manualshive.com logo in svg

Dell iDRAC 7, User Manual, Page: 291 / 309

Share
Download
Dell iDRAC 7 User Manual Download Page 291

When accessing the iDRAC Web-based interface, a security warning is displayed stating that the SSL certificate host name 
does not match the iDRAC host name.

iDRAC includes a default iDRAC server certificate to ensure network security while accessing through the Web-based interface and 
remote RACADM. When this certificate is used, the Web browser displays a security warning because the default certificate that is 
issued to iDRAC does not match the iDRAC host name (for example, the IP address).

To resolve this, upload an iDRAC server certificate issued to the IP address or the iDRAC host name. When generating the CSR 
(used for issuing the certificate), make sure that the common name (CN) of the CSR matches the iDRAC IP address (if certificate 
issued to IP) or the registered DNS iDRAC name (if certificate is issued to iDRAC registered name).

To make sure that the CSR matches the registered DNS iDRAC name:

1.

In iDRAC Web interface, go to 

Overview

 → 

iDRAC Settings

 → 

Network

. The 

Network

 page is displayed.

2.

In the 

Common Settings

 section:

Select the 

Register iDRAC on DNS

 option.

In the 

DNS iDRAC Name

 field, enter the iDRAC name.

3.

Click 

Apply

.

Active Directory

Active Directory login failed. How to resolve this?

To diagnose the problem, on the 

Active Directory Configuration and Management

 page, click 

Test Settings

. Review the test 

results and fix the problem. Change the configuration and run the test until the test user passes the authorization step.

In general, check the following:

While logging in, make sure that you use the correct user domain name and not the NetBIOS name. If you have a local iDRAC 

user account, log into iDRAC using the local credentials. After logging in, make sure that:

– The 

Active Directory Enabled

 option is selected on the 

Active Directory Configuration and Management

 page.

– The DNS setting is correct on the

 iDRAC Networking configuration

 page.

– The correct Active Directory root CA certificate is uploaded to iDRAC if certificate validation was enabled.
– The iDRAC name and iDRAC Domain name matches the Active Directory environment configuration if you are using 

extended schema.

– The Group Name and Group Domain Name matches the Active Directory configuration if you are using standard schema.
– If the user and the iDRAC object is in different domain, then do not select the 

User Domain from Login

 option. Instead 

select 

Specify a Domain

 option and enter the domain name where the iDRAC object resides.

Check the domain controller SSL certificates to make sure that the iDRAC time is within the valid period of the certificate.

Active Directory login fails even if certificate validation is enabled. The test results display the following error message. Why 
does this occur and how to resolve this?

ERROR: Can't contact LDAP server, error:14090086:SSL 

routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed: Please check the correct 

Certificate Authority (CA) certificate has been uploaded to iDRAC. Please also check if the 

iDRAC date is within the valid period of the certificates and if the Domain Controller 

Address configured in iDRAC matches the subject of the Directory Server Certificate.

If certificate validation is enabled, when iDRAC establishes the SSL connection with the directory server, iDRAC uses the uploaded 
CA certificate to verify the directory server certificate. The most common reasons for failing certification validation are:

iDRAC date is not within the validity period of the server certificate or CA certificate. Check the iDRAC time and the validity 

period of your certificate.

291

Summary of Contents for iDRAC 7

Page 1: ...iDRAC 8 7 v2 40 40 40 User s Guide ...

Page 2: ...the problem WARNING A WARNING indicates a potential for property damage personal injury or death 2016 Dell Inc All rights reserved This product is protected by U S and international copyright and intellectual property laws Dell and the Dell logo are trademarks of Dell Inc in the United States and or other jurisdictions All other marks and names mentioned herein may be trademarks of their respectiv...

Page 3: ...e Directory user using a smart card 34 Logging in to iDRAC using Single Sign On 34 Logging in to iDRAC SSO using iDRAC web interface 34 Logging in to iDRAC SSO using CMC web interface 35 Accessing iDRAC using remote RACADM 35 Validating CA certificate to use remote RACADM on Linux 35 Accessing iDRAC using local RACADM 35 Accessing iDRAC using firmware RACADM 35 Accessing iDRAC using SMCLP 36 Loggi...

Page 4: ...pdating device firmware using RACADM 67 Scheduling automatic firmware updates 67 Updating firmware using CMC web interface 69 Updating firmware using DUP 69 Updating firmware using remote RACADM 69 Updating firmware using Lifecycle Controller Remote Services 70 Updating CMC firmware from iDRAC 70 Viewing and managing staged updates 70 Viewing and managing staged updates using iDRAC web interface 7...

Page 5: ...ring VNC server using RACADM 85 Setting up VNC viewer with SSL encryption 85 Setting up VNC viewer without SSL encryption 85 Configuring front panel display 85 Configuring LCD setting 86 Configuring system ID LED setting 87 Configuring time zone and NTP 87 Configuring time zone and NTP using iDRAC web interface 87 Configuring time zone and NTP using RACADM 87 Setting first boot device 87 Setting f...

Page 6: ... temperature 105 Viewing network interfaces available on host OS 106 Viewing network interfaces available on host OS using web interface 106 Viewing network interfaces available on host OS using RACADM 106 Viewing FlexAddress mezzanine card fabric connections 107 Viewing or terminating iDRAC sessions 107 Terminating iDRAC sessions using web interface 107 Terminating iDRAC sessions using RACADM 107...

Page 7: ... Configuring generic LDAP directory service using iDRAC web based interface 146 Configuring generic LDAP directory service using RACADM 147 Testing LDAP directory service settings 147 8 Configuring iDRAC for Single Sign On or smart card login 148 Prerequisites for Active Directory Single Sign On or smart card login 148 Registering iDRAC as a computer in Active Directory root domain 148 Generating ...

Page 8: ...ring Redfish Eventing 160 Monitoring chassis events 160 Monitoring chassis events using the iDRAC web interface 160 Monitoring chassis events using RACADM 160 Alerts message IDs 161 10 Managing logs 164 Viewing System Event Log 164 Viewing System Event Log using web interface 164 Viewing System Event Log using RACADM 164 Viewing System Event Log using iDRAC settings utility 165 Viewing Lifecycle l...

Page 9: ...f virtual addresses initiator and storage target settings 174 Supported cards for I O Identity Optimization 175 Supported NIC firmware versions for I O Identity Optimization 176 Virtual Flex Address and Persistence Policy behavior when iDRAC is set to Flex Address mode or Console mode 176 System behavior for FlexAddress and I O Identity 177 Enabling or disabling I O Identity Optimization 178 Confi...

Page 10: ... storage controllers 211 Managing PCIe SSDs 211 Inventorying and monitoring PCIe SSDs 212 Preparing to remove PCIe SSD 213 Erasing PCIe SSD device data 214 Managing enclosures or backplanes 215 Configuring backplane mode 215 Viewing universal slots 218 Setting SGPIO mode 218 Choosing operation mode to apply settings 219 Choosing operation mode using web interface 219 Choosing operation mode using ...

Page 11: ...34 Accessing virtual media 235 Launching virtual media using virtual console 235 Launching virtual media without using virtual console 236 Adding virtual media images 236 Viewing virtual device details 237 Resetting USB 237 Mapping virtual drive 237 Unmapping virtual drive 238 Setting boot order through BIOS 238 Enabling boot once for virtual media 239 16 Installing and using VMCLI utility 240 Ins...

Page 12: ...tributes 261 Operating system information 261 Replicate Lifecycle logs to OS log 261 Automatic system recovery options 261 Windows Management Instrumentation providers 262 Remote iDRAC Hard Reset 263 In band Support for iDRAC SNMP Alerts 264 iDRAC access via Host OS Experimental Feature 265 Coexistence of OpenManage Server Administrator and iDRAC Service Module 267 Using iDRAC Service Module from ...

Page 13: ...ost codes 281 Viewing boot and crash capture videos 282 Configuring video capture settings 282 Viewing logs 282 Viewing last system crash screen 282 Viewing front panel status 283 Viewing system front panel LCD status 283 Viewing system front panel LED status 283 Hardware trouble indicators 284 Viewing system health 284 Generating SupportAssist Collection 285 Generating SupportAssist Collection au...

Page 14: ...erver is not responding during boot 304 When attempting to boot the managed server the power indicator is green but there is no POST or no video 304 25 Use case scenarios 306 Troubleshooting an inaccessible managed system 306 Obtaining system information and assess system health 307 Setting up alerts and configuring email alerts 307 Viewing and exporting Lifecycle log and System Event Log 307 Inte...

Page 15: ...or 200 500 series servers iDRAC Express available by default on all 600 and higher series of rack or tower servers and all blade servers iDRAC Enterprise available on all server models For more information see the iDRAC Overview and Feature Guide available at dell com support manuals Benefits of using iDRAC with Lifecycle Controller The benefits include Increased Availability Early notification of...

Page 16: ... com support manuals View network interfaces available on host operating systems View inventory and monitor information and configure basic iDRAC settings using iDRAC Quick Sync feature and a mobile device Deployment Manage vFlash SD card partitions Configure front panel display settings Manage iDRAC network settings Configure and use virtual console and virtual media Deploy operating systems usin...

Page 17: ...umption by modifying the thermal settings No dependency on OpenManage Server Administrator for generation of alerts Log event data Lifecycle and RAC logs Set email alerts IPMI alerts remote system logs WS Eventing logs Redfish event and SNMP traps v1 v2c and v3 for events and improved email alert notification Capture last system crash image View boot and crash capture videos Out of band monitor an...

Page 18: ...for improved security FIPS 140 2 Level 1 capability Support for TLS 1 2 1 1 and 1 0 To enhance security default setting is TLS 1 1 and higher SMCLP and web interfaces that support 128 bit and 40 bit encryption for countries where 128 bit is not acceptable using the TLS 1 2 standard NOTE To ensure a secure connection Dell recommends using TLS 1 1 and higher Session time out configuration in seconds...

Page 19: ...AN OpenManage Server Administrator and so on Some features such as dedicated NIC or vFlash requires iDRAC ports card This is optional on 200 500 series servers iDRAC license management and firmware update functionality is available through iDRAC Web interface and RACADM Types of licenses The types of licenses offered are 30 day evaluation and extension The license expires after 30 days and can be ...

Page 20: ... about an installed license or the licenses available for a component installed in the server NOTE For the Learn More option to display the correct page make sure that dell com is added to the list of Trusted Sites in the Security Settings For more information see the Internet Explorer help documentation For one to many license deployment you can use Dell License Manager For more information see t...

Page 21: ...ress for Blades iDRAC8 Express for Blades iDRAC7 Enterprise iDRAC8 Enterprise Interfaces Standards IPMI 2 0 Yes Yes Yes Yes Yes Yes Yes Yes DCMI 1 5 No Yes No Yes No Yes No Yes Web based GUI No Yes Yes Yes Yes Yes Yes Yes RACADM command line local remote No Yes Yes Yes Yes Yes Yes Yes Redfish Yes Yes Yes Yes Yes Yes Yes Yes SMASH CLP SSH only No Yes Yes Yes Yes Yes Yes Yes Telnet No Yes Yes Yes Ye...

Page 22: ... Yes Remote Presence Power control Yes4 Yes Yes Yes Yes Yes Yes Yes Boot control No Yes No Yes No Yes No Yes Serial over LAN Yes Yes Yes Yes Yes Yes Yes Yes Virtual Media No No No No Yes Yes Yes Yes Virtual Folders No No No No No No Yes Yes Remote File Share No No No No No No Yes Yes Virtual Console No No No No Single user Single user Yes 6 users VNC connection to OS No No No No No No Yes Yes Qual...

Page 23: ...o Yes No Yes Temperature graphing No No No Yes No Yes No Yes Health Monitoring Full agent free monitoring No Yes No Yes No Yes No Yes Predictive failure monitoring No Yes No Yes No Yes No Yes SNMPv1 v2 and v3 traps and gets No Yes Yes Yes Yes Yes Yes Yes Email Alerting No No Yes Yes Yes Yes Yes Yes Configurable thresholds No Yes No Yes No Yes No Yes Fan monitoring No Yes No Yes No Yes No Yes Power...

Page 24: ...ration Embedded OS deployment tools No Yes No Yes No Yes No Yes Embedded configuration tools iDRAC Settings Utility No Yes No Yes No Yes No Yes Embedded configuration wizards Lifecycle Controller wizards No Yes No Yes No Yes No Yes Auto Discovery No Yes Yes Yes Yes Yes Yes Yes Remote OS deployment No No No Yes No Yes No Yes Embedded driver pack No Yes No Yes No Yes No Yes Full configuration invent...

Page 25: ... bezel No Yes No Yes No N A No Yes iDRAC Direct front USB management port No Yes No Yes No Yes No Yes iDRAC Service Module iSM No Yes Yes Yes Yes Yes Yes Yes Embedded Tech Support Report No Yes Yes Yes Yes Yes Yes Yes Crash screen capture5 No No Yes Yes Yes Yes Yes Yes Crash video capture5 No No No No No No Yes Yes Boot capture No No No No No No Yes Yes Manual reset for iDRAC No Yes No Yes No Yes ...

Page 26: ...y Any connection to the HTTP port is redirected to HTTPS Administrators can upload their own SSL certificate through an SSL CSR generation process to secure the web server The default HTTP and HTTPS ports can be changed The user access is based on user privileges RACADM Use this command line utility to perform iDRAC and server management You can use RACADM locally and remotely Local RACADM command...

Page 27: ...bled in iDRAC iDRAC only supports SSH version 2 with the RSA host key algorithm A unique 1024 bit RSA host key is generated when you power up iDRAC for the first time IPMITool Use the IPMITool to access the remote system s basic management features through iDRAC The interface includes local IPMI IPMI over LAN IPMI over Serial and Serial over LAN For more information on IPMITool see the Dell OpenMa...

Page 28: ...s profiles iDRAC port information The following ports are required to remotely access iDRAC through firewalls These are the default ports iDRAC listens to for connections Optionally you can modify most of the ports To do this see Configuring services Table 4 Ports iDRAC listens for connections Port Number Function 22 SSH 23 Telnet 80 HTTP 443 HTTPS 623 RMCP RMCP 161 SNMP 5900 Virtual Console keybo...

Page 29: ... Remote Access Configuration Tool User s Guide provides information on how to use the tool to discover iDRAC IP addresses in your network and perform one to many firmware updates and active directory configurations for the discovered IP addresses The Dell Systems Software Support Matrix provides information about the various Dell systems the operating systems supported by these systems and the Del...

Page 30: ... your area To contact Dell for sales technical support or customer service issues 1 Go to Dell com support 2 Select your support category 3 Verify your country or region in the Choose a Country Region drop down list at the bottom of the page 4 Select the appropriate service or support link based on your need Accessing documents from Dell support site You can access the required documents in one of...

Page 31: ...Dell Client Command Suite Connections Client Systems Management d To view a document click the required product version Using search engines Type the name and version of the document in the search box 31 ...

Page 32: ...me is not case sensitive for an Active Directory user The password is case sensitive for all users NOTE In addition to Active Directory openLDAP openDS Novell eDir and Fedora based directory services are supported NOTE LDAP authentication with OpenDS is supported The DH key must be larger than 768 bits To log in to iDRAC as local user Active Directory user or LDAP user 1 Open a supported web brows...

Page 33: ...n to iDRAC as a local user using a smart card Before you log in as a local user using Smart Card make sure to Upload user smart card certificate and the trusted Certificate Authority CA certificate to iDRAC Enable smart card logon The iDRAC web interface displays the smart card logon page for users who are configured to use the smart card NOTE Depending on the browser settings you are prompted to ...

Page 34: ...NOTE If the smart card user is present in Active Directory an Active Directory password is not required Related links Enabling or disabling smart card login Configuring iDRAC smart card login for Active Directory users Logging in to iDRAC using Single Sign On When Single Sign On SSO is enabled you can log in to iDRAC without entering your domain user authentication credentials such as user name an...

Page 35: ...ertificate is the certificate iDRAC sends to the RACADM client to establish the secure session This certificate is either issued by a CA or self signed In either case if the management station does not recognize the CA or signing authority a warning is displayed Related links Validating CA certificate to use remote RACADM on Linux Validating CA certificate to use remote RACADM on Linux Before runn...

Page 36: ... IP_address is the IP address of the iDRAC Sending RACADM commands ssh username domain racadm getversion ssh username domain racadm getsel Related links Using public key authentication for SSH Multiple iDRAC sessions The following table provides the list of multiple iDRAC sessions that are possible using the various interfaces Table 6 Multiple iDRAC sessions Interface Number of Sessions iDRAC Web ...

Page 37: ...rd and Confirm Password fields match For information about the other fields see the iDRAC Online Help Changing default login password using RACADM To change the password run the following RACADM command racadm set iDRAC Users index Password Password where index is a value from 1 to 16 indicates the user account and password is the new user defined password For more information see the iDRAC RACADM...

Page 38: ...authorized users and denial of service DoS attack iDRAC provides the following before blocking the IP and SNMP traps if enabled Series of sign in errors and alerts Increased time intervals with each sequential incorrect login attempt Log entries NOTE The sign errors and alerts increased time interval for each incorrect login and log entries are available using any of the iDRAC interfaces such as w...

Page 39: ...the IP address gateway and subnet mask for iDRAC You can enable Provisioning Server or DHCP when you place an order for the server There is no charge to enable either of these features However only one setting is possible Related links Setting up iDRAC IP address Setting up managed system Updating device firmware Rolling back device firmware Setting up management station Configuring supported web ...

Page 40: ...ovisioning server Configuring servers and server components using Auto Config Setting up iDRAC IP using iDRAC settings utility To set up the iDRAC IP address 1 Turn on the managed system 2 Press F2 during Power on Self test POST 3 In the System Setup Main Menu page click iDRAC Settings The iDRAC Settings page is displayed 4 Click Network The Network page is displayed 5 Specify the following settin...

Page 41: ...work fails the traffic is routed through the failover network For example to route the iDRAC network traffic through LOM2 when LOM1 is down select LOM1 for NIC Selection and LOM2 for Failover Network NOTE If you have selected Dedicated in NIC Selection drop down menu the option is grayed out NOTE Failover is not supported on shared LOM for the following Emulex rNDCs and bNDCs Emulex OCM14104 UX D ...

Page 42: ...you can use IPv6 address protocol To configure the IPv6 settings 1 Select Enabled option under Enable IPv6 2 For the DHCPv6 server to automatically assign the IP address gateway and subnet mask to iDRAC select Enabled option under Enable Auto configuration NOTE You can configure both static IP and DHCP IP at the same time 3 In the Static IP Address 1 box enter the static IPv6 address 4 In the Stat...

Page 43: ...PMI Settings VLAN Settings NOTE For more information see iDRAC Online Help 7 To save the network information click Apply For more information see the Chassis Management Controller User s Guide available at dell com support manuals Enabling provisioning server The Provisioning Server feature allows newly installed servers to automatically discover the remote management console that hosts the provis...

Page 44: ...r option to specify the SCP file name optionally SCP file location and the user credentials to access the file location When the iDRAC obtains an IP address from the DHCP server that is configured for Auto Config iDRAC uses the SCP to configure the server s devices Auto Config is invoked only after the iDRAC gets its IP address from the DHCP server If it does not get a response or an IP address fr...

Page 45: ...configures all the attributes listed in the file DHCP options DHCPv4 allows many globally defined parameters to be passed to the DHCP clients Each parameter is known as a DHCP option Each option is identified with an option tag which is a 1 byte value Option tags 0 and 255 are reserved for padding and end of options respectively All other values are available for defining options The DHCP Option 4...

Page 46: ...alog box with the following fields is displayed Display name Description ID Binary ASCII 5 In the Display name field type iDRAC 6 In the Description field type Vendor Class 7 Click in the ASCII section and type iDRAC 8 Click OK and then Close 9 On the DHCP window right click IPv4 and select Set Predefined Options 10 From the Option class drop down menu select iDRAC created in step 4 and click Add ...

Page 47: ... 168 1 101 n cifs_share s 2 u USERNAME p PASSWORD d 1 t 400 Configuring option 43 and option 60 on Linux Update the etc dhcpd conf file The steps to configure the options are similar to the steps for Windows 1 Set aside a block or pool of addresses that this DHCP server can allocate 2 Set the option 43 and use the name vendor class identifier for option 60 option myname code 43 text subnet 192 168...

Page 48: ... sure to restart the dhcpd service in order to apply the changes Prerequisites before enabling Auto Config Before enabling the Auto config feature make sure that following are already set Supported network share NFS or CIFS is available on the same subnet as the iDRAC and DHCP server Test the network share to ensure that it can be accessed and that the firewall and user permissions are set correct...

Page 49: ...NMPv3 authentication Importing this profile results in losing the IPMI authentication for users who have the hashed password values set and the F2 IDRAC interface shows that the user account is disabled The other interfaces such as IDRAC GUI will show the user accounts enabled NOTE When downgrading a Dell 12th generation PowerEdge server from version 2 xx xx xx to 1 xx xx if the server is set with...

Page 50: ...plorer Firefox Chrome or Safari 3 Install the latest Java Runtime Environment JRE required if Java plug in type is used to access iDRAC using a Web browser 4 From the Dell Systems Management Tools and Documentation DVD install Remote RACADM and VMCLI from the SYSMGMT folder Else run Setup on the DVD to install Remote RACADM by default and other OpenManage software For more information about RACADM...

Page 51: ...anaged system location You can specify the location details of the managed system in the data center using the iDRAC Web interface or iDRAC Settings utility Setting up managed system location using web interface To specify the system location details 1 In the iDRAC web interface go to Overview Server Properties Details The System Details page is displayed 2 Under System Location enter the location...

Page 52: ...thm which is independent of the BIOS profile The options available are Maximum Performance Performance Optimized Reduced probability of memory or CPU throttling Increased probability of turbo mode activation Generally higher fan speeds at idle and stress loads Minimum Power Performance per Watt Optimized Optimized for lowest system power consumption based on optimum fan power state Generally lower...

Page 53: ... range for minimum fan speed PWM is dynamic based on the system configuration The first value is the idle speed and the second value is the configuration max which may or may not be 100 based on system configuration System fans can run higher than this speed as per thermal requirements of the system but not lower than the defined minimum speed For example setting Minimum Fan Speed at 35 limits the...

Page 54: ...ustTemp 0 The following error message is displayed ERROR RAC947 Invalid object value specified Make sure to specify the value depending on the type of object For more information see RACADM help To set the limit to the default value racadm set system thermalsetting s AirExhaustTemp 255 FanSpeedHighOffsetVal Getting this variable reads the fan speed offset value in PWM for High Fan Speed Offset set...

Page 55: ... a value such as 100 This means that when you use the following command it applies a fan speed offset of Max meaning full speed 100 PWM Usually this offset results in fan speed increasing to full speed racadm set system thermalsetting s FanSpeedOffset 3 FanSpeedMediumOffsetV al Getting this variable reads the fan speed offset value in PWM for Medium Fan Speed Offset setting This value depends on t...

Page 56: ...ed fan speed value This value is PWM value for fan speed Values from MFSMinimumLimit to MFSMaximumLimit When get command reports 255 it means user configured offset is not applied To make sure that the system minimum speed does not decrease lower than 45 PWM 45 must be a value between MFSMinimumLimit to MFSMaximumLimit racadm set system thermalsetting s MinimumFanSpeed 45 ThermalProfile Allows you...

Page 57: ...ed browsers and their versions see the Release Notes available at dell com idracmanuals Most features of iDRAC web interface can be accessed using these browsers with default settings For certain feature to work you must change a few settings These settings include disabling pop up blockers enabling Java ActiveX or HTML5 plug in support and so on If you are connecting to iDRAC web interface from a...

Page 58: ...to enable Active Directory SSO To configure the browser settings for Internet Explorer 1 In Internet Explorer navigate to Local Intranet and click Sites 2 Select the following options only Include all local intranet sites not listed on other zones Include all sites that bypass the proxy server 3 Click Advanced 4 Add all relative domain names that will be used for iDRAC instances that is part of th...

Page 59: ... the NET framework package or the operating system package 6 If you are using MAC operating system select the Enable access for assistive devices option in the Universal Access window For more information see the MAC operating system documentation Related links Configuring Internet Explorer to use HTML5 based plug in Configuring the web browser to use Java plug in Configuring IE to use ActiveX plu...

Page 60: ... to run the viewer in a 32 bit browser you have to install the plug in again NOTE You can use ActiveX plug in only with Internet Explorer NOTE To use ActiveX plug in on systems with Internet Explorer 9 before configuring Internet Explorer ensure that you disable the Enhanced Security Mode in Internet Explorer or in the server manager in Windows Server operating systems For ActiveX applications in ...

Page 61: ...OK 7 Close and restart the browser for the settings to take effect Clearing browser cache If you have issues when operating the Virtual Console out of range errors synchronization issues and so on clear the browser s cache to remove or delete any old versions of the viewer that may be stored on the system and try again NOTE You must have administrator privilege to clear the browser s cache Clearin...

Page 62: ...322 0 4 Copy the renamed CA certificate to your home directory For example C Documents and Settings user directory Viewing localized versions of web interface iDRAC web interface is supported in the following languages English en us French fr German de Spanish es Japanese ja Simplified Chinese zh cn The ISO identifiers in parentheses denote the supported language variants For some supported langua...

Page 63: ...ayed in the Lifecycle Controller log until the iDRAC time is reset using NTP The Lifecycle log displays the BIOS time until the iDRAC time is reset You can perform firmware updates by using the following methods Uploading a supported image type one at a time from a local system or network share Connecting to an FTP TFTP or HTTP site or a network repository that contains Windows DUPs and a correspo...

Page 64: ...es No No No SAS SATA hard drives No Yes Yes No CMC on PowerEdge FX2 servers No Yes Yes Yes OS Collector No No No No Indicates that though a system restart is not required iDRAC must be restarted to apply the updates iDRAC communication and monitoring may temporarily be interrupted When iDRAC is updated from version 1 30 30 or later a system restart is not necessary However firmware versions of iDR...

Page 65: ...ys each firmware file uploaded to iDRAC and its status If the firmware image file is valid and was successfully uploaded the Contents column displays a plus icon icon next to the firmware image file name Expand the name to view the Device Name Current and Available firmware version information 5 Select the required firmware file and do one of the following For firmware images that do not require a...

Page 66: ...or firmware images that do not require a host system reboot click Install For example d7 firmware file For firmware images that require a host system reboot click Install and Reboot or Install Next Reboot To cancel the firmware update click Cancel When you click Install Install and Reboot or Install Next Reboot the message Updating Job Queue is displayed 6 Click Job Queue to display the Job Queue ...

Page 67: ...s a catalog file and perform a graceful reboot racadm update f myfile xml b graceful l 192 168 1 1 u test p passwd To perform all applicable updates from an FTP update repository using Catalog xml as a catalog file racadm update f Catalog xml t FTP e 192 168 1 20 Repository Catalog Scheduling automatic firmware updates You can create a periodic recurring schedule for iDRAC to check for new firmwar...

Page 68: ...daily weekly or monthly For information about the fields see the iDRAC Online Help 8 Click Schedule Update The next scheduled job is created in the job queue Five minutes after the first instance of the recurring job starts the job for the next time period is created Scheduling automatic firmware update using RACADM To schedule automatic firmware update use the following commands To enable automat...

Page 69: ... make sure that the usbarbitrator service is stopped using command service usbarbitrator stop To update iDRAC using DUP 1 Download the DUP based on the installed operating system and run it on the managed system 2 Run the DUP The firmware is updated A system restart is not required after firmware update is complete Updating firmware using remote RACADM 1 Download the firmware image to the TFTP or ...

Page 70: ...r and the click Apply iDRAC settings to update CMC firmware In the PowerEdge FX2 FX2s chassis before updating the firmware for CMC and its shared components from iDRAC do the following settings in iDRAC 1 In the iDRAC Web interface go to Overview iDRAC Settings Update and Rollback Settings The Chassis Management Controller Firmware Update Settings page is displayed 2 For Allow CMC Updates Through ...

Page 71: ...TE On a 12th generation of PowerEdge server with firmware version 2 10 10 10 you cannot roll back Lifecycle Controller to 1 xx xx without rolling back iDRAC Roll back iDRAC first to 1 xx xx version and only then can you roll back Lifecycle Controller It is recommended to keep the firmware updated to ensure you have the latest features and security updates You may need to rollback an update or inst...

Page 72: ...background even if you navigate away from this page An error message appears if You do not have Server Control privilege to rollback any firmware other than the iDRAC or Configure privilege to rollback iDRAC firmware Firmware rollback is already in progress in another session Updates are staged to run or already in running state If Lifecycle Controller is disabled or in recovery state and you try ...

Page 73: ...accessible using an iDRAC IP address or DNS name NOTE If you use iDRAC web interface to transfer certificates and update firmware TFTP server is not required You can use the netstat a command on Windows or Linux operating systems to see if a TFTP server is running The default port for TFTP is 69 If TFTP server is not running do one of the following Find another computer on the network running a TF...

Page 74: ...ser name and password or percent encode the special characters For information about the fields see the iDRAC Online Help 5 Click Backup Now The backup operation is initiated and you can view the status on the Job Queue page After a successful operation the backup file is created in the specified location Backing up server profile using RACADM To back up the server profile using RACADM use the sys...

Page 75: ...line Help 8 Click Schedule Backup A recurring job is represented in the job queue with a start date and time of the next scheduled backup operation Five minutes after the first instance of the recurring job starts the job for the next time period is created The backup server profile operation is performed at the scheduled date and time Scheduling automatic backup server profile using RACADM To ena...

Page 76: ... When you replace the motherboard and power on the system the BIOS queries the iDRAC and prompts you to restore the backed up data The first BIOS screen prompts you to restore the Service Tag licenses and UEFI diagnostic application The second BIOS screen prompts you to restore system configuration settings If you choose not to restore data on the first BIOS screen and if you do not set the Servic...

Page 77: ...tion see the iDRAC RACADM Command Line Interface Reference Guide available at dell com idracmanuals Restore operation sequence The restore operation sequence is 1 Host system shuts down 2 Backup file information is used to restore the Lifecycle Controller 3 Host system turns on 4 Firmware and configuration restore process for the devices is completed 5 Host system shuts down 6 iDRAC firmware and c...

Page 78: ...ou have configured iDRAC network settings using iDRAC Settings utility during iDRAC IP address setup then ignore this step 3 Configure interfaces to access iDRAC 4 Configure front panel display 5 Configure System Location if required 6 Configure time zone and Network Time Protocol NTP if required 7 Establish any of the following alternate communication methods to iDRAC IPMI or RAC serial IPMI seri...

Page 79: ... see iDRAC Online Help Hardware and firmware version Last firmware update RAC time IPMI version User interface title bar information Network settings IPv4 Settings IPv6 Settings Viewing iDRAC information using RACADM To view iDRAC information using RACADM see getsysinfo or get sub command details provided in the iDRAC RACADM Command Line Interface Reference Guide available at dell com idracmanuals...

Page 80: ...Pv4 DHCPEnable 0 racadm set iDRAC IPv4 DNSFromDHCP 0 racadm set iDRAC IPv4 DNS1 192 168 0 5 racadm set iDRAC IPv4 DNS2 192 168 0 6 racadm set iDRAC Nic DNSRegister 1 racadm set iDRAC Nic DNSRacName RAC EK00002 racadm set iDRAC Nic DNSDomainFromDHCP 0 racadm set iDRAC Nic DNSDomainName MYDOMAIN NOTE If iDRAC Nic Enable is set to 0 the iDRAC LAN is disabled even if DHCP is enabled Configuring IP fil...

Page 81: ...he following expression equals zero RangeMask incoming IP address RangeAddr Bitwise AND of the quantities Bitwise exclusive OR Examples for IP Filtering The following RACADM commands block all IP addresses except 192 168 0 57 racadm set iDRAC IPBlocking RangeEnable 1 racadm set iDRAC IPBlocking RangeAddr 192 168 0 57 racadm set iDRAC IPBlocking RangeMask 255 255 255 255 To restrict logins to a set...

Page 82: ...econds before you reconnect to iDRAC 5 Install a trusted certificate for iDRAC NOTE The default SSL certificate is not allowed in FIPS mode NOTE Some iDRAC interfaces such as the standards compliant implementations of IPMI and SNMP do not support FIPS compliance Enabling FIPS mode using RACADM Use RACADM CLI to execute the following command racadm set iDRAC Security FIPSMode Enable Disabling FIPS ...

Page 83: ...tion If you do not want automatic redirection from HTTP to HTTPs due to certificate warning issue with default iDRAC certificate or as a temporary setting for debugging purpose you can configure iDRAC such that redirection from http port default is 80 to https port default is 443 is disabled By default it is enabled You have to log out and log in to iDRAC for this setting to take effect When you d...

Page 84: ...ture is licensed and is available in the iDRAC Enterprise license You can choose from many VNC applications or Desktop clients such as the ones from RealVNC or Dell Wyse PocketCloud Only one VNC client session can be active at a time If a VNC session is active you can only launch the Virtual Media using Launch Virtual Console and not the Virtual Console Viewer If video encryption is disabled the V...

Page 85: ...Start the tunnel application To establish connection with the iDRAC VNC server over the SSL encrypted channel connect the VNC viewer to the localhost link local IP address and the local port number 127 0 0 1 local port number Setting up VNC viewer without SSL encryption In general all Remote Frame Buffer RFB compliant VNC Viewers connect to the VNC server using the iDRAC IP address and port number...

Page 86: ...and the LCD panel on the server displays the Virtual console session active message when there is an active Virtual Console session 4 Click Apply The server LCD front panel displays the configured home message Configuring LCD setting using RACADM To configure the server LCD front panel display use the objects in the System LCD group For more information see the iDRAC RACADM Command Line Interface ...

Page 87: ...privilege to configure time zone or NTP settings Configuring time zone and NTP using iDRAC web interface To configure time zone and NTP using iDRAC web interface 1 Go to Overview iDRAC Settings Properties Settings The Time zone and NTP page is displayed 2 To configure the time zone from the Time Zone drop down menu select the required time zone and then click Apply 3 To configure NTP enable NTP en...

Page 88: ...on the next boot select Boot Once Thereafter the system boots from the first boot device in the BIOS boot order For more information about the options see the iDRAC Online Help Setting first boot device using RACADM To set the first boot device use the iDRAC ServerBoot FirstBootDevice object To enable boot once for a device use the iDRAC ServerBoot BootOnce object For more information about these ...

Page 89: ...re features for managing iDRAC through the operating system For more information see the iDRAC Service Module Installation Guide available at dell com support manuals When enabled through dedicated NIC you can launch the browser in the host operating system and then access the iDRAC Web interface The dedicated NIC for the blade servers is through the Chassis Management Controller Switching between...

Page 90: ... Pass through The following table provides a list of cards that support the OS to iDRAC Pass through feature using LOM Table 11 OS to iDRAC Pass through using LOM supported cards Category Manufacturer Type NDC Broadcom 5720 QP rNDC 1G BASE T 57810S DP bNDC KR 57800S QP rNDC 10G BASE T 1G BASE T 57800S QP rNDC 10G SFP 1G BASE T 57840 4x10G KR 57840 rNDC Intel i540 QP rNDC 10G BASE T 1G BASE T i350 ...

Page 91: ... operating system If these packages are not installed use https 169 254 0 1 to launch the iDRAC Operating System Firewall Status Avahi Package nss mdns Package RHEL 5 9 32 bit Disable Install as a separate package avahi 0 6 16 10 el5_6 i386 rpm Install as a separate package nss mdns 0 10 4 el5 i386 rpm RHEL 6 4 64 bit Disable Install as a separate package avahi 0 6 25 12 el6 x86_64 rpm Install as ...

Page 92: ...ough using web interface To enable OS to iDRAC Pass through using Web interface 1 Go to Overview iDRAC Settings Network OS to iDRAC Pass through The OS to iDRAC Pass through page is displayed 2 Select any of the following options to enable OS to iDRAC pass through LOM The OS to iDRAC pass through link between the iDRAC and the host operating system is established through the LOM or NDC USB NIC The...

Page 93: ...he IPv4 address of the operating system NOTE If the server is connected in shared LOM mode then the OS IP Address field is disabled 4 If you select USB NIC as the pass through configuration enter the IP address of the USB NIC The default value is 169 254 0 1 However if this IP address conflicts with an IP address of other interfaces of the host system or the local network you must change it Do not...

Page 94: ... your company s information Then submit the generated CSR to a CA such as VeriSign or Thawte The CA can be a root CA or an intermediate CA After you receive the CA signed SSL certificate upload this to iDRAC For each iDRAC to be trusted by the management station that iDRAC s SSL certificate must be placed in the management station s certificate store Once the SSL certificate is installed on the ma...

Page 95: ... on the iDRAC firmware must match the information contained in the SSL server certificate that is the certificate must have been generated using the CSR created by iDRAC Related links SSL server certificates Generating CSR using web interface To generate a new CSR NOTE Each new CSR overwrites any previous CSR data stored in the firmware The information in the CSR must match the information in the ...

Page 96: ...private key using the remote racadm sslkeyupload command 3 Upload the signed certificate to iDRAC using the remote racadm sslcertupload command The new certificate is uploaded iDRAC A message is displayed asking you to reset iDRAC 4 Run the racadm racreset command to reset iDRAC iDRAC resets and the new certificate is applied The iDRAC is not available for a few minutes during the reset NOTE You m...

Page 97: ...rtificate You can download the custom signing certificate using iDRAC Web interface or RACADM Downloading custom signing certificate To download the custom signing certificate using iDRAC Web interface 1 Go to Overview iDRAC Settings Network SSL The SSL page is displayed 2 Under Custom SSL Certificate Signing Certificate select Download Custom SSL Certificate Signing Certificate and click Next A p...

Page 98: ...nfiguration Workflow white paper available at dell com support manuals or at the Dell Tech Center To configure multiple iDRACs using the configuration file 1 Query the target iDRAC that contains the required configuration using the following command racadm get f file_name xml t xml The command requests the iDRAC configuration and generates the configuration file NOTE Redirecting the iDRAC configur...

Page 99: ...remove all users and user configurations While the root user is available other user settings are also reset to the default settings Disabling access to modify iDRAC configuration settings on host system You can disable access to modify the iDRAC configuration settings through Local RACADM or iDRAC Settings utility However you can view these configuration settings To do this 1 In iDRAC Web interfa...

Page 100: ...on preview the virtual console add and view work notes and quickly launch tasks such as power on or off power cycle view logs update and rollback firmware switch on or switch off the front panel LED and reset iDRAC To access the System Summary page go to Overview Server Properties Summary The System Summary page is displayed For more information see the iDRAC Online Help You can also view the basi...

Page 101: ... few minutes log in to iDRAC and navigate to the System Inventory page to view the details It may take up to 5 minutes for the information to be available depending on the hardware installed on the server NOTE CSIOR option is enabled by default NOTE Configuration changes and firmware updates that are made within the operating system may not reflect properly in the inventory until you perform a ser...

Page 102: ... 13th generation of PowerEdge servers the IDSDM rebuild operation is performed in the background and the system is not halted during the rebuild process You can check the Lifecycle Controller logs to view the status of the rebuild operation On a Dell 12th generation PowerEdge server the system is halted while the rebuild operation is performed System Event Logs SEL for a write protected or corrupt...

Page 103: ...mory traffic occurring at each memory channel or memory controller instance Data from these RMCs is aggregated to measure the cumulative memory traffic across all the memory channels on the system This is a measure of memory bandwidth consumption and not amount of memory utilization iDRAC aggregates it for one minute so it may or may not match the memory utilization that other OS tools such as top...

Page 104: ...tem Performance System Performance Historical Data and Performance Metrics sections For information about the displayed properties see the iDRAC Online Help Monitoring performance index for of CPU memory and I O modules using RACADM Use the SystemPerfStatistics sub command to monitor performance index for CPU memory and I O modules For more information see the iDRAC RACADM Command Line Reference G...

Page 105: ...ical event when the temperature was greater than the critical threshold for duration of 1 or more in the last 12 months You can also configure iDRAC to generate additional events For more information see the Setting alert recurrence event section Viewing historical temperature data using iDRAC web interface To view historical temperature data 1 In the iDRAC Web interface go to Overview Server Powe...

Page 106: ...v4 or IPv6 DHCP server address may not be displayed Viewing network interfaces available on host OS using web interface To view the network interfaces available on the host OS using Web interface 1 Go to Overview Host OS Network Interfaces The Network Interfaces page displays all the network interfaces that are available on the host operating system 2 To view the list of network interfaces associa...

Page 107: ...s stored in CMC non volatile memory and is sent to iDRAC during an iDRAC boot or when CMC FlexAddress is enabled If CMC enables chassis assigned MAC addresses iDRAC displays the MAC address on any of the following pages Overview Server Properties Details iDRAC Information Overview Server Properties WWN MAC Overview iDRAC Settings Properties iDRAC Information Current Network Settings Overview iDRAC...

Page 108: ...For more information see the iDRAC RACADM Command Line Interface Reference Guide available at dell com idracmanuals 108 ...

Page 109: ... Communication Supported Protocol Supported Commands Pre requisite iDRAC Web Interface Internet Protocol https N A Web Server Serial using Null modem DB9 cable Serial Protocol RACADM SMCLP IPMI Part of iDRAC firmware RAC Serial or IPMI Serial is enabled IPMI Serial Over LAN Intelligent Platform Management Bus protocol SSH Telnet IPMI IPMITool is installed and IPMI Serial Over LAN is enabled IPMI o...

Page 110: ...erial Direct Connect Basic mode and Direct Connect Terminal mode NOTE In case of blade servers the serial connection is established through the chassis For more information see the Chassis Management Controller User s Guide available at dell com support manuals To establish the serial connection 1 Configure the BIOS to enable serial connection 2 Connect the Null Modem DB9 cable from the management...

Page 111: ... configure IPMI Serial in any of the following modes in iDRAC NOTE This is applicable only for iDRAC on rack and tower servers IPMI basic mode Supports a binary interface for program access such as the IPMI shell ipmish that is included with the Baseboard Management Utility BMU For example to print the System Event Log using ipmish via IPMI Basic mode run the following command ipmish com 1 baud 57...

Page 112: ...ISerial ChanPrivLimit level Parameter Privilege level level 2 User level 3 Operator level 4 Administrator 5 Ensure that the serial MUX external serial connector is set correctly to the remote access device in the BIOS Setup program to configure BIOS for serial connection For more information about these properties see the IPMI 2 0 specification Additional settings for ipmi serial terminal mode Thi...

Page 113: ...Connection mode where terminal commands can be issued if iDRAC is set to IPMI Serial Direct Connect Terminal Mode Switching from RAC serial to serial console To switch to Serial Console Mode when in RAC Serial Interface Communication Mode press Esc Shift Q When in terminal mode to switch the connection to the Serial Console mode press Esc Shift Q To go back to the terminal mode use when connected ...

Page 114: ...een appears correctly NOTE If the boot loader or operating system provides serial redirection such as GRUB or Linux then the BIOS Redirection After Boot setting must be disabled This is to avoid potential race condition of multiple components accessing the serial port Configuring iDRAC to use SOL You can specify the SOL settings in iDRAC using Web interface RACADM or iDRAC Settings utility Configu...

Page 115: ...5200 4 Enable SOL for each user using the command racadm set iDRAC Users id SolEnable 2 Parameter Description id Unique ID of the user NOTE To redirect the serial console over LAN ensure that the SOL baud rate is identical to the baud rate of the managed system Enabling supported protocol The supported protocols are IPMI SSH and Telnet Enabling supported protocol using web interface To enable SSH ...

Page 116: ...quit a SOL session from IPMItool press and then period NOTE If a SOL session does not terminate reset iDRAC and allow up to two minutes to complete booting SOL using SSH or Telnet protocol Secure Shell SSH and Telnet are network protocols used to perform command line communications to iDRAC You can parse remote RACADM and SMCLP commands through either of these interfaces SSH has improved security ...

Page 117: ...boot the Special Admin Console SAC terminal may get corrupted Quit the SOL session close the terminal open another terminal and start the SOL session using the same command Related links Disconnecting SOL session in iDRAC command line console Using SOL from OpenSSH or Telnet on Linux To start SOL from OpenSSH or Telnet on a Linux management station NOTE If required you can change the default SSH o...

Page 118: ...mber if you are using a new port Configuring backspace key for your Telnet session Depending on the Telnet client using the Backspace key may produce unexpected results For example the session may echo h However most Microsoft and Linux Telnet clients can be configured to use the Backspace key To configure a Linux Telnet session to use the Backspace key open a command prompt and type stty erase h ...

Page 119: ...I over LAN 1 In the iDRAC Settings Utility go to Network The iDRAC Settings Network page is displayed 2 For IPMI Settings specify the values For information about the options see the iDRAC Settings Utility Online Help 3 Click Back click Finish and then click Yes The IPMI over LAN settings are configured Configuring IPMI over LAN using RACADM 1 Enable IPMI over LAN racadm set iDRAC IPMILan Enable 1...

Page 120: ...trator to enable or disable IPMI For more information see the Dell Open Manage Server Administrator s User Guide at dell com support manuals NOTE From iDRAC v2 30 30 30 or later IPMI supports IPv6 address protocol for Linux based operating systems Configuring Linux for serial console during boot The following steps are specific to the Linux GRand Unified Bootloader GRUB Similar changes are require...

Page 121: ...example shows console ttyS1 57600 added to the first option NOTE If the boot loader or operating system provides serial redirection such as GRUB or Linux then the BIOS Redirection After Boot setting must be disabled This is to avoid potential race condition of multiple components accessing the serial port Enabling login to the virtual console after boot In the file etc inittab add a new line to co...

Page 122: ...awn sbin mingetty tty1 2 2345 respawn sbin mingetty tty2 3 2345 respawn sbin mingetty tty3 4 2345 respawn sbin mingetty tty4 5 2345 respawn sbin mingetty tty5 6 2345 respawn sbin mingetty tty6 Run xdm in runlevel 5 xdm is now a separate service x 5 respawn etc X11 prefdm nodaemon In the file etc securetty add a new line with the name of the serial tty for COM2 ttyS1 The following example shows a s...

Page 123: ...upports the Public Key Authentication PKA over SSH This is a licensed feature When the PKA over SSH is set up and used correctly you must enter the user name while logging into iDRAC This is useful for setting up automated scripts that perform various functions The uploaded keys must be in RFC 4716 or OpenSSH format Else you must convert the keys into that format NOTE If you enable OpenSSH 7 0 or ...

Page 124: ...b 2048 C testing where t is rsa b specifies the bit encryption size between 2048 and 4096 C allows modifying the public key comment and is optional NOTE The options are case sensitive Follow the instructions After the command executes upload the public file CAUTION Keys generated from the Linux management station using ssh keygen are in non 4716 format Convert the keys into the 4716 format using s...

Page 125: ...ork User Authentication Local Users The Users page is displayed 2 In the User ID column click a user ID number The Users Main Menu page is displayed 3 Under SSH Key Configurations select View Remove SSH Key s and click Next The View Remove SSH Key s page is displayed with the key details Viewing SSH keys using RACADM To view the SSH keys run the following command Specific key racadm sshpkauth i 2 ...

Page 126: ...Deleting SSH keys using RACADM To delete the SSH key s run the following commands Specific key racadm sshpkauth i 2 to 16 d k 1 to 4 All keys racadm sshpkauth i 2 to 16 d k all 126 ...

Page 127: ...operator read only or none The role defines the maximum privileges available Related links Configuring local users Configuring Active Directory users Configuring generic LDAP users Recommended characters in user names and passwords This section provides details about the recommended characters while creating and using user names and passwords Use the following characters while creating user names ...

Page 128: ...the User ID column click a user ID number NOTE User 1 is reserved for the IPMI anonymous user and you cannot change this configuration The User Main Menu page is displayed 3 Select Configure User and click Next The User Configuration page is displayed 4 Enable the user ID and specify the user name password and access privileges for the user You can also enable SNMPv3 authentication for the user Fo...

Page 129: ...the password racadm set idrac users index password password 3 Set the user privileges For more information see the iDRAC RACADM Command Line Interface Reference Guide available at dell com idracmanuals 4 Enable the user racadm set idrac users index enable 1 To verify use the following command racadm get idrac users index For more information see the iDRAC RACADM Command Line Interface Reference Gu...

Page 130: ... Login Login to iDRAC Enables the user to log in to iDRAC Configure Configure iDRAC Enables the user to configure iDRAC Configure Users Configure Users Enables the user to allow specific users to access the system Logs Clear Logs Enables the user to clear the System Event Log SEL System Control Execute Server Control Commands Allows power cycling the host system Access Virtual Console Access Virtu...

Page 131: ...troller root CA certificate to iDRAC Importing iDRAC firmware SSL certificate Installing SSL certificate for each domain controller To install the SSL certificate for each controller 1 Click Start Administrative Tools Domain Security Policy 2 Expand the Public Key Policies folder right click Automatic Certificate Request Settings and click Automatic Certificate Request The Automatic Certificate Re...

Page 132: ...nd click Import 4 Click Next and browse to the SSL certificate file 5 Install iDRAC SSL Certificate in each domain controller s Trusted Root Certification Authority If you have installed your own certificate make sure that the CA signing your certificate is in the Trusted Root Certification Authority list If the Authority is not in the list you must install it on all your domain controllers 6 Clic...

Page 133: ...lerts Execute Diagnostic Commands 0x000001ff Role Group 2 None Log in to iDRAC Configure iDRAC Execute Server Control Commands Access Virtual Console Access Virtual Media Test Alerts Execute Diagnostic Commands 0x000000f9 Role Group 3 None Log in to iDRAC 0x00000001 Role Group 4 None No assigned permissions 0x00000000 Role Group 5 None No assigned permissions 0x00000000 NOTE The Bit Mask values ar...

Page 134: ... 2 of 4 page is displayed 6 Enable Active Directory and specify the location information about Active Directory servers and user accounts Also specify the time iDRAC must wait for responses from Active Directory during iDRAC login NOTE If certificate validation is enabled specify the Domain Controller Server addresses and the Global Catalog FQDN Make sure that DNS is configured correctly under Ove...

Page 135: ... this case you must upload the CA certificate using the following command racadm sslcertupload t 0x2 f ADS root CA certificate NOTE If certificate validation is enabled specify the Domain Controller Server addresses and the Global Catalog FQDN Ensure that DNS is configured correctly under Overview iDRAC Settings Network Using the following RACADM command may be optional racadm sslcertdownload t 0x...

Page 136: ...AC schema extensions Dell has extended the schema to include an Association Device and Privilege property The Association property is used to link together the users or groups with a specific set of privileges to one or more iDRAC devices This model provides an administrator maximum flexibility over the different combinations of users iDRAC privileges and iDRAC devices on the network without much ...

Page 137: ...ps from any domain can be added into the Association Object Extended Schema solutions support any user group type and any user group nesting across multiple domains allowed by Microsoft Active Directory Accumulating privileges using Extended Schema The Extended Schema Authentication mechanism supports Privilege Accumulation from different privilege objects associated with the same user through dif...

Page 138: ... of the product You can extend your schema using one of the following methods Dell Schema Extender utility LDIF script file If you use the LDIF script file the Dell organizational unit is not added to the schema The LDIF files and Dell Schema Extender are on your Dell Systems Management Tools and Documentation DVD in the following respective directories DVDdrive SYSMGMT ManagementStation support O...

Page 139: ...RACDevice in Active Directory This configuration enables iDRAC to send Lightweight Directory Access Protocol LDAP queries to Active Directory Class Type Structural Class SuperClasses dellProduct Attributes dellSchemaVersion dellRacType Table 24 delliDRACAssociationObject class OID 1 2 840 113556 1 8000 1280 1 7 1 2 Description Represents the Dell Association Object The Association Object provides ...

Page 140: ...rom which all Dell products are derived Class Type Structural Class SuperClasses Computer Attributes dellAssociationMembers Table 28 List of attributes added to the active directory schema Attribute Name Description Assigned OID Syntax Object Identifier Single Valued dellPrivilegeMember List of dellPrivilege Objects that belong to this Attribute 1 2 840 113556 1 8000 1280 1 1 2 1 Distinguished Nam...

Page 141: ...leRedirectUser TRUE if the user has Virtual Console rights on the device 1 2 840 113556 1 8000 1280 1 1 2 8 Boolean LDAPTYPE_BOOLEAN 1 3 6 1 4 1 1466 115 121 1 7 TRUE dellIsVirtualMediaUser TRUE if the user has Virtual Media rights on the device 1 2 840 113556 1 8000 1280 1 1 2 9 Boolean LDAPTYPE_BOOLEAN 1 3 6 1 4 1 1466 115 121 1 7 TRUE dellIsTestAlertUser TRUE if the user has Test Alert User rig...

Page 142: ...upport OMActiveDirectory_SnapIn64 For more information about the Active Directory Users and Computers Snap in see Microsoft documentation Adding iDRAC users and privileges to Active Directory Using the Dell extended Active Directory Users and Computers Snap in you can add iDRAC users and privileges by creating device association and privilege objects To add each object perform the following Create...

Page 143: ...ols ADSI Edit The ADSI Edit window is displayed 2 In the right pane navigate to the created association object right click and select Properties 3 In the Security tab click Add 4 Type Authenticated Users click Check Names and click OK The authenticated users is added to the list of Groups and user names 5 Click OK Adding objects to association object Using the Association Object Properties window ...

Page 144: ...Also specify the time iDRAC must wait for responses from AD during login process NOTE If certificate validation is enabled specify the Domain Controller Server addresses and the FQDN Make sure that DNS is configured correctly under Overview iDRAC Settings Network If the user and iDRAC objects are in different domains then do not select the User Domain from Login option Instead select Specify a Dom...

Page 145: ...t to configure a list of user domains so that you only need to enter the user name during log in to iDRAC web interface use the following command racadm set iDRAC UserDomain index Name fully qualified domain name or IP Address of the domain controller You can configure up to 40 user domains with index numbers between 1 and 40 Testing Active Directory settings You can test the Active Directory sett...

Page 146: ...ally enable certificate validation and upload the digital certificate used during initiation of SSL connections when communicating with a generic LDAP server NOTE In this release non SSL port based LDAP bind is not supported Only LDAP over SSL is supported 4 Click Next The Generic LDAP Configuration and Management Step 2 of 3 page is displayed 5 Enable generic LDAP authentication and specify the l...

Page 147: ...P settings 2 Click Test Settings 3 Enter the user name and password of a directory user that is chosen to test the LDAP settings The format depends on the Attribute of User Login is used and the user name entered must match the value of the chosen attribute NOTE When testing LDAP settings with Enable Certificate Validation checked iDRAC requires that the LDAP server be identified by the FQDN and n...

Page 148: ...file using the ktpass tool To enable Single Sign On for Extended schema make sure that the Trust this user for delegation to any service Kerberos only option is selected on the Delegation tab for the keytab user This tab is available only after creating the keytab file using ktpass utility Configure the browser to enable SSO login Create the Active Directory objects and provide the required privil...

Page 149: ...ktpass tool 1 Run the ktpass utility on the domain controller Active Directory server where you want to map iDRAC to a user account in Active Directory 2 Use the following ktpass command to create the Kerberos keytab file C ktpass exe princ HTTP idrac7name domainname com DOMAINNAME COM mapuser DOMAINNAME username mapOp set crypto AES256 SHA1 ptype KRB5_NT_PRINCIPAL pass password out c krbkeytab Th...

Page 150: ...r account based on standard schema or extended schema perform the following two additional steps to configure SSO Upload the keytab file on the Active Directory Configuration and Management Step 1 of 4 page Select Enable Single Sign On option on the Active Directory Configuration and Management Step 2 of 4 page Configuring iDRAC SSO login for Active Directory users using RACADM To enable SSO compl...

Page 151: ...n the User ID column click a user ID number The Users Main Menu page is displayed 3 Under Smart Card Configurations select Upload Trusted CA Certificate and click Next The Trusted CA Certificate Upload page is displayed 4 Browse and select the trusted CA certificate and click Apply Uploading trusted CA certificate for smart card using RACADM To upload trusted CA certificate for smart card login us...

Page 152: ...e or disable the Smart Card logon feature 1 In the iDRAC web interface go to Overview iDRAC Settings User Authentication Smart Card The Smart Card page is displayed 2 From the Configure Smart Card Logon drop down menu select Enabled to enable smart card logon or select Enabled With Remote RACADM Else select Disabled For more information about the options see the iDRAC Online Help 3 Click Apply to ...

Page 153: ...rt IPMI alert SNMP traps remote system logs Redfish event operating system log or WS events to configured destinations Perform a reboot power off or power cycle the managed system Related links Enabling or disabling alerts Filtering alerts Setting event alerts Setting alert recurrence event Configuring email alert SNMP trap or IPMI trap settings Configuring remote system logging Configuring WS Eve...

Page 154: ...inks Enabling or disabling alerts Configuring email alert SNMP trap or IPMI trap settings Filtering alerts using iDRAC web interface To filter the alerts based on category and severity NOTE Even if you are a user with read only privileges you can filter the alerts 1 In iDRAC Web interface go to Overview Server Alerts The Alerts page is displayed 2 Under Alerts Filter section select one or more of ...

Page 155: ...he Enable option to send alerts to configured destinations 6 Optionally you can send a test event In the Message ID to Test Event field enter the message ID to test if the alert is generated and click Test For the list of message IDs see the Event Messages Guide available at dell com support manuals Setting event alerts using RACADM To set an event alert use the eventfilters command For more infor...

Page 156: ... Off No Action 3 Click Apply The setting is saved Setting event actions using RACADM To configure an event action use the eventfilters command For more information see the iDRAC RACADM Command Line Interface Reference Guide available at dell com idracmanuals Configuring email alert SNMP trap or IPMI trap settings The management station uses Simple Network Management Protocol SNMP and Intelligent P...

Page 157: ...munity string to use in a Simple Network Management Protocol SNMP alert trap sent from iDRAC Make sure that the destination community string is the same as the iDRAC community string The default value is Public 5 To test whether the IP address is receiving the IPMI or SNMP traps click Send under Test IPMI Trap and Test SNMP Trap respectively 6 Click Apply The alert destinations are configured 7 In...

Page 158: ... FQDN destination address es You can specify up to eight addresses 3 Enter the community string name For information about the options see the iDRAC Settings Utility Online Help 4 Click Back click Finish and then click Yes The alert destinations are configured Configuring email alert settings You can configure the email address to receive the email alerts Also configure the SMTP server address set...

Page 159: ... Allowed values are 1 through 4 For more information see the iDRAC RACADM Command Line Interface Reference Guide available at dell com idracmanuals Configuring SMTP email server address settings You must configure the SMTP server address for email alerts to be sent to specified destinations Configuring SMTP email server address settings using iDRAC web interface To configure the SMTP server addres...

Page 160: ... servers in the chassis even if the CMC is not on the network You can set the value to Disabled to forward the chassis events By default this setting is set as Enabled NOTE For this setting to take effect you must ensure that in CMC the Chassis Management at Server setting must be set to Monitor or Manage and Monitor When the Chassis Management and Monitoring option is set to Enabled iDRAC generat...

Page 161: ... list of message IDs that are displayed for the alerts Table 29 Alert message IDs Message ID Description AMP Amperage ASR Auto Sys Reset BAR Backup Restore BAT Battery Event BIOS BIOS Management BOOT BOOT Control CBL Cable CPU Processor CPUA Proc Absent CTL Storage Contr DH Cert Mgmt DIS Auto Discovery ENC Storage Enclosr FAN Fan Event FSD Debug HWC Hardware Config IPA DRAC IP Change ITR Intrusion...

Page 162: ...sk PR Part Exchange PST BIOS POST PSU Power Supply PSUA PSU Absent PWR Power Usage RAC RAC Event RDU Redundancy RED FW Download RFL IDSDM Media RFLA IDSDM Absent RFM FlexAddress SD RRDU IDSDM Redundancy RSI Remote Service SEC Security Event SEL Sys Event Log SRD Software RAID SSD PCIe SSD STOR Storage SUP FW Update Job SWC Software Config 162 ...

Page 163: ...tware Change SYS System Info TMP Temperature TST Test Alert UEFI UEFI Event USR User Tracking VDR Virtual Disk VF vFlash SD card VFL vFlash Event VFLA vFlash Absent VLT Voltage VME Virtual Media VRM Virtual Console WRK Work Note 163 ...

Page 164: ...t Log SEL The same SEL entry is also available in the LC log Viewing System Event Log using web interface To view the SEL in iDRAC Web interface go to Overview Server Logs The System Event Log page displays a system health indicator a time stamp and a description for each event logged For more information see the iDRAC Online Help Click Save As to save the SEL to a location of your choice NOTE If ...

Page 165: ...ch log entry The following events and activities are logged System events Storage devices Network devices Configuration Audit Updates When you log in to or log out of iDRAC using any of the following interfaces the log in log out or login failure events are recorded in the Lifecycle logs Telnet SSH Web interface RACADM SM CLP IPMI over LAN Serial Virtual console Virtual media You can view and filt...

Page 166: ...tion see the iDRAC RACADM Command Line Interface Reference Guide available at dell com idracmanuals Exporting Lifecycle Controller logs You can export the entire Lifecycle Controller log active and archived entries in a single zipped XML file to a network share or to the local system The zipped XML file extension is xml gz The file entries are ordered sequentially based on their sequence numbers o...

Page 167: ...gging You can send lifecycle logs to a remote system Before doing this make sure that There is network connectivity between iDRAC and the remote system The remote system and iDRAC is on the same network Configuring remote system logging using web interface To configure the remote syslog server settings 1 In the iDRAC Web interface go to Overview Server Logs Settings The Remote Syslog Settings page...

Page 168: ...tting warning threshold for power consumption Monitoring power iDRAC monitors the power consumption in the system continuously and displays the following power values Power consumption warning and critical thresholds Cumulative power peak power and peak amperage values Power consumption over the last hour last day or last week Average minimum and maximum power consumption Historical peak values an...

Page 169: ... by 14 If you enter Watts the system automatically calculates and displays the BTU hr value Similarly if you enter BTU hr the value for Watts is displayed 3 Click Apply The values are configured Executing power control operations iDRAC enables you to remotely perform a power on power off reset graceful shutdown Non Masking Interrupt NMI or power cycle using the Web interface or RACADM You can also...

Page 170: ...locates the reclaimed power to a higher priority infrastructure module or a server If there is not enough power allocated the blade server does not power on If the blade has been allocated enough power the iDRAC turns on the system power Viewing and configuring power cap policy When power cap policy is enabled it enforces user defined power limits for the system If not it uses the hardware power p...

Page 171: ...commended settings or under User Defined Power Cap Policy enter the required limits For more information about the options see the iDRAC Settings Utility Online Help 4 Click Back click Finish and then click Yes The power cap values are configured Configuring power supply options You can configure the power supply options such as redundancy policy hot spare and power factor correction Hot spare is ...

Page 172: ...rmation see the iDRAC RACADM Command Line Interface Reference Guide available at dell com idracmanuals Configuring power supply options using iDRAC settings utility To configure the power supply options 1 In iDRAC Settings utility go to Power Configuration NOTE The Power Configuration link is available only if the server power supply unit supports power monitoring The iDRAC Settings Power Configur...

Page 173: ...e VirtualizationMode attribute setting to NPAR or by enabling a personality Example NicMode on the partition Related links Inventorying and monitoring FC HBA devices Dynamic configuration of virtual addresses initiator and storage target settings Inventorying and monitoring network devices You can remotely monitor the health and view the inventory of the network devices in the managed system For e...

Page 174: ...device is available and the type of FC HBA device Monitoring FC HBA devices using RACADM To view the FC HBA device information using RACADM use the hwinventory command For more information see the iDRAC RACADM Command Line Interface Reference Guide available at dell com idracmanuals Dynamic configuration of virtual addresses initiator and storage target settings You can dynamically view and config...

Page 175: ... values are cleared you cannot re apply the values before running the configuration job Related links Inventorying monitoring and configuring network devices Supported cards for I O Identity Optimization Supported NIC firmware versions for I O Identity Optimization Enabling or disabling I O Identity Optimization Configuring persistence policy settings Supported cards for I O Identity Optimization ...

Page 176: ...s set to Flex Address mode or Console mode The following table describes the Virtual address management VAM configuration and Persistence Policy behavior depending on Flex Address feature state in CMC mode set in iDRAC I O Identity feature state in iDRAC and XML configuration Table 31 Virtual Flex Address and Persistence Policy behavior Flex Address Feature State in CMC Mode set in iDRAC IO Identi...

Page 177: ...ress Set to hardware MAC address Flex Address enabled Console Mode Disabled Configured using the path provided in Lifecycle Controller Lifecycle Controller configuration persists for that cycle No persistence supported Depends on card behavior Flex Address disabled Console Mode Enabled VAM configured Configured VAM persists Both persistence and clear must work Flex Address disabled Console Mode En...

Page 178: ...hat You have the Login Configure and System Control privileges BIOS iDRAC and network cards are updated to the latest firmware For information on the supported versions see Supported cards for I O Identity Optimization and Supported nic firmware version for i o identity optimization After enabling I O Identity Optimization feature export the XML configuration file from iDRAC modify the required I ...

Page 179: ... Address Non Auxiliary powered devices Initiator Storage target Before applying the persistence policy make sure to Inventory the network hardware at least once that is enabled Collect System Inventory On Restart Enable I O Identity Optimization Events are logged to the Lifecycle Controller log when I O Identity Optimization is enabled or disabled Persistence policy is changed Virtual address init...

Page 180: ...al address or target settings persist when cold reset conditions occur Warm Boot The virtual address or target settings persist when warm reset condition occurs 4 Click Apply The persistence policies are configured Configuring persistence policy settings using RACADM To set persistence policy use the following racadm object with the set sub command For virtual addresses use iDRAC IOIDOpt VirtualAd...

Page 181: ...arget attributes default values iSCSI Storage Target Attributes Default Values in IPv4 mode Default Values in IPv6 mode ConnectFirstTgt Disabled Disabled FirstTgtIpAddress 0 0 0 0 FirstTgtTcpPort 3260 3260 FirstTgtBootLun 0 0 FirstTgtIscsiName Value Cleared Value Cleared FirstTgtChapId Value Cleared Value Cleared FirstTgtChapPwd Value Cleared Value Cleared FirstTgtIpVer Ipv4 ConnectSecondTgt Disab...

Page 182: ...ity of more than one disk Controllers also perform other tasks such as initiating rebuilds initializing disks and more To complete their tasks controllers require special software known as firmware and drivers In order to function properly the controller must have the minimum required version of the firmware and drivers installed Different controllers have different characteristics in the way they...

Page 183: ...rs and operating system view disk space on your system What is RAID RAID is a technology for managing the storage of data on the physical disks that reside or are attached to the system A key aspect of RAID is the ability to span physical disks so that the combined storage capacity of multiple physical disks can be treated as a single extended disk space Another key aspect of RAID is the ability t...

Page 184: ...consumed by a stripe element For example consider a stripe that contains 64KB of disk space and has 16KB of data residing on each disk in the stripe In this case the stripe element size is 16KB and the stripe size is 64KB Parity Parity refers to redundant data that is maintained using an algorithm in combination with striping When one of the striped disks fails the data can be reconstructed from t...

Page 185: ... RAID level or concatenation has different performance and data protection characteristics NOTE The H3xx PERC controllers do not support RAID levels 6 and 60 The following topics provide specific information on how each RAID level store data as well as their performance and protection characteristics Raid level 0 striping Raid level 1 mirroring Raid level 5 striping with distributed parity Raid le...

Page 186: ... are mirrored the total storage capacity is equal to one disk Data is replicated on both the disks When a disk fails the virtual disk still works The data is read from the mirror of the failed disk Better read performance but slightly slower write performance Redundancy for protection of data RAID 1 is more expensive in terms of disk space since twice the number of disks are used than required to ...

Page 187: ...or protection of data RAID level 6 striping with additional distributed parity RAID 6 provides data redundancy by using data striping in combination with parity information Similar to RAID 5 the parity is distributed within each stripe RAID 6 however uses an additional physical disk to maintain parity such that each stripe in the disk group maintains two disk blocks with parity information The add...

Page 188: ...disks and then continues on with a disk group of three more physical disks would be a RAID 50 It is possible to implement RAID 50 even when the hardware does not directly support it In this case you can implement more than one RAID 5 virtual disks and then convert the RAID 5 disks to dynamic disks You can then create a dynamic volume that is spanned across all RAID 5 virtual disks RAID 50 characte...

Page 189: ...parity is alternately stored on all disks of each RAID 6 span Better read performance but slower write performance Increased redundancy provides greater data protection than a RAID 50 Requires proportionally as much parity information as RAID 6 Two disks per span are required for parity RAID 60 is more expensive in terms of disk space RAID level 10 striped mirrors The RAB considers RAID level 10 t...

Page 190: ...cteristics associated with the more common RAID levels This table provides general guidelines for choosing a RAID level Evaluate your specific environment requirements before choosing a RAID level Table 34 RAID level performance comparison RAID Level Data Availability Read Performance Write Performance Rebuild Performance Minimum Disks Required Suggested Uses RAID 0 None Very Good Very Good N A N ...

Page 191: ...air Poor X x N 2 N at least 2 Critical information Medium sized transactional or data intensive uses N Number of physical disks X Number of RAID sets Supported controllers Supported RAID controllers The iDRAC interfaces support the following PERC9 controllers PERC H830 PERC H730P PERC H730 PERC H330 The iDRAC interfaces support the following PERC8 controllers PERC H810 PERC H710P PERC H710 PERC H3...

Page 192: ...tual disks Real time Real time Real time Real time Real time Real time Staged Staged Staged Staged Not applicabl e Edit virtual disks cache policies Real time Real time Real time Real time Real time Real time Staged Staged Staged Staged Not applicabl e Check virtual disk consistency Real time Real time Real time Real time Real time Real time Staged Staged Staged Staged Not applicabl e Cancel check...

Page 193: ...me Real time Real time Real time Real time Staged Staged Staged Staged Not applicabl e Load Balance Mode Real time Real time Real time Real time Real time Real time Staged Staged Staged Staged Not applicabl e Check Consistency Rate Real time Real time Real time Real time Real time Real time Staged Staged Staged Staged Not applicabl e Rebuild Rate Real time Real time Real time Real time Real time R...

Page 194: ...ble Not applicabl e Not applicab le Not applicabl e Blink or unblink component LEDs Real time Real time Real time Real time Real time Real time Real time Real time Real time Real time Real time Switch controller mode Stage d Stage d Staged Staged Staged Staged Not applicabl e Not applicable Not applicabl e Not applicab le Not applicabl e Inventorying and monitoring storage devices You can remotely...

Page 195: ... go to System Summary The iDRAC Settings System Summary page is displayed The Backplane Inventory section displays the backplane information For information about the fields see the iDRAC Settings Utility Online Help Viewing storage device topology You can view the hierarchical physical containment view of the key storage components that is a list of controllers enclosures connected to the control...

Page 196: ... web interface RACADM or WS MAN or CTRL R If you have assigned a physical disk as a global hot spare in Add to Pending Operation mode the pending operation is created but a job is not created Then if you try to unassign the same disk as global hot spare the assign global hot spare pending operation is cleared If you have unassigned a physical disk as a global hot spare in Add to Pending Operation ...

Page 197: ...erface To convert the physical disks to RAID mode or non RAID mode perform the following steps 1 In the iDRAC web interface click Overview Storage Physical Disks Setup The Setup page is displayed 2 From the Controller drop down menu select a controller The physical disks associated with the selected controller are displayed 3 From the Action Assign to All drop down box select the required option C...

Page 198: ... group and then create a new virtual disk A job is currently running or scheduled on the selected controller You must wait for this job to complete or you can delete the job before attempting a new operation You can view and manage the status of the scheduled job in the Job Queue page Physical disk is in non RAID mode You must convert to RAID mode using iDRAC interfaces such as iDRAC web interface...

Page 199: ...e drop down menu select when you want to apply the settings 5 Click Create Virtual Disk Based on the selected Apply Operation Mode the settings are applied Creating virtual disks using RACADM Use the racadm storage createvd command For more information see the iDRAC RACADM Command Line Reference Guide available at dell com idracmanuals Editing virtual disk cache policies You can change the read wr...

Page 200: ...loss may occur if base of power off So few PERCs may not allow that policy Therefore depending upon the PERC the policy value is set Deleting virtual disks Deleting a virtual disk destroys all information including file systems and volumes residing on the virtual disk and removes the virtual disk from the controller s configuration When deleting virtual disks all assigned global hot spares may be ...

Page 201: ...and is recommended when you are recreating virtual disks A background initialization starts five minutes after the Fast Initialization is completed Full or slow initialization The full initialization also called slow initialize operation initializes all physical disks included in the virtual disk It updates the metadata on the physical disks and erases all existing data and file systems You can pe...

Page 202: ...load or refresh the Manage Virtual Disks page to view the information Managing virtual disks using web interface 1 In the iDRAC web interface go to Overview Storage Virtual Disks Manage The Manage Virtual Disks page is displayed 2 From the Controller drop down menu select the controller for which you want to manage the virtual disks 3 For one or more Virtual Disks from each Action drop down menu s...

Page 203: ...edicated hot spare Only the valid dedicated hot spares are displayed If there are no valid dedicated hot spares then this section does not appear in the drop down menu For more information about these options see the iDRAC Online Help 4 From the Apply Operation Mode drop down menu select when you want to apply the settings 5 Click Apply Based on the selected operation mode the settings are applied...

Page 204: ...ure the controller properties Patrol read mode considerations Patrol read identifies disk errors to avoid disk failures data loss or corruption The Patrol Read does not run on a physical disk in the following circumstances The physical disk is not included in a virtual disk or assigned as a hot spare The physical disk is included in a virtual disk that is undergoing one of the following A rebuild ...

Page 205: ...inimized and is the setting with the most impact to system performance Check consistency The Check Consistency task verifies the accuracy of the redundant parity information This task only applies to redundant virtual disks When necessary the Check Consistency task rebuilds the redundant data If the virtual disk is in a Failed Redundancy state running a check consistency may be able to return the ...

Page 206: ...ces dedicated to reconstruct a disk group after adding a physical disk or changing the RAID level of a virtual disk residing on the disk group use Storage Controller ReconstructRate object To enable or disable the enhanced auto import of foreign configuration for the controller use Storage Controller EnhancedAutoImportForeignConfig object To create modify or delete security key to encrypt virtual ...

Page 207: ...commended to remove an external enclosure cable while the operating system is running on the system Removing the cable could result in a foreign configuration when the connection is re established You can manage foreign configurations in the following cases All the physical disks in a configuration are removed and re inserted Some of the physical disks in a configuration are removed and re inserte...

Page 208: ...the Controller drop down menu select the controller for which you want to clear the foreign configuration 3 From the Apply Operation Mode drop down menu select when you want to clear the data 4 Click Clear Based on the selected operation mode the virtual disks residing on the physical disk is erased Clearing foreign configuration using RACADM To clear foreign configuration racadm storage clearconf...

Page 209: ...manuals Exceptions while switching the controller mode The following list provides the exceptions while setting the controller mode using the iDRAC interfaces such as web interface RACADM and WS MAN If the PERC controller is in RAID mode you must clear any virtual disks hot spares foreign configurations controller keys or preserved cache before changing it to HBA mode You cannot configure other RA...

Page 210: ... not support virtual disks iDRAC interface supports only 12 Gbps SAS HBA controller and HBA330 internal controller in this release You can perform the following for non RAID controllers View controller physical disks and enclosure properties as applicable for the non RAID controller Also view EMM fan power supply unit and temperature probe properties associated with the enclosure The properties ar...

Page 211: ...nfigured areas View all properties that are applicable to a RAID controller expect for virtual disks Clear foreign configuration NOTE If an operation is not supported in non RAID mode an error message is displayed You cannot monitor the enclosure temperature probes fans and power supplies when the controller is in non RAID mode Running RAID configuration jobs on multiple storage controllers While ...

Page 212: ...ed and Offline Failed card reporting and logging in iDRAC and OMSS Securely erasing the data and removing the card TTY logs reporting NOTE Hot plug capability prepare to remove and blink or unblink the device LED is not applicable for HHHL PCIe SSD devices Related links Inventorying and monitoring PCIe SSDs Preparing to remove PCIe SSD Erasing PCIe SSD device data Inventorying and monitoring PCIe ...

Page 213: ...ce Module The Prepare to Remove operation stops any background activity and any ongoing I O activity so that device can be removed safely It causes the status LEDs on the device to blink You can safely remove the device from the system under the following conditions after you initiate the Prepare to Remove operation The PCIe SSD is blinking the safe to remove LED pattern The PCIe SSD is no longer ...

Page 214: ... permanent loss of all data on the PCIe SSD During Cryptographic Erase the host is unable to access the PCIe SSD The changes are applied after system reboot If the system reboots or experiences a power loss during cryptographic erase the operation is canceled You must reboot the system and restart the process Before erasing PCIe SSD device data make sure that Lifecycle Controller is enabled You ha...

Page 215: ...ob in the Job Queue page If pending operation is not created an error message is displayed If pending operation is successful and job creation is not successful then an error message is displayed Erasing PCIe SSD device data using RACADM To securely erase a PCIe SSD device racadm storage secureerase PCIeSSD FQDD To create the target job after executing the secureerase command racadm jobqueue creat...

Page 216: ...ler are numbered 20 23 Information Not Available Controller information is not available iDRAC allows the split mode setting if the expander has the capability to support the configuration Ensure that you enable this mode prior to installing the second controller iDRAC performs a check for expander capability prior to allowing this mode to be configured and does not check whether the second PERC c...

Page 217: ... 3 Run the following command to set the requested backplane mode to split mode racadm set storage enclosure 1 backplanerequestedmode splitmode The message is displayed indicating that the command is successful 4 Run the following command to verify if the backplanerequestedmode attribute is set to split mode racadm get storage enclosure 1 backplanerequestedmode The output is BackplaneRequestedMode ...

Page 218: ...be connected to the same backplane only the backplane associated with the PERC controller is displayed in System Inventory page In the Storage Enclosures Properties page the Physical Disks Overview section displays the following Slot Empty If a slot is empty PCIe Capable If there are no PCIe capable slots this column is not displayed Bus Protocol If it is a universal backplane with PCIe SSD instal...

Page 219: ...tup Overview Storage Controllers Troubleshooting Overview Storage Enclosures Setup Overview Storage Pending Operations 2 Select one of the following from the Apply Operation Mode drop down menu Apply Now Select this option to apply the settings immediately This option is available for PERC 9 controllers only If there are jobs to be completed then this option is grayed out This job take at least 2 ...

Page 220: ...nt drop down menu select the controller for which you want to view commit or delete the pending operations The list of pending operations is displayed for the selected controller NOTE Pending operations are created for import foreign configuration clear foreign configuration security key operations and encrypt virtual disks But they are not displayed in the Pending Operations page and in the Pendi...

Page 221: ...operation If the pending operation is successful and there are no prior existing pending operations then the job is created If the job is created successfully a message indicating that the job ID is created for the selected device is displayed Click Job Queue to view the progress of the job in the Job Queue page If the job is not created a message indicating that the job creation was not successfu...

Page 222: ...e selected Add to Pending Operations and then clicked Apply first the pending operation is created for the selected storage configuration operation If the pending operation is created successfully and if there are existing pending operations then an information message is displayed Click OK to remain on the page to perform more storage configuration operations Click Pending Operations to view the ...

Page 223: ...elect all physical disk drives or PCIe SSDs Select the Select Deselect All option and click Blink to start blinking all the physical disk drives and the PCIe SSDs Similarly click Unblink to stop blinking the LEDs Select or deselect individual physical disk drives or PCIe SSDs Select one or more physical disk drives and click Blink to start blinking the LEDs for the physical disk drives or the PCIe...

Page 224: ...d only access or allow full shared access The second user is notified that another user has control The first user must respond within thirty seconds or else access is granted to the second user based on the default setting When two sessions are concurrently active the first user sees a message in the upper right corner of the screen that the second user has an active session If neither the first ...

Page 225: ...using RACADM To configure the Virtual Console use the set command with the objects in the iDRAC VirtualConsole group For more information see the iDRAC RACADM Command Line Interface Reference Guide available at dell com idracmanuals Previewing virtual console Before launching the Virtual Console you can preview the state of the Virtual Console on the System Properties System Summary page The Virtu...

Page 226: ...hed The Virtual Console Viewer displays the remote system s desktop Using this viewer you can control the remote system s mouse and keyboard functions from your management station Multiple message boxes may appear after you launch the application To prevent unauthorized access to the application navigate through these message boxes within three minutes Otherwise you are prompted to relaunch the ap...

Page 227: ...wer actions next boot devices and access to Virtual Media For information to use these features see the iDRAC Online Help NOTE If the remote server is powered off the message No Signal is displayed The Virtual Console Viewer title bar displays the DNS name or the IP address of the iDRAC you are connected to from the management station If iDRAC does not have a DNS name then the IP address is displa...

Page 228: ...s keyboard uses open source code The difference from physical keyboard is that the number keys are switched to special character when you the Caps Lock key is enabled Functionality remains the same and number is entered if you press the special character when the Caps Lock key is enabled Keyboard Macros This is supported in HTML5 virtual console and are listed as the following drop down options Cl...

Page 229: ...ystem may not synchronize with the mouse pointer on the management station and displays two mouse pointers in the Viewer window When using Red Hat Enterprise Linux or Novell SUSE Linux configure the mouse mode for Linux before you launch the Virtual Console viewer The operating system s default mouse settings are used to control the mouse arrow in the Virtual Console viewer When two mouse cursors ...

Page 230: ...kes to server and Single Cursor mode to function If the native libraries are not loaded the Pass all keystrokes to server and Single Cursor options are deselected If you attempt to select either of these options an error message is displayed indicating that the selected options are not supported For the ActiveX client the native library must be loaded for Pass all keystrokes to server function to ...

Page 231: ...g system with the following exceptions When Pass all keystrokes to server is enabled Ctrl Alt Del is passed to the operating system on the managed system Magic SysRq keys are key combinations interpreted by the Linux Kernel It is useful if the operating system on the management station or the managed system freezes and you need to recover the system You can enable the magic SysRq keys on the Linux...

Page 232: ... through a serial cable the localhost localdomain login prompt appears after the server boots to the operating system 3 Log in using the operating system user name and password 4 If SysRq is not enabled enable using echo 1 proc sys kernel sysrq 5 Use the magic key to enable the SysRq function For example the following command reboots the server echo b proc sysrq trigger NOTE You do not have to run...

Page 233: ...O image file The following figure shows a typical Virtual Media setup Virtual floppy media of iDRAC is not accessible from virtual machines Any connected Virtual Media emulates a physical device on the managed system On Windows based managed systems the Virtual Media drives are auto mounted if they are attached and configured with a drive letter On Linux based managed systems with some configurati...

Page 234: ...erview Server Attached Media 2 Specify the required settings For more information see the iDRAC Online Help 3 Click Apply to save the settings Configuring virtual media using RACADM To configure the virtual media use the set command with the objects in the iDRAC VirtualMedia group For more information see the RACADM Command Line Reference Guide for iDRAC available at dell com idracmanuals Configur...

Page 235: ...unches successfully You can then use the Virtual Media client to map devices and files to the Virtual Media virtual drives Related links Configuring web browsers to use virtual console Configuring virtual media Launching virtual media using virtual console Before you launch Virtual Media through the Virtual Console make sure that Virtual Console is enabled System is configured to not hide empty dr...

Page 236: ...irtual media Related links Configuring virtual media Disabling warning messages while launching virtual console or virtual media using Java or ActiveX plug in Adding virtual media images You can create a media image of the remote folder and mount it as a USB attached device to the server s operating system To add Virtual Media images 1 Click Virtual Media Create Image 2 In the Source Folder field ...

Page 237: ... USB flash drive that is connected to the management station To map the drives launch IE as an administrator or add the iDRAC IP address to the list of trusted sites 1 To establish a Virtual Media session from the Virtual Media menu click Connect Virtual Media For each device available for mapping from the host server a menu item appears under the Virtual Media menu The menu item is named accordin...

Page 238: ...sks and floppy disks that are not part of the management station To make sure that the correct virtual drives are available to map you must enable the port setting for the connected SATA hard drive To do this 1 Reboot the operating system on the management station During POST press F2 to enter System Setup 2 Go to SATA settings The port details are displayed 3 Enable the ports that are actually pr...

Page 239: ...the system overlooks the device similar to a physical device without bootable media Enabling boot once for virtual media You can change the boot order only once when you boot after attaching remote Virtual Media device Before you enable the boot once option make sure that You have Configure User privilege Map the local or virtual drives CD DVD Floppy or USB flash device with the bootable media or ...

Page 240: ... is included in the Dell Systems Management Tools and Documentation DVD To install the VMCLI utility 1 Insert the Dell Systems Management Tools and Documentation DVD into the management station s DVD drive 2 Follow the on screen instructions to install DRAC tools 3 After successful install check install Dell SysMgt rac5 folder to make sure vmcli exe exists Similarly check the respective path for U...

Page 241: ... Virtual Media Command Floppy drive vmcli r RAC IP or hostname u iDRAC user name p iDRAC user password f device name Bootable floppy or USB key image vmcli r iDRAC IP address iDRAC user name p iDRAC password f floppy img CD drive using f option vmcli r iDRAC IP address u iDRAC user name p iDRAC password f device name image file f cdrom dev Bootable CD DVD image vmcli r iDRAC IP address u iDRAC use...

Page 242: ... example under a Linux operating system the ampersand character following the command causes the program to be spawned as a new background process This technique is useful in script programs as it allows the script to proceed after a new process is started for the VMCLI command otherwise the script blocks until the VMCLI program is terminated When multiple VMCLI sessions are started use the operat...

Page 243: ... Supports img format for floppy iso format for CD DVD and both iso and img formats for Hard Disk emulation types Create bootable USB device s Boot once to an emulated USB device NOTE It is possible that a vFlash license may expire during a vFlash operation If it happens the on going vFlash operations complete normally NOTE If FIPS mode is enabled you cannot perform any vFlash actions Configuring v...

Page 244: ...option to enable or disable the vFlash functionality If any vFlash partition is attached you cannot disable vFlash and an error message is displayed NOTE If vFlash functionality is disabled SD card properties are not displayed 3 Click Apply The vFlash functionality is enabled or disabled based on the selection Enabling or disabling vFlash functionality using RACADM To enable or disable the vFlash ...

Page 245: ...ck Initialize vFlash 3 Click Yes The initialization operation starts 4 Click Back and navigate to the same iDRAC Settings Media and USB Port Settings page to view the successful message All existing contents are removed and the card is reformatted with the new vFlash system information Getting the last status using RACADM To get the status of the last initialize command sent to the vFlash SD card ...

Page 246: ...erformed on the card Creating an empty partition using the web interface To create an empty vFlash partition 1 In iDRAC Web interface go to Overview Server vFlash Create Empty Partition The Create Empty Partition page is displayed 2 Specify the required information and click Apply For information about the options see the iDRAC Online Help A new unformatted empty partition is created that is read ...

Page 247: ...ed For Floppy or Hard Disk emulation type a read write partition is created An error message is displayed if The card is write protected The label name matches the label of an existing partition The size of the image file is greater than 4 GB or exceeds the available space on the card The image file does not exist or the image file extension is neither img nor iso An initialize operation is alread...

Page 248: ...rver vFlash Manage The Manage Partitions page is displayed listing the available partitions and related information for each partition For information on the partitions see the iDRAC Online Help Viewing available partitions using RACADM To view the available partitions and their properties using RACADM 1 Open a Telnet SSH or Serial console to the system and log in 2 Enter the following commands To...

Page 249: ...D Attaching or detaching partitions When you attach one or more partitions they are visible to the operating system and BIOS as USB mass storage devices When you attach multiple partitions based on the assigned index they are listed in an ascending order in the operating system and the BIOS boot order menu If you detach a partition it is not visible in the operating system and the BIOS boot order ...

Page 250: ...the file system on the emulated USB device You can change the volume name of the emulated USB device from the operating system However it does not change the partition label name stored in iDRAC Deleting existing partitions Before deleting existing partition s make sure that The vFlash functionality is enabled The card is not write protected The partition is not attached An initialize operation is...

Page 251: ... CD and Hard Disk type partitions and img for Floppy and Hard Disk type partitions Booting to a partition You can set an attached vFlash partition as the boot device for the next boot operation Before booting a partition make sure that The vFlash partition contains a bootable image in the img or iso format to boot from the device The vFlash functionality is enabled You have Access Virtual Media pr...

Page 252: ...ions describes the standard verbs and targets for various management task executions The SMCLP is hosted from the iDRAC controller firmware and supports Telnet SSH and serial based interfaces The iDRAC SMCLP interface is based on the SMCLP Specification Version 1 0 provided by the DMTF organization NOTE Information about the profiles extensions and MOFs are available at delltechcenter com and all ...

Page 253: ... target properties The following table provides the verbs and its definitions Table 39 SMCLP verbs Verb Definition cd Navigates through the MAP using the shell set Sets a property to a specific value help Displays help for a specific target reset Resets the target show Displays the target properties verbs and subtargets start Turns on a target stop Shuts down a target exit Exits from the SMCLP she...

Page 254: ... sp1 capabilities1 pwrmgtcap1 Power state management service capabilities on the system admin1 system1 sp1 capabilities1 acctmgtcap Account management service capabilities admin1 system1 sp1 capabilities1 rolemgtcap Local Role Based Management capabilities admin1 system1 sp1 capabilities PwrutilmgtCap1 Power utilization management capabilities admin1 system1 sp1 capabilities1 elecap1 Authenticatio...

Page 255: ...lege1 CLP role privilege Related links Running SMCLP commands Usage examples Navigating the map address space Objects that can be managed with SM CLP are represented by targets arranged in a hierarchical space called the Manageability Access Point MAP address space An address path specifies the path from the root of the address space to an object in the address space The root target is represented...

Page 256: ...e output option The output option specifies one of four formats for the output of SM CLP verbs text clpcsv keyword and clpxml The default format is text and is the most readable output The clpcsv format is a comma separated values format suitable for loading into a spreadsheet program The keyword format outputs information as a list of keyword value pairs one per line The clpxml format is an XML d...

Page 257: ...ng examples show how to use the SMCLP to perform SEL related operations on the managed system Type the following commands at the SMCLP command prompt To view the SEL show system1 logs1 log1 The following output is displayed system1 logs1 log1 Targets Record1 Record2 Record3 Record4 Record5 Properties InstanceID IPMI BMC1 SEL Log MaxNumberOfRecords 512 CurrentNumberOfRecords 5 Name IPMI SEL Enabled...

Page 258: ...s LogCreationClassName CIM_RecordLog CreationClassName CIM_LogRecord LogName IPMI SEL RecordID 1 MessageTimeStamp 20050620100512 000000 000 Description FAN 7 RPM fan sensor detected a failure ElementName IPMI SEL Record Commands cd show help exit version To clear the SEL delete system1 logs1 log1 record The following output is displayed All records deleted successfully 258 ...

Page 259: ...et is assumed to be Type the following commands at the SMCLP command prompt To navigate to the system target and reboot cd system1 reset The current default target is To navigate to the SEL target and display the log records cd system1 cd logs1 log1 show To display current target type cd To move up one level type cd To exit exit 259 ...

Page 260: ... after installing the iDRAC Service Module then you must enable it manually in iDRAC If the OS to iDRAC pass through channel is enabled through LOM in iDRAC then you cannot use the iDRAC Service Module Installing iDRAC Service Module You can download and install the iDRAC Service Module from dell com support You must have administrator privilege on the server s operating system to install the iDRA...

Page 261: ...feature is enabled in iDRAC This is similar to the System Event Log SEL replication performed by OpenManage Server Administrator All events that have the OS Log option selected as the target in the Alerts page or in the equivalent RACADM or WSMAN interfaces are replicated in the OS log using the iDRAC Service Module The default set of logs to be included in the OS logs is the same as configured fo...

Page 262: ...inRM WMIC PowerShell Enumerate instances of a class winrm e wmi root cimv2 dcim dcim_account wmic namespace root cimv2 dcim PATH dcim_account Get WmiObject dcim_account namespace root cimv2 dcim Get a specific instance of a class winrm g wmi root cimv2 dcim DCIM_Account CreationClassName DCI M_Account Name iDRAC Embedded 1 Users 2 SystemCreationClass Name DCIM_SPComputerS ystem SystemName systemmc...

Page 263: ... WMI winrm i iDRACHardReset wmi root cimv2 dcim DCIM_iSMService InstanceID iSMExportedFunctions Using the remote WMI interface winrm i iDRACHardReset wmi root cimv2 dcim dcim_ismservice u admin username p admin passwd r http remote hostname OR IP wsman a Basic encoding utf 8 skipCACheck skipCNCheck Using the Windows PowerShell script with force and without force Invoke iDRACHardReset force Invoke ...

Page 264: ... operating system which is similar to the alerts that are generated by iDRAC You can also monitor the iDRAC SNMP alerts without configuring the iDRAC and manage the server remotely by configuring the SNMP traps and destination on the host OS In iDRAC Service Module v2 3 or later this feature converts all the Lifecycle logs replicated in the OS logs into SNMP traps NOTE This feature is active only ...

Page 265: ...nceID iSMExportedFunctions u user name p passwd r https remote host name ip address 443 wsman a basic encoding utf 8 skipCNCheck skipCACheck skipRevocationcheck state 0 1 NOTE You must review and configure the VMware ESXi system wide SNMP settings for traps NOTE For more details refer to the In BandSNMPAlerts technical white paper available at http en community dell com techcenter extras m white_p...

Page 266: ...tions are as follows Status This parameter is mandatory The values are not case sensitive and the value can be true false or get Port This is the listening port number If you do not provide a port number the default port number 1266 is used If the Status parameter value is FALSE then you can ignore rest of the parameters You must enter a new port number that is not already configured for this feat...

Page 267: ...llowing Installed iDRAC Service Module version on the host operating system Connection status of the iDRAC Service Module with iDRAC 3 To perform out of band monitoring functions select one or more of the following options OS Information View the operating system information Replicate Lifecycle Log in OS Log Include Lifecycle Controller logs to operating system logs This option is disabled if Open...

Page 268: ...By default the logs are available at Event viewer Applications and Services Logs System 268 ...

Page 269: ...se the On The Go OTG dongle and a Type A A cable Related links Configuring iDRAC using server configuration profile on USB device Accessing iDRAC interface over direct USB connection Accessing iDRAC interface over direct USB connection In 13th generation servers the new iDRAC direct feature allows you to directly connect your laptop or PC USB port to the iDRAC USB port This allows you to interact ...

Page 270: ...ent Port Mode that determines whether the USB port is used by iDRAC or the server OS Automatic Default If a USB device is not supported by iDRAC or if the server configuration profile is not present on the device the USB port is detached from iDRAC and attached to the server When a device is removed from the server the port configuration is reset and is for use by iDRAC Standard OS Use USB device ...

Page 271: ...ommands and objects To view the USB port status racadm get iDRAC USB ManagementPortStatus To view the USB port configuration racadm get iDRAC USB ManagementPortMode To modify the USB port configuration racadm set iDRAC USB ManagementPortMode Automatic Standard OS Use iDRAC NOTE Ensure that you enclose the Standard OS Use attribute within single quotes while using in the RACADM set command To view ...

Page 272: ...ToWait Instruction Value 300 Value ValuePossibilities Minimum value is 300 Maximum value is 3600 seconds ValuePossibilities InstructionRow InstructionRow InstructionType Configuration XML import Host control Instruction InstructionType Instruction EndHostPowerState Instruction Value On Value ValuePossibilities On Off ValuePossibilities InstructionRow InstructionTable You must have Server Control p...

Page 273: ...y 4 Completed with errors When the job has completed with errors 5 Failed When the job has failed For more details see the results file on the USB device LED blinking behavior If the USB LED is present it indicates the following Solid green When the server configuration profile is being copied from the USB device Blinking green When the job is in progress Solid green When the job has completed suc...

Page 274: ...ation The Quick Sync feature is inactive after being idle for a configurable amount of time default is 30 seconds or when pressed to de activate Activity LED If Quick Sync is disabled the LED blinks a few times and then turns off Also if the configurable inactivity timer is triggered the LED turns off and deactivates the interface After configuring iDRAC Quick Sync settings in iDRAC hold the mobil...

Page 275: ...e Timer 4 Specify the Timeout value For more information about the fields see the iDRAC Online Help 5 Click Apply to apply the settings Configuring iDRAC Quick Sync settings using RACADM To configure the iDRAC Quick Sync feature use the racadm objects in the System QuickSync group For more information see the iDRAC RACADM Command Line Reference Guide available at dell com esmmanuals Configuring iD...

Page 276: ...ce 3 Set the boot order in the First Boot Device drop down list to select a virtual media such as floppy CD DVD or ISO 4 Select the Boot Once option to enable the managed system to reboot using the image file for the next instance only 5 Click Apply 6 Reboot the managed system and follow the on screen instructions to complete the deployment Related links Managing remote file share Setting first bo...

Page 277: ...boots Configuring remote file share using web interface To enable remote file sharing 1 In iDRAC Web interface go to Overview Server Attached Media The Attached Media page is displayed 2 Under Attached Media select Attach or Auto Attach 3 Under Remote File Share specify the image file path domain name user name and password For information about the fields see the iDRAC Online Help Example for ima...

Page 278: ... characters including alphanumeric and special characters are allowed as part of user name password and image_location except the following characters single quote double quote comma less than and greater than Deploying operating system using virtual media Before you deploy the operating system using Virtual Media make sure that Virtual Media is in Attached state for the virtual drives to appear i...

Page 279: ...ailable as a boot device 4 If redundancy is not required single SD card set Internal SD Card Port to On and Internal SD Card Redundancy to Disabled 5 If redundancy is required two SD cards set Internal SD Card Port to On and Internal SD Card Redundancy to Mirror 6 Click Back and click Finish 7 Click Yes to save the settings and press Esc to exit System Setup About IDSDM Internal Dual SD Module IDS...

Page 280: ...ss the network debugging tools To access Diagnostics Console 1 In the iDRAC Web interface go to Overview Server Troubleshooting Diagnostics 2 In the Command text box enter a command and click Submit For information about the commands see the iDRAC Online Help The results are displayed on the same page Scheduling remote automated diagnostics You can remotely invoke automated offline diagnostics on ...

Page 281: ...gnostic results of the last completed diagnostics that were scheduled remotely to a network share such as CIFS or NFS The maximum file size is 5 MB You can cancel a diagnostic job when the status of the job is Unscheduled or Scheduled If the diagnostic is running then restart the system to cancel the job Before you run the remote diagnostics make sure that Lifecycle Controller is enabled You have ...

Page 282: ... Capture The Video Capture screen displays the video recordings For more information see the iDRAC Online Help Configuring video capture settings To configure the video capture settings 1 In the iDRAC Web interface go to Overview Server Troubleshooting Video Capture The Video Capture page is displayed 2 From the Video Capture Settings drop down menu select any of the following options Disable Boot...

Page 283: ...the errors only for rack and tower servers To view LCD front panel status using RACADM use the objects in the System LCD group For more information see the iDRAC RACADM Command Line Interface Reference Guide available at dell com idracmanuals Related links Configuring LCD setting Viewing system front panel LED status To view the current system ID LED status in iDRAC web interface go to Overview Ha...

Page 284: ...ld only perform troubleshooting and simple repairs as authorized in your product documentation or as directed by online or telephone service and support team Damage due to servicing that is not authorized by Dell is not covered by your warranty Read and follow the safety instructions that came with the product Viewing system health iDRAC and CMC for blade servers Web interfaces display the status ...

Page 285: ...ler logs archived entries are not included PCIe SSD logs Storage controller logs NOTE TTYLog collection for PCIe SSDs using the SupportAssist feature is not supported on Dell 12th generation PowerEdge servers After the data is generated you can view the data It contains a bunch of XML files and log files The data must be shared with tech support to troubleshoot the issue Each time the data collect...

Page 286: ...e the report 5 Specify the location to save the SupportAssist collection Generating SupportAssist Collection manually When iSM is not installed you can manually run the OS collector tool to generate the SupportAssist collection You must run OS Collector tool on the server OS to export the OS and application data A virtual USB device labeled DRACRW appears in the server operating system This device...

Page 287: ...share settings it is recommended to avoid special characters for user name and password or percent encode the special characters Click Advanced Export Options to select the following additional options RAID Controller Log Enable Report Filtering under OS and Application Data Based on the options selected the time taken to collect the data is displayed next to these options If OS Collector tool was...

Page 288: ...tton for 15 seconds Soft restart Using iDRAC Web interface or RACADM Resetting iDRAC using iDRAC web interface To restart iDRAC do one of the following in the iDRAC Web interface Go to Overview Server Summary Under Quick Launch Tasks click Reset iDRAC Go to Overview Server Troubleshooting Diagnostics Click Reset iDRAC Resetting iDRAC using RACADM To restart iDRAC use the racreset command For more ...

Page 289: ...ettings utility or the iDRAC Web interface Resetting iDRAC to factory default settings using iDRAC web interface To reset iDRAC to factory default settings using the iDRAC Web interface 1 Go to Overview Server Troubleshooting Diagnostics The Diagnostics Console page is displayed 2 Click Reset iDRAC to Default Settings The completion status is displayed in percentage iDRAC reboots and is restored t...

Page 290: ...indow under Downloads make sure that the following options are enabled Automatic prompting for file downloads if this option is available File download CAUTION To make sure that the computer used to access iDRAC is safe under Miscellaneous do not enable the Launching applications and unsafe files option Network security While accessing the iDRAC Web interface a security warning appears stating tha...

Page 291: ...ng in make sure that The Active Directory Enabled option is selected on the Active Directory Configuration and Management page The DNS setting is correct on the iDRAC Networking configuration page The correct Active Directory root CA certificate is uploaded to iDRAC if certificate validation was enabled The iDRAC name and iDRAC Domain name matches the Active Directory environment configuration if ...

Page 292: ...n in which the iDRAC object resides When to configure Global Catalog Address es If you are using standard schema and the users and role groups are from different domains Global Catalog Address es are required In this case you can use only Universal Group If you are using standard schema and all the users and role groups are in the same domain Global Catalog Address es are not required If you are u...

Page 293: ...applications in your environment The Configure encryption types allowed for Kerberos policy setting is located at Computer Configuration Security Settings Local Policies Security Options 3 Make sure that the domain clients have the updated GPO 4 At the command line type gpupdate force and delete the old key tab with klist purge command 5 After the GPO is updated create the new keytab 6 Upload the ...

Page 294: ... on the Microsoft Windows operating system Windows supports a limited number of smart card Cryptographic Service Providers CSPs In general check if the smart card CSPs are present on a particular client insert the smart card in the reader at the Windows logon Ctrl Alt Del screen and check if Windows detects the smart card and displays the PIN dialog box Incorrect Smart Card PIN Check if the smart ...

Page 295: ...t synchronize under the Linux text console in Lifecycle Controller Virtual Console requires the USB mouse driver but the USB mouse driver is available only under the X Window operating system In the Virtual Console viewer do any of the following Go to Tools Session Options Mouse tab Under Mouse Acceleration select Linux Under the Tools menu select Single Cursor option How to synchronize the mouse ...

Page 296: ...e a parameter necessary to capture video is beyond the range for which the iDRAC can capture the video Parameters such as display resolution or refresh rate too high causes an out of range condition Normally physical limitations such as video memory size or bandwidth sets the maximum range of parameters When starting a Virtual Console session from iDRAC web interface why is an ActiveX security pop...

Page 297: ...Explorer and Java Why is the Link Interrupted message displayed at the bottom of the Virtual Console When using the shared network port during a server reboot iDRAC is disconnected while BIOS is resetting the network card This duration is longer on 10 Gb cards and is also exceptionally long if the connected network switch has Spanning Tree Protocol STP enabled In this case it is recommended to ena...

Page 298: ...ive in the same method To mount the virtual floppy drive locate the device node that Linux assigns to the virtual floppy drive To mount the virtual floppy drive 1 Open a Linux command prompt and run the following command grep Virtual Floppy var log messages 2 Locate the last entry to that message and note the time 3 At the Linux prompt run the following command grep hh mm ss var log messages where...

Page 299: ... do one of the following Change the performance slider to Maximum Speed Disable encryption for both Virtual Media and Virtual Console NOTE In this case the data transfer between managed server and iDRAC for Virtual Media and Virtual Console will not be secured If you are using any Windows server operating systems stop the Windows service named Windows Event Collector To do this go to Start Adminis...

Page 300: ...ed on the system On systems running Windows Open the Control Panel verify if iDRAC Service Module is listed in the list of installed programs displayed On systems running Linux Run the command rpm qi dcism If the iDRAC Service Module is installed the status displayed is installed NOTE To check if the iDRAC Service Module is installed on Red Hat Enterprise Linux 7 use the systemctl status dcismeng ...

Page 301: ...wants to reach the iDRAC USB NIC IPv4 address On iDRAC Service Module version 2 0 and earlier when uninstalling iDRAC Service Module from a VMware ESXi server the virtual switch is named as vSwitchiDRACvusb and port group as iDRAC Network on the vSphere client How to delete them While installing iDRAC Service Module VIB on a VMware ESXi server iDRAC Service Module creates the vSwtich and Portgroup...

Page 302: ...error messages Problems such as syntax typographical errors and incorrect names Remote RACADM error messages Problems such as incorrect IP Address incorrect user name or incorrect password During a ping test to iDRAC if the network mode is switched between Dedicated and Shared modes there is no ping response Clear the ARP table on your system Remote RACADM fails to connect to iDRAC from SUSE Linux...

Page 303: ...ailable at dell com idracmanuals Using local RACADM Use the command racadm getsysinfo For example racadm getniccfg m server 1 DHCP Enabled 1 IP Address 192 168 0 1 Subnet Mask 255 255 255 0 Gateway 192 168 0 1 Using LCD On the main menu highlight the server press the check button select the required server and press the check button How to find the CMC IP address related to the blade server From i...

Page 304: ...hat NIC settings IPv4 and IPv6 settings and either Static or DHCP is enabled for your network Inserted the blade server into the chassis and pressed the power switch but it did not power on iDRAC requires up to two minutes to initialize before the server can power on Check CMC power budget The chassis power budget may have exceeded How to retrieve an iDRAC administrative user name and password You...

Page 305: ...t installed or is inaccessible CPU is not installed or is inaccessible Video riser card is missing or not connected properly Also see error messages in iDRAC log using iDRAC web interface or from the server LCD 305 ...

Page 306: ...t name and then perform the following operations using iDRAC web interface from your management station Server s LED status Blinking amber or Solid amber Front Panel LCD status or error message Amber LCD or error message Operating system image is seen in the Virtual Console If you can see the image reset the system warm boot and log in again If you are able to log in the issue is fixed Last crash ...

Page 307: ...ew and export lifecycle log and system event log SEL 1 In iDRAC Web interface go to Overview Server Logs to view SEL and Overview Server Logs Lifecycle Log to view lifecycle log NOTE The SEL is also recorded in the lifecycle log Using the filtering options to view the SEL 2 Export the SEL or lifecycle log in the XML format to an external location management station USB network share and so on Alte...

Page 308: ... the following methods to launch virtual console through the iDRAC Web Interface Go to Overview Server Virtual Console and click Launch Virtual Console Go to Overview Server Properties and click Launch under Virtual Console Preview The Virtual Console Viewer is displayed 3 From the File menu click Virtual Media Launch Virtual Media 4 Click Add Image and select the image that is located on the USB ...

Page 309: ... initiator and target configuration settings to those cards use the I O Identity Optimization feature to reduce the time in configuring the settings To do this 1 Make sure that BIOS iDRAC and the network cards are updated to the latest firmware version 2 Enable IO Identity Optimization 3 Export the XML configuration file from iDRAC 4 Edit the I O Identity optimization settings in the XML file 5 Im...

Reviews:

No comments