Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC9 - 3.0x Series
41424344454647484950
Enabling Auto Config using iDRAC web interface
Make sure that DHCPv4 and the Enable IPv4 options are enabled and Auto-discovery is disabled.
To enable Auto Config:
1. In the iDRAC web interface, go to iDRAC Settings > Connectivity > Network > Auto Config.
The Network page is displayed.
2. In the Auto Config section, select one of the following options from the Enable DHCP Provisioning drop-down menu:
Enable Once — Configures the component only once using the SCP file referenced by the DHCP server. After this, Auto Config
is disabled.
Enable once after reset — After the iDRAC is reset, configures the components only once using the SCP file referenced by the
DHCP server. After this, Auto Config is disabled.
Disable — Disables the Auto Config feature.
3. Click Apply to apply the setting.
The network page automatically refreshes.
Enabling Auto Config using RACADM
To enable Auto Config feature using RACADM, use the iDRAC.NIC.AutoConfig object.
For more information, see the iDRAC RACADM CLI Guide available at www.dell.com/idracmanuals.
For more information on the Auto Config feature, see the Zero-Touch, bare-metal server provisioning using the Dell EMC iDRAC with
Lifecycle Controller Auto Config feature white paper available at the www.dell.com/support.
Using hash passwords for improved security
On PowerEdge servers with iDRAC version 3.00.00.00, you can set user passwords and BIOS passwords using a one-way hash format.
The user authentication mechanism is not affected (except for SNMPv3 and IPMI) and you can provide the password in plain text format.
With the new password hash feature:
You can generate your own SHA256 hashes to set iDRAC user passwords and BIOS passwords. This allows you to have the SHA256
values in the server configuration profile, RACADM, and WSMan. When you provide the SHA256 password values, you cannot
authenticate through SNMPv3 and IPMI.
NOTE:
Remote RACADM or WSMan or Redfish cannot be used for Hash password Configuration / Replacement for
IDRAC. You can use SCP for Hash Password Configuration / Replacement on Remote RACADM or WSMan or
Redfish.
You can set up a template server including all the iDRAC user accounts and BIOS passwords using the current plain text mechanism.
After the server is set up, you can export the server configuration profile with the password hash values. The export includes the hash
values required for SNMPv3 and IPMI authentication. After importing this profile, you must use the the latest Dell IPMI tool, if you use
an older tool, the IPMI authentication fails for the users who have the hashed password values set.
The other interfaces such as IDRAC GUI will show the user accounts enabled.
You can generate the hash password with and without Salt using SHA256.
You must have Server Control privileges to include and export hash passwords.
If access to all accounts is lost, use iDRAC Settings Utility or local RACADM and perform reset iDRAC to default task.
If the password of the iDRAC user account is set with the SHA256 password hash only and not the other hashes (SHA1v3Key or
MD5v3Key or IPMIKey), then authentication through SNMP v3 and IPMI is not available.
Hash password using RACADM
To set hash passwords, use the following objects with the set command:
iDRAC.Users.SHA256Password
iDRAC.Users.SHA256PasswordSalt
Use the following command to include the hash password in the exported server configuration profile:
racadm get -f <file name> -l <NFS / CIFS share> -u <username> -p <password> -t <filetype> --
includePH
50
Setting up managed system