Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC8 with Lifecycle Controller Version 2.05.05.05

271

272

273

274

275

276

277

278

279

280

Table Of Contents

Integrated Dell Remote Access Controller 8 (iDRAC8) Version 2.05.05.05 User's Guide
Contents
Overview
- Benefits of Using iDRAC With Lifecycle Controller
- Key Features
- New In This Release
- How To Use This User's Guide
- Supported Web Browsers
- Managing Licenses
- Licensable Features In iDRAC8
- Interfaces and Protocols to Access iDRAC
- iDRAC Port Information
- Other Documents You May Need
- Social Media Reference
- Contacting Dell
- Accessing support content from the Dell EMC support site
Logging into iDRAC
- Logging into iDRAC as Local User, Active Directory User, or LDAP User
- Logging into iDRAC Using Smart Card
  - Logging Into iDRAC as a Local User Using Smart Card
  - Logging Into iDRAC as an Active Directory User Using Smart Card
- Logging into iDRAC Using Single Sign-on
  - Logging into iDRAC SSO Using iDRAC Web Interface
  - Logging into iDRAC SSO Using CMC Web Interface
- Accessing iDRAC Using Remote RACADM
  - Validating CA Certificate To Use Remote RACADM on Linux
- Accessing iDRAC Using Local RACADM
- Accessing iDRAC Using Firmware RACADM
- Accessing iDRAC Using SMCLP
- Logging in to iDRAC Using Public Key Authentication
- Multiple iDRAC Sessions
- Changing Default Login Password
- Enabling or Disabling Default Password Warning Message
  - Enabling or Disabling Default Password Warning Message Using Web Interface
  - Enabling or Disabling Warning Message to Change Default Login Password Using RACADM
Setting Up Managed System and Management Station
- Setting Up iDRAC IP Address
- Setting Up Management Station
  - Accessing iDRAC Remotely
- Setting Up Managed System
- Configuring Supported Web Browsers
- Updating Device Firmware
- Viewing and Managing Staged Updates
  - Viewing and Managing Staged Updates Using iDRAC Web interface
  - Viewing and Managing Staged Updates Using RACADM
- Rolling Back Device Firmware
- Backing Up Server Profile
- Importing Server Profile
- Monitoring iDRAC Using Other Systems Management Tools
Configuring iDRAC
- Viewing iDRAC Information
  - Viewing iDRAC Information Using Web Interface
  - Viewing iDRAC Information Using RACADM
- Modifying Network Settings
- Configuring Services
- Using VNC Client to Manage Remote Server
- Configuring Front Panel Display
  - Configuring LCD Setting
  - Configuring System ID LED Setting
    - Configuring System ID LED Setting Using Web Interface
    - Configuring System ID LED Setting Using RACADM
- Configuring Time Zone and NTP
  - Configuring Time Zone and NTP Using iDRAC Web Interface
  - Configuring Time Zone and NTP Using RACADM
- Setting First Boot Device
- Enabling or Disabling OS to iDRAC Pass-through
- Obtaining Certificates
- Configuring Multiple iDRACs Using RACADM
- Disabling Access to Modify iDRAC Configuration Settings on Host System
Viewing iDRAC and Managed System Information
- Viewing Managed System Health and Properties
- Viewing System Inventory
- Viewing Sensor Information
- Monitoring Performance Index of CPU, Memory, and I/O Modules
  - Monitoring Performance Index for of CPU, Memory, and I/O Modules Using Web Interface
  - Monitoring Performance Index for of CPU, Memory, and I/O Modules Using RACADM
- Checking the System for Fresh Air Compliance
- Viewing Historical Temperature Data
- Viewing Network Interfaces Available On Host OS
  - Viewing Network Interfaces Available on Host OS Using Web Interface
  - Viewing Network Interfaces Available on Host OS Using RACADM
- Viewing FlexAddress Mezzanine Card Fabric Connections
- Viewing or Terminating iDRAC Sessions
  - Terminating iDRAC Sessions Using Web Interface
  - Terminating iDRAC Sessions Using RACADM
Setting Up iDRAC Communication
- Communicating With iDRAC Through Serial Connection Using DB9 Cable
- Switching Between RAC Serial and Serial Console While Using DB9 Cable
  - Switching From Serial Console to RAC Serial
  - Switching From RAC Serial to Serial Console
- Communicating With iDRAC Using IPMI SOL
- Communicating With iDRAC Using IPMI Over LAN
- Enabling or Disabling Remote RACADM
  - Enabling or Disabling Remote RACADM Using Web Interface
  - Enabling or Disabling Remote RACADM Using RACADM
- Disabling Local RACADM
- Enabling IPMI on Managed System
- Configuring Linux for Serial Console During Boot
  - Enabling Login to the Virtual Console After Boot
- Supported SSH Cryptography Schemes
  - Using Public Key Authentication For SSH
Configuring User Accounts and Privileges
- Configuring Local Users
  - Configuring Local Users Using iDRAC Web Interface
  - Configuring Local Users Using RACADM
    - Adding iDRAC User Using RACADM
    - Enabling iDRAC User With Permissions
- Configuring Active Directory Users
- Configuring Generic LDAP Users
Configuring iDRAC for Single Sign-On or Smart Card Login
- Prerequisites for Active Directory Single Sign-On or Smart Card Login
- Configuring iDRAC SSO Login for Active Directory Users
  - Configuring iDRAC SSO Login for Active Directory Users Using Web Interface
  - Configuring iDRAC SSO Login for Active Directory Users Using RACADM
- Configuring iDRAC Smart Card Login for Local Users
  - Uploading Smart Card User Certificate
    - Uploading Smart Card User Certificate Using Web Interface
    - Uploading Smart Card User Certificate Using RACADM
  - Uploading Trusted CA Certificate For Smart Card
    - Uploading Trusted CA Certificate For Smart Card Using Web Interface
    - Uploading Trusted CA Certificate For Smart Card Using RACADM
- Configuring iDRAC Smart Card Login for Active Directory Users
- Enabling or Disabling Smart Card Login
Configuring iDRAC to Send Alerts
- Enabling or Disabling Alerts
- Filtering Alerts
  - Filtering Alerts Using iDRAC Web Interface
  - Filtering Alerts Using RACADM
- Setting Event Alerts
  - Setting Event Alerts Using Web Interface
  - Setting Event Alerts Using RACADM
- Setting Alert Recurrence Event
  - Setting Alert Recurrence Events Using iDRAC Web Interface
  - Setting Alert Recurrence Events Using RACADM
- Setting Event Actions
  - Setting Event Actions Using Web Interface
  - Setting Event Actions Using RACADM
- Configuring Email Alert, SNMP Trap, or IPMI Trap Settings
  - Configuring IP Alert Destinations
  - Configuring Email Alert Settings
- Configuring WS Eventing
- Alerts Message IDs
Managing Logs
- Viewing System Event Log
- Viewing Lifecycle Log
  - Viewing Lifecycle Log Using Web Interface
    - Filtering Lifecycle Logs
    - Adding Comments to Lifecycle Logs
  - Viewing Lifecycle Log Using RACADM
- Exporting Lifecycle Controller Logs
  - Exporting Lifecycle Controller Logs Using Web Interface
  - Exporting Lifecycle Controller Logs Using RACADM
- Adding Work Notes
- Configuring Remote System Logging
  - Configuring Remote System Logging Using Web Interface
  - Configuring Remote System Logging Using RACADM
Monitoring and Managing Power
- Monitoring Power
  - Monitoring Power Using Web Interface
  - Monitoring Power Using RACADM
- Setting Warning Threshold for Power Consumption
  - Setting Warning Threshold for Power Consumption Using Web Interface
- Executing Power Control Operations
  - Executing Power Control Operations Using Web Interface
  - Executing Power Control Operations Using RACADM
- Power Capping
  - Power Capping in Blade Servers
  - Viewing and Configuring Power Cap Policy
- Configuring Power Supply Options
- Enabling or Disabling Power Button
Inventory, Monitoring, and Configuring Network Devices
- Inventory and Monitoring Network Devices
  - Monitoring Network Devices Using Web Interface
  - Monitoring Network Devices Using RACADM
- Inventory and Monitoring FC HBA Devices
  - Monitoring FC HBA Devices Using Web Interface
  - Monitoring FC HBA Devices Using RACADM
- Dynamic Configuration of Virtual Addresses, Initiator, and Storage Target Settings
Managing Storage Devices
- Understanding RAID Concepts
- Supported Controllers
- Supported Enclosures
- Summary of Supported Features for Storage Devices
- Inventory and Monitoring Storage Devices
- Viewing Storage Device Topology
- Managing Physical Disks
- Managing Virtual Disks
- Managing Controllers
- Managing PCIe SSDs
- Managing Enclosures or Backplanes
- Choosing Operation Mode to Apply Settings
  - Choosing Operation Mode Using Web Interface
  - Choosing Operation Mode Using RACADM
- Viewing and Applying Pending Operations
  - Viewing, Applying, or Deleting Pending Operations Using Web Interface
  - Viewing and Applying Pending Operations Using RACADM
- Storage Devices — Apply Operation Scenarios
- Blinking or Unblinking Component LEDs
  - Blinking or Unblinking Component LEDs Using Web Interface
  - Blinking or Unblinking Component LEDs Using RACADM
Configuring and Using Virtual Console
- Supported Screen Resolutions and Refresh Rates
- Configuring Web Browsers to Use Virtual Console
- Configuring Virtual Console
  - Configuring Virtual Console Using Web Interface
  - Configuring Virtual Console Using RACADM
- Previewing Virtual Console
- Launching Virtual Console
- Using Virtual Console Viewer
  - Synchronizing Mouse Pointers
  - Passing All Keystrokes Through Virtual Console
Managing Virtual Media
- Supported Drives and Devices
- Configuring Virtual Media
- Accessing Virtual Media
- Setting Boot Order Through BIOS
- Enabling Boot Once for Virtual Media
Installing and Using VMCLI Utility
- Installing VMCLI
- Running VMCLI Utility
- VMCLI Syntax
  - VMCLI Commands to Access Virtual Media
  - VMCLI Operating System Shell Options
Managing vFlash SD Card
- Configuring vFlash SD Card
- Managing vFlash Partitions
Using SMCLP
- System Management Capabilities Using SMCLP
- Running SMCLP Commands
- iDRAC SMCLP Syntax
- Navigating the MAP Address Space
- Using Show Verb
- Usage Examples
Using iDRAC Service Module
- Installing iDRAC Service Module
- Supported Operating Systems for iDRAC Service Module
- iDRAC Service Module Monitoring Features
- Using iDRAC Service Module From iDRAC Web Interface
- Using iDRAC Service Module From RACADM
Using USB Port for Server Management
- Accessing iDRAC Interface over Direct USB Connection
- Configuring iDRAC Using Server Configuration Profile on USB Device
  - Configuring USB Management Port Settings
  - Importing Server Configuration Profile From USB Device
Using iDRAC Quick Sync
- Configuring iDRAC Quick Sync
- Using Mobile Device to View iDRAC Information
Deploying Operating Systems
- Deploying Operating System Using VMCLI
- Deploying Operating System Using Remote File Share
- Deploying Operating System Using Virtual Media
  - Installing Operating System From Multiple Disks
- Deploying Embedded Operating System On SD Card
  - Enabling SD Module and Redundancy in BIOS
    - About IDSDM
Troubleshooting Managed System Using iDRAC
- Using Diagnostic Console
  - Scheduling Remote Automated Diagnostics
  - Scheduling Remote Automated Diagnostics Using RACADM
- Viewing Post Codes
- Viewing Boot and Crash Capture Videos
  - Configuring Video Capture Settings
- Viewing Logs
- Viewing Last System Crash Screen
- Viewing Front Panel Status
  - Viewing System Front Panel LCD Status
  - Viewing System Front Panel LED Status
- Hardware Trouble Indicators
- Viewing System Health
- Generating Technical Support Report
  - Generating Technical Support Report Automatically
    - Generating Tech Support Report Automatically Using iDRAC Web Interface
  - Generating Technical Support Report Manually
    - Generating Technical Support Report Manually Using iDRAC Web Interface
    - Generating Technical Support Report Manually Using RACADM
- Checking Server Status Screen for Error Messages
- Restarting iDRAC
  - Resetting iDRAC Using iDRAC Web Interface
  - Resetting iDRAC Using RACADM
- Erasing System and User Data
- Resetting iDRAC to Factory Default Settings
  - Resetting iDRAC to Factory Default Settings Using iDRAC Web Interface
  - Resetting iDRAC to Factory Default Settings Using iDRAC Settings Utility
Frequently Asked Questions
- System Event Log
- Network Security
- Active Directory
- Single Sign-On
- Smart Card Login
- Virtual Console
- Virtual Media
- vFlash SD Card
- SNMP Authentication
- Storage Devices
- iDRAC Service Module
- RACADM
- Miscellaneous
Use Case Scenarios
- Troubleshooting An Inaccessible Managed System
- Obtaining System Information and Assess System Health
- Setting Up Alerts and Configuring Email Alerts
- Viewing and Exporting Lifecycle Log and System Event Log
- Interfaces to Update iDRAC Firmware
- Performing Graceful Shutdown
- Creating New Administrator User Account
- Launching Server's Remote Console and Mounting a USB Drive
- Installing Bare Metal OS Using Attached Virtual Media and Remote File Share
- Managing Rack Density
- Installing New Electronic License
- Applying I/O Identity Configuration Settings for Multiple Network Cards in Single Host System Reboot

iDRAC includes a default iDRAC server certificate to ensure network security while accessing through the Web-based interface

and remote RACADM. This certificate is not issued by a trusted CA. To resolve this, upload a iDRAC server certificate issued by

a trusted CA (for example, Microsoft Certificate Authority, Thawte or Verisign).

Why the DNS server not registering iDRAC?

Some DNS servers register iDRAC names that contain only up to 31 characters.

When accessing the iDRAC Web-based interface, a security warning is displayed stating that the SSL certificate

host name does not match the iDRAC host name.

iDRAC includes a default iDRAC server certificate to ensure network security while accessing through the Web-based interface

and remote RACADM. When this certificate is used, the Web browser displays a security warning because the default certificate

that is issued to iDRAC does not match the iDRAC host name (for example, the IP address).

To resolve this, upload an iDRAC server certificate issued to the IP address or the iDRAC host name. When generating the

CSR (used for issuing the certificate), make sure that the common name (CN) of the CSR matches the iDRAC IP address (if

certificate issued to IP) or the registered DNS iDRAC name (if certificate is issued to iDRAC registered name).

To make sure that the CSR matches the registered DNS iDRAC name:

1. In iDRAC Web interface, go to Overview > iDRAC Settings > Network. The Network page is displayed.

2. In the Common Settings section:

● Select the Register iDRAC on DNS option.

● In the DNS iDRAC Name field, enter the iDRAC name.

3. Click Apply.

Active Directory

Active Directory login failed. How to resolve this?

To diagnose the problem, on the Active Directory Configuration and Management page, click Test Settings. Review the

test results and fix the problem. Change the configuration and run the test until the test user passes the authorization step.

In general, check the following:

● While logging in, make sure that you use the correct user domain name and not the NetBIOS name. If you have a local iDRAC

user account, log into iDRAC using the local credentials. After logging in, make sure that:

○ The Active Directory Enabled option is selected on the Active Directory Configuration and Management page.

○ The DNS setting is correct on the iDRAC Networking configuration page.

○ The correct Active Directory root CA certificate is uploaded to iDRAC if certificate validation was enabled.

○ The iDRAC name and iDRAC Domain name matches the Active Directory environment configuration if you are using

extended schema.

○ The Group Name and Group Domain Name matches the Active Directory configuration if you are using standard schema.

○ If the user and the iDRAC object is in different domain, then do not select the User Domain from Login option. Instead

select Specify a Domain option and enter the domain name where the iDRAC object resides.

● Check the domain controller SSL certificates to make sure that the iDRAC time is within the valid period of the certificate.

Active Directory login fails even if certificate validation is enabled. The test results display the following error

message. Why does this occur and how to resolve this?

ERROR: Can't contact LDAP server, error:14090086:SSL

routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed: Please check the correct

Certificate Authority (CA) certificate has been uploaded to iDRAC. Please also check

if the iDRAC date is within the valid period of the certificates and if the Domain

Controller Address configured in iDRAC matches the subject of the Directory Server

Certificate.

If certificate validation is enabled, when iDRAC establishes the SSL connection with the directory server, iDRAC uses the

uploaded CA certificate to verify the directory server certificate. The most common reasons for failing certification validation

are:

● iDRAC date is not within the validity period of the server certificate or CA certificate. Check the iDRAC time and the validity

period of your certificate.

● The domain controller addresses configured in iDRAC does not match the Subject or Subject Alternative Name of the

directory server certificate. If you are using an IP address, read the next question. If you are using FQDN, make sure

you are using the FQDN of the domain controller and not the domain. For example, servername.example.com instead of

example.com.

Frequently Asked Questions

275