Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC8 with Lifecycle Controller Version 2.05.05.05

271

272

273

274

275

276

277

278

279

280

Table Of Contents

Integrated Dell Remote Access Controller 8 (iDRAC8) Version 2.05.05.05 User's Guide
Contents
Overview
- Benefits of Using iDRAC With Lifecycle Controller
- Key Features
- New In This Release
- How To Use This User's Guide
- Supported Web Browsers
- Managing Licenses
- Licensable Features In iDRAC8
- Interfaces and Protocols to Access iDRAC
- iDRAC Port Information
- Other Documents You May Need
- Social Media Reference
- Contacting Dell
- Accessing support content from the Dell EMC support site
Logging into iDRAC
- Logging into iDRAC as Local User, Active Directory User, or LDAP User
- Logging into iDRAC Using Smart Card
  - Logging Into iDRAC as a Local User Using Smart Card
  - Logging Into iDRAC as an Active Directory User Using Smart Card
- Logging into iDRAC Using Single Sign-on
  - Logging into iDRAC SSO Using iDRAC Web Interface
  - Logging into iDRAC SSO Using CMC Web Interface
- Accessing iDRAC Using Remote RACADM
  - Validating CA Certificate To Use Remote RACADM on Linux
- Accessing iDRAC Using Local RACADM
- Accessing iDRAC Using Firmware RACADM
- Accessing iDRAC Using SMCLP
- Logging in to iDRAC Using Public Key Authentication
- Multiple iDRAC Sessions
- Changing Default Login Password
- Enabling or Disabling Default Password Warning Message
  - Enabling or Disabling Default Password Warning Message Using Web Interface
  - Enabling or Disabling Warning Message to Change Default Login Password Using RACADM
Setting Up Managed System and Management Station
- Setting Up iDRAC IP Address
- Setting Up Management Station
  - Accessing iDRAC Remotely
- Setting Up Managed System
- Configuring Supported Web Browsers
- Updating Device Firmware
- Viewing and Managing Staged Updates
  - Viewing and Managing Staged Updates Using iDRAC Web interface
  - Viewing and Managing Staged Updates Using RACADM
- Rolling Back Device Firmware
- Backing Up Server Profile
- Importing Server Profile
- Monitoring iDRAC Using Other Systems Management Tools
Configuring iDRAC
- Viewing iDRAC Information
  - Viewing iDRAC Information Using Web Interface
  - Viewing iDRAC Information Using RACADM
- Modifying Network Settings
- Configuring Services
- Using VNC Client to Manage Remote Server
- Configuring Front Panel Display
  - Configuring LCD Setting
  - Configuring System ID LED Setting
    - Configuring System ID LED Setting Using Web Interface
    - Configuring System ID LED Setting Using RACADM
- Configuring Time Zone and NTP
  - Configuring Time Zone and NTP Using iDRAC Web Interface
  - Configuring Time Zone and NTP Using RACADM
- Setting First Boot Device
- Enabling or Disabling OS to iDRAC Pass-through
- Obtaining Certificates
- Configuring Multiple iDRACs Using RACADM
- Disabling Access to Modify iDRAC Configuration Settings on Host System
Viewing iDRAC and Managed System Information
- Viewing Managed System Health and Properties
- Viewing System Inventory
- Viewing Sensor Information
- Monitoring Performance Index of CPU, Memory, and I/O Modules
  - Monitoring Performance Index for of CPU, Memory, and I/O Modules Using Web Interface
  - Monitoring Performance Index for of CPU, Memory, and I/O Modules Using RACADM
- Checking the System for Fresh Air Compliance
- Viewing Historical Temperature Data
- Viewing Network Interfaces Available On Host OS
  - Viewing Network Interfaces Available on Host OS Using Web Interface
  - Viewing Network Interfaces Available on Host OS Using RACADM
- Viewing FlexAddress Mezzanine Card Fabric Connections
- Viewing or Terminating iDRAC Sessions
  - Terminating iDRAC Sessions Using Web Interface
  - Terminating iDRAC Sessions Using RACADM
Setting Up iDRAC Communication
- Communicating With iDRAC Through Serial Connection Using DB9 Cable
- Switching Between RAC Serial and Serial Console While Using DB9 Cable
  - Switching From Serial Console to RAC Serial
  - Switching From RAC Serial to Serial Console
- Communicating With iDRAC Using IPMI SOL
- Communicating With iDRAC Using IPMI Over LAN
- Enabling or Disabling Remote RACADM
  - Enabling or Disabling Remote RACADM Using Web Interface
  - Enabling or Disabling Remote RACADM Using RACADM
- Disabling Local RACADM
- Enabling IPMI on Managed System
- Configuring Linux for Serial Console During Boot
  - Enabling Login to the Virtual Console After Boot
- Supported SSH Cryptography Schemes
  - Using Public Key Authentication For SSH
Configuring User Accounts and Privileges
- Configuring Local Users
  - Configuring Local Users Using iDRAC Web Interface
  - Configuring Local Users Using RACADM
    - Adding iDRAC User Using RACADM
    - Enabling iDRAC User With Permissions
- Configuring Active Directory Users
- Configuring Generic LDAP Users
Configuring iDRAC for Single Sign-On or Smart Card Login
- Prerequisites for Active Directory Single Sign-On or Smart Card Login
- Configuring iDRAC SSO Login for Active Directory Users
  - Configuring iDRAC SSO Login for Active Directory Users Using Web Interface
  - Configuring iDRAC SSO Login for Active Directory Users Using RACADM
- Configuring iDRAC Smart Card Login for Local Users
  - Uploading Smart Card User Certificate
    - Uploading Smart Card User Certificate Using Web Interface
    - Uploading Smart Card User Certificate Using RACADM
  - Uploading Trusted CA Certificate For Smart Card
    - Uploading Trusted CA Certificate For Smart Card Using Web Interface
    - Uploading Trusted CA Certificate For Smart Card Using RACADM
- Configuring iDRAC Smart Card Login for Active Directory Users
- Enabling or Disabling Smart Card Login
Configuring iDRAC to Send Alerts
- Enabling or Disabling Alerts
- Filtering Alerts
  - Filtering Alerts Using iDRAC Web Interface
  - Filtering Alerts Using RACADM
- Setting Event Alerts
  - Setting Event Alerts Using Web Interface
  - Setting Event Alerts Using RACADM
- Setting Alert Recurrence Event
  - Setting Alert Recurrence Events Using iDRAC Web Interface
  - Setting Alert Recurrence Events Using RACADM
- Setting Event Actions
  - Setting Event Actions Using Web Interface
  - Setting Event Actions Using RACADM
- Configuring Email Alert, SNMP Trap, or IPMI Trap Settings
  - Configuring IP Alert Destinations
  - Configuring Email Alert Settings
- Configuring WS Eventing
- Alerts Message IDs
Managing Logs
- Viewing System Event Log
- Viewing Lifecycle Log
  - Viewing Lifecycle Log Using Web Interface
    - Filtering Lifecycle Logs
    - Adding Comments to Lifecycle Logs
  - Viewing Lifecycle Log Using RACADM
- Exporting Lifecycle Controller Logs
  - Exporting Lifecycle Controller Logs Using Web Interface
  - Exporting Lifecycle Controller Logs Using RACADM
- Adding Work Notes
- Configuring Remote System Logging
  - Configuring Remote System Logging Using Web Interface
  - Configuring Remote System Logging Using RACADM
Monitoring and Managing Power
- Monitoring Power
  - Monitoring Power Using Web Interface
  - Monitoring Power Using RACADM
- Setting Warning Threshold for Power Consumption
  - Setting Warning Threshold for Power Consumption Using Web Interface
- Executing Power Control Operations
  - Executing Power Control Operations Using Web Interface
  - Executing Power Control Operations Using RACADM
- Power Capping
  - Power Capping in Blade Servers
  - Viewing and Configuring Power Cap Policy
- Configuring Power Supply Options
- Enabling or Disabling Power Button
Inventory, Monitoring, and Configuring Network Devices
- Inventory and Monitoring Network Devices
  - Monitoring Network Devices Using Web Interface
  - Monitoring Network Devices Using RACADM
- Inventory and Monitoring FC HBA Devices
  - Monitoring FC HBA Devices Using Web Interface
  - Monitoring FC HBA Devices Using RACADM
- Dynamic Configuration of Virtual Addresses, Initiator, and Storage Target Settings
Managing Storage Devices
- Understanding RAID Concepts
- Supported Controllers
- Supported Enclosures
- Summary of Supported Features for Storage Devices
- Inventory and Monitoring Storage Devices
- Viewing Storage Device Topology
- Managing Physical Disks
- Managing Virtual Disks
- Managing Controllers
- Managing PCIe SSDs
- Managing Enclosures or Backplanes
- Choosing Operation Mode to Apply Settings
  - Choosing Operation Mode Using Web Interface
  - Choosing Operation Mode Using RACADM
- Viewing and Applying Pending Operations
  - Viewing, Applying, or Deleting Pending Operations Using Web Interface
  - Viewing and Applying Pending Operations Using RACADM
- Storage Devices — Apply Operation Scenarios
- Blinking or Unblinking Component LEDs
  - Blinking or Unblinking Component LEDs Using Web Interface
  - Blinking or Unblinking Component LEDs Using RACADM
Configuring and Using Virtual Console
- Supported Screen Resolutions and Refresh Rates
- Configuring Web Browsers to Use Virtual Console
- Configuring Virtual Console
  - Configuring Virtual Console Using Web Interface
  - Configuring Virtual Console Using RACADM
- Previewing Virtual Console
- Launching Virtual Console
- Using Virtual Console Viewer
  - Synchronizing Mouse Pointers
  - Passing All Keystrokes Through Virtual Console
Managing Virtual Media
- Supported Drives and Devices
- Configuring Virtual Media
- Accessing Virtual Media
- Setting Boot Order Through BIOS
- Enabling Boot Once for Virtual Media
Installing and Using VMCLI Utility
- Installing VMCLI
- Running VMCLI Utility
- VMCLI Syntax
  - VMCLI Commands to Access Virtual Media
  - VMCLI Operating System Shell Options
Managing vFlash SD Card
- Configuring vFlash SD Card
- Managing vFlash Partitions
Using SMCLP
- System Management Capabilities Using SMCLP
- Running SMCLP Commands
- iDRAC SMCLP Syntax
- Navigating the MAP Address Space
- Using Show Verb
- Usage Examples
Using iDRAC Service Module
- Installing iDRAC Service Module
- Supported Operating Systems for iDRAC Service Module
- iDRAC Service Module Monitoring Features
- Using iDRAC Service Module From iDRAC Web Interface
- Using iDRAC Service Module From RACADM
Using USB Port for Server Management
- Accessing iDRAC Interface over Direct USB Connection
- Configuring iDRAC Using Server Configuration Profile on USB Device
  - Configuring USB Management Port Settings
  - Importing Server Configuration Profile From USB Device
Using iDRAC Quick Sync
- Configuring iDRAC Quick Sync
- Using Mobile Device to View iDRAC Information
Deploying Operating Systems
- Deploying Operating System Using VMCLI
- Deploying Operating System Using Remote File Share
- Deploying Operating System Using Virtual Media
  - Installing Operating System From Multiple Disks
- Deploying Embedded Operating System On SD Card
  - Enabling SD Module and Redundancy in BIOS
    - About IDSDM
Troubleshooting Managed System Using iDRAC
- Using Diagnostic Console
  - Scheduling Remote Automated Diagnostics
  - Scheduling Remote Automated Diagnostics Using RACADM
- Viewing Post Codes
- Viewing Boot and Crash Capture Videos
  - Configuring Video Capture Settings
- Viewing Logs
- Viewing Last System Crash Screen
- Viewing Front Panel Status
  - Viewing System Front Panel LCD Status
  - Viewing System Front Panel LED Status
- Hardware Trouble Indicators
- Viewing System Health
- Generating Technical Support Report
  - Generating Technical Support Report Automatically
    - Generating Tech Support Report Automatically Using iDRAC Web Interface
  - Generating Technical Support Report Manually
    - Generating Technical Support Report Manually Using iDRAC Web Interface
    - Generating Technical Support Report Manually Using RACADM
- Checking Server Status Screen for Error Messages
- Restarting iDRAC
  - Resetting iDRAC Using iDRAC Web Interface
  - Resetting iDRAC Using RACADM
- Erasing System and User Data
- Resetting iDRAC to Factory Default Settings
  - Resetting iDRAC to Factory Default Settings Using iDRAC Web Interface
  - Resetting iDRAC to Factory Default Settings Using iDRAC Settings Utility
Frequently Asked Questions
- System Event Log
- Network Security
- Active Directory
- Single Sign-On
- Smart Card Login
- Virtual Console
- Virtual Media
- vFlash SD Card
- SNMP Authentication
- Storage Devices
- iDRAC Service Module
- RACADM
- Miscellaneous
Use Case Scenarios
- Troubleshooting An Inaccessible Managed System
- Obtaining System Information and Assess System Health
- Setting Up Alerts and Configuring Email Alerts
- Viewing and Exporting Lifecycle Log and System Event Log
- Interfaces to Update iDRAC Firmware
- Performing Graceful Shutdown
- Creating New Administrator User Account
- Launching Server's Remote Console and Mounting a USB Drive
- Installing Bare Metal OS Using Attached Virtual Media and Remote File Share
- Managing Rack Density
- Installing New Electronic License
- Applying I/O Identity Configuration Settings for Multiple Network Cards in Single Host System Reboot

1. Run the technet.microsoft.com/en-us/library/dd560670(WS.10).aspx for the domain controller and domain policy.

2. Configure the computers to use the DES-CBC-MD5 cipher suite.

These settings may affect compatibility with client computers or services and applications in your environment. The

Configure encryption types allowed for Kerberos policy setting is located at Computer Configuration > Security Settings

> Local Policies > Security Options.

3. Make sure that the domain clients have the updated GPO.

4. At the command line, type gpupdate /force and delete the old key tab with klist purge command.

5. After the GPO is updated, create the new keytab.

6. Upload the keytab to iDRAC.

You can now log in to iDRAC using SSO.

Why does SSO login fail with Active Directory users on Windows 7 and Windows Server 2008 R2?

You must enable the encryption types for Windows 7 and Windows Server 2008 R2. To enable the encryption types:

1. Log in as administrator or as a user with administrative privilege.

2. Go to Start and run gpedit.msc. The Local Group Policy Editor window is displayed.

3. Go to Local Computer Settings > Windows Settings > Security Settings > Local Policies > Security Options.

4. Right-click Network Security: Configure encryption types allowed for kerberos and select Properties.

5. Enable all the options.

6. Click OK. You can now log in to iDRAC using SSO.

Perform the following additional settings for Extended Schema:

1. In the Local Group Policy Editor window, navigate to Local Computer Settings > Windows Settings > Security

Settings > Local Policies > Security Options .

2. Right-click Network Security: Restrict NTLM: Outgoing NTLM traffic to remote server and select Properties.

3. Select Allow all, click OK, and close the Local Group Policy Editor window.

4. Go to Start and run cmd. The command prompt window is displayed.

5. Run the command gpupdate /force. The group policies are updated. Close the command prompt window.

6. Go to Start and run regedit. The Registry Editor window is displayed.

7. Navigate to HKEY_LOCAL_MACHINE > System > CurrentControlSet > Control > LSA .

8. In the right-pane, right-click and select New > DWORD (32-bit) Value.

9. Name the new key as SuppressExtendedProtection.

10. Right-click SuppressExtendedProtection and click Modify.

11. In the Value data field, type 1 and click OK.

12. Close the Registry Editor window. You can now log in to iDRAC using SSO.

If you have enabled SSO for iDRAC and you are using Internet Explorer to log in to iDRAC, SSO fails and you are

prompted to enter your user name and password. How to resolve this?

Make sure that the iDRAC IP address is listed in the Tools > Internet Options > Security > Trusted sites. If it is not listed,

SSO fails and you are prompted to enter your user name and password. Click Cancel and proceed.

Smart Card Login

It takes up to four minutes to log into iDRAC using Active Directory Smart Card login.

The normal Active Directory Smart Card login normally takes less than 10 seconds, however it may take up to four minutes if you

have specified the preferred DNS server and the alternate DNS server in the Network page, and the preferred DNS server has

failed. DNS time-outs are expected when a DNS server is down. iDRAC logs you in using the alternate DNS server.

ActiveX plug-in unable to detect the Smart Card reader.

Make sure that the smart card is supported on the Microsoft Windows operating system. Windows supports a limited number of

smart card Cryptographic Service Providers (CSPs).

In general, check if the smart card CSPs are present on a particular client, insert the smart card in the reader at the Windows

logon (Ctrl-Alt-Del) screen and check if Windows detects the smart card and displays the PIN dialog-box.

Incorrect Smart Card PIN.

Check if the smart card is locked due to too many attempts with an incorrect PIN. In such cases, contact the smart card issuer

in the organization to get a new smart card.

Frequently Asked Questions

277