 3. Make sure that the Enable Protected Mode option is not selected for Trusted Sites zone.
The Java Cache viewer is displayed. 2. Delete the items titled iDRAC Virtual Console Client. Importing CA Certificates to Management Station When you launch Virtual Console or Virtual Media, prompts are displayed to verify the certificates. If you have custom Web server certificates, you can avoid these prompts by importing the CA certificates to the Java or ActiveX trusted certificate store.
Configuring Web Browsers to Use Virtual Console Launching Virtual Console Configuring Virtual Console Using Web Interface To configure Virtual Console using iDRAC Web interface: 1. Go to Overview → Server → Virtual Console. The Virtual Console page is displayed. 2. Enable virtual console and specify the required values. For information about the options, see the iDRAC Online Help. 3. Click Apply. The virtual console is configured.
While launching Virtual Console using 32-bit or 64-bit IE browsers, the required plug-in (Java or ActiveX) is available in the respective browser. The Internet Options settings are common for both the browsers. While launching the Virtual Console using Java plug-in, occasionally you may see a Java compilation error. To resolve this, go to Java control panel → General → Network Settings and select Direct Connection.
• Control Panel → Power Options → High–Performance → Advanced Settings → Hard Disk → Turnoff Hard Disk After Launching Virtual Console Using URL To launch the Virtual Console using the URL: 1. Open a supported Web browser and in the address box, type the following URL in lower case: https://iDRAC_ip/console 2.
NOTE: If the remote server is powered off, the message ’No Signal’ is displayed. The Virtual Console Viewer title bar displays the DNS name or the IP address of the iDRAC you are connected to from the management station. If iDRAC does not have a DNS name, then the IP address is displayed.
If synchronization problems continue, do the following additional change in the /.gconf/ desktop/gnome/peripherals/mouse/%gconf.xml file: Change the values for motion_threshold and motion_acceleration to -1. If you turn off mouse acceleration in GNOME desktop, in the Virtual Console viewer, go to Tools → Session Options → Mouse. Under Mouse Acceleration tab, select None.
Java-based Virtual Console Session running on Windows Operating System • Ctrl+Alt+Del key is not sent to the managed system, but always interpreted by the management station.
– echo "1" > /proc/sys/kernel/sysrq • When Pass all keystrokes to server is enabled, the magic SysRq keys are sent to the operating system on the managed system. The key sequence behavior to reset the operating system, that is reboot without un-mounting or sync, depends on whether the magic SysRq is enabled or disabled on the management station: – If SysRq is enabled on the management station, then or resets the management station irrespective of the system’s state.
ActiveX Based Virtual Console Session Running on Windows Operating System The behavior of the pass all keystrokes to server feature in ActiveX based Virtual Console session running on Windows operating system is similar to the behavior explained for Java based Virtual Console session running on the Windows management station with the following exceptions: • When Pass All Keys is disabled, pressing F1 launches the application Help on both management station and managed system, and the following message is d
Managing Virtual Media 15 Virtual media allows the managed server to access media devices on the management station or ISO CD/DVD images on a network share as if they were devices on the managed server. Using the Virtual Media feature, you can: • Remotely access media connected to a remote system over the network • Install applications • Update drivers • Install an operating system on the managed system This is a licensed feature for rack and tower servers.
Figure 4. Virtual Media Setup Supported Drives and Devices The following table lists the drives supported through virtual media. Table 27. Supported Drives and Devices Drive Supported Storage Media Virtual Optical Drives • • • • • Virtual floppy drives USB flash drives • Legacy 1.44 floppy drive with a 1.
Configuring Virtual Media Using RACADM To configure the virtual media, • Use the objects in the iDRAC.VirtualMedia group with the set command. • Use the objects in the cfgRacVirtual group with the config command. For more information, see the RACADM Command Line Reference Guide for iDRAC available at dell.com/support/manuals. Configuring Virtual Media Using iDRAC Settings Utility You can attach, detach, or auto-attach virtual media using the iDRAC Settings utility. To do this: 1.
If the RFS connection is not active and you attempt to launch the Virtual Media client, the client launches successfully. You can then use the Virtual Media client to map devices and files to the Virtual Media virtual drives. Related Links Configuring Web Browsers to Use Virtual Console Configuring Virtual Media Launching Virtual Media Using Virtual Console Before you launch Virtual Media through the Virtual Console, make sure that: • Virtual Console is enabled.
The following message is displayed: Virtual Console has been disabled. Do you want to continue using Virtual Media redirection? 3. Click OK . The Virtual Media window is displayed. 4. From the Virtual Media menu, click Map CD/DVD or Map Removable Disk. For more information, see Mapping Virtual Drive. NOTE: The virtual device drive letters on the managed system do not coincide with the physical drive letters on the management station.
If Virtual Media is connected, this information is displayed. If Virtual Media is not connected, the “Virtual Media is not connected” message is displayed. If the Virtual Media is launched without using the Virtual Console, then the Virtual Media section is displayed as a dialog box. It provides information about the mapped devices. Resetting USB To reset the USB device: 1. In the Virtual Console viewer, click Tools → Stats. The Stats window is displayed. 2. Under Virtual Media, click USB Reset.
If the image is created in the default path (Desktop), when you select Map Removable Disk, the created image is available for selection in the drop-down menu. If image is created in a different location, when you select Map Removable Disk, the created image is not available for selection in the drop-down menu. Click Browse to specify the image. 4. Select Read-only to map writable devices as read-only. For CD/DVD devices, this option is enabled by default and you cannot disable it. 5.
To enable the managed system to boot: 1. Boot the managed system. 2. Press to enter the System Setup page. 3. Go to System BIOS Settings → Boot Settings → BIOS Boot Settings → Boot Sequence. In the pop-up window, the virtual optical drives and virtual floppy drives are listed with the standard boot devices. 4. Make sure that the virtual drive is enabled and listed as the first device with bootable media. If required, follow the on-screen instructions to modify the boot order. 5.
Installing and Using VMCLI Utility 16 The Virtual Media Command Line Interface (VMCLI) utility is an interface that provides virtual media features from the management station to iDRAC on the managed system. Using this utility you can access virtual media features, including image files and physical drives, to deploy an operating system on multiple remote systems in a network. NOTE: You can run the VMCLI utility only on the management station that is installed with 32–bit operating system.
VMCLI Syntax The VMCLI interface is identical on both Windows and Linux systems. The VMCLI syntax is: VMCLI [parameter] [operating_system_shell_options] For example, vmcli -r iDRAC-IP-address:iDRAC-SSL-port The parameter enables VMCLI to connect to the specified server, access iDRAC, and map to the specified virtual media. NOTE: VMCLI syntax is case-sensitive. To ensure security, it is recommended to use the following VMCLI parameters: • vmcli -i — Enables an interactive method of starting VMCLI.
If the file is not write-protected, Virtual Media may write to the image file. To make sure that Virtual Media does not write to the media: • Configure the operating system to write-protect a floppy image file that must not be overwritten. • Use the write-protection feature of the device. When virtualizing read-only image files, multiple sessions can use the same image media simultaneously. When virtualizing physical drives, only one session can access a given physical drive at a time.
Managing vFlash SD Card 17 The vFlash SD card is a Secure Digital (SD) card that plugs into the vFlash SD card slot in the system. You can use a card with a maximum of 16 GB capacity. After you insert the card, you must enable vFlash functionality to create and manage partitions. vFlash is a licensed feature. If the card is not available in the system's vFlash SD card slot, the following error message is displayed in the iDRAC Web interface at Overview → Server → vFlash: SD card not detected.
Viewing vFlash SD Card Properties After vFlash functionality is enabled, you can view the SD card properties using iDRAC Web interface or RACADM. Viewing vFlash SD Card Properties Using Web Interface To view the vFlash SD card properties, in the iDRAC Web interface, go to Overview → Server → vFlash. The SD Card Properties page is displayed. For information about the displayed properties, see the iDRAC Online Help.
The SD Card Properties page is displayed. 2. Select or clear the vFLASH Enabled option to enable or disable the vFlash functionality. If any vFlash partition is attached, you cannot disable vFlash and an error message is displayed. NOTE: If vFlash functionality is disabled, SD card properties are not displayed. 3. Click Apply. The vFlash functionality is enabled or disabled based on the selection.
All existing contents are removed and the card is reformatted with the new vFlash system information. If any vFlash partition is attached, the initialize operation fails and an error message is displayed. Initializing vFlash SD Card Using RACADM To initialize the vFlash SD card using RACADM, use one of the following: • Using vFlashSD command: racadm vflashsd initialize • Using set command: racadm set iDRAC.vflashsd.Initialized 1 All existing partitions are deleted and the card is reformatted.
NOTE: An administrator can perform all operations on the vFlash partitions. Else, you must have Access Virtual Media privilege to create, delete, format, attach, detach, or copy the contents for the partition.
• An initialize operation is being performed on the card. Creating an Empty Partition Using RACADM To create a 20 MB empty partition: 1. Open a telnet, SSH, or Serial console to the system and log in. 2. Enter the command: racadm vflashpartition create -i 1 -o drive1 -t empty -e HDD -f fat16 -s 20 A 20 MB empty partition in FAT16 format is created. By default, an empty partition is created as readwrite.
• An initialize operation is already being performed on the card. Creating a Partition From an Image File Using RACADM To create a partition from an image file using RACADM: 1. Open a telnet, SSH, or Serial console to the system and log in. 2. Enter the command: racadm vflashpartition create –i 1 –o drive1 –e HDD –t image –l //myserver/sharedfolder/foo.iso –u root –p mypassword A new partition is created. By default, the created partition is read-only.
Viewing Available Partitions Using RACADM To view the available partitions and their properties using RACADM: 1. Open a Telnet, SSH, or Serial console to the system and log in. 2.
– To change a read-write partition to read-only: racadm config –g cfgvflashpartition –i 1 –o cfgvflashPartitionAccessType 0 • Using set command to change the read-write state of the partition: – To change a read-only partition to read-write: racadm set iDRAC.vflashpartition..AccessType 1 – To change a read-write partition to read-only: racadm set iDRAC.vflashpartition..AccessType 0 • Using set command to specify the Emulation type: racadm set iDRAC.vflashpartition..
racadm config –g cfgvflashpartition –i 1 –o cfgvflashPartitionAttachState 1 – To detach a partition: racadm config –g cfgvflashpartition –i 1 –o cfgvflashPartitionAttachState 0 • Using set command: – To attach a partition: racadm set iDRAC.vflashpartition..AttachState 1 – To detach a partition: racadm set iDRAC.vflashpartition..
Deleting Existing Partitions Using RACADM To delete partitions: 1. Open a telnet, SSH, or Serial console to the system and log in. 2. Enter the following commands: • To delete a partition: racadm vflashpartition delete -i 1 • To delete all partitions, re-initialize the vFlash SD card. Downloading Partition Contents You can download the contents of a vFlash partition in the .img or .iso format to the: • Managed system (where iDRAC is operated from) • Network location mapped to a management station.
NOTE: If the attached vFlash partition(s) are not listed in the First Boot Device drop-down menu, make sure that the BIOS is updated to the latest version. Booting to a Partition Using RACADM To set a vFlash partition as the first boot device, use cfgServerInfo. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/support/manuals. NOTE: When you run this command, the vFlash partition label is automatically set to boot once— cfgserverBootOnce is set to 1.
Using SMCLP 18 The Server Management Command Line Protocol (SMCLP) specification enables CLI-based systems management. It defines a protocol for management commands transmitted over standard character oriented streams. This protocol accesses a Common Information Model Object Manager (CIMOM) using a human-oriented command set. The SMCLP is a sub-component of the Distributed Management Task Force (DMTF) SMASH initiative to streamline systems management across multiple platforms.
Running SMCLP Commands You can run the SMCLP commands using SSH or Telnet interface. Open a SSH or Telnet interface and log in to iDRAC as an administrator. The SMCLP prompt (admin ->)is displayed. SMCLP prompts: • yx1x blade servers use -$. • yx1x rack and tower servers use admin->. • yx2x blade, rack, and tower servers use admin->. where, y is a alpha-numeric character such as M (for blade servers), R (for rack servers), and T (for tower servers) and x is a number.
Verb Definition load Moves a binary image to a specified target address from a URL The following table provides a list of targets. Table 31.
Target Definitions admin1/system1/sp1/capabilities1/ rolemgtcap* Local Role Based Management capabilities admin1/system1/sp1/capabilities/ PwrutilmgtCap1 Power utilization management capabilities admin1/system1/sp1/capabilities1/ elecap1 Authentication capabilities admin1/system1/sp1/settings1 Service Processor settings collection admin1/system1/sp1/settings1/ clpsetting1 CLP service settings data admin1/system1/sp1/clpsvc1 CLP service protocol service admin1/system1/sp1/clpsvc1/clpendpt* CLP
Target Definitions admin1/system1/sp1/rolesvc2/Role1-3 IPMI role admin1/system1/sp1/rolesvc2/Role4 IPMI Serial Over LAN (SOL) role admin1/system1/sp1/rolesvc3 CLP RBA Service admin1/system1/sp1/rolesvc3/Role1-3 CLP role admin1/system1/sp1/rolesvc3/Role1-3/ privilege1 CLP role privilege Related Links Running SMCLP Commands Usage Examples Navigating the MAP Address Space Objects that can be managed with SM-CLP are represented by targets arranged in a hierarchical space called the Manageability Ac
show –d properties=(userid,name) /admin1/system1/sp1/account1 If you only want to show one property, you can omit the parentheses. Using the -level Option The show -level option executes show over additional levels beneath the specified target. To see all targets and properties in the address space, use the -l all option. Using the -output Option The -output option specifies one of four formats for the output of SM-CLP verbs: text, clpcsv, keyword, and clpxml.
• To reboot the server: reset /system1 The following message is displayed: system1 has been reset successfully SEL Management The following examples show how to use the SMCLP to perform SEL-related operations on the managed system.
Commands: cd show help exit version • To view the SEL record: show/system1/logs1/log1 The following output is displayed: /system1/logs1/log1/record4 Properties: LogCreationClassName= CIM_RecordLog CreationClassName= CIM_LogRecord LogName= IPMI SEL RecordID= 1 MessageTimeStamp= 20050620100512.
MAP Target Navigation The following examples show how to use the cd verb to navigate the MAP. In all examples, the initial default target is assumed to be /. Type the following commands at the SMCLP command prompt: • To navigate to the system target and reboot: cd system1 reset The current default target is /. • To navigate to the SEL target and display the log records: cd system1 cd logs1/log1 show • To display current target: type cd . • To move up one level: type cd ..
Using iDRAC Service Module 19 The iDRAC Service Module is a software application that is recommended to be installed on the server (it is not installed by default). It complements iDRAC with monitoring information from the operating system. It does not have an interface but, complements iDRAC by providing additional data to work with iDRAC interfaces such as the Web interface, RACADM, and WSMAN.
• • • • • • View Operating System (OS) information Replicate Lifecycle Controller logs to operating system logs Perform automatic system recovery options Populate Windows Management Instrumentation (WMI) Management Providers Integrate with Technical Support Report. This is applicable only if iDRAC Service Module Version 2.0 or later is installed. For more information, see Generating Tech Support Report. Prepare to Remove NVMe PCIe SSD. For more information, see iDRACUG_Preparing to Remove NVMe PCIe SSD.
You can perform automatic system recovery operations such as reboot, power cycle, or power off the server after a specified time interval. This feature is enabled only if the operating system watchdog timer is disabled. If OpenManage Server Administrator is installed, this monitoring feature is disabled to avoid duplicate watchdog timers.
CIM Interface WinRM WMIC 1+SystemCreationCl assName=DCIM_SPCom puterSystem +SystemName=system mc} Get references of an instance winrm e wmi/root/ cimv2/dcim/* dialect:associatio n –associations filter: {object=DCIM_Accou nt? CreationClassName= DCIM_Account +Name=iDRAC.Embedd ed.1#Users. 1+SystemCreationCl assName=DCIM_SPCom puterSystem +SystemName=system mc} PowerShell omputerSystem',Sys temName='systemmc' }" -namespace root/cimv2/dcim Not applicable Get-Wmiobject Query "REFERENCES OF {DCIM_Account.
• WMI Information — Include WMI information. • Auto System Recovery Action — Perform auto recovery operations on the system after a specified time (in seconds): – Reboot – Power Off System – Power Cycle System This option is disabled if OpenManage Server Administrator is installed on the system. Using iDRAC Service Module From RACADM To use the iDRAC Service Module from RACADM, use the objects in the ServiceModule group.
20 Using USB Port for Server Management In Dell PowerEdge 12th generation servers, all USB ports are dedicated to the server. With the 13th generation of servers, one of the front panel USB port is used by iDRAC for management purposes such as pre-provisioning and troubleshooting. The port has an icon to indicate that it is a management port. All 13th generation servers with LCD panel support this feature. This port is not available in a few of the 200-500 model variations without the LCD panel.
Management LED (if present) turns green and remains ON for two seconds. 4. Wait for the IP address to be assigned to the laptop (169.254.0.4) and iDRAC (169.254.0.3). This may take several seconds. 5. Start using iDRAC network interfaces such as Web interface, RACADM, or WS-Man. 6. When iDRAC is using the USB port, LED blinks indicating activity. Blink frequency is four per second. 7. After using, disconnect the cable. The LED turns off.
• Device is automatically switched from iDRAC to OS. • Device is ejected from iDRAC or OS When a device exceeds its power requirements as allowed by USB specification, the device is detached and an over-current event is generated with the following properties: • Category : System Health • Type: USB device • Severity: Warning • Allowed notifications: Email, SNMP trap, remote syslog and WS-Eventing. • Actions: None.
For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/esmmanuals.com. Configuring USB Management Port Using iDRAC Settings Utility To configure the USB port: 1. In the iDRAC Settings Utility, go to Media and USB Port Settings. The iDRAC Settings Media and USB Port Settings page is displayed. 2. 3. From the USB Management Port Mode drop-down menu, do the following: • Automatic — USB Port is used by iDRAC or the server’s operating system.
Value> On,Off InstructionRow>
• Solid green – When the job has completed successfully. Logs and Results File The following information is logged for the import operation: • Automatic import from USB is logged in the Lifecycle Controller log file. • If the USB device is left inserted, the job results are recorded in the Results file located in the USB key. A Result file named Results.
Using iDRAC Quick Sync 21 A few 13th generation Dell PowerEdge servers have the Quick Sync bezel that supports the Quick Sync feature. This feature enables at-the-server management with a mobile device. This allows you to view inventory and monitoring information and configure basic iDRAC settings (such as root credential setup and configuration of the first boot device) using the mobile device. You can configure iDRAC Quick Sync access for your mobile device (example, OpenManage Mobile) in iDRAC.
Configuring iDRAC Quick Sync Using iDRAC Web interface or RACADM, you can configure iDRAC Quick Sync feature to allow access to the mobile device: • Access — You can specify any of the following options to configure the access state of iDRAC Quick Sync feature: – Read-Write — Default status. – Read-write access – Allows you to configure the basic iDRAC settings. – Read-only access – Allows you to view inventory and monitoring information.
Configuring iDRAC Quick Sync Settings Using iDRAC Settings Utility To configure iDRAC Quick Sync: 1. In the iDRAC Settings Utility, go to Front Panel Security. The iDRAC Settings Front Panel Security page is displayed. 2. In the iDRAC Quick Sync section: • Specify the access level. • Enable Timeout. • Specify the User Defined Timeout Limit (15 seconds to 3600 seconds). For more information about the fields, see the iDRAC Online Help. 3. Click Back, click Finish, and then click Yes.
Deploying Operating Systems 22 You can use any of the following utilities to deploy operating systems to managed systems: • Virtual Media Command Line Interface (CLI) • Virtual Media Console • Remote File Share Related Links Deploying Operating System Using VMCLI Deploying Operating System Using Remote File Share Deploying Operating System Using Virtual Media Deploying Operating System Using VMCLI Before you deploy the operating system using the vmdeploy script, make sure that: • VMCLI utility is
3. Open a command prompt with administrator privileges and run the vmdeploy script: vmdeploy.bat -r -u -p [ -f { | < device-name>} | -c { |} ] [-i ] NOTE: vmdeploy does not support IPv6, since IPv6 does not support the IPMI tool. NOTE: The vmdeploy script processes the -r option slightly differently than the vmcli -r option.
• Network share contains drivers and operating system bootable image file, in an industry standard format such as .img or .iso. NOTE: While creating the image file, follow standard network-based installation procedures, and mark the deployment image as read-only to make sure that each target system boots and executes the same deployment procedure. To deploy an operating system using RFS: 1. Using Remote File Share (RFS), mount the ISO or IMG image file to the managed system through NFS or CIFS. 2.
If you update the iDRAC firmware from version 1.30.30 to 1.50.50 firmware while there is an active RFS connection and the Virtual Media Attach Mode is set to Attach or Auto Attach, the iDRAC attempts to reestablish the RFS connection after the firmware upgrade is completed and the iDRAC reboots. If you update the iDRAC firmware from version 1.30.30 to 1.50.
For RHEL, the CD device (.iso virtual device) is /dev/scd0 and floppy device (.img virtual device) is /dev/sdc. For SLES, the CD device is /dev/sr0 and the floppy device is /dev/sdc. To make sure that the correct device is used (for either SLES or RHEL), when you connect the virtual device, on the Linux OS you must immediately run the command: tail /var/log/messages | grep SCSI This displays the text that identifies the device (example, SCSI device sdc).
2. 3. 4. • Attach the operating system image. Select the drive on the management station with the required image to map it. Use one of the following methods to boot to the required device: • Set the boot order to boot once from Virtual Floppy or Virtual CD/DVD/ISO using the iDRAC Web interface. • Set the boot order through System Setup → System BIOS Settings by pressing during boot. Reboot the managed system and follow the on-screen instructions to complete the deployment.
Either of the two SD cards can be the master. For example, if two new SD cards are installed in the IDSDM, SD1 is active (master) card and SD2 is the standby card. The data is written on both the cards, but the data is read from SD1. At any time if SD1 fails or is removed, SD2 automatically become the active (master) card. You can view the status, health, and the availability of IDSDM using iDRAC Web Interface or RACADM.
23 Troubleshooting Managed System Using iDRAC You can diagnose and troubleshoot a remote managed system using: • Diagnostic console • Post code • Boot and crash capture videos • Last system crash screen • System event logs • Lifecycle logs • Front panel status • Trouble indicators • System health Related Links Using Diagnostic Console Scheduling Remote Automated Diagnostics Viewing Post Codes Viewing Boot and Crash Capture Videos Viewing Logs Viewing Last System Crash Screen Viewing Front
Scheduling Remote Automated Diagnostics You can remotely invoke automated offline diagnostics on a server as a one-time event and return the results. If the diagnostics require a reboot, you can reboot immediately or stage it for a subsequent reboot or maintenance cycle (similar to updates). When diagnostics are run, the results are collected and stored in the internal iDRAC storage. You can then export the results to an NFS or CIFS network share using the diagnostics export racadm command.
Scheduling Remote Automated Diagnostics Using RACADM To run the remote diagnostics and save the results on the local system, use the following command: racadm diagnostics run -m -r -s -e To export the last run remote diagnostics results, use the following command: racadm diagnostics export -f -l -u -p For more information about the options, see the iDRAC8 RACADM Command Line Interface Reference Guide ava
• 3. Capture until buffer full — Boot sequence is captured until the buffer size has reached. • Capture until end of POST — Boot sequence is captured until end of POST. Click Apply to apply the settings. Viewing Logs You can view System Event Logs (SELs) and Lifecycle logs. For more information, see Viewing System Event Log and Viewing Lifecycle Log . Viewing Last System Crash Screen The last crash screen feature captures a screenshot of the most recent system crash, saves, and displays it in iDRAC.
panel), then both Hide Error and UnHide Error is grayed-out. You can hide or unhide the errors only for rack and tower servers. To view LCD front panel status using RACADM, use the objects in the System.LCD group. For more information, see the iDRAC8 RACADM Command Line Interface Reference Guide available at dell.com/ support/manuals.
CAUTION: You should only perform troubleshooting and simple repairs as authorized in your product documentation, or as directed by online or telephone service and support team. Damage due to servicing that is not authorized by Dell is not covered by your warranty. Read and follow the safety instructions that came with the product.
The report is generated in the standard ZIP format. The report contains information that is similar to the information available in the DSET report such as: • Hardware inventory for all components • System, Lifecycle Controller, and component attributes • Operating system and application information • Active Lifecycle Controller logs (archived entries are not included) • PCIe SSD logs • Storage controller logs After the report is generated, you can view the report.
NOTE: While specifying the network share settings, it is recommended to avoid special characters for user name and password or percent encode the special characters. • Click Advanced Export Options to select the following additional options: – RAID Controller Log – Enable Report Filtering under OS and Application Data Based on the options selected, the time taken to collect the data is displayed next to these options. 3.
NOTE: – CentOS is supported only for iDRAC Service Module 2.0 or later. – If the IPMI modules are not present, then you can install the respective modules from the OS distribution media. The service starts once the installation is complete. • On Windows operating system: – Check if the WMI service is running: * If WMI is stopped, OS Collector starts the WMI automatically and continues with the collection. * If WMI is disabled, OS Collector collection stops with an error message.
11. Select the I agree to allow Technical Support to use this data option and click Export to export the data to the specified location. Generating Technical Support Report Manually Using RACADM To generate the TSR using RACADM, use the techsupreport subcommand. For more information, see the iDRAC RACADM Command Line Reference Guide available at dell.com/esmmanuals.com.
The Lifecycle Controller Data option erases any content such as the LC Log, configuration database, rollback firmware, factory as-shipped logs, and the configuration information from the FP SPI (or management riser). NOTE: The Lifecycle Controller log contains the information about the system erase request and any information generated when the iDRAC restarts. Prior information does not exist.
Frequently Asked Questions 24 This section lists the frequently asked questions for the following: • System Event Log • Network Security • Active Directory • Single Sign On • Smart Card Login • Virtual Console • Virtual Media • vFlash SD Card • SNMP Authentication • Storage Devices • iDRAC Service Module • RACADM • Miscellaneous System Event Log While using iDRAC Web interface through Internet Explorer, why does SEL not save using the Save As option? This is due to a browser sett
Network Security While accessing the iDRAC Web interface, a security warning appears stating that the SSL certificate issued by the Certificate Authority (CA) is not trusted. iDRAC includes a default iDRAC server certificate to ensure network security while accessing through the Web-based interface and remote RACADM. This certificate is not issued by a trusted CA. To resolve this, upload a iDRAC server certificate issued by a trusted CA (for example, Microsoft Certificate Authority, Thawte or Verisign).
– The Active Directory Enabled option is selected on the Active Directory Configuration and Management page. – The DNS setting is correct on the iDRAC Networking configuration page. – The correct Active Directory root CA certificate is uploaded to iDRAC if certificate validation was enabled. – The iDRAC name and iDRAC Domain name matches the Active Directory environment configuration if you are using extended schema.
This must be the host name (FQDN) or the IP address of the domain controller(s) that serves the domain in which the iDRAC object resides. When to configure Global Catalog Address(es)? If you are using standard schema and the users and role groups are from different domains, Global Catalog Address(es) are required. In this case, you can use only Universal Group. If you are using standard schema and all the users and role groups are in the same domain, Global Catalog Address(es) are not required.
• Security — Security groups allow you to manage user and computer access to shared resources and to filter group policy settings. • Distribution — Distribution groups are intended to be used only as email distribution lists. Always make sure that the group type is Security. You cannot use distribution groups to assign permission on any object, however use them to filter group policy settings. Single Sign-On SSO login fails on Windows Server 2008 R2 x64.
7. Navigate to HKEY_LOCAL_MACHINE → System → CurrentControlSet → Control → LSA . 8. In the right-pane, right-click and select New → DWORD (32-bit) Value. 9. Name the new key as SuppressExtendedProtection. 10. Right-click SuppressExtendedProtection and click Modify. 11. In the Value data field, type 1 and click OK. 12. Close the Registry Editor window. You can now log in to iDRAC using SSO.
It gives a local user an opportunity to take any action before the video is switched off. Is there a time delay when turning on the local video? No, after a local video turn ON request is received by iDRAC, the video is turned on instantly. Can the local user also turn off or turn on the video? When the local console is disabled, the local user cannot turn off or turn on the video. Does switching off the local video also switch off the local keyboard and mouse? No.
Before starting a Virtual Console session, make sure that the correct mouse is selected for your operating system. Make sure that the Single Cursor option under Tools in the iDRAC Virtual Console menu is selected on iDRAC Virtual Console client. The default is two cursor mode. Can a keyboard or mouse be used while installing a Microsoft operating system remotely through the Virtual Console? No.
You may see this message because a parameter necessary to capture video is beyond the range for which the iDRAC can capture the video. Parameters such as display resolution or refresh rate too high will cause and out of range condition. Normally, physical limitations such as video memory size or bandwidth sets the maximum range of parameters. When starting a Virtual Console session from iDRAC Web interface, why is an ActiveX security popup displayed? iDRAC may not be in the trusted site list.
1. Activate the magic key function on the remote Linux server. You can use the following command to activate it on the Linux terminal: echo 1 > /proc/sys/kernel/sysrq 2. Activate the keyboard pass-through mode of Active X Viewer. 3. Press Ctrl + Alt +Print Screen. 4. Release only Print Screen. 5. Press Print Screen+Ctrl+Alt. NOTE: The SysRq feature is currently not supported with Internet Explorer and Java.
iDRAC allows you to boot from the following bootable media: • CDROM/DVD Data media • ISO 9660 image • 1.44 Floppy disk or floppy image • A USB key that is recognized by the operating system as a removable disk • A USB key image How to make the USB key a bootable device? You can also boot with a Windows 98 startup disk and copy system files from the startup disk to the USB key.
6. At the Linux prompt, run the following command: mount /dev/sdx /mnt/CD where: /dev/sdx is the device name found in step 4 and /mnt/floppy is the mount point. Why are the virtual drives attached the server removed after performing a remote firmware update using the iDRAC Web interface? Firmware updates cause the iDRAC to reset, drop the remote connection, and unmount the virtual drives. The drives reappear when iDRAC reset is complete.
vFlash SD Card When is the vFlash SD card locked? The vFlash SD card is locked when an operation is in-progress. For example, during an initialize operation. SNMP Authentication Why is the message 'Remote Access: SNMP Authentication Failure' displayed? As part of discovery, IT Assistant attempts to verify the get and set community names of the device. In IT Assistant, you have the get community name = public and the set community name = private.
NOTE: Use the systemctl status dcismeng.service command instead of the init.d command to check if the iDRAC Service Module is installed on RedHat Enterprise Linux 7 operating system. How to check the version number of the iDRAC Service Module installed in the system? To check the version of the iDRAC Service Module in the system, do any of the following: • • Click Start → Control Panel → Programs and Features. The version of the installed iDRAC Service Module is listed in the Version tab.
• Delete the entries that are not required from the routing table to make sure that USB NIC is chosen by route when the host wants to reach the iDRAC USB NIC IPv4 address. When uninstalling iDRAC Service Module from a VMware ESXi server, the virtual switch is named as vSwitchiDRACvusb and port group as iDRAC Network on the Vsphere client.
• • Local RACADM error messages — Problems such as syntax, typographical errors, and incorrect names. Remote RACADM error messages — Problems such as incorrect IP Address, incorrect user name, or incorrect password. During a ping test to iDRAC, if the network mode is switched between Dedicated and Shared modes, there is no ping response. Clear the ARP table on your system. Remote RACADM fails to connect to iDRAC from SUSE Linux Enterprise Server (SLES) 11 SP1.
commands can be sent from this connection. See the iDRAC8 RACADM Command Line Interface Reference Guide for a complete list of CMC RACADM subcommands. From local RACADM, Use the command: racadm getsysinfo For example: $ racadm getniccfg -m server-1 DHCP Enabled = 1 IP Address = 192.168.0.1 Subnet Mask = 255.255.255.0 Gateway = 192.168.0.1 Using LCD: On the Main Menu, highlight the Server and press the check button and select the required server and press the check button.
For rack and tower servers: • In shared mode, make sure the LAN cable is connected to the NIC port where the wrench symbol is present. • In Dedicated mode, make sure the LAN cable is connected to the iDRAC LAN port. • Make sure that NIC settings, IPv4 and IPv6 settings and either Static or DHCP is enabled for your network. Inserted the blade server into the chassis and pressed the power switch, but it did not power on. • iDRAC requires up to two minutes to initialize before the server can power on.
Use Case Scenarios 25 This section helps you in navigating to specific sections in the guide to perform typical use case scenarios. Troubleshooting An Inaccessible Managed System After receiving alerts from OpenManage Essentials, Dell Management Console, or a local trap collector, five servers in a data center are not accessible with issues such as hanging operating system or server. Need to identify the cause to troubleshoot and bring up the server using iDRAC.
Inventory and Monitoring Storage Devices Using iDRAC Service Module Obtaining System Information and Assess System Health To obtain system information and assess system health: • In iDRAC Web interface, go to Overview → Server → System Summary to view the system information and access various links on this page to asses system health. For example, you can check the health of the chassis fan. • You can also configure the chassis locator LED and based on the color, assess the system health.
• CMC Web interface • Lifecycle Controller–Remote Services • Lifecycle Controller • Dell Remote Access Configuration Tool (DRACT) Performing Graceful Shutdown To perform graceful shutdown, in iDRAC Web interface, go to one of the following locations: • Overview → Server → Power/Thermal → Power Configuration → Power Control. The Power Control page is displayed. Select Graceful Shutdown and click Apply. • Overview → Server → Power/Thermal → Power Monitoring.
Managing Rack Density Suppose two servers are installed in a rack. To add two additional servers, need to determine how much capacity is left in the rack. To assess the capacity of a rack to add additional servers: 1. View the current power consumption data and historical power consumption data for the servers. 2. Based on the data, power infrastructure and cooling system limitations, enable the power cap policy and set the power cap values.
