Users Guide
Table Of Contents
- Integrated Dell Remote Access Controller 8 (iDRAC8) Version 2.05.05.05 User's Guide
- Contents
- Overview
- Benefits of Using iDRAC With Lifecycle Controller
- Key Features
- New In This Release
- How To Use This User's Guide
- Supported Web Browsers
- Managing Licenses
- Licensable Features In iDRAC8
- Interfaces and Protocols to Access iDRAC
- iDRAC Port Information
- Other Documents You May Need
- Social Media Reference
- Contacting Dell
- Accessing support content from the Dell EMC support site
- Logging into iDRAC
- Logging into iDRAC as Local User, Active Directory User, or LDAP User
- Logging into iDRAC Using Smart Card
- Logging into iDRAC Using Single Sign-on
- Accessing iDRAC Using Remote RACADM
- Accessing iDRAC Using Local RACADM
- Accessing iDRAC Using Firmware RACADM
- Accessing iDRAC Using SMCLP
- Logging in to iDRAC Using Public Key Authentication
- Multiple iDRAC Sessions
- Changing Default Login Password
- Enabling or Disabling Default Password Warning Message
- Setting Up Managed System and Management Station
- Setting Up iDRAC IP Address
- Setting Up Management Station
- Setting Up Managed System
- Configuring Supported Web Browsers
- Updating Device Firmware
- Downloading Device Firmware
- Updating Firmware Using iDRAC Web Interface
- Updating Device Firmware Using RACADM
- Scheduling Automatic Firmware Updates
- Updating Firmware Using CMC Web Interface
- Updating Firmware Using DUP
- Updating Firmware Using Remote RACADM
- Updating Firmware Using Lifecycle Controller Remote Services
- Updating CMC Firmware From iDRAC
- Viewing and Managing Staged Updates
- Rolling Back Device Firmware
- Backing Up Server Profile
- Importing Server Profile
- Monitoring iDRAC Using Other Systems Management Tools
- Configuring iDRAC
- Viewing iDRAC Information
- Modifying Network Settings
- Configuring Services
- Using VNC Client to Manage Remote Server
- Configuring Front Panel Display
- Configuring Time Zone and NTP
- Setting First Boot Device
- Enabling or Disabling OS to iDRAC Pass-through
- Obtaining Certificates
- Configuring Multiple iDRACs Using RACADM
- Disabling Access to Modify iDRAC Configuration Settings on Host System
- Viewing iDRAC and Managed System Information
- Viewing Managed System Health and Properties
- Viewing System Inventory
- Viewing Sensor Information
- Monitoring Performance Index of CPU, Memory, and I/O Modules
- Checking the System for Fresh Air Compliance
- Viewing Historical Temperature Data
- Viewing Network Interfaces Available On Host OS
- Viewing FlexAddress Mezzanine Card Fabric Connections
- Viewing or Terminating iDRAC Sessions
- Setting Up iDRAC Communication
- Communicating With iDRAC Through Serial Connection Using DB9 Cable
- Configuring BIOS For Serial Connection
- Enabling RAC Serial Connection
- Enabling IPMI Serial Connection Basic and Terminal Modes
- Switching Between RAC Serial and Serial Console While Using DB9 Cable
- Communicating With iDRAC Using IPMI SOL
- Communicating With iDRAC Using IPMI Over LAN
- Enabling or Disabling Remote RACADM
- Disabling Local RACADM
- Enabling IPMI on Managed System
- Configuring Linux for Serial Console During Boot
- Supported SSH Cryptography Schemes
- Communicating With iDRAC Through Serial Connection Using DB9 Cable
- Configuring User Accounts and Privileges
- Configuring Local Users
- Configuring Active Directory Users
- Prerequisites for Using Active Directory Authentication for iDRAC
- Supported Active Directory Authentication Mechanisms
- Standard Schema Active Directory Overview
- Configuring Standard Schema Active Directory
- Extended Schema Active Directory Overview
- Configuring Extended Schema Active Directory
- Extending Active Directory Schema
- Installing Dell Extension to the Active Directory Users and Computers Snap-In
- Adding iDRAC Users and Privileges to Active Directory
- Configuring Active Directory With Extended Schema Using iDRAC Web Interface
- Configuring Active Directory With Extended Schema Using RACADM
- Testing Active Directory Settings
- Configuring Generic LDAP Users
- Configuring iDRAC for Single Sign-On or Smart Card Login
- Prerequisites for Active Directory Single Sign-On or Smart Card Login
- Configuring iDRAC SSO Login for Active Directory Users
- Configuring iDRAC Smart Card Login for Local Users
- Configuring iDRAC Smart Card Login for Active Directory Users
- Enabling or Disabling Smart Card Login
- Configuring iDRAC to Send Alerts
- Managing Logs
- Monitoring and Managing Power
- Inventory, Monitoring, and Configuring Network Devices
- Inventory and Monitoring Network Devices
- Inventory and Monitoring FC HBA Devices
- Dynamic Configuration of Virtual Addresses, Initiator, and Storage Target Settings
- Managing Storage Devices
- Understanding RAID Concepts
- Supported Controllers
- Supported Enclosures
- Summary of Supported Features for Storage Devices
- Inventory and Monitoring Storage Devices
- Viewing Storage Device Topology
- Managing Physical Disks
- Managing Virtual Disks
- Managing Controllers
- Configuring Controller Properties
- Importing or Auto Importing Foreign Configuration
- Clearing Foreign Configuration
- Resetting Controller Configuration
- 12Gbps SAS HBA Adapter Operations
- Monitoring Predictive Failure Analysis On Drives
- Controller Operations in Non-RAID (HBA) Mode
- Running RAID Configuration Jobs On Multiple Storage Controllers
- Managing PCIe SSDs
- Managing Enclosures or Backplanes
- Choosing Operation Mode to Apply Settings
- Viewing and Applying Pending Operations
- Storage Devices — Apply Operation Scenarios
- Blinking or Unblinking Component LEDs
- Configuring and Using Virtual Console
- Supported Screen Resolutions and Refresh Rates
- Configuring Web Browsers to Use Virtual Console
- Configuring Virtual Console
- Previewing Virtual Console
- Launching Virtual Console
- Using Virtual Console Viewer
- Managing Virtual Media
- Installing and Using VMCLI Utility
- Managing vFlash SD Card
- Configuring vFlash SD Card
- Managing vFlash Partitions
- Using SMCLP
- Using iDRAC Service Module
- Using USB Port for Server Management
- Using iDRAC Quick Sync
- Deploying Operating Systems
- Troubleshooting Managed System Using iDRAC
- Using Diagnostic Console
- Viewing Post Codes
- Viewing Boot and Crash Capture Videos
- Viewing Logs
- Viewing Last System Crash Screen
- Viewing Front Panel Status
- Hardware Trouble Indicators
- Viewing System Health
- Generating Technical Support Report
- Checking Server Status Screen for Error Messages
- Restarting iDRAC
- Erasing System and User Data
- Resetting iDRAC to Factory Default Settings
- Frequently Asked Questions
- Use Case Scenarios
- Troubleshooting An Inaccessible Managed System
- Obtaining System Information and Assess System Health
- Setting Up Alerts and Configuring Email Alerts
- Viewing and Exporting Lifecycle Log and System Event Log
- Interfaces to Update iDRAC Firmware
- Performing Graceful Shutdown
- Creating New Administrator User Account
- Launching Server's Remote Console and Mounting a USB Drive
- Installing Bare Metal OS Using Attached Virtual Media and Remote File Share
- Managing Rack Density
- Installing New Electronic License
- Applying I/O Identity Configuration Settings for Multiple Network Cards in Single Host System Reboot
2. If DHCP is enabled on iDRAC and you want to use the DNS provided by the DHCP server, enter the following RACADM
commands:
● Using config command: racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 1
● Using set command: racadm set iDRAC.IPv4.DNSFromDHCP 1
3. If DHCP is disabled on iDRAC or you want manually input the DNS IP address, enter the following RACADM commands:
● Using config command:
racadm config -g cfgLanNetworking -o cfgDNSServersFromDHCP 0
racadm config -g cfgLanNetworking -o cfgDNSServer1 <primary DNS IP address>
racadm config -g cfgLanNetworking -o cfgDNSServer2 <secondary DNS IP address>
●
Using set command:
racadm set iDRAC.IPv4.DNSFromDHCP 0
racadm set iDRAC.IPv4.DNSFromDHCP.DNS1 <primary DNS IP address>
racadm set iDRAC.IPv4.DNSFromDHCP.DNS2 <secondary DNS IP address>
4. If you want to configure a list of user domains so that you only need to enter the user name when logging in to the Web
interface, enter the following command:
● Using config command: racadm config -g cfgUserDomain -o cfgUserDomainName <fully
qualified domain name or IP Address of the domain controller> -i <index>
● Using set command: racadm set iDRAC.UserDomain.<index>.Name <fully qualified domain name
or IP Address of the domain controller>
You can configure up to 40 user domains with index numbers between 1 and 40.
Extended Schema Active Directory Overview
Using the extended schema solution requires the Active Directory schema extension.
Active Directory Schema Extensions
The Active Directory data is a distributed database of attributes and classes. The Active Directory schema includes the rules
that determine the type of data that can be added or included in the database. The user class is one example of a class that
is stored in the database. Some example user class attributes can include the user’s first name, last name, phone number,
and so on. You can extend the Active Directory database by adding your own unique attributes and classes for specific
requirements. Dell has extended the schema to include the necessary changes to support remote management authentication
and authorization using Active Directory.
Each attribute or class that is added to an existing Active Directory Schema must be defined with a unique ID. To maintain
unique IDs across the industry, Microsoft maintains a database of Active Directory Object Identifiers (OIDs) so that when
companies add extensions to the schema, they can be guaranteed to be unique and not to conflict with each other. To extend
the schema in Microsoft's Active Directory, Dell received unique OIDs, unique name extensions, and uniquely linked attribute IDs
for the attributes and classes that are added into the directory service:
● Extension is: dell
● Base OID is: 1.2.840.113556.1.8000.1280
● RAC LinkID range is: 12070 to 12079
Overview of iDRAC Schema Extensions
Dell has extended the schema to include an Association, Device, and Privilege property. The Association property is used to
link together the users or groups with a specific set of privileges to one or more iDRAC devices. This model provides an
administrator maximum flexibility over the different combinations of users, iDRAC privileges, and iDRAC devices on the network
without much complexity.
For each physical iDRAC device on the network that you want to integrate with Active Directory for authentication and
authorization, create at least one association object and one iDRAC device object. You can create multiple association objects,
and each association object can be linked to as many users, groups of users, or iDRAC device objects as required. The users and
iDRAC user groups can be members of any domain in the enterprise.
124
Configuring User Accounts and Privileges